Progent's Ransomware Settlement Negotiation Services in Bellevue
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated activity that calls for a mix of field experience, IT skills and business acumen. It also demands working closely with the ransomware victim's IT team and the insurance carrier, if any. Since the number one goal of the ransomware target is operational continuity, it is critical to deploy response teams that work efficiently, in parallel, and in close communication. Progent has the scope of technical knowledge and the depth of personnel to complement your IT staff and recover your network quickly and affordably.
Support provided by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the assault
- making contact with the hacker
- Assessing the likelihood of recovery
- Testing the TA's decryption capabilities
- Budgeting a settlement range with the victim and the insurance provider
- Establishing a settlement and schedule with the hacker
- Confirming adherence to anti-money laundering (AML) sanctions
- Managing the crypto-currency transfer to the hacker
- Receiving, reviewing, and using the TA's decryptor tool
- If needed, contacting the TA for technical assistance with the decryptor utility
Once the decryption tool has been mastered, Progent can assist you to restore machines and services to their original state. Progent can also help you to conduct comprehensive forensics and create a document to share with the insurance carrier. This document identifies security gaps that must be fixed and suggests actions that should be performed to counter subsequent ransomware attacks.
- Isolating affected endpoints and data stores to prevent further spread of the assault
- Creating digital copies of every infected device and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all clean endpoints
- Recovering files from offline restores or uncompromised endpoints
- Building a pristine recovery environment
- Mapping and connecting datastores to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current strains of ransomware such as Ryuk, Maze, Netwalker, and Egregor often attempt to steal (or "exfiltrate") files. Hackers are then able to require an additional ransom for not publishing this data or selling it. Sadly, there is no way to prove that exfiltrated data have been totally erased by the hacker. Actually, in many cases the hacker has little say about where the information ends up. Paying an exfiltration ransom does not free you from the necessity of seeking the advice of legal counsel, conducting an audit on which files were stolen, and carrying out the required alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services across the United States for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SMEs) includes consultants who have earned high-level certifications in core technology platforms such as Cisco infrastructure, VMware, and major Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This broad array of expertise allows Progent to identify and consolidate the undamaged parts of your IT environment after a ransomware intrusion and reconstruct them quickly into a functioning system. Progent has worked with leading insurance providers like Chubb to assist organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Bellevue
To contact with Progent about ransomware settlement guidance in Bellevue, call Progent at 800-462-8800 or go to Contact Progent.