Progent's Ransomware Settlement Negotiation Services in Baltimore
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that calls for a mix of field experience, IT skills and business acumen. It also requires working closely with the ransomware victim's IT staff and the cyber insurance carrier, if there is one. Because the number one goal of the ransomware target is operational continuity, it is vital to deploy response groups that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of IT knowledge and the deep bench of personnel to complement your IT support team and recover your network environment rapidly and economically.
Services available from Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- identifying and contacting the hacker persona
- Evaluating the recovery risk
- Validating the hacker's decryption capabilities
- Budgeting a settlement payment with the victim and the insurance provider
- Negotiating a settlement amount and timeline with the hacker
- Verifying adherence to anti-money laundering regulations
- Carrying out the crypto-currency transfer to the hacker
- Acquiring, reviewing, and using the threat actor's decryption tool
- If needed, contacting the hacker for assistance with the decryptor utility
After the decryption tool has been mastered, Progent can help you to restore machines and services to their original condition. Progent can also help you to perform a complete forensics analysis and generate a document to share with the insurance provider. This report identifies cybersecurity gaps that need to be corrected and recommends actions that can be performed to counter future ransomware attacks.
- Isolating affected endpoints and data stores to arrest the progress of the assault
- Creating replicas of every infected server and endpoint and data store in order to perform forensics in parallel with recovery
- Adding anti-virus agents to all clean endpoints
- Salvaging data from air-gapped backups or unscathed machines
- Building a pristine recovery environment
- Remapping and reconnecting drives to reflect exactly their pre-attack condition
Paying Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often attempt to steal (or "exfiltrate") files. Hackers can then demand an additional settlement in exchange for not posting this information or selling it. Unfortunately, there exists no way to prove that stolen data have been completely erased by the threat actor. Actually, in many cases the TA has limited control over the disposition of the data. Settling an exfiltration ransom does not eliminate the need for seeking the guidance of privacy lawyers, performing an inventory of files were compromised, and sending the necessary notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services across the United States for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes professionals who have been awarded high-level certifications in foundation technologies such as Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also offers guidance in financial and ERP applications. This scope of expertise allows Progent to salvage and integrate the undamaged parts of your information system after a ransomware intrusion and rebuild them rapidly into a viable network. Progent has worked with leading cyber insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Expertise in Baltimore
To get in touch with Progent about crypto-ransomware settlement guidance in Baltimore, phone Progent at 800-462-8800 or go to Contact Progent.