Progent's Ransomware Settlement Negotiation Services in Buffalo
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complicated exercise that calls for a combination of real-word experience, technical skills and business savvy. It also calls for working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if there is one. Because the top priority of the ransomware victim is operational continuity, it is critical to establish response groups that operate efficiently, in parallel, and with intimate collaboration. Progent offers the breadth of IT skills and the deep bench of personnel to supplement your IT staff and recover your network rapidly and affordably.
Services provided by Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware involved in the attack
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Validating the hacker's decryption capabilities
- Agreeing on a settlement amount with the victim and the insurance provider
- Negotiating a settlement amount and schedule with the hacker
- Verifying compliance with anti-money laundering laws
- Managing the crypto-currency payment to the hacker
- Receiving, learning, and operating the threat actor's decryptor tool
- If necessary, contacting the hacker for technical help with the decryption utility
After the decryption tool has been learned, Progent can assist you to recover machines and software services to their original state. Progent can also assist you to conduct comprehensive forensics and create a report to deliver to the insurance provider. This document identifies cybersecurity gaps that must be eliminated and recommends actions to be taken to combat future ransomware attacks.
- Quarantining affected endpoints to arrest the progress of the attack
- Making replicas of every compromised device and data store to allow forensics in parallel with cleanup
- Adding A/V agents to all clean endpoints
- Restoring data from offline backups or uncompromised machines
- Creating a pristine environment
- Mapping and connecting datastores to reflect exactly their pre-attack condition
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption tool, modern variants of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim often try to exfiltrate information. Hackers can then demand a separate ransom in exchange for not divulging this information on the dark web. Sadly, there is no way to be certain that stolen files have been completely deleted by the hacker. In fact, in numerous instances the hacker has little say about where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of engaging the guidance of privacy lawyers, performing an investigation into which files were taken, and carrying out the mandated alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite IT services throughout the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded advanced certifications in foundation technology platforms such as Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned industry-recognized certifications such as CISM, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also has guidance in financial management and ERP application software. This broad array of skills gives Progent the ability to salvage and integrate the surviving parts of your information system after a ransomware assault and rebuild them quickly into a functioning system. Progent has collaborated with leading cyber insurance providers including Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Buffalo
To contact with Progent about ransomware settlement services in Buffalo, phone Progent at 800-462-8800 or go to Contact Progent.