Overview of Progent's Ransomware Settlement Negotiation Consulting in Bellevue
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated exercise that requires a combination of real-word experience, technical knowledge and business savvy. It also demands working closely with the ransomware victim's IT team and the insurance carrier, if there is one. Since the top priority of the ransomware victim is operational continuity, it is critical to deploy recovery groups that work efficiently, in parallel, and in close communication. Progent has the scope of technical knowledge and the deep bench of personnel to complement your IT staff and recover your network environment rapidly and economically.
Services offered by Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the attack
- making contact with the hacker
- Assessing the recovery risk
- Verifying the TA's decryption capabilities
- Budgeting a settlement range with the victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the hacker
- Checking compliance with anti-money laundering sanctions
- Managing the crypto-currency transfer to the hacker
- Acquiring, reviewing, and using the threat actor's decryptor mechanism
- If needed, contacting the TA for assistance with the decryptor tool
After the decryption tool has been learned, Progent can assist you to restore machines and services to their pre-arrack state. Progent can also help you to conduct comprehensive forensics and create a report to share with the insurance provider. This report helps you to understand cybersecurity vulnerabilities that must be corrected and suggests actions that can be performed to combat subsequent ransomware attacks.
- Quarantining affected endpoints to arrest the spread of the attack
- Creating replicas of each infected server and endpoint and data store in order to perform forensics without interfering with restoration
- Installing A/V protection to all virus-free endpoints
- Recovering data from offline backups or uncompromised endpoints
- Creating a clean environment
- Remapping and reconnecting drives to match precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond demanding money for a decryption utility, modern variants of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often attempt to exfiltrate information. Hackers are then able to require an additional payment for not publishing this data or selling it. Unfortunately, there is no method to guarantee that stolen files have been totally deleted by the hacker. In fact, in many instances the hacker has limited control over data custody. Settling an exfiltration ransom does not eliminate the necessity of getting the guidance of privacy attorneys, performing an audit on which data were taken, and carrying out the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services across the U.S. for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have earned advanced certifications in foundation technologies such as Cisco networking, VMware, and major Linux distros. Progent's data security consultants have earned prestigious certifications such as CISA, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This scope of expertise gives Progent the ability to salvage and integrate the undamaged parts of your information system following a ransomware intrusion and reconstruct them quickly into a functioning system. Progent has worked with leading insurance carriers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Services in Bellevue
To get in touch with Progent about ransomware settlement guidance in Bellevue, phone Progent at 800-462-8800 or go to Contact Progent.