Progent's Ransomware Negotiation Consulting in San Juan
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that calls for a mix of real-word experience, IT skills and business acumen. It also requires working closely with the cyber-extortion target's IT team and the cyber insurance carrier, if there is one. Because the number one goal of the ransomware victim is fast recovery, it is vital to deploy recovery groups that work effectively, concurrently, and with intimate collaboration. Progent has the scope of IT skills and the deep bench of experts to supplement your network support team and recover your network rapidly and economically.
Services offered by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the recovery risk
- Verifying the threat actor's decryption capabilities
- Budgeting a settlement payment with the ransomware victim and the insurance provider
- Negotiating a settlement and schedule with the TA
- Verifying accordance with anti-money laundering (AML) laws
- Managing the crypto-currency disbursement to the TA
- Acquiring, reviewing, and using the hacker's decryptor mechanism
- If necessary, contacting the TA for assistance with the decryption utility
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and services to their original state. Progent can also assist you to conduct a forensics investigation and create a document to share with the cyber insurance carrier. This report identifies cybersecurity vulnerabilities that must be corrected and recommends steps that should be taken to block subsequent ransomware assaults.
- Isolating affected endpoints to prevent further progress of the assault
- Making replicas of every compromised device and data store in order to perform forensics without interfering with restoration
- Installing anti-virus protection to all clean endpoints
- Restoring files from offline backups or uncompromised endpoints
- Creating a pristine recovery environment
- Remapping and reconnecting drives to match exactly their pre-attack condition
Beyond demanding money for a decryption utility, modern variants of ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often try to steal (or "exfiltrate") information. Hackers are then able to require an extra settlement for not publishing this data on the dark web. Sadly, there is no way to guarantee that exfiltrated files have been totally deleted by the TA. In fact, in numerous cases the hacker has limited control over data custody. Settling an exfiltration ransom does not free you from the necessity of engaging the guidance of privacy lawyers, performing an inventory of files were compromised, and carrying out the mandated notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite network services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have been awarded advanced certifications in core technology platforms such as Cisco infrastructure, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning software. This scope of skills allows Progent to salvage and integrate the surviving parts of your IT environment after a ransomware intrusion and rebuild them rapidly into a viable system. Progent has worked with top cyber insurance carriers including Chubb to help organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Services in San Juan
To get in touch with Progent about crypto-ransomware settlement negotiation services in San Juan, call Progent at 800-462-8800 or go to Contact Progent.