Overview of Progent's Ransomware Negotiation Consulting in Louisville
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an acceptable settlement is a complicated activity that calls for a combination of real-word experience, IT skills and business acumen. It also calls for close co-operation with the cyber-extortion target's IT staff and the cyber insurance provider, if any. Because the top goal of the ransomware victim is fast recovery, it is vital to deploy response teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of experts to supplement your IT staff and recover your network rapidly and economically.
Support offered by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware involved in the assault
- making contact with the hacker
- Assessing the recovery risk
- Validating the hacker's decryption tool
- Agreeing on a settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the hacker
- Verifying compliance with anti-money laundering (AML) regulations
- Carrying out the crypto-currency payment to the hacker
- Receiving, learning, and operating the threat actor's decryption utility
- If necessary, contacting the threat actor for technical assistance with the decryptor utility
After the decryption tool has been mastered, Progent can help you to recover machines and software services to their pre-arrack state. Progent can also assist you to perform a full forensic review and generate a document to deliver to the insurance provider. This document identifies security gaps that need to be fixed and recommends actions that can be performed to block subsequent ransomware attacks.
- Quarantining infected endpoints to arrest the progress of the attack
- Creating digital copies of every breached server and endpoint and data store in order to perform forensics without interfering with restoration
- Adding A/V protection to all virus-free endpoints
- Restoring data from offline backups or uncompromised endpoints
- Creating a pristine recovery environment
- Mapping and connecting drives to reflect exactly their pre-encryption state
Paying Exfiltration Ransoms
In addition to demanding money for a decryption utility, current variants of ransomware like Ryuk, Sodinokibi, DopplePaymer, and Nephilim often attempt to exfiltrate files. Hackers can then demand a separate settlement for not divulging this data on the dark web. Unfortunately, there exists no method to guarantee that exfiltrated data have been totally erased by the threat actor. Actually, in many instances the hacker has little say about data custody. Settling an exfiltration ransom does not eliminate the necessity of getting the advice of legal counsel, performing an investigation into which files were compromised, and performing the required notifications to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises IT services across the U.S. for over 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of SMEs includes consultants who have earned advanced certifications in core technologies including Cisco networking, VMware virtualization, and major distributions of Linux. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP application software. This scope of expertise gives Progent the ability to identify and consolidate the surviving parts of your information system following a ransomware attack and rebuild them rapidly into a viable system. Progent has collaborated with leading cyber insurance carriers like Chubb to assist organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Louisville
To get in touch with Progent about ransomware settlement guidance in Louisville, call Progent at 800-462-8800 or go to Contact Progent.