Progent's Ransomware Settlement Negotiation Services in Bellevue
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated exercise that calls for a combination of real-word experience, technical knowledge and business acumen. It also requires working closely with the cyber-extortion target's IT staff and the insurance provider, if there is one. Since the top goal of the ransomware target is operational continuity, it is critical to deploy recovery teams that work efficiently, in parallel, and with intimate collaboration. Progent offers the scope of IT skills and the deep bench of experts to supplement your network support team and recover your network quickly and economically.
Services provided by Progent's ransomware settlement team include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption capabilities
- Determining a settlement range with the ransomware victim and the insurance carrier
- Establishing a settlement and schedule with the TA
- Verifying compliance with anti-money laundering sanctions
- Managing the crypto-currency transfer to the hacker
- Receiving, reviewing, and using the threat actor's decryption tool
- If needed, contacting the TA for technical assistance with the decryptor tool
Once the decryption tool has been mastered, Progent can help you to recover machines and services to their pre-arrack condition. Progent can also assist you to conduct a complete forensics analysis and create a document to share with the cyber insurance carrier. This document helps you to understand security gaps that need to be corrected and recommends actions to be taken to counter future ransomware assaults.
- Quarantining affected endpoints and data stores to prevent further spread of the assault
- Creating digital copies of each infected device and data store in order to perform forensics in parallel with restoration
- Installing anti-virus protection to all virus-free endpoints
- Recovering data from offline restores or uncompromised endpoints
- Creating a clean recovery environment
- Remapping and reconnecting datastores to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current strains of ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") files. TAs can then demand an extra payment for not divulging this data or selling it. Sadly, there exists no way to prove that stolen files have been completely deleted by the hacker. Actually, in numerous cases the hacker has limited control about who can access the stolen files. Settling an exfiltration ransom does not free you from the necessity of seeking the guidance of privacy attorneys, conducting an investigation into which data were stolen, and performing the necessary notifications to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in core technologies including Cisco infrastructure, VMware, and major distributions of Linux. Progent's cybersecurity experts have earned industry-recognized certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and Enterprise Resource Planning software. This broad array of skills allows Progent to identify and consolidate the surviving parts of your IT environment following a ransomware intrusion and reconstruct them rapidly into an operational system. Progent has worked with top cyber insurance providers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Bellevue
To contact with Progent about crypto-ransomware settlement negotiation services in Bellevue, call Progent at 800-462-8800 or go to Contact Progent.