Progent's Ransomware Settlement Negotiation Services in Manchester
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that calls for a combination of real-word experience, technical knowledge and business acumen. It also requires working closely with the cyber-extortion target's IT team and the insurance provider, if any. Because the number one goal of the ransomware target is operational continuity, it is critical to establish recovery groups that operate efficiently, in parallel, and in close communication. Progent offers the scope of technical skills and the deep bench of personnel to complement your IT staff and recover your network rapidly and economically.
Support offered by Progent's ransomware settlement team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware involved in the assault
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Verifying the hacker's decryption tool
- Determining a settlement with the victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the hacker
- Confirming compliance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency payment to the TA
- Receiving, learning, and using the TA's decryption tool
- If needed, contacting the TA for technical help with the decryption utility
Once the decryption utility has been learned, Progent can assist you to recover computers and services to their pre-arrack condition. Progent can also assist you to perform a full forensic review and create a report to share with the insurance provider. This report identifies cybersecurity gaps that need to be corrected and suggests steps that should be performed to block future ransomware assaults.
- Isolating affected endpoints to arrest the progress of the attack
- Creating digital copies of every breached device and data store to allow forensics in parallel with recovery
- Adding A/V agents to all virus-free endpoints
- Recovering files from offline backups or unscathed machines
- Building a clean environment
- Remapping and connecting datastores to match exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to demanding money for a decryption utility, current variants of ransomware like Ryuk, Maze, Netwalker, and Egregor often attempt to steal (or "exfiltrate") files. Hackers can then demand a separate payment for not divulging this information on the dark web. Unfortunately, there is no way to prove that exfiltrated files have been completely deleted by the hacker. Actually, in many cases the TA has little control about data custody. Settling an exfiltration ransom does not eliminate the necessity of getting the guidance of privacy lawyers, performing an investigation into which files were stolen, and carrying out the mandated notifications to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SMEs includes consultants who have been awarded advanced certifications in foundation technologies including Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security experts have earned industry-recognized certifications including CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP application software. This broad array of skills gives Progent the ability to identify and consolidate the undamaged parts of your IT environment following a ransomware assault and reconstruct them rapidly into an operational system. Progent has worked with leading cyber insurance carriers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Manchester
To contact with Progent about ransomware settlement negotiation guidance in Manchester, phone Progent at 800-462-8800 or go to Contact Progent.