Progent's Ransomware Settlement Negotiation Consulting in Allentown
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that calls for a mix of real-word experience, technical skills and business savvy. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if any. Because the top priority of the ransomware victim is operational continuity, it is vital to deploy recovery teams that work efficiently, concurrently, and in close communication. Progent offers the scope of technical knowledge and the depth of personnel to complement your IT staff and recover your network quickly and economically.
Services available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware used in the attack
- making contact with the hacker persona
- Evaluating the recovery risk
- Testing the threat actor's decryption capabilities
- Deciding on an acceptable settlement amount with the ransomware victim and the insurance carrier
- Negotiating a settlement amount and timeline with the TA
- Confirming accordance with anti-money laundering laws
- Overseeing the crypto-currency transfer to the TA
- Acquiring, reviewing, and operating the threat actor's decryption mechanism
- If necessary, contacting the TA for assistance with the decryption utility
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and software services to their original state. Progent can also assist you to perform comprehensive forensics and generate a document to deliver to the cyber insurance carrier. This document identifies security vulnerabilities that must be eliminated and suggests actions that can be taken to block future ransomware assaults.
- Quarantining affected endpoints and data stores to arrest the spread of the assault
- Making digital copies of every breached device and data store to allow forensics in parallel with restoration
- Installing anti-virus protection to all clean endpoints
- Restoring data from air-gapped backups or unscathed endpoints
- Creating a clean recovery environment
- Remapping and reconnecting datastores to reflect precisely their pre-attack state
In addition to demanding payment for a decryption utility, modern variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor often try to steal (or "exfiltrate") information. TAs can then demand a separate payment in exchange for not divulging this information on the dark web. Unfortunately, there exists no way to prove that stolen data have been totally erased by the TA. Actually, in numerous instances the hacker has limited say about data custody. Settling an exfiltration ransom does not eliminate the necessity of getting the guidance of privacy lawyers, conducting an inventory of data were compromised, and sending the mandated alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite network services throughout the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes consultants who have earned high-level certifications in foundation technologies such as Cisco networking, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also has top-tier support in financial and ERP software. This breadth of skills allows Progent to salvage and consolidate the undamaged pieces of your network following a ransomware attack and reconstruct them rapidly into a functioning network. Progent has collaborated with top insurance carriers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Expertise in Allentown
To contact with Progent about ransomware settlement services in Allentown, call Progent at 800-462-8800 or go to Contact Progent.