Progent's Ransomware Negotiation Services in Alpharetta
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complicated exercise that calls for a mix of real-word experience, IT skills and business savvy. It also calls for close co-operation with the victim's IT team and the cyber insurance carrier, if any. Since the top goal of the ransomware victim is fast recovery, it is critical to establish response groups that operate efficiently, concurrently, and with intimate collaboration. Progent offers the breadth of IT skills and the depth of personnel to complement your IT support team and recover your network environment rapidly and economically.
Support offered by Progent's ransomware settlement team include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Validating the threat actor's decryption tool
- Determining a settlement with the victim and the cyber insurance carrier
- Establishing a settlement and timeline with the TA
- Confirming adherence to anti-money laundering regulations
- Carrying out the crypto-currency payment to the hacker
- Acquiring, learning, and operating the TA's decryption utility
- If needed, contacting the threat actor for assistance with the decryptor utility
Once the decryption tool has been learned, Progent can help you to restore computers and services to their pre-arrack state. Progent can also help you to conduct a full forensic review and generate a report to share with the cyber insurance provider. This document identifies cybersecurity gaps that must be eliminated and suggests actions that should be taken to counter future ransomware attacks.
- Isolating infected endpoints to prevent further progress of the assault
- Creating digital copies of every infected device and data store in order to perform forensics without interfering with cleanup
- Adding A/V protection to all virus-free endpoints
- Recovering files from air-gapped restores or unscathed endpoints
- Building a clean recovery environment
- Remapping and connecting drives to match precisely their pre-attack state
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption tool, current variants of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") information. TAs are then able to demand a separate payment for not posting this information on the dark web. Sadly, there is no way to prove that stolen files have been totally deleted by the threat actor. In fact, in many instances the threat actor has little control over who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy attorneys, performing an investigation into which data were stolen, and sending the required notifications to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises network services throughout the U.S. for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced certifications in core technology platforms such as Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISA, CISSP, and CRISC. (See Progent's certifications). Progent also has top-tier support in financial and ERP software. This scope of expertise allows Progent to salvage and integrate the surviving pieces of your IT environment after a ransomware attack and reconstruct them rapidly into a functioning network. Progent has worked with top cyber insurance providers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Alpharetta
To contact with Progent about crypto-ransomware settlement services in Alpharetta, phone Progent at 800-462-8800 or go to Contact Progent.