Progent's Ransomware Settlement Negotiation Consulting in Kansas City
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complicated exercise that requires a mix of field experience, technical knowledge and business acumen. It also requires close co-operation with the victim's IT team and the insurance provider, if there is one. Since the top priority of the ransomware victim is fast recovery, it is critical to deploy recovery teams that operate effectively, concurrently, and in close communication. Progent offers the scope of IT skills and the deep bench of personnel to complement your network support team and recover your network environment quickly and affordably.
Support offered by Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware involved in the assault
- making contact with the hacker
- Assessing the recovery risk
- Verifying the TA's decryption capabilities
- Determining a settlement with the ransomware victim and the cyber insurance carrier
- Establishing a settlement and timeline with the hacker
- Verifying compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the TA
- Receiving, reviewing, and using the threat actor's decryptor mechanism
- If necessary, contacting the hacker for technical help with the decryption utility
After the decryption utility has been mastered, Progent can assist you to recover physical and virtual devices and software services to their original state. Progent can also assist you to perform a full forensic review and generate a report to deliver to the insurance carrier. This report identifies security gaps that need to be fixed and suggests steps to be performed to counter subsequent ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further spread of the attack
- Creating digital copies of every compromised device and data store in order to perform forensics without interfering with cleanup
- Adding A/V agents to all virus-free endpoints
- Salvaging files from offline backups or uncompromised machines
- Building a clean environment
- Mapping and reconnecting drives to match precisely their pre-encryption state
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current variants of ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers are then able to require a separate settlement for not divulging this data or selling it. Sadly, there exists no method to guarantee that exfiltrated files have been totally erased by the TA. Actually, in many instances the threat actor has limited say over data custody. Settling an exfiltration ransom does not eliminate the necessity of seeking the advice of privacy attorneys, performing an inventory of data were compromised, and performing the required alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services across the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have been awarded advanced certifications in foundation technology platforms including Cisco infrastructure, VMware, and major Linux distros. Progent's cybersecurity experts have earned prestigious certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning applications. This broad array of skills allows Progent to salvage and consolidate the surviving pieces of your network following a ransomware assault and rebuild them rapidly into a functioning system. Progent has collaborated with leading cyber insurance providers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Guidance in Kansas City
To get in touch with Progent about crypto-ransomware settlement services in Kansas City, call Progent at 800-462-8800 or go to Contact Progent.