Overview of Progent's Ransomware Settlement Negotiation Services in Allentown
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complicated activity that requires a combination of field experience, IT skills and business savvy. It also demands working closely with the ransomware victim's IT team and the insurance carrier, if there is one. Because the top priority of the ransomware victim is fast recovery, it is vital to establish recovery groups that work effectively, concurrently, and in close communication. Progent offers the scope of IT knowledge and the depth of personnel to complement your IT support team and restore your network rapidly and affordably.
Support available from Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the assault
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Validating the hacker's decryption tool
- Deciding on an acceptable settlement with the ransomware victim and the insurance carrier
- Establishing a settlement and schedule with the hacker
- Confirming accordance with anti-money laundering (AML) regulations
- Managing the crypto-currency transfer to the TA
- Acquiring, reviewing, and using the threat actor's decryption mechanism
- If needed, contacting the TA for technical help with the decryptor utility
Once the decryption utility has been mastered, Progent can help you to recover computers and services to their original condition. Progent can also help you to perform a forensics investigation and generate a report to share with the cyber insurance provider. This document identifies cybersecurity gaps that need to be corrected and suggests steps to be performed to block future ransomware attacks.
- Quarantining affected endpoints to arrest the progress of the attack
- Creating digital copies of every infected server and endpoint and data store in order to perform forensics in parallel with restoration
- Adding A/V agents to all clean endpoints
- Recovering files from air-gapped restores or unscathed machines
- Building a pristine environment
- Remapping and reconnecting drives to match precisely their pre-attack state
In addition to extorting payment for a decryption utility, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly attempt to exfiltrate information. Hackers are then able to require an additional settlement for not divulging this data on the dark web. Unfortunately, there is no way to guarantee that exfiltrated files have been completely deleted by the TA. In fact, in many instances the TA has little control over data custody. Paying an exfiltration ransom does not free you from the necessity of seeking the advice of legal counsel, conducting an investigation into which data were taken, and carrying out the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite network services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes consultants who have been awarded advanced certifications in foundation technology platforms including Cisco networking, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISA, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This breadth of skills allows Progent to salvage and integrate the undamaged parts of your IT environment after a ransomware intrusion and rebuild them rapidly into a functioning system. Progent has collaborated with top insurance carriers including Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Allentown
To get in touch with Progent about ransomware settlement negotiation expertise in Allentown, phone Progent at 800-462-8800 or go to Contact Progent.