Progent's Ransomware Negotiation Consulting in Fort Myers
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that requires a combination of field experience, technical knowledge and business acumen. It also requires working closely with the cyber-extortion target's IT staff and the insurance provider, if any. Because the number one goal of the ransomware target is fast recovery, it is critical to establish recovery groups that operate effectively, in parallel, and with intimate collaboration. Progent has the scope of technical knowledge and the depth of personnel to supplement your IT staff and restore your network environment rapidly and economically.
Services available from Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the assault
- identifying and contacting the hacker persona
- Assessing the likelihood of recovery
- Testing the hacker's decryption capabilities
- Agreeing on a settlement amount with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the threat actor
- Confirming compliance with anti-money laundering regulations
- Carrying out the crypto-currency transfer to the hacker
- Receiving, reviewing, and using the threat actor's decryptor mechanism
- If needed, contacting the TA for technical help with the decryptor utility
Once the decryption tool has been mastered, Progent can help you to restore computers and software services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and create a report to deliver to the cyber insurance provider. This document identifies cybersecurity vulnerabilities that must be eliminated and suggests actions to be performed to combat subsequent ransomware attacks.
- Quarantining affected endpoints to prevent further progress of the assault
- Creating replicas of every compromised device and data store to allow forensics without interfering with recovery
- Installing anti-virus protection to all clean endpoints
- Salvaging files from air-gapped restores or unscathed machines
- Creating a pristine environment
- Mapping and reconnecting datastores to match exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption utility, modern strains of ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim commonly try to steal (or "exfiltrate") files. Hackers can then demand an additional ransom for not divulging this data or selling it. Unfortunately, there is no way to guarantee that stolen files have been completely erased by the hacker. In fact, in numerous instances the TA has little control about who can access the stolen files. Paying an exfiltration ransom does not free you from the necessity of seeking the guidance of legal counsel, performing an investigation into which data were stolen, and sending the necessary alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite network services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have earned advanced certifications in core technology platforms such as Cisco networking, VMware, and major Linux distros. Progent's cybersecurity consultants have earned prestigious certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP applications. This scope of expertise gives Progent the ability to salvage and consolidate the undamaged parts of your network following a ransomware attack and rebuild them rapidly into a viable system. Progent has worked with top cyber insurance carriers like Chubb to help organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Expertise in Fort Myers
To contact with Progent about ransomware settlement negotiation guidance in Fort Myers, phone Progent at 800-462-8800 or go to Contact Progent.