Progent's Ransomware Negotiation Services in Bellevue
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex exercise that requires a mix of field experience, technical skills and business acumen. It also requires close co-operation with the victim's IT staff and the cyber insurance carrier, if any. Because the top priority of the ransomware target is fast recovery, it is critical to establish recovery groups that work effectively, concurrently, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of experts to complement your IT support team and recover your network environment rapidly and affordably.
Services offered by Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Testing the threat actor's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and schedule with the threat actor
- Verifying accordance with anti-money laundering laws
- Carrying out the crypto-currency disbursement to the hacker
- Acquiring, learning, and operating the TA's decryptor tool
- If necessary, contacting the hacker for technical assistance with the decryption tool
After the decryption tool has been mastered, Progent can help you to recover machines and software services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and generate a report to deliver to the insurance provider. This report identifies cybersecurity gaps that must be fixed and suggests steps that should be taken to block future ransomware assaults.
- Isolating affected endpoints to arrest the spread of the attack
- Creating digital copies of each breached device and data store to allow forensics in parallel with recovery
- Adding A/V protection to all clean endpoints
- Salvaging data from air-gapped backups or unscathed machines
- Building a clean environment
- Mapping and connecting drives to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly try to steal (or "exfiltrate") information. Hackers can then require a separate settlement in exchange for not divulging this data on the dark web. Unfortunately, there exists no way to prove that stolen data have been completely erased by the TA. Actually, in many cases the TA has little say over the disposition of the data. Paying an exfiltration ransom does not free you from the necessity of seeking the guidance of legal counsel, performing an investigation into which files were stolen, and sending the required alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services throughout the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have been awarded high-level certifications in core technologies such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications including CISM, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers top-tier support in financial management and ERP applications. This breadth of skills gives Progent the ability to identify and integrate the surviving pieces of your network following a ransomware intrusion and rebuild them rapidly into an operational system. Progent has worked with leading insurance providers like Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Guidance in Bellevue
To get in touch with Progent about ransomware settlement expertise in Bellevue, call Progent at 800-462-8800 or go to Contact Progent.