Overview of Progent's Ransomware Negotiation Services in Minnetonka
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex activity that calls for a mix of field experience, IT knowledge and business savvy. It also calls for working closely with the victim's IT team and the cyber insurance carrier, if there is one. Because the number one priority of the ransomware target is fast recovery, it is critical to establish response teams that operate efficiently, in parallel, and in close communication. Progent offers the breadth of technical skills and the deep bench of experts to complement your network support team and restore your network quickly and economically.
Services offered by Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the assault
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Verifying the threat actor's decryption tool
- Agreeing on a settlement amount with the victim and the cyber insurance carrier
- Negotiating a settlement and timeline with the hacker
- Confirming compliance with anti-money laundering sanctions
- Overseeing the crypto-currency payment to the TA
- Acquiring, learning, and using the TA's decryptor utility
- If needed, contacting the TA for assistance with the decryptor utility
After the decryption tool has been mastered, Progent can help you to restore physical and virtual devices and software services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and create a document to deliver to the insurance provider. This document identifies security gaps that must be eliminated and suggests actions to be performed to block future ransomware assaults.
- Quarantining infected endpoints and data stores to arrest the progress of the attack
- Making replicas of each infected device and data store to allow forensics without interfering with recovery
- Adding A/V agents to all virus-free endpoints
- Salvaging data from offline restores or unscathed machines
- Building a clean recovery environment
- Remapping and connecting datastores to match exactly their pre-encryption state
In addition to extorting money for a decryption utility, current strains of ransomware like Ryuk, Maze, Netwalker, and Egregor often try to exfiltrate files. TAs are then able to require an extra settlement in exchange for not posting this data on the dark web. Sadly, there exists no way to guarantee that exfiltrated files have been totally erased by the hacker. Actually, in many cases the hacker has little say over where the information ends up. Settling an exfiltration ransom does not free you from the need for engaging the advice of legal counsel, conducting an audit on which data were stolen, and performing the required notifications to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services across the U.S. for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes consultants who have earned high-level certifications in core technology platforms such as Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISM, CISSP, and GIAC. (See Progent's certifications). Progent also offers guidance in financial and ERP software. This scope of expertise gives Progent the ability to salvage and consolidate the undamaged pieces of your information system following a ransomware intrusion and rebuild them rapidly into a functioning system. Progent has collaborated with top cyber insurance providers like Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Guidance in Minnetonka
To contact with Progent about ransomware settlement negotiation services in Minnetonka, call Progent at 800-462-8800 or go to Contact Progent.