Overview of Progent's Ransomware Settlement Negotiation Consulting in Anaheim
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated activity that calls for a mix of real-word experience, technical skills and business acumen. It also calls for working closely with the victim's IT team and the cyber insurance carrier, if any. Because the top goal of the ransomware victim is fast recovery, it is critical to establish recovery groups that work efficiently, in parallel, and in close communication. Progent offers the breadth of technical knowledge and the deep bench of experts to complement your IT staff and restore your network environment quickly and affordably.
Support provided by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware used in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Testing the TA's decryption tool
- Determining a settlement range with the victim and the insurance provider
- Establishing a settlement and schedule with the TA
- Checking accordance with anti-money laundering sanctions
- Managing the crypto-currency payment to the TA
- Receiving, reviewing, and using the threat actor's decryptor mechanism
- If necessary, contacting the threat actor for technical assistance with the decryption tool
Once the decryption utility has been learned, Progent can assist you to restore machines and software services to their pre-arrack condition. Progent can also help you to perform comprehensive forensics and create a report to share with the cyber insurance carrier. This document helps you to understand cybersecurity gaps that must be fixed and suggests steps that can be performed to block subsequent ransomware assaults.
- Isolating infected endpoints to arrest the spread of the attack
- Creating digital copies of each compromised device and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all clean endpoints
- Salvaging data from offline backups or uncompromised endpoints
- Creating a clean environment
- Mapping and connecting drives to match exactly their pre-attack state
Paying Exfiltration Ransoms
Beyond demanding money for a decryption utility, modern variants of ransomware such as Ryuk, Maze, Netwalker, and Nephilim often attempt to exfiltrate files. Hackers are then able to require a separate settlement in exchange for not divulging this information on the dark web. Unfortunately, there is no method to prove that exfiltrated data have been completely deleted by the TA. Actually, in numerous cases the hacker has limited say about the disposition of the data. Settling an exfiltration ransom does not free you from the necessity of engaging the advice of legal counsel, conducting an investigation into which files were stolen, and sending the necessary notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided online and onsite IT services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes consultants who have been awarded advanced certifications in foundation technology platforms such as Cisco networking, VMware virtualization, and major Linux distros. Progent's data security experts have earned internationally recognized certifications including CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This scope of skills allows Progent to identify and integrate the undamaged parts of your information system following a ransomware intrusion and rebuild them quickly into a functioning system. Progent has worked with leading insurance carriers including Chubb to help businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Anaheim
To get in touch with Progent about crypto-ransomware settlement expertise in Anaheim, call Progent at 800-462-8800 or go to Contact Progent.