Progent's Ransomware Negotiation Services in Alpharetta
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex activity that requires a mix of real-word experience, technical knowledge and business savvy. It also demands working closely with the cyber-extortion target's IT staff and the cyber insurance carrier, if any. Because the number one goal of the ransomware target is fast recovery, it is critical to establish response teams that operate effectively, concurrently, and with intimate collaboration. Progent has the breadth of IT knowledge and the depth of experts to supplement your IT support team and recover your network rapidly and affordably.
Services available from Progent's ransomware settlement negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- making contact with the hacker persona
- Assessing the recovery risk
- Verifying the threat actor's decryption capabilities
- Determining a settlement with the ransomware victim and the insurance carrier
- Negotiating a settlement and timeline with the threat actor
- Verifying accordance with anti-money laundering (AML) regulations
- Managing the crypto-currency disbursement to the TA
- Acquiring, learning, and operating the TA's decryption tool
- If necessary, contacting the TA for assistance with the decryptor tool
After the decryption utility has been learned, Progent can help you to recover machines and services to their pre-arrack condition. Progent can also assist you to conduct a full forensic review and generate a report to share with the insurance carrier. This report identifies cybersecurity gaps that need to be corrected and suggests steps that can be taken to counter future ransomware attacks.
- Quarantining infected endpoints to prevent further progress of the assault
- Creating replicas of each infected server and endpoint and data store to allow forensics in parallel with restoration
- Adding anti-virus protection to all virus-free endpoints
- Salvaging data from offline backups or unscathed endpoints
- Creating a clean environment
- Mapping and connecting datastores to reflect precisely their pre-encryption condition
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern variants of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim commonly try to exfiltrate information. TAs are then able to demand a separate settlement for not posting this data on the dark web. Sadly, there is no way to be certain that exfiltrated data have been totally deleted by the TA. In fact, in numerous cases the hacker has little control over the disposition of the data. Settling an exfiltration ransom does not free you from the necessity of getting the guidance of legal counsel, performing an investigation into which files were compromised, and performing the necessary alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (See Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning software. This broad array of expertise allows Progent to identify and integrate the surviving pieces of your information system after a ransomware assault and rebuild them rapidly into a functioning network. Progent has worked with leading insurance providers like Chubb to help businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Alpharetta
To contact with Progent about crypto-ransomware settlement guidance in Alpharetta, call Progent at 800-993-9400 or go to Contact Progent.