Progent's Ransomware Settlement Negotiation Consulting in Phoenix
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that requires a mix of field experience, IT knowledge and business savvy. It also demands close co-operation with the cyber-extortion target's IT staff and the insurance carrier, if any. Because the number one goal of the ransomware target is fast recovery, it is vital to deploy recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent has the scope of IT knowledge and the depth of experts to supplement your IT staff and restore your network rapidly and economically.
Support offered by Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the type of ransomware used in the attack
- making contact with the hacker
- Evaluating the likelihood of recovery
- Validating the threat actor's decryption tool
- Determining a settlement payment with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement and timeline with the TA
- Verifying compliance with anti-money laundering (AML) sanctions
- Carrying out the crypto-currency disbursement to the TA
- Receiving, reviewing, and operating the threat actor's decryptor mechanism
- If necessary, contacting the threat actor for assistance with the decryption utility
After the decryption tool has been mastered, Progent can help you to recover computers and software services to their original state. Progent can also help you to perform a complete forensics analysis and create a report to share with the insurance carrier. This document helps you to understand security gaps that need to be fixed and recommends actions that should be performed to combat future ransomware attacks.
- Quarantining infected endpoints to arrest the spread of the assault
- Creating digital copies of every infected server and endpoint and data store in order to perform forensics without interfering with restoration
- Adding anti-virus protection to all virus-free endpoints
- Salvaging files from air-gapped backups or uncompromised machines
- Creating a pristine recovery environment
- Mapping and reconnecting datastores to match precisely their pre-encryption state
Settling Exfiltration Ransoms
Beyond extorting payment for a decryption tool, current strains of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to steal (or "exfiltrate") files. TAs are then able to demand an additional settlement for not divulging this data on the dark web. Sadly, there is no method to prove that exfiltrated data have been totally erased by the hacker. In fact, in numerous instances the hacker has little say about data custody. Settling an exfiltration ransom does not free you from the need for seeking the advice of privacy attorneys, conducting an inventory of data were taken, and performing the required alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes consultants who have been awarded advanced certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP software. This breadth of skills allows Progent to salvage and consolidate the undamaged parts of your network following a ransomware assault and reconstruct them rapidly into an operational system. Progent has worked with leading insurance providers including Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Phoenix
To contact with Progent about crypto-ransomware settlement negotiation guidance in Phoenix, phone Progent at 800-462-8800 or go to Contact Progent.