Progent's Ransomware Settlement Negotiation Consulting in Webster
Progent has experience negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complex exercise that calls for a combination of field experience, technical skills and business acumen. It also demands close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if any. Since the number one priority of the ransomware victim is fast recovery, it is vital to establish recovery groups that work efficiently, concurrently, and in close communication. Progent has the breadth of technical knowledge and the depth of experts to supplement your IT support team and recover your network environment rapidly and affordably.
Services provided by Progent's ransomware settlement negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the assault
- making contact with the hacker persona
- Evaluating the likelihood of recovery
- Testing the threat actor's decryption tool
- Agreeing on a settlement amount with the victim and the insurance provider
- Negotiating a settlement and timeline with the threat actor
- Confirming compliance with anti-money laundering (AML) laws
- Carrying out the crypto-currency transfer to the hacker
- Acquiring, reviewing, and operating the TA's decryption tool
- If needed, contacting the threat actor for assistance with the decryption tool
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to perform a forensics investigation and generate a document to deliver to the insurance carrier. This document identifies security gaps that must be corrected and recommends steps that should be performed to combat future ransomware assaults.
- Quarantining infected endpoints and data stores to arrest the progress of the assault
- Creating digital copies of every compromised server and endpoint and data store to allow forensics in parallel with restoration
- Adding A/V protection to all virus-free endpoints
- Recovering files from offline backups or uncompromised endpoints
- Building a pristine environment
- Remapping and connecting drives to match precisely their pre-encryption condition
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern strains of crypto-ransomware such as Ryuk, Maze, Netwalker, and Nephilim commonly try to exfiltrate information. TAs are then able to require a separate settlement for not publishing this data or selling it. Unfortunately, there is no method to guarantee that stolen data have been completely deleted by the threat actor. In fact, in many cases the threat actor has little control over where the information ends up. Settling an exfiltration ransom does not free you from the need for engaging the advice of legal counsel, performing an investigation into which files were compromised, and performing the mandated notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises IT services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware, and major distributions of Linux. Progent's data security consultants have earned internationally recognized certifications such as CISA, CISSP, and GIAC. (Refer to Progent's certifications). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This breadth of skills gives Progent the ability to identify and consolidate the surviving pieces of your network after a ransomware intrusion and reconstruct them rapidly into a functioning system. Progent has worked with leading insurance carriers including Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Services in Webster
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Webster, call Progent at 800-462-8800 or go to Contact Progent.