Progent's Ransomware Settlement Negotiation Consulting in Monterey
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated exercise that requires a mix of field experience, IT skills and business acumen. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if there is one. Because the top priority of the ransomware victim is fast recovery, it is critical to establish recovery groups that work effectively, concurrently, and with intimate collaboration. Progent offers the breadth of IT knowledge and the depth of experts to complement your IT staff and recover your network quickly and affordably.
Services available from Progent's ransomware settlement negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware used in the assault
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Validating the threat actor's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the insurance carrier
- Establishing a settlement amount and timeline with the TA
- Verifying adherence to anti-money laundering (AML) sanctions
- Carrying out the crypto-currency payment to the TA
- Receiving, reviewing, and operating the TA's decryption mechanism
- If needed, contacting the threat actor for assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can assist you to restore computers and services to their pre-arrack state. Progent can also help you to perform a full forensic review and create a report to deliver to the cyber insurance carrier. This report helps you to understand cybersecurity gaps that must be fixed and suggests steps that can be taken to block subsequent ransomware assaults.
- Isolating infected endpoints to prevent further spread of the assault
- Making replicas of each compromised server and endpoint and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all clean endpoints
- Salvaging files from air-gapped restores or unscathed endpoints
- Creating a clean environment
- Remapping and connecting drives to match exactly their pre-encryption condition
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption utility, modern variants of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Nephilim often try to exfiltrate information. Hackers are then able to require an extra settlement in exchange for not posting this data or selling it. Sadly, there is no way to guarantee that exfiltrated data have been completely deleted by the threat actor. Actually, in many cases the threat actor has little control over who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy lawyers, performing an audit on which data were stolen, and performing the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered remote and on-premises network services across the United States for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have been awarded advanced certifications in foundation technologies including Cisco infrastructure, VMware, and major Linux distros. Progent's data security experts have earned prestigious certifications including CISA, CISSP, and GIAC. (See Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning software. This scope of expertise allows Progent to identify and integrate the undamaged parts of your network after a ransomware assault and rebuild them quickly into a viable network. Progent has collaborated with top insurance providers like Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Services in Monterey
To get in touch with Progent about crypto-ransomware settlement expertise in Monterey, call Progent at 800-462-8800 or go to Contact Progent.