Overview of Progent's Ransomware Settlement Negotiation Consulting in Tulsa
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated exercise that calls for a mix of real-word experience, technical knowledge and business savvy. It also requires working closely with the cyber-extortion target's IT team and the insurance carrier, if any. Since the top goal of the ransomware target is operational continuity, it is vital to deploy response teams that operate efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of experts to supplement your network support team and restore your network rapidly and economically.
Support available from Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware involved in the attack
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the threat actor's decryption capabilities
- Agreeing on a settlement with the victim and the insurance provider
- Establishing a settlement amount and schedule with the hacker
- Verifying adherence to anti-money laundering (AML) regulations
- Overseeing the crypto-currency disbursement to the TA
- Receiving, learning, and operating the TA's decryption mechanism
- If needed, contacting the threat actor for assistance with the decryption tool
After the decryption tool has been mastered, Progent can help you to restore computers and software services to their original condition. Progent can also help you to perform a complete forensics analysis and create a report to share with the insurance provider. This report helps you to understand security vulnerabilities that must be fixed and suggests actions that can be performed to counter subsequent ransomware attacks.
- Isolating infected endpoints to prevent further spread of the assault
- Creating digital copies of every breached device and data store to allow forensics in parallel with recovery
- Installing A/V agents to all virus-free endpoints
- Salvaging data from air-gapped backups or unscathed machines
- Creating a clean environment
- Remapping and reconnecting datastores to reflect exactly their pre-attack condition
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, current strains of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor commonly attempt to exfiltrate information. Hackers can then demand an additional settlement for not posting this information on the dark web. Unfortunately, there exists no way to guarantee that exfiltrated files have been totally erased by the hacker. In fact, in many instances the TA has little say about the disposition of the data. Settling an exfiltration ransom does not eliminate the necessity of seeking the advice of privacy lawyers, performing an inventory of files were taken, and performing the required notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services across the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes professionals who have earned advanced certifications in foundation technologies such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISA, CISSP, and GIAC. (Refer to Progent's certifications). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This scope of expertise allows Progent to salvage and consolidate the undamaged pieces of your network after a ransomware intrusion and reconstruct them quickly into an operational network. Progent has worked with leading cyber insurance carriers including Chubb to help organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Tulsa
To contact with Progent about crypto-ransomware settlement negotiation services in Tulsa, phone Progent at 800-462-8800 or go to Contact Progent.