Progent's Ransomware Negotiation Consulting in Chesapeake
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex exercise that calls for a mix of field experience, IT knowledge and business acumen. It also requires working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if there is one. Since the number one goal of the ransomware target is fast recovery, it is critical to establish recovery groups that work efficiently, concurrently, and with intimate collaboration. Progent has the scope of technical knowledge and the deep bench of personnel to complement your network staff and recover your network rapidly and economically.
Services offered by Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- making contact with the hacker
- Assessing the likelihood of recovery
- Validating the hacker's decryption capabilities
- Deciding on an acceptable settlement range with the ransomware victim and the insurance carrier
- Negotiating a settlement amount and timeline with the hacker
- Checking compliance with anti-money laundering sanctions
- Carrying out the crypto-currency disbursement to the TA
- Acquiring, reviewing, and operating the hacker's decryptor mechanism
- If needed, contacting the hacker for technical help with the decryptor tool
After the decryption tool has been learned, Progent can assist you to recover machines and services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and generate a document to deliver to the cyber insurance carrier. This document helps you to understand security vulnerabilities that must be fixed and recommends steps that should be taken to combat future ransomware assaults.
- Quarantining affected endpoints and data stores to arrest the spread of the attack
- Making replicas of every breached server and endpoint and data store to allow forensics without interfering with recovery
- Adding anti-virus agents to all clean endpoints
- Recovering files from air-gapped restores or unscathed machines
- Creating a pristine environment
- Remapping and connecting datastores to reflect precisely their pre-attack state
Beyond extorting money for a decryption utility, current strains of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to exfiltrate information. Hackers are then able to demand an additional settlement for not divulging this data on the dark web. Sadly, there exists no method to guarantee that stolen data have been totally erased by the TA. Actually, in many instances the hacker has limited say over who can access the stolen files. Paying an exfiltration ransom does not eliminate the need for seeking the guidance of privacy lawyers, conducting an investigation into which files were compromised, and performing the mandated alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite network services throughout the U.S. for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes consultants who have been awarded high-level certifications in core technologies including Cisco networking, VMware, and major Linux distros. Progent's data security experts have earned prestigious certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to salvage and consolidate the undamaged pieces of your IT environment following a ransomware assault and reconstruct them quickly into an operational network. Progent has collaborated with leading cyber insurance carriers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Services in Chesapeake
To contact with Progent about crypto-ransomware settlement guidance in Chesapeake, phone Progent at 800-462-8800 or go to Contact Progent.