Progent's Ransomware Negotiation Services in Santos
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complex exercise that calls for a mix of real-word experience, technical skills and business savvy. It also demands close co-operation with the ransomware victim's IT team and the insurance provider, if any. Since the top priority of the ransomware victim is operational continuity, it is vital to establish recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of IT skills and the deep bench of personnel to supplement your network support team and restore your network rapidly and economically.
Support provided by Progent's ransomware negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware used in the attack
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Validating the TA's decryption tool
- Deciding on an acceptable settlement payment with the ransomware victim and the insurance provider
- Negotiating a settlement and schedule with the TA
- Checking adherence to anti-money laundering regulations
- Managing the crypto-currency disbursement to the hacker
- Receiving, learning, and operating the TA's decryptor utility
- If needed, contacting the TA for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover machines and services to their pre-arrack condition. Progent can also help you to perform a complete forensics analysis and create a document to deliver to the insurance carrier. This document helps you to understand cybersecurity vulnerabilities that need to be corrected and suggests actions to be performed to combat subsequent ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further progress of the assault
- Creating digital copies of every infected server and endpoint and data store in order to perform forensics without interfering with recovery
- Installing anti-virus agents to all clean endpoints
- Restoring files from offline restores or unscathed machines
- Building a pristine environment
- Remapping and connecting drives to match exactly their pre-attack state
Beyond extorting money for a decryption utility, modern strains of ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") information. TAs can then require an additional ransom for not divulging this information on the dark web. Sadly, there exists no way to prove that exfiltrated data have been completely erased by the TA. In fact, in many instances the TA has little say about the disposition of the data. Settling an exfiltration ransom does not eliminate the need for engaging the guidance of privacy lawyers, conducting an investigation into which files were compromised, and sending the mandated alerts to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have earned advanced certifications in foundation technologies including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's data security consultants have earned internationally recognized certifications such as CISM, CISSP, and GIAC. (See Progent's certifications). Progent also offers top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to salvage and consolidate the undamaged pieces of your information system after a ransomware assault and rebuild them quickly into a viable system. Progent has collaborated with top insurance carriers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Santos
To contact with Progent about crypto-ransomware settlement expertise in Santos, call Progent at 800-462-8800 or go to Contact Progent.