Progent's Ransomware Negotiation Services in Addison
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that requires a combination of real-word experience, technical skills and business acumen. It also calls for close co-operation with the victim's IT staff and the insurance provider, if any. Because the number one priority of the ransomware target is fast recovery, it is critical to deploy response groups that work effectively, in parallel, and with intimate collaboration. Progent offers the scope of technical skills and the depth of experts to supplement your network support team and recover your network environment quickly and affordably.
Support provided by Progent's ransomware settlement experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware involved in the attack
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Testing the hacker's decryption tool
- Determining a settlement range with the ransomware victim and the insurance provider
- Establishing a settlement and schedule with the threat actor
- Checking adherence to anti-money laundering (AML) regulations
- Carrying out the crypto-currency payment to the TA
- Receiving, learning, and operating the hacker's decryptor utility
- If needed, contacting the TA for technical assistance with the decryption utility
Once the decryption tool has been mastered, Progent can assist you to recover machines and services to their original condition. Progent can also help you to perform a forensics investigation and create a report to deliver to the insurance carrier. This report identifies cybersecurity vulnerabilities that must be corrected and recommends actions to be taken to combat future ransomware attacks.
- Quarantining infected endpoints to arrest the spread of the assault
- Making digital copies of each breached device and data store to allow forensics without interfering with recovery
- Installing A/V protection to all clean endpoints
- Recovering files from offline backups or unscathed machines
- Building a pristine recovery environment
- Remapping and reconnecting drives to reflect precisely their pre-encryption condition
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to exfiltrate information. TAs can then demand a separate settlement in exchange for not posting this information or selling it. Unfortunately, there exists no way to guarantee that exfiltrated files have been completely deleted by the hacker. Actually, in many instances the hacker has limited say about data custody. Paying an exfiltration ransom does not free you from the necessity of getting the guidance of privacy attorneys, conducting an investigation into which files were stolen, and carrying out the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services throughout the U.S. for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes professionals who have been awarded advanced certifications in core technologies including Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned prestigious certifications including CISM, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial management and ERP software. This scope of expertise gives Progent the ability to salvage and consolidate the surviving pieces of your IT environment after a ransomware attack and rebuild them rapidly into a functioning system. Progent has collaborated with leading cyber insurance providers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Addison
To get in touch with Progent about ransomware settlement expertise in Addison, phone Progent at 800-462-8800 or go to Contact Progent.