Progent's Ransomware Settlement Negotiation Consulting in Columbus
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex exercise that calls for a combination of field experience, technical knowledge and business acumen. It also demands working closely with the victim's IT staff and the cyber insurance provider, if any. Because the number one priority of the ransomware target is fast recovery, it is critical to deploy response groups that work effectively, in parallel, and in close communication. Progent has the breadth of IT skills and the deep bench of experts to supplement your IT support team and restore your network environment quickly and affordably.
Support provided by Progent's ransomware settlement experts include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Validating the hacker's decryption tool
- Determining a settlement payment with the ransomware victim and the insurance provider
- Negotiating a settlement amount and timeline with the threat actor
- Verifying adherence to anti-money laundering laws
- Managing the crypto-currency disbursement to the TA
- Receiving, reviewing, and operating the hacker's decryptor mechanism
- If needed, contacting the hacker for technical help with the decryptor utility
After the decryption utility has been learned, Progent can help you to recover machines and services to their pre-arrack state. Progent can also assist you to conduct a full forensic review and generate a document to deliver to the insurance carrier. This document helps you to understand cybersecurity gaps that need to be fixed and recommends actions that can be performed to combat future ransomware attacks.
- Quarantining affected endpoints to arrest the progress of the assault
- Making digital copies of each breached server and endpoint and data store to allow forensics in parallel with cleanup
- Adding anti-virus protection to all virus-free endpoints
- Salvaging data from air-gapped backups or unscathed endpoints
- Building a clean recovery environment
- Remapping and connecting datastores to match precisely their pre-attack state
Beyond demanding payment for a decryption tool, current variants of ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers can then demand an extra ransom for not publishing this information on the dark web. Sadly, there is no way to prove that exfiltrated data have been completely erased by the threat actor. Actually, in many instances the TA has limited say over where the information ends up. Paying an exfiltration ransom does not eliminate the need for seeking the advice of privacy attorneys, conducting an investigation into which files were compromised, and performing the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and onsite network services throughout the United States for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have earned high-level certifications in core technologies including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications including CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers guidance in financial management and ERP software. This breadth of expertise allows Progent to identify and consolidate the surviving pieces of your network following a ransomware intrusion and rebuild them quickly into a functioning network. Progent has worked with top cyber insurance providers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Columbus
To get in touch with Progent about crypto-ransomware settlement guidance in Columbus, phone Progent at 800-462-8800 or go to Contact Progent.