Progent's Ransomware Negotiation Services in Monterey
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated exercise that calls for a mix of real-word experience, technical knowledge and business savvy. It also demands close co-operation with the ransomware victim's IT staff and the cyber insurance carrier, if any. Since the number one priority of the ransomware victim is fast recovery, it is vital to establish response teams that work efficiently, concurrently, and with intimate collaboration. Progent offers the scope of IT knowledge and the deep bench of personnel to complement your network support team and recover your network environment quickly and economically.
Services offered by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware used in the assault
- Identifying and communicating with the hacker persona
- Assessing the likelihood of recovery
- Testing the hacker's decryption tool
- Determining a settlement payment with the victim and the cyber insurance provider
- Negotiating a settlement amount and schedule with the hacker
- Checking compliance with anti-money laundering (AML) laws
- Managing the crypto-currency payment to the TA
- Acquiring, learning, and operating the hacker's decryption tool
- If needed, contacting the hacker for technical assistance with the decryptor tool
Once the decryption tool has been learned, Progent can assist you to recover computers and software services to their original state. Progent can also help you to conduct comprehensive forensics and create a document to deliver to the insurance carrier. This report identifies cybersecurity vulnerabilities that must be eliminated and suggests steps to be taken to counter subsequent ransomware attacks.
- Quarantining affected endpoints to arrest the spread of the attack
- Making digital copies of each breached device and data store to allow forensics in parallel with cleanup
- Installing A/V agents to all clean endpoints
- Restoring files from air-gapped restores or unscathed machines
- Building a pristine recovery environment
- Mapping and reconnecting datastores to reflect exactly their pre-encryption state
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption tool, current strains of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Nephilim commonly attempt to steal (or "exfiltrate") information. TAs are then able to require an additional ransom for not divulging this information on the dark web. Sadly, there is no way to be certain that exfiltrated files have been completely erased by the threat actor. Actually, in many cases the threat actor has limited control about data custody. Paying an exfiltration ransom does not eliminate the need for getting the guidance of privacy attorneys, performing an audit on which files were stolen, and performing the mandated alerts to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have been awarded high-level certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's data security experts have earned internationally recognized certifications including CISA, CISSP, and GIAC. (See Progent's certifications). Progent also offers top-tier support in financial and Enterprise Resource Planning application software. This breadth of expertise gives Progent the ability to identify and integrate the surviving pieces of your IT environment following a ransomware assault and reconstruct them rapidly into a functioning network. Progent has collaborated with leading cyber insurance carriers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Monterey
To contact with Progent about crypto-ransomware settlement guidance in Monterey, phone Progent at 800-462-8800 or go to Contact Progent.