Overview of Progent's Ransomware Settlement Negotiation Services in Calgary
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complicated exercise that calls for a combination of field experience, technical knowledge and business savvy. It also requires working closely with the ransomware victim's IT staff and the insurance provider, if there is one. Because the top priority of the ransomware target is operational continuity, it is critical to establish response groups that work effectively, concurrently, and in close communication. Progent has the breadth of technical knowledge and the depth of experts to supplement your network support team and recover your network environment quickly and economically.
Support available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the assault
- making contact with the hacker
- Evaluating the likelihood of recovery
- Verifying the TA's decryption capabilities
- Determining a settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and timeline with the TA
- Confirming accordance with anti-money laundering (AML) regulations
- Overseeing the crypto-currency disbursement to the TA
- Acquiring, learning, and using the threat actor's decryptor tool
- If needed, contacting the hacker for technical assistance with the decryptor tool
Once the decryption utility has been mastered, Progent can help you to restore machines and software services to their original condition. Progent can also help you to conduct a complete forensics analysis and generate a document to deliver to the insurance provider. This report helps you to understand security gaps that must be corrected and recommends steps that can be taken to combat subsequent ransomware assaults.
- Quarantining infected endpoints and data stores to prevent further spread of the assault
- Making digital copies of every breached device and data store in order to perform forensics without interfering with restoration
- Adding anti-virus protection to all clean endpoints
- Recovering data from air-gapped backups or unscathed endpoints
- Building a clean recovery environment
- Remapping and connecting datastores to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
Beyond extorting payment for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly try to exfiltrate files. Hackers can then require a separate payment for not divulging this data on the dark web. Sadly, there exists no method to guarantee that exfiltrated files have been totally erased by the TA. In fact, in numerous cases the TA has limited control over the disposition of the data. Paying an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy lawyers, conducting an inventory of data were compromised, and performing the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite IT services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes professionals who have earned advanced certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned prestigious certifications including CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has guidance in financial management and ERP application software. This broad array of skills allows Progent to identify and consolidate the surviving pieces of your network following a ransomware attack and rebuild them quickly into a functioning network. Progent has collaborated with top insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Calgary
To contact with Progent about crypto-ransomware settlement services in Calgary, call Progent at 800-993-9400 or go to Contact Progent.