Progent's Ransomware Negotiation Consulting in Kansas City
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that requires a mix of real-word experience, IT knowledge and business savvy. It also demands working closely with the ransomware victim's IT team and the cyber insurance provider, if there is one. Because the number one priority of the ransomware victim is operational continuity, it is critical to deploy recovery groups that operate efficiently, in parallel, and with intimate collaboration. Progent has the scope of technical skills and the deep bench of personnel to complement your IT support team and restore your network rapidly and economically.
Services available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Establishing the type of ransomware used in the attack
- identifying and contacting the hacker
- Assessing the likelihood of recovery
- Validating the hacker's decryption capabilities
- Agreeing on a settlement payment with the ransomware victim and the insurance carrier
- Establishing a settlement amount and schedule with the TA
- Verifying compliance with anti-money laundering (AML) sanctions
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the TA's decryptor utility
- If needed, contacting the hacker for assistance with the decryption tool
After the decryption tool has been learned, Progent can help you to recover computers and services to their pre-arrack condition. Progent can also help you to conduct a complete forensics analysis and create a report to share with the insurance carrier. This report helps you to understand cybersecurity vulnerabilities that must be fixed and suggests steps that should be performed to counter future ransomware attacks.
- Isolating affected endpoints to arrest the progress of the attack
- Creating digital copies of each breached device and data store in order to perform forensics without interfering with restoration
- Adding A/V protection to all clean endpoints
- Restoring data from air-gapped restores or unscathed endpoints
- Creating a pristine environment
- Mapping and reconnecting drives to reflect exactly their pre-encryption condition
In addition to demanding money for a decryption utility, modern variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor commonly try to exfiltrate files. Hackers are then able to require an extra ransom in exchange for not posting this information or selling it. Unfortunately, there exists no way to be certain that exfiltrated files have been totally deleted by the TA. Actually, in numerous instances the TA has little say over data custody. Paying an exfiltration ransom does not free you from the necessity of engaging the advice of legal counsel, performing an investigation into which files were taken, and performing the required alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISM, CISSP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to identify and integrate the undamaged pieces of your network following a ransomware assault and reconstruct them quickly into an operational network. Progent has collaborated with leading cyber insurance carriers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Kansas City
To get in touch with Progent about ransomware settlement services in Kansas City, phone Progent at 800-993-9400 or go to Contact Progent.