Progent's Ransomware Negotiation Consulting in Greensboro
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that requires a mix of field experience, technical skills and business acumen. It also requires close co-operation with the victim's IT team and the cyber insurance provider, if any. Because the top priority of the ransomware victim is fast recovery, it is vital to establish recovery teams that work efficiently, concurrently, and in close communication. Progent offers the breadth of IT skills and the depth of personnel to supplement your IT support team and restore your network rapidly and affordably.
Services offered by Progent's ransomware negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the attack
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Validating the hacker's decryption tool
- Deciding on an acceptable settlement amount with the victim and the insurance carrier
- Negotiating a settlement amount and schedule with the TA
- Verifying compliance with anti-money laundering sanctions
- Carrying out the crypto-currency payment to the hacker
- Acquiring, learning, and using the threat actor's decryptor mechanism
- If needed, contacting the threat actor for technical assistance with the decryptor tool
After the decryption tool has been learned, Progent can help you to restore computers and software services to their pre-arrack state. Progent can also assist you to conduct a full forensic review and generate a report to deliver to the cyber insurance provider. This document helps you to understand cybersecurity vulnerabilities that must be corrected and recommends steps that can be performed to combat subsequent ransomware assaults.
- Isolating infected endpoints to arrest the progress of the attack
- Making digital copies of each compromised device and data store to allow forensics in parallel with restoration
- Adding A/V protection to all virus-free endpoints
- Recovering data from air-gapped restores or unscathed endpoints
- Creating a pristine recovery environment
- Mapping and connecting datastores to reflect precisely their pre-encryption condition
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption tool, current variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate information. TAs can then require an additional payment for not posting this information or selling it. Sadly, there exists no way to guarantee that stolen data have been completely deleted by the threat actor. Actually, in many instances the TA has limited say over data custody. Paying an exfiltration ransom does not free you from the necessity of engaging the advice of legal counsel, performing an audit on which data were taken, and sending the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises IT services across the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced certifications in core technology platforms including Cisco networking, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial and Enterprise Resource Planning software. This scope of skills gives Progent the ability to identify and consolidate the surviving pieces of your network following a ransomware attack and reconstruct them quickly into a viable system. Progent has worked with leading insurance providers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Greensboro
To contact with Progent about crypto-ransomware settlement expertise in Greensboro, call Progent at 800-462-8800 or go to Contact Progent.