Progent's Ransomware Settlement Negotiation Services in Cheyenne
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that requires a mix of field experience, IT skills and business savvy. It also demands working closely with the ransomware victim's IT team and the insurance provider, if any. Because the top priority of the ransomware target is fast recovery, it is vital to establish response teams that work efficiently, in parallel, and in close communication. Progent offers the breadth of technical skills and the deep bench of personnel to supplement your network staff and recover your network environment quickly and economically.
Support provided by Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware involved in the assault
- making contact with the hacker persona
- Evaluating the recovery risk
- Testing the hacker's decryption capabilities
- Agreeing on a settlement payment with the victim and the insurance carrier
- Establishing a settlement and schedule with the threat actor
- Checking adherence to anti-money laundering (AML) regulations
- Managing the crypto-currency payment to the hacker
- Acquiring, learning, and using the hacker's decryptor utility
- If necessary, contacting the hacker for assistance with the decryptor tool
Once the decryption tool has been mastered, Progent can assist you to restore physical and virtual devices and software services to their original state. Progent can also help you to perform a complete forensics analysis and create a document to deliver to the cyber insurance carrier. This report identifies security vulnerabilities that must be fixed and recommends steps to be performed to counter future ransomware attacks.
- Isolating infected endpoints and data stores to arrest the progress of the assault
- Making digital copies of every infected server and endpoint and data store in order to perform forensics in parallel with cleanup
- Installing A/V protection to all clean endpoints
- Salvaging files from air-gapped backups or unscathed machines
- Creating a clean environment
- Mapping and reconnecting drives to match exactly their pre-attack state
Settling Exfiltration Ransoms
In addition to extorting money for a decryption utility, modern strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim commonly attempt to exfiltrate information. Hackers are then able to demand a separate settlement for not publishing this data or selling it. Unfortunately, there exists no method to be certain that exfiltrated files have been completely erased by the TA. Actually, in numerous cases the hacker has limited control over the disposition of the data. Paying an exfiltration ransom does not free you from the need for engaging the advice of privacy attorneys, conducting an audit on which data were stolen, and sending the mandated notifications to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have been awarded advanced certifications in core technology platforms such as Cisco infrastructure, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and ERP application software. This breadth of expertise gives Progent the ability to salvage and integrate the undamaged pieces of your information system following a ransomware assault and reconstruct them quickly into an operational network. Progent has worked with top insurance providers including Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Guidance in Cheyenne
To contact with Progent about ransomware settlement negotiation guidance in Cheyenne, call Progent at 800-462-8800 or go to Contact Progent.