Overview of Progent's Ransomware Settlement Negotiation Services in Tulsa
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that calls for a mix of field experience, technical skills and business acumen. It also calls for working closely with the cyber-extortion target's IT staff and the cyber insurance provider, if any. Since the top goal of the ransomware victim is operational continuity, it is critical to establish recovery groups that operate effectively, concurrently, and in close communication. Progent has the breadth of technical knowledge and the depth of experts to complement your IT staff and recover your network rapidly and affordably.
Support provided by Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the assault
- making contact with the hacker
- Assessing the recovery risk
- Testing the hacker's decryption capabilities
- Budgeting a settlement amount with the ransomware victim and the insurance carrier
- Negotiating a settlement and timeline with the TA
- Verifying adherence to anti-money laundering regulations
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and using the TA's decryption tool
- If needed, contacting the hacker for assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can help you to restore computers and software services to their original state. Progent can also assist you to perform a forensics investigation and generate a report to share with the insurance provider. This report helps you to understand cybersecurity vulnerabilities that need to be fixed and recommends actions that can be performed to counter subsequent ransomware assaults.
- Isolating affected endpoints to arrest the spread of the attack
- Making digital copies of each compromised server and endpoint and data store to allow forensics in parallel with recovery
- Adding A/V agents to all virus-free endpoints
- Restoring data from offline restores or uncompromised machines
- Building a pristine recovery environment
- Remapping and reconnecting drives to reflect precisely their pre-attack condition
Beyond extorting payment for a decryption tool, current strains of ransomware like Ryuk, Maze, Netwalker, and Egregor often attempt to steal (or "exfiltrate") files. Hackers are then able to demand an extra payment in exchange for not divulging this information on the dark web. Unfortunately, there exists no way to prove that exfiltrated files have been totally deleted by the threat actor. Actually, in many cases the hacker has little control about the disposition of the data. Settling an exfiltration ransom does not eliminate the need for seeking the guidance of privacy attorneys, performing an audit on which files were stolen, and sending the necessary alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services throughout the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes consultants who have earned advanced certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications such as CISA, CISSP, and CRISC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and ERP software. This breadth of expertise gives Progent the ability to salvage and consolidate the surviving pieces of your information system after a ransomware assault and reconstruct them rapidly into an operational system. Progent has collaborated with leading insurance providers including Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Guidance in Tulsa
To get in touch with Progent about ransomware settlement expertise in Tulsa, phone Progent at 800-462-8800 or go to Contact Progent.