Progent's Ransomware Negotiation Services in Bakersfield
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex exercise that requires a combination of field experience, IT skills and business acumen. It also demands working closely with the cyber-extortion target's IT staff and the insurance provider, if any. Since the number one goal of the ransomware target is fast recovery, it is vital to establish response teams that work effectively, in parallel, and with intimate collaboration. Progent offers the scope of IT knowledge and the deep bench of personnel to complement your network support team and restore your network rapidly and economically.
Support available from Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware involved in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Testing the threat actor's decryption capabilities
- Determining a settlement amount with the victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the threat actor
- Verifying adherence to anti-money laundering (AML) regulations
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and using the threat actor's decryptor utility
- If necessary, contacting the TA for technical help with the decryption tool
Once the decryption tool has been mastered, Progent can help you to restore machines and software services to their original condition. Progent can also assist you to conduct comprehensive forensics and create a report to share with the cyber insurance provider. This report helps you to understand cybersecurity gaps that must be corrected and recommends actions that can be performed to block subsequent ransomware attacks.
- Isolating affected endpoints to arrest the spread of the attack
- Making digital copies of every compromised server and endpoint and data store in order to perform forensics in parallel with recovery
- Installing A/V protection to all clean endpoints
- Salvaging files from air-gapped restores or uncompromised endpoints
- Building a clean recovery environment
- Remapping and connecting datastores to match exactly their pre-attack condition
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate files. Hackers can then require an extra settlement in exchange for not publishing this information or selling it. Unfortunately, there exists no method to prove that exfiltrated files have been completely deleted by the hacker. In fact, in numerous instances the threat actor has little control about where the information ends up. Paying an exfiltration ransom does not eliminate the need for getting the guidance of privacy lawyers, conducting an investigation into which data were compromised, and performing the required alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises IT services across the United States for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SBEs includes professionals who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning applications. This breadth of skills allows Progent to salvage and integrate the undamaged parts of your information system after a ransomware attack and rebuild them rapidly into an operational system. Progent has collaborated with leading insurance providers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Bakersfield
To contact with Progent about crypto-ransomware settlement services in Bakersfield, call Progent at 800-462-8800 or go to Contact Progent.