Progent's Ransomware Negotiation Services in Cheyenne
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that calls for a combination of real-word experience, IT skills and business savvy. It also requires working closely with the ransomware victim's IT team and the cyber insurance carrier, if there is one. Since the top goal of the ransomware victim is fast recovery, it is critical to establish recovery teams that operate effectively, concurrently, and in close communication. Progent has the breadth of technical knowledge and the deep bench of experts to complement your network support team and restore your network environment quickly and economically.
Support offered by Progent's ransomware negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware involved in the assault
- Identifying and communicating with the hacker persona
- Evaluating the recovery risk
- Verifying the TA's decryption capabilities
- Deciding on an acceptable settlement amount with the victim and the cyber insurance provider
- Negotiating a settlement and timeline with the hacker
- Checking accordance with anti-money laundering (AML) regulations
- Overseeing the crypto-currency transfer to the TA
- Receiving, learning, and operating the TA's decryption tool
- If necessary, contacting the hacker for assistance with the decryption tool
Once the decryption utility has been mastered, Progent can assist you to restore physical and virtual devices and software services to their original state. Progent can also assist you to perform a forensics investigation and create a document to share with the insurance carrier. This report helps you to understand security vulnerabilities that must be eliminated and suggests steps to be performed to combat future ransomware assaults.
- Isolating affected endpoints to prevent further progress of the attack
- Creating digital copies of every compromised device and data store to allow forensics without interfering with restoration
- Installing A/V protection to all clean endpoints
- Recovering data from air-gapped restores or unscathed endpoints
- Building a clean environment
- Mapping and reconnecting datastores to reflect precisely their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding money for a decryption utility, modern variants of ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim often try to exfiltrate information. TAs are then able to demand an extra ransom for not divulging this information on the dark web. Unfortunately, there is no way to be certain that stolen data have been totally erased by the hacker. Actually, in many instances the TA has limited control about where the information ends up. Settling an exfiltration ransom does not free you from the need for engaging the guidance of privacy lawyers, performing an inventory of files were stolen, and carrying out the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite IT services across the U.S. for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes consultants who have earned high-level certifications in core technology platforms including Cisco networking, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned prestigious certifications including CISM, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial and Enterprise Resource Planning applications. This breadth of skills gives Progent the ability to identify and consolidate the surviving pieces of your IT environment following a ransomware assault and reconstruct them quickly into a functioning system. Progent has worked with top cyber insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Guidance in Cheyenne
To contact with Progent about crypto-ransomware settlement negotiation guidance in Cheyenne, phone Progent at 800-462-8800 or go to Contact Progent.