Progent's Ransomware Settlement Negotiation Consulting in Campinas
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complicated activity that requires a combination of real-word experience, technical knowledge and business savvy. It also demands working closely with the ransomware victim's IT staff and the insurance carrier, if there is one. Because the top goal of the ransomware victim is operational continuity, it is vital to establish response teams that operate efficiently, in parallel, and in close communication. Progent offers the breadth of technical skills and the depth of personnel to supplement your IT staff and restore your network environment rapidly and economically.
Services provided by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Validating the TA's decryption tool
- Agreeing on a settlement payment with the victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the TA
- Checking accordance with anti-money laundering sanctions
- Overseeing the crypto-currency transfer to the hacker
- Receiving, learning, and using the TA's decryption utility
- If necessary, contacting the TA for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover machines and services to their original condition. Progent can also help you to perform a forensics investigation and generate a report to share with the cyber insurance provider. This document helps you to understand cybersecurity vulnerabilities that must be fixed and recommends actions to be taken to combat future ransomware assaults.
- Isolating affected endpoints to prevent further progress of the assault
- Making digital copies of each compromised server and endpoint and data store in order to perform forensics in parallel with recovery
- Installing anti-virus protection to all virus-free endpoints
- Restoring data from offline restores or uncompromised endpoints
- Creating a clean recovery environment
- Mapping and reconnecting datastores to match precisely their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding payment for a decryption utility, modern variants of crypto-ransomware such as Ryuk, Maze, Netwalker, and Nephilim commonly attempt to exfiltrate information. Hackers are then able to demand a separate ransom in exchange for not divulging this information or selling it. Sadly, there exists no way to be certain that stolen data have been totally erased by the TA. Actually, in numerous instances the hacker has limited control about the disposition of the data. Paying an exfiltration ransom does not eliminate the need for getting the advice of privacy lawyers, performing an investigation into which data were compromised, and performing the necessary notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services throughout the United States for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have earned high-level certifications in core technologies including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned internationally recognized certifications including CISA, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also has guidance in financial and ERP application software. This breadth of skills gives Progent the ability to identify and integrate the undamaged parts of your network after a ransomware assault and reconstruct them rapidly into a functioning network. Progent has collaborated with top cyber insurance carriers including Chubb to assist organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Campinas
To get in touch with Progent about ransomware settlement negotiation services in Campinas, call Progent at 800-462-8800 or go to Contact Progent.