Overview of Progent's Ransomware Settlement Negotiation Services in Barra da Tijuca
Progent has experience negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complicated activity that requires a mix of field experience, technical knowledge and business savvy. It also requires close co-operation with the cyber-extortion target's IT staff and the insurance provider, if any. Since the number one priority of the ransomware target is operational continuity, it is vital to establish recovery teams that operate effectively, concurrently, and in close communication. Progent offers the breadth of IT knowledge and the depth of experts to supplement your IT support team and restore your network quickly and affordably.
Support offered by Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware used in the attack
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Verifying the hacker's decryption capabilities
- Determining a settlement with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the TA
- Checking compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the TA
- Receiving, learning, and operating the hacker's decryption utility
- If necessary, contacting the hacker for technical assistance with the decryption utility
Once the decryption utility has been mastered, Progent can assist you to recover computers and services to their original condition. Progent can also help you to perform comprehensive forensics and generate a report to share with the cyber insurance provider. This document identifies security gaps that need to be corrected and suggests steps to be taken to block subsequent ransomware attacks.
- Quarantining affected endpoints to prevent further progress of the attack
- Creating digital copies of every compromised server and endpoint and data store in order to perform forensics without interfering with cleanup
- Adding A/V agents to all virus-free endpoints
- Salvaging files from offline restores or uncompromised endpoints
- Creating a pristine recovery environment
- Remapping and reconnecting drives to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption tool, current variants of ransomware like Ryuk, Maze, Netwalker, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers can then demand an extra settlement in exchange for not divulging this information on the dark web. Unfortunately, there is no method to be certain that exfiltrated data have been totally deleted by the hacker. Actually, in many cases the threat actor has little control over who can access the stolen files. Settling an exfiltration ransom does not free you from the need for seeking the guidance of privacy attorneys, conducting an inventory of files were compromised, and carrying out the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services throughout the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes professionals who have earned high-level certifications in core technologies including Cisco infrastructure, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned prestigious certifications including CISM, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has guidance in financial and Enterprise Resource Planning software. This broad array of expertise gives Progent the ability to salvage and integrate the surviving pieces of your IT environment after a ransomware intrusion and reconstruct them quickly into a functioning system. Progent has worked with leading cyber insurance providers including Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Expertise in Barra da Tijuca
To get in touch with Progent about crypto-ransomware settlement guidance in Barra da Tijuca, phone Progent at 800-993-9400 or go to Contact Progent.