Progent's Ransomware Settlement Negotiation Services in Alexandria
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that requires a combination of real-word experience, technical skills and business savvy. It also requires close co-operation with the victim's IT team and the cyber insurance provider, if any. Because the top goal of the ransomware target is fast recovery, it is vital to establish recovery groups that work effectively, in parallel, and in close communication. Progent offers the scope of IT skills and the depth of personnel to supplement your network support team and recover your network environment quickly and affordably.
Services provided by Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the assault
- making contact with the hacker
- Assessing the likelihood of recovery
- Testing the hacker's decryption capabilities
- Deciding on an acceptable settlement range with the ransomware victim and the insurance provider
- Negotiating a settlement amount and schedule with the TA
- Confirming adherence to anti-money laundering laws
- Carrying out the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the hacker's decryptor utility
- If needed, contacting the hacker for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and software services to their original state. Progent can also help you to conduct a complete forensics analysis and generate a document to share with the insurance carrier. This report identifies cybersecurity gaps that need to be eliminated and suggests steps to be performed to block subsequent ransomware assaults.
- Quarantining infected endpoints to arrest the progress of the attack
- Making replicas of each breached server and endpoint and data store to allow forensics without interfering with recovery
- Adding A/V protection to all virus-free endpoints
- Salvaging files from air-gapped restores or unscathed machines
- Building a clean recovery environment
- Remapping and connecting datastores to match precisely their pre-attack condition
Beyond extorting payment for a decryption tool, current variants of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Egregor often try to exfiltrate information. Hackers can then demand an extra ransom in exchange for not divulging this data or selling it. Unfortunately, there is no way to be certain that stolen data have been totally erased by the threat actor. In fact, in numerous instances the threat actor has little say over the disposition of the data. Paying an exfiltration ransom does not free you from the need for getting the advice of privacy lawyers, performing an investigation into which files were compromised, and carrying out the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services across the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes professionals who have been awarded advanced certifications in core technologies such as Cisco infrastructure, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP application software. This broad array of expertise allows Progent to identify and integrate the surviving pieces of your IT environment after a ransomware assault and reconstruct them quickly into a functioning system. Progent has collaborated with top cyber insurance providers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Guidance in Alexandria
To get in touch with Progent about ransomware settlement expertise in Alexandria, call Progent at 800-462-8800 or go to Contact Progent.