Overview of Progent's Ransomware Negotiation Services in Monterey
Progent has experience negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that requires a combination of field experience, technical knowledge and business acumen. It also calls for working closely with the ransomware victim's IT team and the insurance carrier, if there is one. Because the number one goal of the ransomware victim is operational continuity, it is critical to deploy recovery groups that work effectively, concurrently, and in close communication. Progent has the scope of technical skills and the deep bench of experts to complement your network staff and restore your network rapidly and affordably.
Services provided by Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the attack
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Validating the threat actor's decryption capabilities
- Agreeing on a settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement amount and schedule with the threat actor
- Confirming compliance with anti-money laundering (AML) sanctions
- Carrying out the crypto-currency transfer to the hacker
- Receiving, reviewing, and operating the threat actor's decryption mechanism
- If needed, contacting the hacker for assistance with the decryption utility
After the decryption tool has been mastered, Progent can help you to recover computers and services to their pre-arrack condition. Progent can also assist you to conduct a complete forensics analysis and create a report to deliver to the insurance provider. This document identifies cybersecurity gaps that need to be fixed and suggests actions that should be taken to block subsequent ransomware attacks.
- Isolating affected endpoints to prevent further progress of the attack
- Creating replicas of each infected server and endpoint and data store in order to perform forensics without interfering with cleanup
- Adding anti-virus agents to all virus-free endpoints
- Salvaging files from air-gapped restores or unscathed endpoints
- Building a clean environment
- Mapping and connecting drives to reflect exactly their pre-encryption state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption utility, current variants of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim often attempt to exfiltrate information. TAs are then able to require a separate ransom in exchange for not publishing this data or selling it. Sadly, there is no way to guarantee that stolen data have been completely deleted by the threat actor. Actually, in many instances the threat actor has little control over who can access the stolen files. Settling an exfiltration ransom does not eliminate the necessity of getting the advice of privacy lawyers, performing an inventory of data were stolen, and performing the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises network services across the United States for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have earned high-level certifications in foundation technologies including Cisco networking, VMware, and popular distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP software. This scope of expertise allows Progent to salvage and integrate the undamaged pieces of your IT environment after a ransomware intrusion and rebuild them quickly into a viable network. Progent has worked with top cyber insurance carriers like Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Monterey
To contact with Progent about crypto-ransomware settlement services in Monterey, phone Progent at 800-993-9400 or go to Contact Progent.