Progent's Ransomware Settlement Negotiation Services in Birmingham
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complex activity that requires a combination of real-word experience, technical skills and business acumen. It also requires working closely with the cyber-extortion target's IT team and the insurance provider, if there is one. Since the top priority of the ransomware target is operational continuity, it is vital to establish response teams that work effectively, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of experts to supplement your IT staff and recover your network environment quickly and affordably.
Services available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware used in the attack
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Verifying the hacker's decryption capabilities
- Budgeting a settlement amount with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the hacker
- Checking adherence to anti-money laundering (AML) laws
- Managing the crypto-currency transfer to the hacker
- Acquiring, reviewing, and operating the threat actor's decryption utility
- If necessary, contacting the hacker for assistance with the decryptor utility
After the decryption utility has been learned, Progent can assist you to restore machines and software services to their pre-arrack state. Progent can also assist you to conduct a full forensic review and create a document to share with the insurance carrier. This report helps you to understand cybersecurity gaps that need to be fixed and suggests steps to be performed to counter subsequent ransomware attacks.
- Quarantining affected endpoints to prevent further spread of the attack
- Creating digital copies of every infected server and endpoint and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all clean endpoints
- Restoring data from offline restores or uncompromised machines
- Building a pristine recovery environment
- Mapping and reconnecting drives to reflect exactly their pre-encryption state
In addition to extorting payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Egregor commonly try to exfiltrate information. Hackers can then require an extra settlement in exchange for not publishing this data or selling it. Sadly, there is no method to guarantee that exfiltrated data have been totally erased by the hacker. Actually, in numerous cases the hacker has little say about data custody. Paying an exfiltration ransom does not free you from the need for seeking the guidance of privacy attorneys, conducting an investigation into which data were compromised, and sending the necessary alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite IT services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes consultants who have earned high-level certifications in core technologies including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's data security consultants have earned prestigious certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning software. This scope of expertise allows Progent to salvage and integrate the undamaged pieces of your information system following a ransomware attack and reconstruct them rapidly into a functioning system. Progent has collaborated with leading cyber insurance providers including Chubb to assist organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Birmingham
To contact with Progent about crypto-ransomware settlement services in Birmingham, phone Progent at 800-462-8800 or go to Contact Progent.