Progent's Ransomware Negotiation Consulting in Greensboro
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated exercise that calls for a combination of field experience, technical skills and business acumen. It also requires working closely with the ransomware victim's IT team and the insurance provider, if any. Because the number one goal of the ransomware target is operational continuity, it is critical to establish response groups that operate efficiently, in parallel, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of experts to complement your IT support team and restore your network rapidly and economically.
Services offered by Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware used in the attack
- identifying and contacting the hacker
- Evaluating the recovery risk
- Testing the hacker's decryption tool
- Determining a settlement payment with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and schedule with the TA
- Confirming adherence to anti-money laundering regulations
- Overseeing the crypto-currency payment to the hacker
- Receiving, reviewing, and using the TA's decryption utility
- If needed, contacting the threat actor for technical help with the decryption tool
After the decryption utility has been mastered, Progent can assist you to restore computers and services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and create a document to share with the insurance provider. This report identifies cybersecurity gaps that need to be fixed and suggests steps to be taken to counter future ransomware attacks.
- Isolating affected endpoints and data stores to prevent further progress of the attack
- Making replicas of every infected server and endpoint and data store to allow forensics without interfering with cleanup
- Installing A/V protection to all virus-free endpoints
- Restoring data from air-gapped backups or uncompromised machines
- Creating a pristine recovery environment
- Remapping and reconnecting drives to reflect precisely their pre-attack condition
In addition to demanding payment for a decryption tool, current strains of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to exfiltrate files. Hackers are then able to demand a separate settlement for not publishing this data or selling it. Sadly, there is no way to guarantee that exfiltrated files have been totally erased by the TA. In fact, in many cases the hacker has little control about the disposition of the data. Paying an exfiltration ransom does not free you from the necessity of getting the guidance of privacy lawyers, conducting an investigation into which data were stolen, and sending the necessary alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite network services across the U.S. for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes consultants who have earned high-level certifications in core technologies including Cisco infrastructure, VMware, and popular Linux distros. Progent's data security experts have earned prestigious certifications such as CISA, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning applications. This broad array of expertise gives Progent the ability to salvage and integrate the surviving parts of your IT environment following a ransomware assault and rebuild them quickly into a viable system. Progent has worked with top insurance carriers including Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Services in Greensboro
To get in touch with Progent about ransomware settlement expertise in Greensboro, phone Progent at 800-462-8800 or go to Contact Progent.