Overview of Progent's Ransomware Settlement Negotiation Services in Santos
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that calls for a mix of field experience, technical knowledge and business savvy. It also calls for working closely with the cyber-extortion target's IT staff and the insurance provider, if any. Since the number one priority of the ransomware target is fast recovery, it is vital to deploy recovery teams that operate efficiently, in parallel, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of personnel to complement your IT support team and recover your network environment rapidly and economically.
Support available from Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Testing the hacker's decryption capabilities
- Budgeting a settlement range with the victim and the insurance carrier
- Establishing a settlement and timeline with the threat actor
- Verifying compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the hacker
- Receiving, reviewing, and operating the threat actor's decryption utility
- If needed, contacting the hacker for technical assistance with the decryptor tool
After the decryption utility has been learned, Progent can assist you to recover computers and services to their original state. Progent can also assist you to conduct a complete forensics analysis and create a document to deliver to the cyber insurance carrier. This report identifies cybersecurity gaps that need to be fixed and recommends actions that should be performed to counter future ransomware attacks.
- Isolating affected endpoints and data stores to arrest the spread of the attack
- Creating replicas of every infected device and data store in order to perform forensics in parallel with restoration
- Adding A/V agents to all virus-free endpoints
- Salvaging files from offline backups or uncompromised machines
- Creating a clean recovery environment
- Mapping and reconnecting datastores to reflect precisely their pre-encryption condition
Paying Exfiltration Ransoms
Beyond extorting money for a decryption utility, current variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often attempt to exfiltrate files. TAs are then able to demand a separate payment for not posting this information on the dark web. Sadly, there is no method to be certain that exfiltrated files have been completely erased by the hacker. In fact, in many instances the TA has limited control about where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy lawyers, performing an audit on which data were taken, and performing the required notifications to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises network services across the U.S. for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes consultants who have been awarded high-level certifications in core technology platforms such as Cisco networking, VMware, and major distributions of Linux. Progent's data security experts have earned industry-recognized certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and Enterprise Resource Planning application software. This broad array of skills gives Progent the ability to salvage and consolidate the undamaged parts of your IT environment after a ransomware attack and rebuild them rapidly into a viable system. Progent has worked with leading insurance providers like Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Guidance in Santos
To get in touch with Progent about crypto-ransomware settlement negotiation services in Santos, call Progent at 800-993-9400 or go to Contact Progent.