Overview of Progent's Ransomware Settlement Negotiation Services in Campinas
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complicated exercise that requires a mix of field experience, technical knowledge and business savvy. It also requires working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if any. Since the top goal of the ransomware target is operational continuity, it is critical to deploy recovery groups that operate effectively, in parallel, and in close communication. Progent has the breadth of IT knowledge and the deep bench of experts to complement your IT support team and recover your network environment rapidly and affordably.
Services offered by Progent's ransomware settlement negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware involved in the assault
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Validating the hacker's decryption capabilities
- Budgeting a settlement amount with the ransomware victim and the insurance provider
- Negotiating a settlement amount and schedule with the TA
- Verifying compliance with anti-money laundering (AML) sanctions
- Carrying out the crypto-currency transfer to the hacker
- Acquiring, learning, and operating the TA's decryption utility
- If necessary, contacting the hacker for technical assistance with the decryptor tool
Once the decryption utility has been mastered, Progent can assist you to restore physical and virtual devices and software services to their original condition. Progent can also assist you to conduct a forensics investigation and generate a report to share with the cyber insurance provider. This report helps you to understand security gaps that must be corrected and suggests steps to be taken to counter future ransomware attacks.
- Isolating infected endpoints to arrest the progress of the attack
- Making replicas of each compromised device and data store in order to perform forensics without interfering with recovery
- Adding A/V protection to all clean endpoints
- Restoring files from offline restores or unscathed machines
- Creating a clean recovery environment
- Mapping and connecting drives to match exactly their pre-attack condition
Settling Exfiltration Ransoms
In addition to demanding payment for a decryption tool, current variants of ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim commonly try to exfiltrate files. TAs can then demand an extra settlement in exchange for not posting this information on the dark web. Unfortunately, there exists no way to be certain that exfiltrated files have been totally deleted by the hacker. In fact, in many instances the threat actor has limited control over where the information ends up. Paying an exfiltration ransom does not free you from the necessity of engaging the guidance of privacy attorneys, performing an inventory of data were stolen, and sending the mandated alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises IT services across the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded high-level certifications in core technologies such as Cisco networking, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning software. This scope of skills allows Progent to identify and integrate the undamaged pieces of your information system after a ransomware attack and rebuild them rapidly into an operational system. Progent has collaborated with top cyber insurance carriers including Chubb to help organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Expertise in Campinas
To get in touch with Progent about ransomware settlement negotiation services in Campinas, phone Progent at 800-462-8800 or go to Contact Progent.