Overview of Progent's Ransomware Settlement Negotiation Consulting in Baltimore
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complex exercise that requires a mix of real-word experience, IT skills and business acumen. It also requires working closely with the ransomware victim's IT staff and the cyber insurance provider, if there is one. Since the number one goal of the ransomware victim is fast recovery, it is vital to deploy recovery teams that work efficiently, concurrently, and in close communication. Progent offers the scope of IT skills and the deep bench of experts to complement your IT support team and restore your network quickly and economically.
Services offered by Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware used in the assault
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption tool
- Deciding on an acceptable settlement amount with the ransomware victim and the cyber insurance carrier
- Establishing a settlement and schedule with the TA
- Confirming accordance with anti-money laundering laws
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryptor utility
- If needed, contacting the hacker for technical help with the decryptor utility
After the decryption utility has been learned, Progent can assist you to restore physical and virtual devices and software services to their original state. Progent can also help you to perform a full forensic review and generate a document to share with the insurance provider. This document helps you to understand cybersecurity gaps that need to be corrected and suggests steps that should be taken to counter future ransomware attacks.
- Isolating affected endpoints and data stores to prevent further progress of the attack
- Creating digital copies of each compromised device and data store to allow forensics in parallel with restoration
- Installing anti-virus agents to all virus-free endpoints
- Salvaging data from air-gapped restores or uncompromised endpoints
- Creating a clean recovery environment
- Remapping and connecting drives to match exactly their pre-encryption state
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly try to steal (or "exfiltrate") files. Hackers can then require an additional settlement in exchange for not publishing this information on the dark web. Unfortunately, there is no way to prove that stolen files have been completely deleted by the hacker. In fact, in many instances the TA has little control over data custody. Paying an exfiltration ransom does not eliminate the need for seeking the advice of privacy lawyers, performing an inventory of data were taken, and performing the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises network services throughout the U.S. for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes consultants who have earned high-level certifications in core technologies including Cisco networking, VMware, and major distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial and ERP application software. This broad array of skills allows Progent to identify and integrate the surviving parts of your information system after a ransomware assault and reconstruct them rapidly into a viable system. Progent has collaborated with top insurance providers like Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Baltimore
To contact with Progent about crypto-ransomware settlement guidance in Baltimore, phone Progent at 800-462-8800 or go to Contact Progent.