Progent's Ransomware Settlement Negotiation Services in Toronto
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex exercise that calls for a combination of field experience, IT skills and business savvy. It also requires working closely with the cyber-extortion target's IT team and the cyber insurance provider, if any. Since the top priority of the ransomware victim is fast recovery, it is vital to establish recovery teams that work efficiently, in parallel, and in close communication. Progent offers the scope of IT skills and the deep bench of experts to complement your network support team and restore your network quickly and economically.
Services offered by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware used in the attack
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Verifying the hacker's decryption tool
- Agreeing on a settlement payment with the ransomware victim and the insurance carrier
- Establishing a settlement amount and schedule with the hacker
- Confirming compliance with anti-money laundering regulations
- Overseeing the crypto-currency disbursement to the hacker
- Acquiring, learning, and operating the threat actor's decryption mechanism
- If needed, contacting the TA for assistance with the decryption tool
Once the decryption tool has been mastered, Progent can assist you to restore machines and services to their pre-arrack state. Progent can also help you to conduct a forensics investigation and generate a report to share with the insurance carrier. This report helps you to understand cybersecurity gaps that need to be corrected and suggests steps that should be performed to block future ransomware assaults.
- Quarantining affected endpoints to arrest the progress of the attack
- Creating digital copies of every breached server and endpoint and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all clean endpoints
- Recovering files from air-gapped restores or uncompromised endpoints
- Building a clean recovery environment
- Remapping and reconnecting datastores to match exactly their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding payment for a decryption tool, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often try to exfiltrate information. Hackers are then able to require an extra payment in exchange for not divulging this data or selling it. Sadly, there exists no method to guarantee that stolen data have been completely erased by the hacker. In fact, in many cases the hacker has little say about data custody. Settling an exfiltration ransom does not free you from the necessity of engaging the guidance of legal counsel, conducting an inventory of files were taken, and carrying out the necessary alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided online and onsite network services throughout the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have earned advanced certifications in core technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications including CISA, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This scope of skills allows Progent to salvage and integrate the undamaged parts of your IT environment following a ransomware intrusion and rebuild them rapidly into a viable network. Progent has collaborated with top insurance providers including Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Guidance in Toronto
To contact with Progent about ransomware settlement services in Toronto, phone Progent at 800-462-8800 or go to Contact Progent.