Progent's Ransomware Settlement Negotiation Consulting in Virginia Beach
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated exercise that requires a combination of field experience, technical knowledge and business savvy. It also demands working closely with the ransomware victim's IT team and the insurance carrier, if there is one. Because the number one goal of the ransomware victim is fast recovery, it is critical to establish response teams that operate efficiently, concurrently, and with intimate collaboration. Progent has the scope of IT knowledge and the depth of experts to supplement your network staff and recover your network environment rapidly and economically.
Support available from Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the assault
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Verifying the hacker's decryption tool
- Budgeting a settlement payment with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the TA
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency disbursement to the TA
- Receiving, learning, and operating the threat actor's decryption utility
- If necessary, contacting the threat actor for assistance with the decryption utility
After the decryption tool has been learned, Progent can assist you to restore physical and virtual devices and software services to their original condition. Progent can also help you to perform a full forensic review and generate a document to share with the cyber insurance provider. This document helps you to understand security gaps that must be eliminated and recommends steps that should be performed to block future ransomware assaults.
- Quarantining infected endpoints to prevent further spread of the attack
- Creating digital copies of every breached device and data store in order to perform forensics in parallel with restoration
- Adding A/V protection to all clean endpoints
- Restoring data from offline restores or uncompromised endpoints
- Creating a clean recovery environment
- Mapping and reconnecting drives to reflect exactly their pre-encryption condition
Beyond extorting money for a decryption tool, current strains of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Egregor commonly attempt to steal (or "exfiltrate") files. TAs can then demand an additional payment in exchange for not divulging this data on the dark web. Sadly, there is no way to guarantee that exfiltrated data have been totally erased by the threat actor. In fact, in numerous cases the threat actor has limited control about where the information ends up. Settling an exfiltration ransom does not free you from the necessity of getting the advice of privacy lawyers, performing an audit on which files were taken, and carrying out the mandated notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SMEs) includes consultants who have earned high-level certifications in foundation technologies including Cisco infrastructure, VMware, and major distributions of Linux. Progent's data security experts have earned industry-recognized certifications including CISA, CISSP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial management and ERP application software. This scope of skills allows Progent to identify and integrate the surviving pieces of your IT environment after a ransomware intrusion and rebuild them rapidly into a viable network. Progent has collaborated with leading insurance providers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Services in Virginia Beach
To get in touch with Progent about crypto-ransomware settlement negotiation services in Virginia Beach, call Progent at 800-462-8800 or go to Contact Progent.