Progent's Ransomware Negotiation Services in Garland
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex activity that calls for a mix of real-word experience, technical skills and business acumen. It also demands working closely with the cyber-extortion target's IT team and the cyber insurance carrier, if there is one. Since the top goal of the ransomware target is operational continuity, it is vital to deploy response groups that work effectively, in parallel, and with intimate collaboration. Progent has the breadth of technical skills and the depth of experts to supplement your IT staff and recover your network environment rapidly and affordably.
Services provided by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware used in the assault
- identifying and contacting the hacker persona
- Assessing the likelihood of recovery
- Verifying the threat actor's decryption tool
- Budgeting a settlement amount with the ransomware victim and the insurance provider
- Establishing a settlement amount and schedule with the hacker
- Verifying compliance with anti-money laundering (AML) laws
- Carrying out the crypto-currency payment to the TA
- Receiving, reviewing, and using the TA's decryption utility
- If needed, contacting the hacker for technical assistance with the decryption tool
After the decryption utility has been mastered, Progent can help you to restore machines and software services to their pre-arrack state. Progent can also assist you to conduct a full forensic review and create a document to share with the cyber insurance provider. This document helps you to understand security gaps that need to be corrected and suggests actions that can be performed to combat future ransomware attacks.
- Quarantining infected endpoints to arrest the spread of the assault
- Creating digital copies of each infected device and data store to allow forensics in parallel with cleanup
- Installing A/V agents to all virus-free endpoints
- Restoring files from air-gapped backups or unscathed machines
- Creating a pristine recovery environment
- Remapping and reconnecting datastores to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern strains of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers can then demand an extra payment for not publishing this information on the dark web. Sadly, there is no method to be certain that stolen files have been completely deleted by the hacker. In fact, in numerous instances the threat actor has little control about where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of engaging the advice of privacy lawyers, conducting an audit on which data were stolen, and performing the necessary alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises network services throughout the U.S. for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded advanced certifications in core technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also has guidance in financial and ERP application software. This breadth of skills allows Progent to identify and integrate the surviving parts of your information system following a ransomware intrusion and reconstruct them quickly into an operational system. Progent has worked with leading insurance carriers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Garland
To get in touch with Progent about crypto-ransomware settlement negotiation services in Garland, phone Progent at 800-462-8800 or go to Contact Progent.