Overview of Progent's Ransomware Negotiation Consulting in Cheyenne
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated activity that calls for a mix of real-word experience, IT skills and business acumen. It also demands close co-operation with the cyber-extortion target's IT staff and the cyber insurance carrier, if there is one. Because the top priority of the ransomware target is operational continuity, it is critical to deploy recovery groups that work effectively, in parallel, and in close communication. Progent has the scope of IT skills and the depth of personnel to complement your IT staff and restore your network environment quickly and economically.
Services available from Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Agreeing on a settlement payment with the ransomware victim and the insurance provider
- Establishing a settlement and timeline with the threat actor
- Verifying accordance with anti-money laundering regulations
- Managing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and using the hacker's decryptor mechanism
- If necessary, contacting the TA for assistance with the decryptor tool
After the decryption utility has been mastered, Progent can help you to restore computers and software services to their original state. Progent can also help you to perform a full forensic review and create a report to share with the insurance provider. This report identifies security vulnerabilities that need to be corrected and recommends steps that should be performed to combat future ransomware assaults.
- Isolating affected endpoints and data stores to arrest the spread of the assault
- Creating replicas of every infected server and endpoint and data store in order to perform forensics in parallel with restoration
- Adding A/V protection to all virus-free endpoints
- Recovering files from air-gapped restores or unscathed endpoints
- Creating a clean recovery environment
- Remapping and connecting datastores to match exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption utility, current variants of ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim often try to steal (or "exfiltrate") files. Hackers can then require a separate payment for not publishing this data or selling it. Sadly, there is no way to be certain that stolen files have been completely deleted by the hacker. Actually, in many instances the hacker has little control about who can access the stolen files. Paying an exfiltration ransom does not free you from the necessity of engaging the guidance of legal counsel, conducting an investigation into which data were taken, and sending the required notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes consultants who have earned advanced certifications in foundation technologies including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's data security experts have earned industry-recognized certifications including CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning application software. This broad array of expertise allows Progent to salvage and consolidate the undamaged pieces of your IT environment following a ransomware intrusion and reconstruct them rapidly into a viable system. Progent has collaborated with top insurance carriers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Cheyenne
To contact with Progent about crypto-ransomware settlement negotiation services in Cheyenne, phone Progent at 800-462-8800 or go to Contact Progent.