Progent's Ransomware Settlement Negotiation Consulting in Kansas City
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that calls for a combination of real-word experience, IT knowledge and business savvy. It also requires working closely with the cyber-extortion target's IT team and the insurance carrier, if there is one. Because the number one goal of the ransomware target is operational continuity, it is vital to establish response teams that work efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT skills and the depth of personnel to supplement your network staff and recover your network rapidly and affordably.
Services available from Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Verifying the hacker's decryption capabilities
- Determining a settlement amount with the victim and the insurance provider
- Establishing a settlement and timeline with the threat actor
- Checking compliance with anti-money laundering sanctions
- Managing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and operating the hacker's decryption tool
- If needed, contacting the TA for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and services to their pre-arrack condition. Progent can also help you to conduct a complete forensics analysis and create a report to deliver to the insurance provider. This report helps you to understand cybersecurity gaps that must be eliminated and suggests actions to be taken to combat subsequent ransomware assaults.
- Quarantining infected endpoints to arrest the spread of the assault
- Making digital copies of each breached device and data store to allow forensics without interfering with restoration
- Installing A/V protection to all virus-free endpoints
- Restoring files from offline restores or uncompromised machines
- Building a clean environment
- Mapping and connecting datastores to match exactly their pre-encryption state
Settling Exfiltration Ransoms
Beyond demanding money for a decryption tool, modern strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often attempt to steal (or "exfiltrate") information. TAs can then demand an extra payment in exchange for not divulging this information or selling it. Unfortunately, there exists no way to guarantee that exfiltrated files have been totally erased by the TA. In fact, in numerous instances the threat actor has little control over where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of engaging the guidance of legal counsel, conducting an inventory of files were compromised, and sending the necessary notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services throughout the United States for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have earned high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications including CISM, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This scope of expertise gives Progent the ability to salvage and consolidate the surviving pieces of your network after a ransomware intrusion and rebuild them quickly into a viable system. Progent has collaborated with leading cyber insurance providers including Chubb to help businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Services in Kansas City
To get in touch with Progent about crypto-ransomware settlement guidance in Kansas City, phone Progent at 800-462-8800 or go to Contact Progent.