Progent's Ransomware Negotiation Consulting in Cabo Frio
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated activity that calls for a mix of field experience, technical knowledge and business acumen. It also requires working closely with the ransomware victim's IT team and the insurance provider, if there is one. Because the number one goal of the ransomware target is fast recovery, it is critical to deploy recovery teams that work effectively, in parallel, and in close communication. Progent has the scope of technical knowledge and the depth of experts to complement your IT support team and recover your network environment rapidly and economically.
Services provided by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware involved in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Verifying the hacker's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the insurance carrier
- Negotiating a settlement and schedule with the TA
- Confirming compliance with anti-money laundering (AML) regulations
- Carrying out the crypto-currency disbursement to the TA
- Acquiring, learning, and using the hacker's decryption mechanism
- If needed, contacting the hacker for assistance with the decryption tool
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to perform a forensics investigation and create a document to share with the cyber insurance carrier. This document helps you to understand security gaps that must be fixed and recommends actions that can be performed to combat subsequent ransomware attacks.
- Isolating affected endpoints to arrest the spread of the assault
- Creating replicas of each breached server and endpoint and data store in order to perform forensics in parallel with recovery
- Adding A/V protection to all clean endpoints
- Recovering files from air-gapped backups or unscathed endpoints
- Building a clean environment
- Remapping and reconnecting drives to reflect exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond demanding money for a decryption utility, current strains of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim often try to steal (or "exfiltrate") files. Hackers are then able to demand an extra ransom for not posting this data or selling it. Unfortunately, there exists no method to guarantee that exfiltrated data have been completely erased by the TA. In fact, in numerous cases the TA has limited say about who can access the stolen files. Paying an exfiltration ransom does not free you from the need for getting the guidance of privacy attorneys, performing an investigation into which data were stolen, and carrying out the necessary alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SMEs) includes professionals who have been awarded high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also offers guidance in financial and ERP application software. This broad array of expertise gives Progent the ability to salvage and consolidate the undamaged parts of your information system after a ransomware assault and rebuild them rapidly into a functioning network. Progent has worked with top cyber insurance carriers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Cabo Frio
To get in touch with Progent about ransomware settlement guidance in Cabo Frio, call Progent at 800-462-8800 or go to Contact Progent.