Progent's Ransomware Settlement Negotiation Consulting in Columbus
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complex exercise that requires a combination of real-word experience, technical skills and business acumen. It also calls for close co-operation with the victim's IT staff and the cyber insurance provider, if there is one. Since the top priority of the ransomware victim is operational continuity, it is critical to establish response groups that work effectively, concurrently, and with intimate collaboration. Progent has the breadth of IT skills and the depth of personnel to supplement your network support team and restore your network environment quickly and affordably.
Support offered by Progent's ransomware negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the type of ransomware used in the assault
- Identifying and communicating with the hacker persona
- Evaluating the recovery risk
- Validating the hacker's decryption tool
- Budgeting a settlement range with the victim and the cyber insurance carrier
- Establishing a settlement and schedule with the hacker
- Verifying adherence to anti-money laundering laws
- Managing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and using the TA's decryptor utility
- If needed, contacting the threat actor for technical assistance with the decryption utility
Once the decryption tool has been learned, Progent can assist you to restore computers and software services to their pre-arrack condition. Progent can also assist you to perform a full forensic review and create a report to share with the cyber insurance carrier. This report identifies cybersecurity vulnerabilities that need to be fixed and recommends actions that can be taken to combat subsequent ransomware assaults.
- Quarantining affected endpoints and data stores to arrest the progress of the attack
- Making replicas of each compromised device and data store in order to perform forensics in parallel with restoration
- Adding A/V protection to all clean endpoints
- Salvaging data from offline restores or uncompromised endpoints
- Creating a clean environment
- Remapping and reconnecting datastores to reflect precisely their pre-attack condition
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, current variants of ransomware like Ryuk, Maze, Netwalker, and Nephilim often attempt to exfiltrate information. TAs are then able to demand a separate ransom for not posting this information on the dark web. Unfortunately, there is no way to be certain that exfiltrated files have been totally deleted by the threat actor. In fact, in numerous instances the hacker has limited say over where the information ends up. Paying an exfiltration ransom does not free you from the need for seeking the advice of privacy lawyers, conducting an audit on which files were taken, and sending the required notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite IT services across the United States for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes professionals who have earned advanced certifications in foundation technologies such as Cisco networking, VMware, and major Linux distros. Progent's cybersecurity consultants have earned prestigious certifications including CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning software. This breadth of skills allows Progent to salvage and consolidate the undamaged parts of your network after a ransomware intrusion and rebuild them rapidly into a functioning system. Progent has collaborated with top insurance providers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Columbus
To get in touch with Progent about ransomware settlement expertise in Columbus, phone Progent at 800-462-8800 or go to Contact Progent.