Overview of Progent's Ransomware Settlement Negotiation Services in Charleston
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex exercise that calls for a mix of real-word experience, IT knowledge and business acumen. It also requires working closely with the ransomware victim's IT team and the cyber insurance carrier, if there is one. Because the top goal of the ransomware victim is operational continuity, it is critical to deploy recovery groups that operate efficiently, in parallel, and in close communication. Progent offers the scope of technical skills and the deep bench of experts to supplement your IT staff and restore your network environment rapidly and affordably.
Support available from Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Verifying the threat actor's decryption capabilities
- Determining a settlement with the victim and the cyber insurance provider
- Establishing a settlement amount and schedule with the threat actor
- Verifying compliance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency transfer to the TA
- Acquiring, learning, and operating the hacker's decryption utility
- If necessary, contacting the TA for technical help with the decryptor tool
After the decryption tool has been mastered, Progent can assist you to restore computers and software services to their original condition. Progent can also help you to conduct comprehensive forensics and generate a document to deliver to the cyber insurance provider. This report identifies security vulnerabilities that need to be eliminated and suggests steps that can be performed to block subsequent ransomware attacks.
- Isolating infected endpoints and data stores to arrest the spread of the assault
- Creating digital copies of each compromised device and data store in order to perform forensics in parallel with recovery
- Installing anti-virus agents to all virus-free endpoints
- Salvaging data from offline restores or uncompromised machines
- Building a clean recovery environment
- Remapping and reconnecting drives to match precisely their pre-attack condition
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption tool, current variants of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") files. Hackers can then require an additional settlement for not divulging this data or selling it. Sadly, there is no way to be certain that exfiltrated data have been totally deleted by the TA. Actually, in numerous cases the hacker has little control over who can access the stolen files. Paying an exfiltration ransom does not free you from the necessity of engaging the advice of legal counsel, performing an inventory of data were taken, and carrying out the necessary notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite network services throughout the United States for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes professionals who have earned high-level certifications in core technology platforms including Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISM, CISSP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and ERP software. This breadth of expertise gives Progent the ability to salvage and integrate the surviving parts of your IT environment following a ransomware assault and reconstruct them quickly into an operational network. Progent has worked with top insurance carriers like Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Charleston
To get in touch with Progent about crypto-ransomware settlement expertise in Charleston, call Progent at 800-462-8800 or go to Contact Progent.