Overview of Progent's Ransomware Negotiation Consulting in Virginia Beach
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complex activity that requires a mix of field experience, IT knowledge and business acumen. It also demands working closely with the victim's IT team and the insurance carrier, if there is one. Because the number one goal of the ransomware victim is fast recovery, it is critical to deploy recovery teams that operate efficiently, in parallel, and with intimate collaboration. Progent offers the scope of IT skills and the depth of personnel to complement your IT staff and recover your network environment rapidly and economically.
Services offered by Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Validating the threat actor's decryption capabilities
- Determining a settlement amount with the victim and the insurance carrier
- Negotiating a settlement and timeline with the threat actor
- Checking adherence to anti-money laundering (AML) laws
- Managing the crypto-currency payment to the TA
- Acquiring, learning, and operating the TA's decryptor tool
- If necessary, contacting the hacker for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to perform comprehensive forensics and create a document to deliver to the cyber insurance provider. This report identifies security vulnerabilities that must be eliminated and recommends steps that can be performed to combat future ransomware attacks.
- Quarantining infected endpoints and data stores to arrest the spread of the assault
- Creating digital copies of each breached device and data store in order to perform forensics without interfering with recovery
- Installing A/V agents to all clean endpoints
- Salvaging files from offline backups or unscathed endpoints
- Building a clean recovery environment
- Remapping and reconnecting drives to match precisely their pre-encryption condition
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption utility, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") files. Hackers are then able to require an additional settlement for not divulging this information on the dark web. Sadly, there exists no way to be certain that stolen data have been totally erased by the hacker. In fact, in many cases the threat actor has limited control about where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy lawyers, performing an audit on which files were taken, and carrying out the necessary notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite network services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes consultants who have earned advanced certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial and Enterprise Resource Planning applications. This broad array of expertise gives Progent the ability to identify and integrate the surviving pieces of your information system after a ransomware assault and rebuild them rapidly into a viable network. Progent has collaborated with leading cyber insurance providers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Virginia Beach
To contact with Progent about ransomware settlement services in Virginia Beach, phone Progent at 800-462-8800 or go to Contact Progent.