Overview of Progent's Ransomware Settlement Negotiation Services in Beverly Hills
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex exercise that calls for a mix of field experience, IT knowledge and business savvy. It also demands working closely with the victim's IT staff and the insurance provider, if any. Since the number one goal of the ransomware victim is fast recovery, it is critical to establish response teams that operate efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of experts to supplement your IT staff and restore your network quickly and affordably.
Services offered by Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware used in the attack
- making contact with the hacker
- Evaluating the likelihood of recovery
- Validating the hacker's decryption tool
- Determining a settlement with the ransomware victim and the insurance carrier
- Establishing a settlement and schedule with the threat actor
- Checking accordance with anti-money laundering laws
- Managing the crypto-currency payment to the TA
- Acquiring, learning, and operating the hacker's decryptor mechanism
- If needed, contacting the threat actor for technical help with the decryption tool
After the decryption utility has been learned, Progent can help you to restore computers and services to their pre-arrack condition. Progent can also help you to perform a forensics investigation and generate a report to share with the cyber insurance provider. This document helps you to understand security vulnerabilities that need to be fixed and suggests actions that should be taken to combat subsequent ransomware attacks.
- Isolating affected endpoints and data stores to prevent further progress of the attack
- Making replicas of each compromised server and endpoint and data store to allow forensics in parallel with cleanup
- Adding A/V protection to all virus-free endpoints
- Restoring data from air-gapped restores or uncompromised endpoints
- Building a clean recovery environment
- Remapping and reconnecting datastores to match exactly their pre-attack condition
In addition to demanding money for a decryption utility, current variants of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to exfiltrate information. Hackers are then able to demand an extra settlement for not divulging this information or selling it. Sadly, there exists no way to be certain that exfiltrated data have been totally deleted by the hacker. Actually, in many instances the TA has little say about the disposition of the data. Settling an exfiltration ransom does not free you from the need for getting the guidance of privacy attorneys, conducting an investigation into which data were stolen, and sending the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes professionals who have earned advanced certifications in core technologies including Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned prestigious certifications such as CISM, CISSP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial management and ERP software. This breadth of expertise gives Progent the ability to salvage and consolidate the surviving pieces of your information system following a ransomware intrusion and rebuild them quickly into a viable system. Progent has collaborated with leading cyber insurance providers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Expertise in Beverly Hills
To get in touch with Progent about ransomware settlement expertise in Beverly Hills, call Progent at 800-462-8800 or go to Contact Progent.