Progent's Ransomware Negotiation Services in Minnetonka
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated activity that calls for a mix of real-word experience, IT skills and business savvy. It also calls for working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if there is one. Because the top priority of the ransomware victim is operational continuity, it is vital to establish recovery teams that operate efficiently, in parallel, and in close communication. Progent offers the breadth of technical skills and the deep bench of experts to complement your IT staff and restore your network quickly and affordably.
Services provided by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the likelihood of recovery
- Validating the TA's decryption capabilities
- Agreeing on a settlement with the ransomware victim and the insurance provider
- Establishing a settlement and timeline with the TA
- Checking adherence to anti-money laundering (AML) sanctions
- Overseeing the crypto-currency disbursement to the TA
- Acquiring, learning, and using the threat actor's decryptor tool
- If necessary, contacting the hacker for technical help with the decryptor utility
Once the decryption tool has been mastered, Progent can help you to recover computers and software services to their original state. Progent can also help you to conduct a full forensic review and create a report to deliver to the cyber insurance carrier. This report helps you to understand security gaps that need to be corrected and suggests actions to be taken to counter subsequent ransomware attacks.
- Isolating affected endpoints and data stores to prevent further spread of the assault
- Making digital copies of every breached server and endpoint and data store in order to perform forensics without interfering with recovery
- Installing anti-virus agents to all virus-free endpoints
- Restoring data from offline restores or unscathed machines
- Creating a clean environment
- Mapping and reconnecting drives to reflect exactly their pre-attack state
Paying Exfiltration Ransoms
Beyond extorting payment for a decryption utility, modern strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate files. Hackers are then able to demand a separate payment for not publishing this information or selling it. Sadly, there exists no method to prove that exfiltrated files have been completely deleted by the TA. In fact, in many cases the hacker has little say over data custody. Settling an exfiltration ransom does not free you from the necessity of seeking the guidance of legal counsel, conducting an investigation into which data were stolen, and performing the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite network services throughout the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in core technology platforms including Cisco networking, VMware, and popular distributions of Linux. Progent's data security consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and Enterprise Resource Planning application software. This breadth of expertise allows Progent to salvage and integrate the surviving parts of your network following a ransomware attack and rebuild them quickly into a functioning network. Progent has collaborated with top insurance carriers like Chubb to assist organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Services in Minnetonka
To contact with Progent about ransomware settlement services in Minnetonka, phone Progent at 800-993-9400 or go to Contact Progent.