Overview of Progent's Ransomware Negotiation Services in Calgary
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that requires a combination of field experience, IT skills and business acumen. It also calls for close co-operation with the cyber-extortion target's IT staff and the insurance carrier, if any. Since the number one priority of the ransomware victim is fast recovery, it is critical to deploy recovery groups that work effectively, concurrently, and with intimate collaboration. Progent has the scope of technical skills and the deep bench of experts to complement your network support team and recover your network environment quickly and economically.
Support available from Progent's ransomware negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware involved in the assault
- identifying and contacting the hacker
- Evaluating the recovery risk
- Testing the threat actor's decryption tool
- Deciding on an acceptable settlement with the ransomware victim and the insurance provider
- Negotiating a settlement and schedule with the hacker
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the hacker
- Acquiring, reviewing, and operating the hacker's decryptor tool
- If needed, contacting the threat actor for technical help with the decryptor tool
After the decryption utility has been learned, Progent can help you to recover physical and virtual devices and software services to their pre-arrack state. Progent can also assist you to perform comprehensive forensics and generate a report to deliver to the cyber insurance provider. This document helps you to understand cybersecurity gaps that must be fixed and recommends steps that can be taken to counter future ransomware attacks.
- Isolating infected endpoints to arrest the spread of the assault
- Creating replicas of every infected device and data store in order to perform forensics without interfering with cleanup
- Adding A/V agents to all virus-free endpoints
- Salvaging files from offline backups or uncompromised machines
- Creating a pristine environment
- Remapping and reconnecting datastores to match exactly their pre-encryption state
Beyond extorting money for a decryption utility, modern variants of ransomware such as Ryuk, Maze, DopplePaymer, and Egregor often attempt to exfiltrate information. Hackers are then able to demand an extra ransom in exchange for not divulging this data on the dark web. Sadly, there exists no way to prove that exfiltrated data have been totally erased by the hacker. Actually, in many cases the hacker has limited say over who can access the stolen files. Settling an exfiltration ransom does not free you from the need for engaging the advice of privacy lawyers, conducting an investigation into which data were stolen, and sending the mandated alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises IT services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of SMEs includes professionals who have been awarded high-level certifications in foundation technology platforms including Cisco networking, VMware, and major Linux distros. Progent's cybersecurity experts have earned prestigious certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial and Enterprise Resource Planning applications. This breadth of expertise allows Progent to salvage and integrate the undamaged parts of your network following a ransomware intrusion and reconstruct them rapidly into a viable system. Progent has collaborated with leading insurance providers like Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Calgary
To get in touch with Progent about crypto-ransomware settlement expertise in Calgary, phone Progent at 800-462-8800 or go to Contact Progent.