Progent's Ransomware Settlement Negotiation Consulting in Cambridge
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complex exercise that requires a mix of real-word experience, technical skills and business acumen. It also calls for close co-operation with the victim's IT team and the insurance carrier, if there is one. Because the number one goal of the ransomware victim is fast recovery, it is critical to establish response teams that work effectively, in parallel, and in close communication. Progent offers the breadth of technical knowledge and the deep bench of personnel to supplement your network support team and recover your network environment quickly and economically.
Support available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware used in the attack
- making contact with the hacker
- Assessing the recovery risk
- Validating the hacker's decryption tool
- Deciding on an acceptable settlement payment with the victim and the cyber insurance carrier
- Establishing a settlement and timeline with the TA
- Checking adherence to anti-money laundering (AML) laws
- Overseeing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryption mechanism
- If needed, contacting the threat actor for assistance with the decryptor utility
After the decryption tool has been learned, Progent can assist you to restore machines and services to their original condition. Progent can also assist you to perform a forensics investigation and generate a report to share with the cyber insurance provider. This report identifies security vulnerabilities that need to be eliminated and suggests actions that should be taken to block future ransomware attacks.
- Isolating infected endpoints to arrest the spread of the assault
- Creating digital copies of each infected device and data store in order to perform forensics in parallel with cleanup
- Adding A/V protection to all virus-free endpoints
- Restoring files from offline restores or uncompromised machines
- Creating a clean environment
- Mapping and connecting drives to reflect precisely their pre-encryption condition
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption tool, current variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Nephilim often try to exfiltrate information. Hackers are then able to demand an additional ransom for not posting this information on the dark web. Unfortunately, there is no method to guarantee that stolen data have been completely erased by the threat actor. In fact, in numerous cases the hacker has limited say about the disposition of the data. Settling an exfiltration ransom does not eliminate the need for getting the guidance of legal counsel, conducting an inventory of data were compromised, and sending the mandated alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the United States for over 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes consultants who have been awarded advanced certifications in foundation technology platforms such as Cisco networking, VMware, and popular distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning application software. This scope of skills gives Progent the ability to salvage and consolidate the undamaged parts of your IT environment following a ransomware assault and reconstruct them quickly into a functioning system. Progent has worked with top insurance carriers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Cambridge
To get in touch with Progent about crypto-ransomware settlement negotiation guidance in Cambridge, call Progent at 800-462-8800 or go to Contact Progent.