Overview of Progent's Ransomware Negotiation Services in Bristol
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complex exercise that requires a combination of real-word experience, IT skills and business acumen. It also demands working closely with the ransomware victim's IT staff and the cyber insurance carrier, if there is one. Because the number one goal of the ransomware target is operational continuity, it is critical to deploy response teams that work effectively, concurrently, and in close communication. Progent has the breadth of IT knowledge and the depth of personnel to complement your IT support team and recover your network environment rapidly and affordably.
Support provided by Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the threat actor's decryption capabilities
- Deciding on an acceptable settlement with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the hacker
- Checking adherence to anti-money laundering laws
- Managing the crypto-currency transfer to the hacker
- Receiving, learning, and using the TA's decryption utility
- If needed, contacting the threat actor for assistance with the decryption utility
After the decryption tool has been learned, Progent can help you to restore computers and software services to their original condition. Progent can also help you to perform a forensics investigation and create a document to share with the insurance carrier. This report identifies cybersecurity vulnerabilities that need to be fixed and suggests steps that can be performed to combat future ransomware assaults.
- Quarantining infected endpoints to prevent further progress of the attack
- Creating replicas of each breached device and data store to allow forensics in parallel with recovery
- Installing anti-virus protection to all clean endpoints
- Salvaging files from offline restores or unscathed machines
- Building a clean environment
- Remapping and connecting datastores to match exactly their pre-encryption state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim commonly attempt to steal (or "exfiltrate") files. Hackers are then able to demand an additional ransom for not publishing this information on the dark web. Sadly, there is no way to be certain that exfiltrated data have been completely erased by the hacker. Actually, in many cases the hacker has little control about where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy attorneys, conducting an investigation into which files were stolen, and sending the necessary notifications to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have earned high-level certifications in core technologies such as Cisco infrastructure, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP, and GIAC. (See Progent's certifications). Progent also offers guidance in financial management and ERP application software. This broad array of expertise gives Progent the ability to salvage and consolidate the surviving parts of your information system after a ransomware attack and reconstruct them quickly into an operational network. Progent has worked with leading cyber insurance providers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Bristol
To contact with Progent about ransomware settlement negotiation services in Bristol, phone Progent at 800-462-8800 or go to Contact Progent.