Progent's Ransomware Negotiation Consulting in Columbus
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated exercise that calls for a combination of field experience, IT skills and business acumen. It also calls for working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if there is one. Because the number one priority of the ransomware victim is operational continuity, it is critical to establish response teams that operate efficiently, in parallel, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of personnel to complement your IT staff and restore your network rapidly and affordably.
Services offered by Progent's ransomware negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the assault
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Testing the threat actor's decryption capabilities
- Deciding on an acceptable settlement with the ransomware victim and the cyber insurance provider
- Establishing a settlement amount and schedule with the hacker
- Verifying compliance with anti-money laundering laws
- Managing the crypto-currency disbursement to the TA
- Acquiring, learning, and operating the threat actor's decryption tool
- If necessary, contacting the threat actor for technical help with the decryptor utility
After the decryption tool has been mastered, Progent can assist you to recover computers and software services to their pre-arrack state. Progent can also assist you to conduct comprehensive forensics and create a report to share with the cyber insurance provider. This report identifies security gaps that must be eliminated and recommends actions to be taken to counter future ransomware assaults.
- Quarantining affected endpoints to prevent further progress of the assault
- Making replicas of each compromised device and data store in order to perform forensics without interfering with recovery
- Adding anti-virus protection to all clean endpoints
- Recovering files from air-gapped backups or uncompromised machines
- Building a pristine environment
- Remapping and reconnecting drives to reflect exactly their pre-attack condition
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern strains of ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly try to exfiltrate information. Hackers are then able to demand a separate settlement for not posting this information or selling it. Sadly, there is no way to prove that stolen files have been completely erased by the threat actor. In fact, in numerous instances the hacker has limited say about where the information ends up. Paying an exfiltration ransom does not free you from the necessity of getting the advice of legal counsel, conducting an audit on which data were compromised, and sending the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services throughout the U.S. for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have earned high-level certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning applications. This broad array of skills allows Progent to salvage and consolidate the undamaged pieces of your network after a ransomware intrusion and reconstruct them rapidly into a viable system. Progent has collaborated with leading insurance providers like Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Columbus
To get in touch with Progent about crypto-ransomware settlement expertise in Columbus, call Progent at 800-462-8800 or go to Contact Progent.