Progent's Ransomware Settlement Negotiation Consulting in Garland
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that requires a combination of real-word experience, technical skills and business acumen. It also demands close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if there is one. Since the number one priority of the ransomware victim is operational continuity, it is critical to deploy response groups that operate effectively, in parallel, and with intimate collaboration. Progent has the scope of technical skills and the depth of personnel to complement your IT support team and restore your network quickly and economically.
Support provided by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the hacker
- Checking accordance with anti-money laundering laws
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryptor utility
- If necessary, contacting the threat actor for technical assistance with the decryption tool
After the decryption utility has been mastered, Progent can assist you to restore physical and virtual devices and services to their original condition. Progent can also assist you to conduct a full forensic review and generate a document to share with the cyber insurance provider. This report helps you to understand cybersecurity gaps that must be corrected and recommends steps that can be performed to counter future ransomware attacks.
- Isolating infected endpoints and data stores to prevent further spread of the attack
- Creating replicas of every infected server and endpoint and data store to allow forensics in parallel with recovery
- Adding A/V protection to all clean endpoints
- Salvaging data from air-gapped restores or uncompromised endpoints
- Creating a pristine environment
- Mapping and connecting datastores to reflect exactly their pre-encryption state
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption utility, modern variants of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Egregor commonly attempt to steal (or "exfiltrate") information. Hackers are then able to demand an additional settlement for not publishing this information on the dark web. Unfortunately, there exists no way to be certain that stolen files have been completely erased by the TA. Actually, in many instances the TA has little say over who can access the stolen files. Settling an exfiltration ransom does not eliminate the necessity of seeking the advice of privacy attorneys, performing an inventory of data were compromised, and carrying out the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services across the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes consultants who have been awarded advanced certifications in foundation technology platforms including Cisco infrastructure, VMware, and popular distributions of Linux. Progent's cybersecurity consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This scope of expertise gives Progent the ability to salvage and consolidate the surviving pieces of your information system after a ransomware attack and rebuild them quickly into an operational system. Progent has collaborated with leading cyber insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Garland
To contact with Progent about ransomware settlement guidance in Garland, phone Progent at 800-462-8800 or go to Contact Progent.