Overview of Progent's Ransomware Negotiation Services in Tacoma
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that calls for a mix of real-word experience, IT skills and business savvy. It also demands working closely with the victim's IT staff and the cyber insurance carrier, if any. Because the top priority of the ransomware target is fast recovery, it is critical to deploy recovery teams that work efficiently, concurrently, and in close communication. Progent has the scope of technical skills and the deep bench of personnel to supplement your network support team and restore your network rapidly and affordably.
Support available from Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the type of ransomware used in the attack
- identifying and contacting the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Determining a settlement with the ransomware victim and the insurance provider
- Negotiating a settlement and timeline with the TA
- Verifying accordance with anti-money laundering laws
- Carrying out the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the TA's decryption utility
- If necessary, contacting the threat actor for technical help with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover computers and services to their original state. Progent can also help you to perform a forensics investigation and generate a document to share with the cyber insurance carrier. This document helps you to understand security gaps that need to be eliminated and recommends actions that should be taken to combat subsequent ransomware attacks.
- Isolating infected endpoints to prevent further spread of the assault
- Making replicas of each breached device and data store in order to perform forensics in parallel with restoration
- Adding A/V agents to all clean endpoints
- Restoring files from offline backups or uncompromised endpoints
- Creating a pristine environment
- Remapping and connecting datastores to reflect exactly their pre-attack state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often try to steal (or "exfiltrate") files. Hackers are then able to require a separate settlement for not posting this information or selling it. Unfortunately, there is no method to be certain that exfiltrated data have been completely erased by the hacker. Actually, in numerous instances the threat actor has limited control about who can access the stolen files. Settling an exfiltration ransom does not eliminate the need for seeking the guidance of privacy attorneys, performing an investigation into which data were stolen, and sending the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite IT services across the United States for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have been awarded high-level certifications in core technologies such as Cisco networking, VMware, and major distributions of Linux. Progent's data security consultants have earned industry-recognized certifications such as CISA, CISSP, and GIAC. (See Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning software. This broad array of expertise gives Progent the ability to salvage and consolidate the surviving parts of your IT environment after a ransomware intrusion and rebuild them quickly into an operational system. Progent has worked with top insurance providers like Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Expertise in Tacoma
To get in touch with Progent about ransomware settlement negotiation services in Tacoma, call Progent at 800-462-8800 or go to Contact Progent.