Progent's Ransomware Settlement Negotiation Consulting in Skokie
Progent has experience negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex activity that calls for a combination of real-word experience, IT skills and business acumen. It also demands close co-operation with the victim's IT staff and the cyber insurance carrier, if there is one. Because the number one goal of the ransomware victim is operational continuity, it is critical to establish recovery groups that work efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT skills and the deep bench of experts to complement your IT staff and restore your network rapidly and affordably.
Support provided by Progent's ransomware negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Deciding on an acceptable settlement with the victim and the insurance provider
- Establishing a settlement amount and schedule with the TA
- Verifying adherence to anti-money laundering (AML) laws
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryption mechanism
- If needed, contacting the hacker for assistance with the decryptor utility
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and services to their pre-arrack state. Progent can also help you to conduct a full forensic review and create a document to deliver to the insurance provider. This document identifies cybersecurity gaps that need to be fixed and suggests actions to be performed to combat future ransomware assaults.
- Isolating infected endpoints to prevent further spread of the attack
- Creating replicas of each breached device and data store in order to perform forensics without interfering with restoration
- Adding anti-virus protection to all virus-free endpoints
- Restoring data from air-gapped backups or unscathed machines
- Building a clean environment
- Remapping and connecting datastores to reflect exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor commonly try to steal (or "exfiltrate") information. TAs can then require a separate settlement for not publishing this data on the dark web. Unfortunately, there exists no method to prove that stolen data have been totally erased by the threat actor. In fact, in numerous instances the threat actor has little control about where the information ends up. Paying an exfiltration ransom does not eliminate the need for getting the advice of privacy lawyers, performing an investigation into which files were stolen, and carrying out the necessary alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite IT services throughout the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have earned high-level certifications in foundation technology platforms including Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISA, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning software. This breadth of expertise allows Progent to salvage and integrate the surviving pieces of your network after a ransomware attack and rebuild them quickly into an operational system. Progent has collaborated with top cyber insurance carriers like Chubb to assist organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Skokie
To get in touch with Progent about crypto-ransomware settlement expertise in Skokie, phone Progent at 800-462-8800 or go to Contact Progent.