Progent's Ransomware Negotiation Consulting in Plano
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that requires a mix of field experience, technical knowledge and business acumen. It also calls for close co-operation with the ransomware victim's IT team and the insurance carrier, if there is one. Since the number one priority of the ransomware victim is fast recovery, it is vital to establish recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of IT knowledge and the deep bench of experts to supplement your IT support team and recover your network rapidly and affordably.
Services offered by Progent's ransomware settlement experts include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Validating the threat actor's decryption capabilities
- Determining a settlement with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement and timeline with the hacker
- Verifying accordance with anti-money laundering regulations
- Carrying out the crypto-currency disbursement to the TA
- Receiving, reviewing, and using the hacker's decryption utility
- If necessary, contacting the TA for assistance with the decryption tool
After the decryption utility has been mastered, Progent can assist you to recover physical and virtual devices and services to their pre-arrack condition. Progent can also help you to perform a complete forensics analysis and create a report to share with the cyber insurance carrier. This document identifies cybersecurity gaps that need to be corrected and recommends actions that can be taken to counter subsequent ransomware assaults.
- Isolating affected endpoints and data stores to arrest the progress of the attack
- Making digital copies of every compromised device and data store to allow forensics in parallel with recovery
- Installing anti-virus protection to all clean endpoints
- Restoring files from air-gapped backups or unscathed machines
- Creating a clean recovery environment
- Remapping and connecting drives to reflect precisely their pre-attack state
In addition to extorting payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") files. Hackers can then require a separate settlement in exchange for not divulging this data or selling it. Sadly, there is no method to guarantee that exfiltrated files have been completely erased by the threat actor. In fact, in numerous instances the threat actor has limited control about data custody. Paying an exfiltration ransom does not eliminate the necessity of seeking the advice of privacy attorneys, conducting an inventory of data were compromised, and performing the required alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite network services throughout the United States for more than 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of SMEs includes professionals who have been awarded high-level certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning application software. This broad array of skills allows Progent to salvage and integrate the undamaged pieces of your information system after a ransomware intrusion and reconstruct them rapidly into a viable network. Progent has worked with top cyber insurance providers like Chubb to help businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Plano
To get in touch with Progent about ransomware settlement guidance in Plano, call Progent at 800-462-8800 or go to Contact Progent.