Overview of Progent's Ransomware Settlement Negotiation Services in Cabo Frio
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complicated exercise that requires a combination of field experience, technical skills and business savvy. It also requires working closely with the victim's IT staff and the cyber insurance carrier, if any. Since the top priority of the ransomware target is fast recovery, it is vital to establish recovery teams that work efficiently, concurrently, and in close communication. Progent has the breadth of IT knowledge and the deep bench of experts to complement your network support team and recover your network rapidly and affordably.
Services provided by Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware involved in the attack
- identifying and contacting the hacker persona
- Assessing the likelihood of recovery
- Verifying the threat actor's decryption tool
- Deciding on an acceptable settlement with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the threat actor
- Checking adherence to anti-money laundering laws
- Managing the crypto-currency payment to the hacker
- Receiving, learning, and using the TA's decryptor utility
- If needed, contacting the threat actor for technical help with the decryption tool
After the decryption utility has been mastered, Progent can assist you to recover machines and services to their original state. Progent can also help you to conduct a forensics investigation and create a document to share with the cyber insurance carrier. This report identifies cybersecurity vulnerabilities that need to be eliminated and suggests actions that should be performed to counter future ransomware assaults.
- Isolating affected endpoints to prevent further progress of the assault
- Creating digital copies of each breached device and data store in order to perform forensics in parallel with recovery
- Adding anti-virus protection to all clean endpoints
- Recovering data from offline restores or uncompromised machines
- Building a pristine environment
- Remapping and connecting drives to reflect precisely their pre-attack condition
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern variants of ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim commonly attempt to steal (or "exfiltrate") files. Hackers can then demand a separate payment in exchange for not publishing this information or selling it. Sadly, there exists no method to prove that stolen files have been completely erased by the TA. Actually, in numerous cases the hacker has little say about who can access the stolen files. Settling an exfiltration ransom does not free you from the need for engaging the guidance of legal counsel, conducting an audit on which data were taken, and performing the necessary notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises network services throughout the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes professionals who have earned high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware, and major Linux distros. Progent's cybersecurity consultants have earned prestigious certifications such as CISM, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP application software. This breadth of expertise gives Progent the ability to salvage and consolidate the surviving parts of your information system after a ransomware assault and reconstruct them quickly into an operational system. Progent has collaborated with top insurance carriers including Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Guidance in Cabo Frio
To get in touch with Progent about crypto-ransomware settlement expertise in Cabo Frio, phone Progent at 800-462-8800 or go to Contact Progent.