Overview of Progent's Ransomware Settlement Negotiation Consulting in San Juan
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that calls for a mix of field experience, technical knowledge and business savvy. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance carrier, if there is one. Since the number one priority of the ransomware victim is operational continuity, it is critical to establish response teams that operate effectively, in parallel, and with intimate collaboration. Progent has the scope of technical knowledge and the depth of personnel to complement your IT support team and restore your network environment rapidly and affordably.
Services provided by Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the attack
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Validating the TA's decryption capabilities
- Deciding on an acceptable settlement with the ransomware victim and the insurance provider
- Establishing a settlement and schedule with the hacker
- Verifying accordance with anti-money laundering laws
- Managing the crypto-currency payment to the hacker
- Receiving, learning, and operating the TA's decryption tool
- If needed, contacting the threat actor for technical assistance with the decryption tool
Once the decryption tool has been learned, Progent can assist you to restore computers and software services to their pre-arrack condition. Progent can also assist you to conduct a full forensic review and generate a document to deliver to the insurance carrier. This report identifies cybersecurity vulnerabilities that need to be corrected and recommends steps that can be taken to combat subsequent ransomware attacks.
- Isolating infected endpoints to prevent further progress of the assault
- Creating replicas of every infected device and data store to allow forensics without interfering with restoration
- Installing anti-virus protection to all virus-free endpoints
- Recovering files from offline backups or uncompromised endpoints
- Building a pristine environment
- Mapping and connecting drives to reflect exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption utility, current variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor commonly try to exfiltrate files. Hackers are then able to demand an additional payment in exchange for not posting this data on the dark web. Unfortunately, there is no method to guarantee that exfiltrated data have been totally erased by the threat actor. In fact, in many instances the threat actor has limited say over where the information ends up. Settling an exfiltration ransom does not free you from the necessity of seeking the advice of legal counsel, performing an audit on which data were compromised, and sending the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite IT services across the U.S. for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes professionals who have been awarded high-level certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to salvage and integrate the undamaged parts of your network after a ransomware intrusion and reconstruct them quickly into a functioning system. Progent has worked with leading insurance carriers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in San Juan
To contact with Progent about ransomware settlement guidance in San Juan, phone Progent at 800-462-8800 or go to Contact Progent.