Overview of Progent's Ransomware Settlement Negotiation Consulting in Addison
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complicated activity that calls for a combination of field experience, IT knowledge and business savvy. It also demands close co-operation with the ransomware victim's IT staff and the cyber insurance provider, if any. Because the number one priority of the ransomware target is fast recovery, it is critical to establish response groups that operate effectively, concurrently, and in close communication. Progent offers the scope of IT skills and the deep bench of experts to complement your network staff and recover your network environment rapidly and affordably.
Support offered by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Budgeting a settlement payment with the ransomware victim and the insurance carrier
- Establishing a settlement and timeline with the threat actor
- Confirming compliance with anti-money laundering regulations
- Carrying out the crypto-currency transfer to the hacker
- Receiving, learning, and using the hacker's decryption tool
- If necessary, contacting the hacker for assistance with the decryption tool
After the decryption tool has been learned, Progent can assist you to restore computers and software services to their pre-arrack condition. Progent can also help you to perform comprehensive forensics and create a report to share with the insurance carrier. This document identifies security vulnerabilities that must be eliminated and recommends steps to be performed to block future ransomware attacks.
- Quarantining infected endpoints to prevent further progress of the attack
- Making replicas of each compromised server and endpoint and data store in order to perform forensics in parallel with cleanup
- Installing anti-virus protection to all virus-free endpoints
- Recovering files from air-gapped backups or unscathed machines
- Creating a pristine environment
- Remapping and connecting drives to match exactly their pre-encryption condition
In addition to demanding money for a decryption utility, modern variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Nephilim commonly attempt to steal (or "exfiltrate") information. TAs are then able to demand an extra settlement for not posting this information or selling it. Unfortunately, there is no method to be certain that stolen data have been completely deleted by the threat actor. In fact, in many instances the hacker has little control about where the information ends up. Settling an exfiltration ransom does not free you from the need for getting the guidance of privacy lawyers, performing an investigation into which data were taken, and sending the required notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services across the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded high-level certifications in foundation technology platforms including Cisco networking, VMware virtualization, and major Linux distros. Progent's data security experts have earned prestigious certifications such as CISM, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP applications. This scope of skills gives Progent the ability to identify and consolidate the undamaged pieces of your information system following a ransomware intrusion and reconstruct them quickly into a viable system. Progent has collaborated with top cyber insurance carriers like Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Addison
To get in touch with Progent about ransomware settlement negotiation guidance in Addison, phone Progent at 800-462-8800 or go to Contact Progent.