Overview of Progent's Ransomware Negotiation Services in Mesa
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex activity that calls for a combination of real-word experience, technical skills and business savvy. It also demands close co-operation with the ransomware victim's IT team and the insurance provider, if any. Because the number one goal of the ransomware target is fast recovery, it is critical to deploy response teams that work effectively, in parallel, and in close communication. Progent offers the breadth of IT knowledge and the depth of personnel to supplement your network support team and recover your network rapidly and economically.
Services provided by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the attack
- identifying and contacting the hacker
- Assessing the likelihood of recovery
- Testing the TA's decryption tool
- Agreeing on a settlement range with the victim and the insurance carrier
- Negotiating a settlement and schedule with the threat actor
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency transfer to the hacker
- Acquiring, reviewing, and using the TA's decryption tool
- If necessary, contacting the TA for technical assistance with the decryptor utility
Once the decryption utility has been learned, Progent can help you to recover physical and virtual devices and services to their pre-arrack condition. Progent can also assist you to perform a complete forensics analysis and generate a document to deliver to the insurance provider. This report helps you to understand security gaps that need to be corrected and recommends steps to be performed to combat future ransomware attacks.
- Quarantining infected endpoints to arrest the progress of the assault
- Making digital copies of every breached server and endpoint and data store in order to perform forensics without interfering with restoration
- Installing A/V protection to all virus-free endpoints
- Restoring files from air-gapped backups or unscathed endpoints
- Building a clean environment
- Mapping and connecting drives to match exactly their pre-attack state
In addition to demanding payment for a decryption tool, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Egregor commonly attempt to exfiltrate files. TAs can then require a separate settlement for not divulging this information on the dark web. Unfortunately, there is no method to prove that exfiltrated data have been totally erased by the hacker. In fact, in many instances the TA has limited control about where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of seeking the guidance of legal counsel, conducting an inventory of data were taken, and carrying out the necessary alerts to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes consultants who have earned high-level certifications in foundation technology platforms including Cisco networking, VMware, and major Linux distros. Progent's data security consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning software. This breadth of skills allows Progent to salvage and integrate the undamaged parts of your information system after a ransomware attack and reconstruct them rapidly into an operational system. Progent has collaborated with top cyber insurance carriers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Services in Mesa
To get in touch with Progent about ransomware settlement negotiation services in Mesa, phone Progent at 800-462-8800 or go to Contact Progent.