Overview of Progent's Ransomware Negotiation Services in Skokie
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated activity that requires a combination of real-word experience, technical knowledge and business acumen. It also calls for close co-operation with the victim's IT team and the cyber insurance provider, if there is one. Because the top priority of the ransomware target is fast recovery, it is vital to deploy recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of technical skills and the depth of personnel to supplement your network support team and restore your network quickly and economically.
Services available from Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware involved in the attack
- making contact with the hacker
- Assessing the recovery risk
- Validating the hacker's decryption capabilities
- Agreeing on a settlement amount with the ransomware victim and the insurance provider
- Negotiating a settlement amount and schedule with the threat actor
- Checking adherence to anti-money laundering (AML) sanctions
- Carrying out the crypto-currency payment to the TA
- Acquiring, learning, and using the threat actor's decryptor mechanism
- If needed, contacting the hacker for technical help with the decryption utility
Once the decryption tool has been mastered, Progent can assist you to recover computers and services to their pre-arrack state. Progent can also help you to perform comprehensive forensics and generate a document to share with the insurance provider. This report identifies security vulnerabilities that need to be eliminated and recommends actions to be performed to block future ransomware assaults.
- Isolating infected endpoints and data stores to prevent further spread of the attack
- Creating digital copies of every infected server and endpoint and data store in order to perform forensics in parallel with cleanup
- Installing anti-virus protection to all virus-free endpoints
- Salvaging files from offline restores or unscathed endpoints
- Building a clean recovery environment
- Mapping and connecting datastores to match precisely their pre-attack state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern strains of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") information. TAs can then require an additional settlement for not divulging this data on the dark web. Unfortunately, there exists no method to prove that exfiltrated data have been completely erased by the hacker. Actually, in many cases the TA has little control about where the information ends up. Settling an exfiltration ransom does not free you from the need for getting the advice of privacy lawyers, conducting an investigation into which files were stolen, and sending the mandated alerts to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services across the U.S. for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes professionals who have earned advanced certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (See Progent's certifications). Progent also offers top-tier support in financial and Enterprise Resource Planning application software. This broad array of skills gives Progent the ability to identify and consolidate the undamaged parts of your IT environment following a ransomware attack and rebuild them quickly into a functioning system. Progent has worked with top insurance providers like Chubb to help organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Expertise in Skokie
To contact with Progent about ransomware settlement expertise in Skokie, call Progent at 800-462-8800 or go to Contact Progent.