Progent's Ransomware Negotiation Consulting in Alexandria
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that calls for a mix of real-word experience, technical skills and business savvy. It also calls for working closely with the cyber-extortion target's IT team and the cyber insurance carrier, if there is one. Since the number one goal of the ransomware victim is fast recovery, it is vital to deploy recovery teams that operate effectively, concurrently, and in close communication. Progent offers the scope of technical knowledge and the depth of experts to supplement your IT support team and recover your network quickly and affordably.
Support provided by Progent's ransomware settlement negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware involved in the assault
- making contact with the hacker
- Assessing the likelihood of recovery
- Testing the TA's decryption capabilities
- Deciding on an acceptable settlement payment with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and timeline with the threat actor
- Confirming accordance with anti-money laundering regulations
- Overseeing the crypto-currency transfer to the hacker
- Receiving, reviewing, and using the TA's decryption utility
- If needed, contacting the hacker for assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can assist you to recover computers and services to their pre-arrack state. Progent can also assist you to perform a full forensic review and generate a document to deliver to the insurance carrier. This report identifies security vulnerabilities that must be eliminated and suggests steps to be taken to block future ransomware assaults.
- Isolating infected endpoints to arrest the spread of the assault
- Creating replicas of every infected server and endpoint and data store in order to perform forensics without interfering with recovery
- Installing anti-virus protection to all clean endpoints
- Salvaging data from offline backups or uncompromised endpoints
- Building a pristine recovery environment
- Mapping and reconnecting drives to match precisely their pre-encryption state
In addition to demanding payment for a decryption utility, modern strains of ransomware such as Ryuk, Maze, DopplePaymer, and Egregor commonly try to exfiltrate information. TAs are then able to demand an additional payment for not posting this data on the dark web. Sadly, there is no method to be certain that exfiltrated data have been totally deleted by the threat actor. In fact, in many cases the threat actor has little say over who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of getting the advice of privacy lawyers, performing an investigation into which data were stolen, and sending the mandated notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have been awarded advanced certifications in core technology platforms including Cisco networking, VMware, and popular Linux distros. Progent's data security consultants have earned prestigious certifications such as CISA, CISSP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial and ERP application software. This breadth of expertise allows Progent to identify and consolidate the surviving parts of your IT environment following a ransomware intrusion and reconstruct them quickly into a viable system. Progent has worked with leading insurance carriers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Alexandria
To get in touch with Progent about crypto-ransomware settlement services in Alexandria, phone Progent at 800-462-8800 or go to Contact Progent.