Progent's Ransomware Settlement Negotiation Consulting in Chesapeake
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that requires a mix of real-word experience, technical knowledge and business acumen. It also demands working closely with the ransomware victim's IT staff and the insurance provider, if any. Because the number one priority of the ransomware victim is operational continuity, it is critical to establish response teams that work efficiently, in parallel, and in close communication. Progent offers the scope of technical knowledge and the depth of personnel to supplement your network staff and recover your network rapidly and economically.
Support provided by Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Verifying the hacker's decryption capabilities
- Determining a settlement amount with the ransomware victim and the cyber insurance provider
- Negotiating a settlement amount and schedule with the hacker
- Confirming compliance with anti-money laundering regulations
- Carrying out the crypto-currency payment to the hacker
- Receiving, reviewing, and operating the hacker's decryptor mechanism
- If needed, contacting the TA for technical help with the decryption utility
Once the decryption tool has been learned, Progent can assist you to recover computers and services to their pre-arrack condition. Progent can also help you to perform a forensics investigation and generate a report to share with the cyber insurance provider. This report identifies security gaps that need to be eliminated and recommends steps that can be taken to combat subsequent ransomware attacks.
- Quarantining infected endpoints to prevent further progress of the attack
- Creating replicas of each infected device and data store to allow forensics in parallel with cleanup
- Installing A/V agents to all virus-free endpoints
- Recovering data from offline restores or uncompromised endpoints
- Creating a pristine recovery environment
- Mapping and reconnecting datastores to reflect precisely their pre-encryption state
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption tool, current variants of ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often try to steal (or "exfiltrate") files. TAs can then require a separate settlement for not publishing this data or selling it. Unfortunately, there exists no way to prove that exfiltrated files have been totally erased by the hacker. Actually, in numerous instances the threat actor has little control about where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of getting the advice of privacy attorneys, conducting an audit on which data were taken, and performing the mandated alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services across the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have been awarded advanced certifications in foundation technologies such as Cisco networking, VMware, and major distributions of Linux. Progent's cybersecurity experts have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial management and Enterprise Resource Planning applications. This broad array of expertise gives Progent the ability to identify and integrate the undamaged pieces of your IT environment following a ransomware assault and rebuild them rapidly into a viable network. Progent has worked with top insurance carriers like Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Guidance in Chesapeake
To contact with Progent about crypto-ransomware settlement services in Chesapeake, phone Progent at 800-462-8800 or go to Contact Progent.