Overview of Progent's Ransomware Negotiation Services in Virginia Beach
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that calls for a combination of field experience, technical knowledge and business savvy. It also calls for working closely with the victim's IT staff and the insurance carrier, if there is one. Since the top priority of the ransomware target is operational continuity, it is critical to deploy response groups that operate effectively, concurrently, and with intimate collaboration. Progent has the scope of technical skills and the depth of experts to supplement your IT staff and recover your network environment quickly and affordably.
Services offered by Progent's ransomware negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the likelihood of recovery
- Validating the TA's decryption capabilities
- Determining a settlement range with the victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the TA
- Checking accordance with anti-money laundering laws
- Carrying out the crypto-currency transfer to the TA
- Acquiring, learning, and using the threat actor's decryption mechanism
- If needed, contacting the hacker for technical help with the decryption utility
Once the decryption utility has been mastered, Progent can assist you to restore physical and virtual devices and software services to their original condition. Progent can also assist you to conduct a complete forensics analysis and create a document to deliver to the insurance carrier. This document identifies cybersecurity gaps that must be fixed and recommends actions to be taken to counter future ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further progress of the attack
- Making replicas of every breached device and data store in order to perform forensics without interfering with recovery
- Adding A/V protection to all clean endpoints
- Recovering files from air-gapped restores or unscathed endpoints
- Building a clean recovery environment
- Remapping and connecting datastores to reflect precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim commonly attempt to steal (or "exfiltrate") information. Hackers can then require a separate ransom for not posting this information or selling it. Unfortunately, there is no method to be certain that stolen files have been totally deleted by the threat actor. In fact, in many instances the threat actor has limited say over where the information ends up. Settling an exfiltration ransom does not free you from the need for seeking the guidance of legal counsel, conducting an investigation into which data were compromised, and carrying out the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes consultants who have been awarded high-level certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning applications. This breadth of expertise gives Progent the ability to identify and consolidate the surviving pieces of your network after a ransomware assault and reconstruct them quickly into a functioning system. Progent has worked with top cyber insurance carriers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Guidance in Virginia Beach
To get in touch with Progent about ransomware settlement negotiation expertise in Virginia Beach, phone Progent at 800-462-8800 or go to Contact Progent.