Overview of Progent's Ransomware Negotiation Services in Napa
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that requires a mix of real-word experience, technical skills and business savvy. It also demands working closely with the victim's IT staff and the cyber insurance carrier, if any. Since the number one goal of the ransomware victim is operational continuity, it is critical to deploy recovery teams that work effectively, in parallel, and with intimate collaboration. Progent offers the scope of IT knowledge and the deep bench of experts to supplement your network support team and recover your network quickly and affordably.
Services available from Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the TA's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the insurance carrier
- Negotiating a settlement amount and schedule with the threat actor
- Verifying adherence to anti-money laundering sanctions
- Managing the crypto-currency payment to the TA
- Receiving, learning, and operating the threat actor's decryption tool
- If necessary, contacting the threat actor for technical help with the decryptor utility
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and services to their pre-arrack state. Progent can also help you to perform a full forensic review and create a document to deliver to the insurance provider. This document helps you to understand cybersecurity gaps that need to be fixed and suggests steps that can be taken to combat future ransomware attacks.
- Quarantining infected endpoints and data stores to arrest the spread of the attack
- Creating digital copies of every infected server and endpoint and data store to allow forensics in parallel with restoration
- Adding A/V agents to all virus-free endpoints
- Restoring files from air-gapped restores or uncompromised endpoints
- Creating a clean recovery environment
- Mapping and connecting datastores to match precisely their pre-attack condition
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern variants of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") files. TAs are then able to require an additional settlement for not publishing this data on the dark web. Unfortunately, there exists no way to be certain that stolen data have been totally erased by the TA. Actually, in many instances the threat actor has limited say over where the information ends up. Paying an exfiltration ransom does not eliminate the need for engaging the guidance of privacy lawyers, performing an inventory of files were compromised, and sending the mandated alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services throughout the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes consultants who have earned high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware, and popular distributions of Linux. Progent's data security experts have earned industry-recognized certifications such as CISM, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers top-tier support in financial and ERP application software. This broad array of skills allows Progent to salvage and consolidate the undamaged parts of your network after a ransomware attack and reconstruct them quickly into an operational system. Progent has collaborated with top cyber insurance providers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Napa
To contact with Progent about crypto-ransomware settlement negotiation services in Napa, call Progent at 800-462-8800 or go to Contact Progent.