Progent's Ransomware Negotiation Services in Tacoma
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complex exercise that calls for a combination of field experience, technical knowledge and business savvy. It also requires working closely with the victim's IT team and the insurance provider, if any. Since the number one goal of the ransomware victim is fast recovery, it is vital to deploy recovery groups that operate effectively, concurrently, and with intimate collaboration. Progent has the scope of technical skills and the deep bench of experts to supplement your IT staff and recover your network environment rapidly and affordably.
Services available from Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Verifying the hacker's decryption tool
- Deciding on an acceptable settlement amount with the victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the hacker
- Verifying compliance with anti-money laundering regulations
- Overseeing the crypto-currency transfer to the TA
- Receiving, learning, and using the TA's decryptor mechanism
- If needed, contacting the TA for technical assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can help you to restore machines and software services to their pre-arrack state. Progent can also help you to perform comprehensive forensics and generate a report to deliver to the insurance provider. This report helps you to understand security gaps that must be eliminated and suggests steps that can be taken to counter future ransomware assaults.
- Quarantining affected endpoints to prevent further spread of the attack
- Making digital copies of each breached server and endpoint and data store in order to perform forensics in parallel with recovery
- Installing A/V protection to all clean endpoints
- Recovering files from offline restores or uncompromised endpoints
- Building a clean recovery environment
- Mapping and connecting drives to reflect exactly their pre-attack state
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption tool, modern strains of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor commonly attempt to exfiltrate information. Hackers are then able to demand a separate settlement in exchange for not posting this information on the dark web. Unfortunately, there is no method to guarantee that exfiltrated data have been completely erased by the hacker. In fact, in numerous cases the threat actor has limited say over who can access the stolen files. Paying an exfiltration ransom does not eliminate the need for getting the guidance of privacy lawyers, conducting an inventory of files were stolen, and carrying out the required alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite network services across the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes professionals who have earned high-level certifications in core technology platforms such as Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned internationally recognized certifications such as CISM, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers top-tier support in financial and ERP application software. This scope of expertise allows Progent to identify and consolidate the undamaged parts of your network following a ransomware assault and rebuild them quickly into an operational system. Progent has worked with leading insurance providers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Tacoma
To get in touch with Progent about ransomware settlement negotiation services in Tacoma, call Progent at 800-462-8800 or go to Contact Progent.