Progent's Ransomware Settlement Negotiation Consulting in Birmingham
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated exercise that requires a mix of field experience, technical knowledge and business acumen. It also demands close co-operation with the victim's IT team and the insurance carrier, if any. Because the top goal of the ransomware victim is fast recovery, it is critical to deploy response groups that operate effectively, concurrently, and with intimate collaboration. Progent offers the breadth of IT knowledge and the deep bench of experts to supplement your IT staff and recover your network rapidly and affordably.
Services offered by Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware used in the attack
- making contact with the hacker
- Assessing the likelihood of recovery
- Validating the hacker's decryption capabilities
- Budgeting a settlement amount with the ransomware victim and the cyber insurance provider
- Establishing a settlement and timeline with the hacker
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the TA's decryption mechanism
- If necessary, contacting the hacker for technical help with the decryption tool
Once the decryption tool has been learned, Progent can assist you to recover physical and virtual devices and services to their original state. Progent can also help you to perform a forensics investigation and create a document to deliver to the cyber insurance carrier. This report helps you to understand security vulnerabilities that must be corrected and recommends actions that can be taken to combat subsequent ransomware attacks.
- Quarantining infected endpoints and data stores to prevent further progress of the assault
- Making replicas of each breached server and endpoint and data store to allow forensics in parallel with restoration
- Adding A/V agents to all clean endpoints
- Restoring data from air-gapped backups or unscathed endpoints
- Building a clean environment
- Remapping and reconnecting datastores to match precisely their pre-attack state
Beyond demanding payment for a decryption utility, modern variants of ransomware such as Ryuk, Maze, DopplePaymer, and Egregor often try to exfiltrate files. Hackers can then demand an additional ransom for not posting this data on the dark web. Sadly, there exists no method to guarantee that stolen files have been totally erased by the hacker. In fact, in many instances the TA has limited control about where the information ends up. Paying an exfiltration ransom does not eliminate the need for seeking the advice of legal counsel, performing an inventory of files were taken, and carrying out the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises network services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes consultants who have been awarded high-level certifications in foundation technology platforms including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's data security consultants have earned prestigious certifications including CISA, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This breadth of expertise allows Progent to salvage and integrate the undamaged pieces of your network following a ransomware assault and rebuild them quickly into a functioning system. Progent has collaborated with leading insurance carriers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Guidance in Birmingham
To get in touch with Progent about crypto-ransomware settlement negotiation services in Birmingham, phone Progent at 800-462-8800 or go to Contact Progent.