Overview of Progent's Ransomware Settlement Negotiation Services in Sherman Oaks
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex exercise that requires a combination of real-word experience, IT knowledge and business savvy. It also requires close co-operation with the ransomware victim's IT team and the insurance provider, if there is one. Because the top priority of the ransomware victim is fast recovery, it is critical to deploy response groups that work effectively, concurrently, and with intimate collaboration. Progent offers the breadth of technical skills and the deep bench of personnel to supplement your IT support team and restore your network environment rapidly and affordably.
Services provided by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware used in the attack
- Identifying and communicating with the hacker persona
- Evaluating the recovery risk
- Testing the threat actor's decryption tool
- Deciding on an acceptable settlement amount with the victim and the cyber insurance carrier
- Negotiating a settlement and timeline with the TA
- Checking compliance with anti-money laundering (AML) regulations
- Carrying out the crypto-currency payment to the TA
- Receiving, reviewing, and using the threat actor's decryption tool
- If needed, contacting the hacker for assistance with the decryption utility
After the decryption utility has been learned, Progent can assist you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to perform a complete forensics analysis and generate a document to share with the insurance provider. This document identifies cybersecurity vulnerabilities that must be corrected and recommends steps to be taken to counter subsequent ransomware assaults.
- Quarantining affected endpoints and data stores to prevent further spread of the attack
- Creating digital copies of each compromised device and data store in order to perform forensics without interfering with cleanup
- Adding A/V protection to all clean endpoints
- Salvaging data from air-gapped backups or uncompromised endpoints
- Creating a pristine recovery environment
- Mapping and reconnecting datastores to reflect precisely their pre-encryption state
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption utility, modern variants of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Egregor commonly attempt to steal (or "exfiltrate") files. TAs can then demand a separate settlement for not divulging this data on the dark web. Sadly, there exists no method to be certain that exfiltrated data have been completely deleted by the hacker. Actually, in many instances the TA has limited control over who can access the stolen files. Paying an exfiltration ransom does not free you from the necessity of seeking the advice of privacy lawyers, performing an audit on which files were compromised, and sending the mandated alerts to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded advanced certifications in core technologies such as Cisco networking, VMware, and popular distributions of Linux. Progent's cybersecurity experts have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial management and ERP application software. This scope of skills gives Progent the ability to identify and consolidate the surviving pieces of your information system after a ransomware attack and rebuild them rapidly into an operational system. Progent has collaborated with top cyber insurance carriers like Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Services in Sherman Oaks
To contact with Progent about ransomware settlement expertise in Sherman Oaks, phone Progent at 800-993-9400 or go to Contact Progent.