Overview of Progent's Ransomware Negotiation Services in Greensboro
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that requires a mix of real-word experience, technical knowledge and business acumen. It also requires working closely with the victim's IT staff and the cyber insurance carrier, if there is one. Because the number one priority of the ransomware victim is fast recovery, it is critical to deploy recovery groups that work effectively, concurrently, and with intimate collaboration. Progent offers the breadth of technical knowledge and the depth of personnel to complement your IT staff and recover your network quickly and affordably.
Services available from Progent's ransomware negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware used in the assault
- identifying and contacting the hacker
- Assessing the likelihood of recovery
- Verifying the TA's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and schedule with the hacker
- Confirming accordance with anti-money laundering laws
- Overseeing the crypto-currency transfer to the TA
- Acquiring, reviewing, and using the hacker's decryptor mechanism
- If necessary, contacting the TA for assistance with the decryption tool
After the decryption utility has been learned, Progent can assist you to restore computers and services to their original condition. Progent can also assist you to conduct a complete forensics analysis and create a document to deliver to the cyber insurance provider. This document identifies security gaps that need to be corrected and suggests actions to be performed to block future ransomware assaults.
- Quarantining infected endpoints to prevent further spread of the attack
- Creating replicas of every infected server and endpoint and data store to allow forensics in parallel with restoration
- Installing anti-virus agents to all virus-free endpoints
- Restoring files from air-gapped backups or unscathed machines
- Building a pristine environment
- Remapping and connecting datastores to reflect exactly their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim often attempt to steal (or "exfiltrate") information. Hackers can then demand an extra payment in exchange for not posting this data on the dark web. Sadly, there exists no way to be certain that exfiltrated files have been totally deleted by the TA. In fact, in many instances the hacker has little say over where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of getting the guidance of legal counsel, performing an investigation into which files were taken, and performing the necessary alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and onsite network services across the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have earned high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also offers guidance in financial management and ERP software. This breadth of skills gives Progent the ability to identify and integrate the undamaged parts of your IT environment following a ransomware attack and reconstruct them rapidly into a functioning network. Progent has collaborated with top cyber insurance carriers including Chubb to assist organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Greensboro
To get in touch with Progent about ransomware settlement negotiation services in Greensboro, call Progent at 800-462-8800 or go to Contact Progent.