Progent's Ransomware Negotiation Services in Garland
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated exercise that requires a combination of field experience, IT skills and business acumen. It also demands working closely with the cyber-extortion target's IT staff and the insurance carrier, if any. Because the number one priority of the ransomware victim is fast recovery, it is critical to deploy recovery teams that work efficiently, in parallel, and in close communication. Progent has the breadth of technical knowledge and the deep bench of personnel to supplement your network support team and recover your network quickly and affordably.
Services provided by Progent's ransomware settlement team include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware used in the assault
- identifying and contacting the hacker
- Assessing the recovery risk
- Verifying the hacker's decryption tool
- Determining a settlement payment with the ransomware victim and the insurance provider
- Establishing a settlement amount and timeline with the hacker
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency disbursement to the TA
- Acquiring, reviewing, and using the threat actor's decryptor mechanism
- If necessary, contacting the threat actor for technical help with the decryptor tool
Once the decryption tool has been mastered, Progent can help you to restore physical and virtual devices and services to their pre-arrack condition. Progent can also help you to perform comprehensive forensics and create a document to deliver to the insurance provider. This report identifies security gaps that need to be eliminated and suggests steps to be performed to block future ransomware assaults.
- Isolating affected endpoints to arrest the spread of the assault
- Making replicas of every breached device and data store to allow forensics without interfering with recovery
- Installing anti-virus protection to all virus-free endpoints
- Recovering data from offline backups or unscathed endpoints
- Creating a pristine recovery environment
- Mapping and connecting drives to match precisely their pre-attack condition
Settling Exfiltration Ransoms
Beyond demanding money for a decryption tool, modern variants of ransomware such as Ryuk, Maze, Netwalker, and Nephilim often attempt to steal (or "exfiltrate") information. Hackers can then demand an extra ransom in exchange for not publishing this information on the dark web. Unfortunately, there exists no method to guarantee that exfiltrated data have been totally erased by the TA. Actually, in numerous instances the TA has little control about data custody. Settling an exfiltration ransom does not free you from the necessity of seeking the advice of privacy attorneys, performing an audit on which files were taken, and performing the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided remote and onsite network services across the United States for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have been awarded high-level certifications in core technologies including Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications including CISM, CISSP, and GIAC. (Refer to Progent's certifications). Progent also offers top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to salvage and integrate the surviving pieces of your network after a ransomware intrusion and rebuild them rapidly into a functioning network. Progent has collaborated with leading cyber insurance providers like Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Garland
To get in touch with Progent about ransomware settlement negotiation expertise in Garland, call Progent at 800-462-8800 or go to Contact Progent.