Overview of Progent's Ransomware Settlement Negotiation Consulting in Brisbane
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complex activity that requires a combination of field experience, IT knowledge and business savvy. It also demands close co-operation with the cyber-extortion target's IT staff and the cyber insurance provider, if any. Since the top priority of the ransomware target is operational continuity, it is vital to establish response teams that operate efficiently, concurrently, and with intimate collaboration. Progent offers the breadth of technical skills and the depth of personnel to complement your network staff and restore your network quickly and affordably.
Services offered by Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the type of ransomware involved in the assault
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Testing the threat actor's decryption capabilities
- Agreeing on a settlement amount with the victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the hacker
- Confirming adherence to anti-money laundering (AML) laws
- Managing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and using the hacker's decryptor mechanism
- If needed, contacting the TA for technical help with the decryption utility
Once the decryption tool has been learned, Progent can help you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to conduct a forensics investigation and create a document to deliver to the cyber insurance provider. This document identifies cybersecurity vulnerabilities that must be corrected and suggests steps that can be performed to counter future ransomware attacks.
- Quarantining infected endpoints to prevent further progress of the attack
- Creating replicas of each compromised server and endpoint and data store in order to perform forensics in parallel with restoration
- Adding anti-virus protection to all clean endpoints
- Salvaging data from air-gapped restores or uncompromised endpoints
- Creating a clean environment
- Remapping and reconnecting drives to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, current strains of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers can then require an extra ransom in exchange for not publishing this data or selling it. Unfortunately, there exists no method to prove that exfiltrated files have been completely erased by the threat actor. In fact, in many cases the threat actor has little control over the disposition of the data. Paying an exfiltration ransom does not eliminate the need for engaging the guidance of privacy lawyers, conducting an investigation into which files were stolen, and sending the required alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises IT services throughout the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes consultants who have been awarded high-level certifications in foundation technologies such as Cisco networking, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial and ERP software. This broad array of skills allows Progent to identify and integrate the surviving parts of your network following a ransomware intrusion and rebuild them rapidly into an operational system. Progent has collaborated with top cyber insurance carriers like Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Brisbane
To contact with Progent about crypto-ransomware settlement services in Brisbane, phone Progent at 800-462-8800 or go to Contact Progent.