Progent's Ransomware Negotiation Services in Anchorage
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that calls for a mix of real-word experience, technical knowledge and business savvy. It also demands close co-operation with the ransomware victim's IT team and the insurance carrier, if there is one. Since the top goal of the ransomware victim is operational continuity, it is vital to establish recovery teams that work effectively, concurrently, and with intimate collaboration. Progent has the breadth of technical knowledge and the deep bench of experts to complement your IT support team and recover your network environment quickly and economically.
Services available from Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware involved in the assault
- identifying and contacting the hacker
- Assessing the likelihood of recovery
- Validating the hacker's decryption capabilities
- Determining a settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and timeline with the hacker
- Confirming adherence to anti-money laundering (AML) laws
- Carrying out the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the threat actor's decryptor mechanism
- If needed, contacting the hacker for assistance with the decryptor tool
After the decryption tool has been mastered, Progent can help you to recover machines and software services to their pre-arrack state. Progent can also help you to conduct a forensics investigation and generate a report to share with the insurance provider. This document identifies cybersecurity gaps that need to be corrected and recommends actions that should be performed to combat subsequent ransomware attacks.
- Quarantining infected endpoints to arrest the spread of the assault
- Making replicas of each compromised device and data store to allow forensics in parallel with cleanup
- Adding anti-virus protection to all clean endpoints
- Restoring files from air-gapped restores or unscathed machines
- Creating a clean environment
- Remapping and connecting datastores to match exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to steal (or "exfiltrate") information. TAs can then demand an additional payment for not divulging this data or selling it. Unfortunately, there is no method to be certain that stolen files have been totally deleted by the TA. Actually, in numerous instances the threat actor has limited say about who can access the stolen files. Settling an exfiltration ransom does not eliminate the necessity of getting the advice of privacy lawyers, performing an inventory of files were stolen, and carrying out the mandated alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes consultants who have been awarded advanced certifications in core technologies including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial management and ERP applications. This scope of expertise allows Progent to identify and integrate the surviving parts of your information system after a ransomware intrusion and rebuild them quickly into a viable network. Progent has worked with leading cyber insurance providers like Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Expertise in Anchorage
To contact with Progent about crypto-ransomware settlement negotiation expertise in Anchorage, phone Progent at 800-462-8800 or go to Contact Progent.