Overview of Progent's Ransomware Negotiation Services in Cambridge
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex exercise that requires a mix of real-word experience, technical skills and business acumen. It also requires working closely with the cyber-extortion target's IT team and the insurance carrier, if any. Because the number one goal of the ransomware victim is operational continuity, it is vital to deploy recovery groups that work efficiently, concurrently, and with intimate collaboration. Progent has the breadth of IT skills and the depth of personnel to complement your IT support team and recover your network environment quickly and economically.
Services offered by Progent's ransomware settlement team include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Validating the threat actor's decryption capabilities
- Budgeting a settlement payment with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the hacker
- Verifying compliance with anti-money laundering sanctions
- Managing the crypto-currency transfer to the hacker
- Receiving, reviewing, and operating the threat actor's decryption mechanism
- If needed, contacting the hacker for technical help with the decryptor utility
After the decryption tool has been learned, Progent can assist you to recover computers and services to their original state. Progent can also help you to conduct comprehensive forensics and generate a document to deliver to the cyber insurance provider. This report helps you to understand cybersecurity vulnerabilities that need to be eliminated and recommends actions that should be performed to counter future ransomware attacks.
- Isolating infected endpoints to arrest the spread of the attack
- Making digital copies of every breached device and data store to allow forensics in parallel with restoration
- Adding anti-virus protection to all clean endpoints
- Recovering data from air-gapped backups or uncompromised machines
- Creating a clean environment
- Remapping and connecting drives to match exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption utility, modern variants of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim commonly try to exfiltrate information. Hackers can then require a separate ransom for not divulging this information on the dark web. Sadly, there is no method to prove that exfiltrated data have been completely erased by the hacker. In fact, in many cases the threat actor has limited control about the disposition of the data. Settling an exfiltration ransom does not eliminate the need for getting the advice of privacy attorneys, performing an inventory of data were taken, and performing the necessary alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services across the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SBEs includes professionals who have earned high-level certifications in foundation technologies including Cisco infrastructure, VMware, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and ERP software. This broad array of expertise allows Progent to salvage and integrate the undamaged parts of your network following a ransomware intrusion and rebuild them rapidly into an operational system. Progent has worked with leading cyber insurance providers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Cambridge
To get in touch with Progent about ransomware settlement services in Cambridge, phone Progent at 800-462-8800 or go to Contact Progent.