Progent's Ransomware Settlement Negotiation Services in Brisbane
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated activity that calls for a combination of real-word experience, technical knowledge and business savvy. It also demands close co-operation with the victim's IT staff and the insurance provider, if there is one. Because the top goal of the ransomware victim is fast recovery, it is critical to establish recovery teams that work effectively, in parallel, and with intimate collaboration. Progent has the scope of technical knowledge and the deep bench of personnel to complement your IT staff and restore your network quickly and economically.
Services offered by Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker
- Assessing the recovery risk
- Verifying the threat actor's decryption tool
- Agreeing on a settlement with the victim and the insurance carrier
- Establishing a settlement and schedule with the TA
- Checking compliance with anti-money laundering sanctions
- Managing the crypto-currency payment to the TA
- Receiving, learning, and using the TA's decryption utility
- If necessary, contacting the threat actor for technical help with the decryption utility
Once the decryption tool has been mastered, Progent can help you to recover computers and services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and create a report to deliver to the cyber insurance carrier. This document identifies security gaps that need to be fixed and suggests actions to be performed to combat future ransomware attacks.
- Isolating infected endpoints and data stores to arrest the spread of the assault
- Making digital copies of every infected server and endpoint and data store to allow forensics without interfering with recovery
- Adding anti-virus protection to all clean endpoints
- Salvaging files from air-gapped restores or unscathed machines
- Creating a pristine recovery environment
- Mapping and reconnecting drives to match exactly their pre-encryption condition
Beyond extorting money for a decryption tool, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") information. TAs are then able to demand a separate payment for not divulging this data on the dark web. Unfortunately, there is no way to be certain that stolen files have been completely erased by the threat actor. Actually, in numerous instances the threat actor has little say about where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of getting the advice of privacy attorneys, conducting an investigation into which data were stolen, and performing the necessary alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes consultants who have earned high-level certifications in core technologies including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's data security experts have earned industry-recognized certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning application software. This broad array of expertise allows Progent to identify and consolidate the undamaged pieces of your network after a ransomware assault and rebuild them rapidly into a functioning system. Progent has collaborated with leading cyber insurance providers like Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Services in Brisbane
To get in touch with Progent about ransomware settlement negotiation expertise in Brisbane, phone Progent at 800-462-8800 or go to Contact Progent.