Progent's Ransomware Negotiation Services in Tacoma
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated activity that requires a combination of real-word experience, technical skills and business savvy. It also demands close co-operation with the victim's IT staff and the insurance provider, if any. Because the number one goal of the ransomware target is fast recovery, it is critical to deploy response groups that work effectively, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the depth of experts to complement your IT staff and restore your network environment quickly and affordably.
Services available from Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware involved in the attack
- identifying and contacting the hacker
- Assessing the recovery risk
- Testing the TA's decryption tool
- Determining a settlement amount with the victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the threat actor
- Verifying accordance with anti-money laundering regulations
- Managing the crypto-currency payment to the hacker
- Acquiring, learning, and using the TA's decryption utility
- If needed, contacting the hacker for assistance with the decryption tool
After the decryption tool has been mastered, Progent can help you to restore machines and software services to their pre-arrack condition. Progent can also assist you to conduct a forensics investigation and create a document to share with the insurance carrier. This report identifies cybersecurity vulnerabilities that must be corrected and recommends actions that should be taken to block future ransomware attacks.
- Isolating affected endpoints and data stores to arrest the spread of the assault
- Making digital copies of every infected server and endpoint and data store to allow forensics without interfering with restoration
- Installing anti-virus agents to all clean endpoints
- Salvaging files from offline backups or uncompromised endpoints
- Building a pristine environment
- Mapping and connecting datastores to match precisely their pre-attack condition
Settling Exfiltration Ransoms
Beyond extorting payment for a decryption utility, modern variants of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often attempt to exfiltrate information. Hackers are then able to demand an additional ransom for not divulging this data or selling it. Unfortunately, there exists no way to guarantee that exfiltrated files have been completely erased by the threat actor. Actually, in numerous cases the TA has little control about who can access the stolen files. Settling an exfiltration ransom does not eliminate the need for engaging the advice of privacy attorneys, performing an audit on which files were taken, and sending the necessary alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services throughout the United States for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes professionals who have been awarded high-level certifications in core technologies such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned prestigious certifications such as CISM, CISSP-ISSAP, and CRISC. (See Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning software. This broad array of skills allows Progent to identify and integrate the undamaged pieces of your network following a ransomware attack and rebuild them quickly into an operational network. Progent has worked with top insurance providers like Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Tacoma
To contact with Progent about ransomware settlement guidance in Tacoma, call Progent at 800-462-8800 or go to Contact Progent.