Overview of Progent's Ransomware Negotiation Consulting in Alpharetta
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated activity that requires a combination of real-word experience, technical skills and business savvy. It also requires working closely with the cyber-extortion target's IT team and the insurance carrier, if any. Because the number one goal of the ransomware victim is fast recovery, it is critical to establish response groups that work efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the depth of personnel to complement your IT support team and recover your network environment quickly and economically.
Services offered by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Testing the hacker's decryption tool
- Budgeting a settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement amount and timeline with the hacker
- Checking adherence to anti-money laundering laws
- Managing the crypto-currency payment to the hacker
- Acquiring, reviewing, and operating the threat actor's decryptor tool
- If needed, contacting the TA for technical assistance with the decryption utility
Once the decryption utility has been mastered, Progent can help you to restore physical and virtual devices and software services to their pre-arrack condition. Progent can also assist you to perform a full forensic review and generate a document to share with the insurance carrier. This report identifies cybersecurity vulnerabilities that need to be fixed and recommends actions that should be taken to counter subsequent ransomware assaults.
- Isolating infected endpoints to prevent further spread of the attack
- Making digital copies of every breached server and endpoint and data store to allow forensics in parallel with restoration
- Adding A/V protection to all clean endpoints
- Recovering files from offline backups or unscathed endpoints
- Building a pristine recovery environment
- Remapping and reconnecting datastores to reflect exactly their pre-encryption condition
Beyond demanding payment for a decryption tool, modern variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often attempt to exfiltrate information. Hackers can then require an extra payment for not posting this data on the dark web. Sadly, there is no method to prove that exfiltrated data have been totally erased by the TA. Actually, in numerous cases the TA has limited say about the disposition of the data. Paying an exfiltration ransom does not free you from the need for getting the guidance of privacy attorneys, performing an audit on which data were stolen, and performing the required alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite IT services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes consultants who have earned advanced certifications in foundation technologies such as Cisco networking, VMware, and major distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISM, CISSP, and CRISC. (Refer to Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning application software. This scope of expertise gives Progent the ability to identify and integrate the undamaged pieces of your IT environment following a ransomware intrusion and reconstruct them quickly into an operational system. Progent has worked with top insurance carriers including Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Guidance in Alpharetta
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Alpharetta, phone Progent at 800-462-8800 or go to Contact Progent.