Overview of Progent's Ransomware Negotiation Services in San Juan
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complex exercise that requires a mix of real-word experience, IT knowledge and business acumen. It also requires close co-operation with the ransomware victim's IT staff and the insurance provider, if there is one. Because the number one priority of the ransomware victim is operational continuity, it is critical to deploy recovery groups that work effectively, in parallel, and in close communication. Progent has the breadth of IT skills and the depth of experts to supplement your network staff and recover your network environment quickly and economically.
Support offered by Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the attack
- identifying and contacting the hacker
- Evaluating the recovery risk
- Validating the threat actor's decryption tool
- Agreeing on a settlement range with the victim and the insurance carrier
- Negotiating a settlement amount and schedule with the TA
- Confirming compliance with anti-money laundering laws
- Managing the crypto-currency transfer to the hacker
- Receiving, learning, and operating the hacker's decryption tool
- If necessary, contacting the threat actor for assistance with the decryption utility
Once the decryption tool has been learned, Progent can assist you to restore computers and services to their original state. Progent can also help you to conduct a complete forensics analysis and create a report to share with the cyber insurance provider. This report identifies security vulnerabilities that must be fixed and recommends actions that can be performed to counter future ransomware assaults.
- Isolating infected endpoints to arrest the spread of the assault
- Creating replicas of every infected device and data store to allow forensics in parallel with recovery
- Adding anti-virus agents to all virus-free endpoints
- Restoring files from offline restores or unscathed endpoints
- Building a pristine recovery environment
- Remapping and reconnecting drives to match precisely their pre-encryption state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern variants of crypto-ransomware such as Ryuk, Maze, Netwalker, and Nephilim often attempt to steal (or "exfiltrate") information. Hackers are then able to demand a separate settlement for not posting this data on the dark web. Unfortunately, there is no method to guarantee that exfiltrated data have been completely deleted by the threat actor. Actually, in many instances the hacker has limited say about where the information ends up. Settling an exfiltration ransom does not free you from the necessity of getting the advice of privacy attorneys, conducting an investigation into which data were compromised, and sending the required alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services throughout the United States for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes professionals who have earned high-level certifications in core technologies such as Cisco networking, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned prestigious certifications such as CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has guidance in financial management and Enterprise Resource Planning application software. This broad array of expertise gives Progent the ability to identify and integrate the undamaged parts of your IT environment following a ransomware assault and reconstruct them quickly into a functioning network. Progent has worked with top insurance carriers including Chubb to assist organizations clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Guidance in San Juan
To contact with Progent about crypto-ransomware settlement services in San Juan, phone Progent at 800-462-8800 or go to Contact Progent.