Progent's Ransomware Settlement Negotiation Services in Cincinnati
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that calls for a combination of field experience, technical knowledge and business savvy. It also calls for close co-operation with the ransomware victim's IT staff and the insurance carrier, if there is one. Because the top goal of the ransomware victim is operational continuity, it is critical to deploy response groups that operate efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT skills and the deep bench of experts to supplement your IT support team and restore your network environment quickly and economically.
Support available from Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware involved in the assault
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Testing the hacker's decryption capabilities
- Agreeing on a settlement range with the victim and the insurance provider
- Establishing a settlement and schedule with the TA
- Checking accordance with anti-money laundering sanctions
- Overseeing the crypto-currency disbursement to the hacker
- Receiving, learning, and using the threat actor's decryption utility
- If needed, contacting the hacker for technical assistance with the decryption tool
Once the decryption tool has been learned, Progent can assist you to recover machines and services to their original state. Progent can also help you to conduct a full forensic review and create a document to share with the insurance provider. This document helps you to understand security vulnerabilities that must be eliminated and recommends steps that can be taken to block subsequent ransomware assaults.
- Isolating affected endpoints and data stores to prevent further spread of the attack
- Making replicas of each infected device and data store in order to perform forensics without interfering with cleanup
- Installing anti-virus protection to all clean endpoints
- Recovering data from offline backups or unscathed endpoints
- Building a clean environment
- Mapping and reconnecting datastores to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly try to steal (or "exfiltrate") information. TAs are then able to demand an additional settlement for not divulging this information on the dark web. Unfortunately, there exists no way to prove that stolen files have been totally erased by the TA. Actually, in numerous instances the threat actor has little control over the disposition of the data. Settling an exfiltration ransom does not eliminate the need for getting the guidance of privacy lawyers, performing an investigation into which data were taken, and sending the necessary alerts to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered remote and on-premises network services across the United States for over 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes consultants who have been awarded advanced certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned prestigious certifications including CISA, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also has top-tier support in financial and ERP applications. This breadth of expertise gives Progent the ability to identify and consolidate the surviving pieces of your IT environment after a ransomware assault and rebuild them quickly into a viable system. Progent has collaborated with leading insurance providers including Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Cincinnati
To contact with Progent about ransomware settlement services in Cincinnati, call Progent at 800-462-8800 or go to Contact Progent.