Overview of Progent's Ransomware Negotiation Consulting in Webster
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex activity that requires a combination of field experience, IT knowledge and business savvy. It also demands working closely with the victim's IT staff and the cyber insurance provider, if any. Because the number one goal of the ransomware target is operational continuity, it is vital to establish response groups that operate efficiently, concurrently, and in close communication. Progent has the breadth of technical skills and the depth of personnel to complement your network support team and recover your network quickly and economically.
Services provided by Progent's ransomware negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Deciding on an acceptable settlement with the ransomware victim and the cyber insurance provider
- Establishing a settlement and schedule with the TA
- Checking adherence to anti-money laundering regulations
- Managing the crypto-currency payment to the hacker
- Receiving, learning, and using the TA's decryption utility
- If necessary, contacting the hacker for technical assistance with the decryptor tool
After the decryption utility has been mastered, Progent can help you to recover machines and software services to their pre-arrack condition. Progent can also help you to conduct a complete forensics analysis and create a report to share with the cyber insurance provider. This report helps you to understand security gaps that must be eliminated and suggests actions that should be taken to counter subsequent ransomware attacks.
- Quarantining infected endpoints to arrest the spread of the assault
- Making replicas of each compromised server and endpoint and data store to allow forensics in parallel with restoration
- Adding anti-virus protection to all virus-free endpoints
- Recovering data from offline restores or unscathed endpoints
- Building a pristine recovery environment
- Mapping and reconnecting datastores to match precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond demanding money for a decryption utility, modern strains of ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to exfiltrate information. Hackers are then able to require a separate payment for not posting this information on the dark web. Unfortunately, there exists no method to guarantee that stolen data have been completely erased by the hacker. Actually, in numerous instances the hacker has limited say about who can access the stolen files. Settling an exfiltration ransom does not free you from the necessity of seeking the advice of privacy lawyers, performing an inventory of files were stolen, and sending the required alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite IT services throughout the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have earned high-level certifications in foundation technologies such as Cisco networking, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned prestigious certifications such as CISA, CISSP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning software. This breadth of skills gives Progent the ability to identify and integrate the surviving pieces of your information system following a ransomware attack and rebuild them quickly into a viable network. Progent has collaborated with leading insurance providers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Guidance in Webster
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Webster, phone Progent at 800-462-8800 or go to Contact Progent.