Progent's Ransomware Negotiation Services in Allentown
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that requires a combination of real-word experience, IT skills and business acumen. It also demands working closely with the ransomware victim's IT team and the cyber insurance provider, if any. Because the top goal of the ransomware victim is fast recovery, it is critical to deploy recovery groups that operate effectively, concurrently, and in close communication. Progent offers the scope of technical knowledge and the depth of personnel to complement your IT staff and restore your network environment rapidly and affordably.
Services available from Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware used in the assault
- identifying and contacting the hacker
- Evaluating the recovery risk
- Verifying the hacker's decryption tool
- Agreeing on a settlement payment with the ransomware victim and the insurance provider
- Establishing a settlement and timeline with the TA
- Checking compliance with anti-money laundering (AML) sanctions
- Managing the crypto-currency transfer to the TA
- Receiving, reviewing, and using the hacker's decryptor tool
- If needed, contacting the hacker for technical help with the decryption utility
Once the decryption tool has been learned, Progent can assist you to restore physical and virtual devices and services to their original state. Progent can also assist you to perform comprehensive forensics and generate a document to share with the insurance carrier. This report helps you to understand cybersecurity gaps that need to be corrected and recommends actions that should be taken to counter subsequent ransomware assaults.
- Isolating affected endpoints to arrest the spread of the attack
- Making digital copies of each compromised device and data store in order to perform forensics without interfering with cleanup
- Installing A/V agents to all clean endpoints
- Restoring data from offline backups or unscathed machines
- Building a clean recovery environment
- Mapping and reconnecting drives to match precisely their pre-encryption condition
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern variants of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate files. Hackers can then require a separate payment for not posting this data or selling it. Sadly, there is no method to be certain that exfiltrated files have been completely erased by the threat actor. In fact, in many instances the TA has limited control about where the information ends up. Settling an exfiltration ransom does not free you from the necessity of engaging the advice of privacy attorneys, conducting an investigation into which files were compromised, and carrying out the mandated alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes professionals who have earned advanced certifications in core technologies including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning application software. This breadth of skills allows Progent to identify and integrate the surviving pieces of your network after a ransomware assault and reconstruct them quickly into a functioning network. Progent has collaborated with top insurance carriers like Chubb to assist organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Allentown
To get in touch with Progent about ransomware settlement negotiation guidance in Allentown, phone Progent at 800-462-8800 or go to Contact Progent.