Overview of Progent's Ransomware Negotiation Consulting in Columbus
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that requires a mix of real-word experience, technical skills and business acumen. It also demands working closely with the victim's IT staff and the insurance carrier, if there is one. Because the number one goal of the ransomware target is fast recovery, it is vital to deploy response teams that operate effectively, in parallel, and with intimate collaboration. Progent has the scope of IT knowledge and the deep bench of experts to supplement your IT staff and restore your network environment quickly and affordably.
Support provided by Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the assault
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the threat actor's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the insurance provider
- Negotiating a settlement amount and timeline with the hacker
- Checking adherence to anti-money laundering (AML) regulations
- Carrying out the crypto-currency disbursement to the TA
- Acquiring, reviewing, and using the hacker's decryption mechanism
- If necessary, contacting the hacker for technical help with the decryptor tool
After the decryption tool has been learned, Progent can assist you to recover computers and software services to their original condition. Progent can also assist you to perform comprehensive forensics and generate a document to share with the insurance provider. This report helps you to understand cybersecurity gaps that need to be corrected and suggests actions that should be performed to block subsequent ransomware attacks.
- Quarantining affected endpoints and data stores to arrest the progress of the assault
- Making digital copies of every compromised server and endpoint and data store to allow forensics in parallel with recovery
- Adding A/V protection to all virus-free endpoints
- Restoring files from air-gapped restores or uncompromised machines
- Building a clean recovery environment
- Remapping and connecting drives to match precisely their pre-attack condition
Beyond extorting money for a decryption tool, modern variants of ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim commonly attempt to exfiltrate information. Hackers are then able to require a separate payment for not publishing this data or selling it. Unfortunately, there exists no method to prove that stolen data have been totally deleted by the threat actor. In fact, in numerous instances the hacker has little say about who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of engaging the guidance of legal counsel, conducting an audit on which files were stolen, and performing the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services throughout the U.S. for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes consultants who have earned advanced certifications in core technology platforms including Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications including CISA, CISSP, and CRISC. (See Progent's certifications). Progent also has guidance in financial management and ERP software. This broad array of skills gives Progent the ability to identify and consolidate the undamaged pieces of your information system following a ransomware attack and reconstruct them quickly into a functioning network. Progent has worked with top cyber insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Columbus
To get in touch with Progent about crypto-ransomware settlement negotiation guidance in Columbus, phone Progent at 800-462-8800 or go to Contact Progent.