Progent's Ransomware Negotiation Services in Madison
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complex exercise that calls for a mix of real-word experience, IT skills and business savvy. It also demands close co-operation with the victim's IT staff and the cyber insurance provider, if there is one. Because the top goal of the ransomware target is operational continuity, it is vital to deploy recovery teams that work efficiently, in parallel, and in close communication. Progent offers the breadth of IT skills and the depth of personnel to supplement your IT support team and restore your network rapidly and economically.
Support provided by Progent's ransomware negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware used in the attack
- making contact with the hacker persona
- Evaluating the likelihood of recovery
- Verifying the TA's decryption tool
- Budgeting a settlement range with the victim and the insurance provider
- Establishing a settlement and schedule with the TA
- Checking adherence to anti-money laundering (AML) laws
- Carrying out the crypto-currency transfer to the TA
- Acquiring, reviewing, and operating the TA's decryptor tool
- If needed, contacting the hacker for technical assistance with the decryptor tool
After the decryption utility has been mastered, Progent can help you to restore computers and software services to their original condition. Progent can also help you to conduct a complete forensics analysis and create a report to share with the cyber insurance provider. This report helps you to understand cybersecurity gaps that must be fixed and recommends steps that should be taken to counter subsequent ransomware assaults.
- Isolating infected endpoints to arrest the progress of the attack
- Creating digital copies of each breached server and endpoint and data store to allow forensics in parallel with restoration
- Installing anti-virus protection to all clean endpoints
- Recovering files from offline restores or unscathed machines
- Building a pristine recovery environment
- Mapping and reconnecting drives to match exactly their pre-encryption condition
Paying Exfiltration Ransoms
Beyond demanding money for a decryption tool, modern strains of ransomware like Ryuk, Maze, DopplePaymer, and Egregor often attempt to exfiltrate files. TAs can then demand an extra ransom for not publishing this information or selling it. Unfortunately, there exists no way to prove that exfiltrated files have been completely deleted by the threat actor. Actually, in many instances the threat actor has little say about data custody. Settling an exfiltration ransom does not free you from the necessity of getting the guidance of privacy attorneys, conducting an inventory of files were taken, and performing the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services throughout the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes consultants who have earned advanced certifications in core technologies including Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning software. This breadth of expertise gives Progent the ability to salvage and integrate the undamaged parts of your IT environment after a ransomware assault and rebuild them quickly into an operational system. Progent has collaborated with leading cyber insurance carriers including Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Madison
To get in touch with Progent about ransomware settlement expertise in Madison, call Progent at 800-462-8800 or go to Contact Progent.