Overview of Progent's Ransomware Settlement Negotiation Consulting in Monterey
Progent has experience negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex activity that requires a combination of field experience, technical skills and business acumen. It also demands close co-operation with the victim's IT team and the insurance provider, if there is one. Because the top goal of the ransomware victim is operational continuity, it is vital to deploy recovery groups that work efficiently, concurrently, and with intimate collaboration. Progent has the breadth of technical skills and the deep bench of experts to supplement your IT staff and recover your network environment quickly and economically.
Services available from Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware used in the assault
- making contact with the hacker
- Assessing the recovery risk
- Verifying the TA's decryption tool
- Deciding on an acceptable settlement amount with the victim and the insurance carrier
- Establishing a settlement amount and timeline with the threat actor
- Verifying adherence to anti-money laundering (AML) regulations
- Overseeing the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the TA's decryptor utility
- If necessary, contacting the TA for technical assistance with the decryption utility
Once the decryption tool has been mastered, Progent can help you to restore physical and virtual devices and software services to their original state. Progent can also help you to conduct a complete forensics analysis and generate a report to share with the insurance provider. This document identifies cybersecurity gaps that must be corrected and recommends steps that should be taken to block future ransomware attacks.
- Quarantining infected endpoints to prevent further spread of the assault
- Making digital copies of every compromised server and endpoint and data store in order to perform forensics in parallel with recovery
- Installing A/V protection to all virus-free endpoints
- Recovering data from offline backups or uncompromised machines
- Building a pristine environment
- Remapping and connecting datastores to reflect precisely their pre-encryption condition
Settling Exfiltration Ransoms
Beyond demanding money for a decryption utility, current strains of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Egregor commonly try to steal (or "exfiltrate") information. TAs can then demand a separate payment for not publishing this information on the dark web. Unfortunately, there is no way to prove that stolen data have been totally deleted by the hacker. Actually, in numerous instances the threat actor has limited say about who can access the stolen files. Settling an exfiltration ransom does not free you from the need for engaging the guidance of legal counsel, performing an audit on which data were compromised, and performing the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have been awarded high-level certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's data security experts have earned internationally recognized certifications including CISM, CISSP, and GIAC. (See Progent's certifications). Progent also offers top-tier support in financial management and Enterprise Resource Planning application software. This broad array of expertise allows Progent to salvage and integrate the undamaged parts of your information system following a ransomware attack and reconstruct them quickly into an operational network. Progent has worked with leading cyber insurance carriers including Chubb to assist organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Services in Monterey
To contact with Progent about crypto-ransomware settlement negotiation services in Monterey, phone Progent at 800-462-8800 or go to Contact Progent.