Progent's Ransomware Negotiation Services in Phoenix
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex activity that calls for a combination of real-word experience, technical knowledge and business acumen. It also demands close co-operation with the ransomware victim's IT staff and the insurance carrier, if any. Because the top goal of the ransomware target is operational continuity, it is critical to establish recovery teams that operate effectively, in parallel, and in close communication. Progent offers the scope of technical knowledge and the deep bench of personnel to supplement your network support team and restore your network environment rapidly and affordably.
Services offered by Progent's ransomware negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker
- Assessing the recovery risk
- Verifying the TA's decryption tool
- Budgeting a settlement payment with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and timeline with the threat actor
- Checking adherence to anti-money laundering (AML) regulations
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and operating the hacker's decryption mechanism
- If necessary, contacting the TA for technical help with the decryption tool
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and services to their pre-arrack condition. Progent can also assist you to conduct a complete forensics analysis and create a document to deliver to the cyber insurance carrier. This report helps you to understand security vulnerabilities that must be fixed and recommends steps to be taken to block future ransomware attacks.
- Quarantining infected endpoints to arrest the progress of the attack
- Creating digital copies of each breached server and endpoint and data store in order to perform forensics without interfering with recovery
- Adding A/V protection to all virus-free endpoints
- Salvaging data from air-gapped restores or unscathed endpoints
- Building a pristine recovery environment
- Remapping and reconnecting datastores to reflect exactly their pre-encryption condition
In addition to extorting payment for a decryption tool, modern variants of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Nephilim often attempt to exfiltrate files. Hackers can then require an extra ransom for not posting this data on the dark web. Sadly, there exists no method to guarantee that stolen files have been completely erased by the hacker. In fact, in many cases the TA has little say about who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of seeking the advice of privacy lawyers, performing an audit on which data were taken, and carrying out the necessary alerts to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite IT services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes professionals who have been awarded high-level certifications in core technologies including Cisco networking, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications such as CISA, CISSP, and CRISC. (See Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning applications. This breadth of skills gives Progent the ability to identify and consolidate the surviving pieces of your information system after a ransomware intrusion and rebuild them quickly into a functioning network. Progent has worked with leading insurance providers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Phoenix
To get in touch with Progent about ransomware settlement negotiation expertise in Phoenix, phone Progent at 800-462-8800 or go to Contact Progent.