Overview of Progent's Ransomware Negotiation Services in Chandler
Progent has experience negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that requires a combination of real-word experience, technical skills and business savvy. It also requires close co-operation with the victim's IT staff and the insurance carrier, if any. Because the number one priority of the ransomware target is operational continuity, it is vital to establish recovery groups that operate effectively, in parallel, and with intimate collaboration. Progent offers the breadth of technical skills and the depth of experts to complement your IT staff and restore your network quickly and economically.
Support provided by Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware involved in the assault
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Testing the hacker's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the cyber insurance carrier
- Establishing a settlement and timeline with the hacker
- Verifying adherence to anti-money laundering laws
- Managing the crypto-currency transfer to the TA
- Receiving, reviewing, and using the TA's decryption utility
- If necessary, contacting the TA for technical help with the decryption utility
After the decryption utility has been learned, Progent can assist you to recover physical and virtual devices and services to their pre-arrack state. Progent can also assist you to conduct comprehensive forensics and generate a report to share with the insurance provider. This report identifies cybersecurity vulnerabilities that need to be eliminated and suggests steps to be performed to combat future ransomware assaults.
- Isolating affected endpoints to arrest the progress of the assault
- Creating digital copies of every compromised device and data store in order to perform forensics in parallel with restoration
- Installing anti-virus protection to all virus-free endpoints
- Salvaging data from offline backups or uncompromised endpoints
- Creating a pristine environment
- Remapping and connecting datastores to match precisely their pre-encryption state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly attempt to exfiltrate files. Hackers can then demand a separate settlement in exchange for not divulging this data on the dark web. Sadly, there is no method to prove that stolen files have been totally deleted by the threat actor. In fact, in numerous cases the threat actor has little control about data custody. Paying an exfiltration ransom does not eliminate the need for seeking the advice of privacy attorneys, performing an investigation into which files were taken, and sending the necessary alerts to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services across the United States for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes professionals who have been awarded advanced certifications in foundation technologies including Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This broad array of expertise gives Progent the ability to salvage and consolidate the undamaged parts of your information system following a ransomware attack and rebuild them rapidly into a viable system. Progent has worked with leading cyber insurance providers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Chandler
To contact with Progent about ransomware settlement negotiation services in Chandler, phone Progent at 800-462-8800 or go to Contact Progent.