Overview of Progent's Ransomware Negotiation Services in Plano
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated activity that requires a combination of real-word experience, technical skills and business savvy. It also requires close co-operation with the victim's IT team and the cyber insurance provider, if any. Since the number one goal of the ransomware victim is operational continuity, it is vital to deploy recovery teams that operate effectively, concurrently, and in close communication. Progent has the scope of technical knowledge and the deep bench of personnel to complement your network support team and recover your network environment quickly and affordably.
Services available from Progent's ransomware settlement negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware involved in the assault
- making contact with the hacker
- Assessing the recovery risk
- Validating the TA's decryption capabilities
- Deciding on an acceptable settlement amount with the victim and the insurance carrier
- Establishing a settlement and timeline with the TA
- Confirming adherence to anti-money laundering laws
- Carrying out the crypto-currency payment to the hacker
- Receiving, reviewing, and using the threat actor's decryption mechanism
- If necessary, contacting the hacker for assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can help you to restore computers and software services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and generate a document to deliver to the insurance provider. This report identifies security gaps that must be corrected and suggests steps that can be performed to combat future ransomware assaults.
- Isolating infected endpoints to arrest the spread of the attack
- Creating replicas of every compromised server and endpoint and data store to allow forensics in parallel with restoration
- Installing anti-virus agents to all clean endpoints
- Restoring data from offline backups or unscathed machines
- Creating a pristine recovery environment
- Remapping and reconnecting drives to match exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption tool, modern variants of ransomware such as Ryuk, Maze, DopplePaymer, and Egregor commonly attempt to exfiltrate information. Hackers can then require an additional payment for not posting this data on the dark web. Sadly, there is no method to be certain that stolen files have been completely erased by the TA. Actually, in numerous instances the TA has limited say about who can access the stolen files. Settling an exfiltration ransom does not free you from the need for getting the advice of legal counsel, performing an audit on which data were compromised, and sending the necessary notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SMEs) includes professionals who have earned high-level certifications in foundation technology platforms including Cisco infrastructure, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has top-tier support in financial management and Enterprise Resource Planning application software. This breadth of skills gives Progent the ability to identify and consolidate the undamaged pieces of your information system after a ransomware attack and reconstruct them quickly into a functioning system. Progent has collaborated with top insurance carriers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Services in Plano
To get in touch with Progent about ransomware settlement expertise in Plano, phone Progent at 800-462-8800 or go to Contact Progent.