Progent's Ransomware Settlement Negotiation Services in Plano
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex exercise that calls for a mix of real-word experience, technical knowledge and business acumen. It also demands working closely with the cyber-extortion target's IT staff and the cyber insurance carrier, if any. Because the number one priority of the ransomware target is fast recovery, it is critical to deploy response groups that work efficiently, in parallel, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of personnel to supplement your IT support team and restore your network environment rapidly and affordably.
Support offered by Progent's ransomware settlement negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware involved in the assault
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Validating the hacker's decryption capabilities
- Budgeting a settlement range with the victim and the insurance provider
- Negotiating a settlement and timeline with the hacker
- Checking compliance with anti-money laundering sanctions
- Carrying out the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the hacker's decryptor utility
- If necessary, contacting the TA for technical help with the decryptor tool
Once the decryption utility has been learned, Progent can assist you to recover machines and software services to their original state. Progent can also assist you to conduct a forensics investigation and create a report to share with the insurance provider. This document helps you to understand security vulnerabilities that must be eliminated and suggests steps to be performed to counter future ransomware attacks.
- Quarantining infected endpoints to prevent further spread of the assault
- Creating replicas of every compromised device and data store to allow forensics in parallel with cleanup
- Installing A/V protection to all virus-free endpoints
- Recovering data from offline backups or unscathed endpoints
- Creating a clean recovery environment
- Mapping and connecting drives to reflect exactly their pre-encryption condition
Paying Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Egregor commonly try to steal (or "exfiltrate") information. TAs are then able to demand a separate settlement for not divulging this information on the dark web. Sadly, there is no way to prove that stolen data have been totally deleted by the threat actor. Actually, in numerous cases the TA has little control about data custody. Paying an exfiltration ransom does not free you from the necessity of getting the guidance of legal counsel, conducting an investigation into which files were compromised, and sending the necessary notifications to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite IT services across the U.S. for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SMEs) includes professionals who have earned high-level certifications in core technology platforms including Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned internationally recognized certifications including CISA, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial and Enterprise Resource Planning software. This broad array of skills allows Progent to identify and consolidate the surviving pieces of your information system following a ransomware intrusion and reconstruct them quickly into a viable network. Progent has worked with leading insurance carriers like Chubb to assist organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Plano
To get in touch with Progent about ransomware settlement expertise in Plano, phone Progent at 800-462-8800 or go to Contact Progent.