Overview of Progent's Ransomware Settlement Negotiation Consulting in Fort Myers
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that requires a combination of field experience, technical skills and business savvy. It also demands close co-operation with the cyber-extortion target's IT staff and the cyber insurance carrier, if there is one. Because the number one priority of the ransomware victim is operational continuity, it is vital to deploy recovery groups that work effectively, in parallel, and with intimate collaboration. Progent offers the breadth of IT knowledge and the depth of personnel to supplement your IT support team and recover your network environment rapidly and affordably.
Support offered by Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware used in the attack
- Identifying and communicating with the hacker persona
- Assessing the likelihood of recovery
- Verifying the TA's decryption capabilities
- Determining a settlement range with the victim and the insurance carrier
- Establishing a settlement and timeline with the hacker
- Confirming compliance with anti-money laundering (AML) sanctions
- Carrying out the crypto-currency payment to the TA
- Acquiring, learning, and operating the TA's decryptor utility
- If needed, contacting the hacker for technical assistance with the decryption utility
After the decryption tool has been learned, Progent can help you to restore physical and virtual devices and software services to their original state. Progent can also assist you to perform comprehensive forensics and generate a report to share with the cyber insurance carrier. This document identifies cybersecurity vulnerabilities that must be eliminated and recommends actions that should be taken to counter future ransomware attacks.
- Isolating infected endpoints to prevent further spread of the attack
- Making digital copies of each breached device and data store to allow forensics in parallel with restoration
- Installing A/V agents to all virus-free endpoints
- Recovering data from offline backups or unscathed machines
- Creating a pristine environment
- Mapping and reconnecting datastores to reflect precisely their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern variants of crypto-ransomware such as Ryuk, Maze, Netwalker, and Egregor often try to steal (or "exfiltrate") files. TAs are then able to require a separate settlement for not divulging this data on the dark web. Sadly, there is no method to be certain that stolen data have been completely erased by the TA. In fact, in numerous instances the threat actor has little say over data custody. Settling an exfiltration ransom does not free you from the need for seeking the advice of privacy lawyers, performing an inventory of data were taken, and sending the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services across the U.S. for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have been awarded advanced certifications in core technologies such as Cisco networking, VMware virtualization, and major Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and ERP application software. This broad array of expertise gives Progent the ability to identify and integrate the surviving parts of your network following a ransomware intrusion and rebuild them rapidly into a functioning system. Progent has worked with top insurance carriers including Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Expertise in Fort Myers
To contact with Progent about ransomware settlement negotiation guidance in Fort Myers, phone Progent at 800-462-8800 or go to Contact Progent.