Overview of Progent's Ransomware Settlement Negotiation Consulting in Louisville
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complicated exercise that requires a combination of real-word experience, technical knowledge and business acumen. It also demands close co-operation with the victim's IT team and the insurance carrier, if there is one. Because the number one priority of the ransomware victim is fast recovery, it is critical to establish recovery teams that operate efficiently, in parallel, and in close communication. Progent has the scope of IT knowledge and the deep bench of experts to complement your IT staff and restore your network rapidly and economically.
Support available from Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware involved in the attack
- making contact with the hacker persona
- Evaluating the recovery risk
- Testing the TA's decryption tool
- Determining a settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the hacker
- Confirming adherence to anti-money laundering (AML) sanctions
- Overseeing the crypto-currency disbursement to the TA
- Acquiring, learning, and using the TA's decryptor tool
- If needed, contacting the hacker for assistance with the decryption tool
After the decryption utility has been mastered, Progent can help you to restore computers and services to their original condition. Progent can also assist you to perform a complete forensics analysis and generate a report to share with the cyber insurance carrier. This report identifies cybersecurity gaps that need to be corrected and suggests steps to be taken to combat subsequent ransomware attacks.
- Isolating infected endpoints and data stores to prevent further spread of the assault
- Making digital copies of each infected device and data store in order to perform forensics in parallel with restoration
- Installing A/V agents to all clean endpoints
- Recovering data from air-gapped restores or unscathed machines
- Creating a pristine recovery environment
- Mapping and connecting drives to match exactly their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption utility, modern strains of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly try to steal (or "exfiltrate") information. TAs can then require an extra ransom for not publishing this information on the dark web. Unfortunately, there exists no method to prove that exfiltrated files have been completely deleted by the threat actor. Actually, in numerous cases the TA has limited control over data custody. Settling an exfiltration ransom does not eliminate the need for seeking the advice of legal counsel, conducting an investigation into which files were compromised, and performing the mandated alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services across the United States for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in foundation technology platforms including Cisco infrastructure, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications including CISM, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial and Enterprise Resource Planning application software. This broad array of expertise gives Progent the ability to salvage and consolidate the undamaged parts of your network after a ransomware intrusion and reconstruct them quickly into a viable system. Progent has worked with top insurance providers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Louisville
To contact with Progent about crypto-ransomware settlement services in Louisville, call Progent at 800-462-8800 or go to Contact Progent.