Overview of Progent's Ransomware Negotiation Consulting in Albany
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complicated activity that requires a mix of field experience, IT skills and business savvy. It also demands working closely with the victim's IT team and the cyber insurance carrier, if any. Because the top priority of the ransomware victim is operational continuity, it is vital to deploy recovery teams that operate efficiently, concurrently, and in close communication. Progent offers the breadth of technical knowledge and the depth of experts to supplement your network support team and restore your network environment quickly and affordably.
Services provided by Progent's ransomware negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware involved in the assault
- making contact with the hacker
- Assessing the likelihood of recovery
- Verifying the hacker's decryption tool
- Agreeing on a settlement payment with the victim and the cyber insurance carrier
- Establishing a settlement amount and timeline with the threat actor
- Checking accordance with anti-money laundering sanctions
- Carrying out the crypto-currency payment to the TA
- Receiving, reviewing, and operating the threat actor's decryption tool
- If necessary, contacting the hacker for technical help with the decryption tool
After the decryption utility has been learned, Progent can help you to restore computers and software services to their original state. Progent can also help you to conduct a forensics investigation and generate a document to share with the cyber insurance provider. This document helps you to understand security vulnerabilities that need to be eliminated and recommends actions that should be taken to counter subsequent ransomware assaults.
- Isolating infected endpoints to prevent further progress of the assault
- Creating digital copies of every compromised device and data store to allow forensics in parallel with restoration
- Adding anti-virus agents to all virus-free endpoints
- Salvaging files from offline restores or unscathed endpoints
- Creating a pristine recovery environment
- Mapping and reconnecting drives to reflect precisely their pre-encryption state
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, modern variants of ransomware such as Ryuk, Maze, Netwalker, and Nephilim often attempt to exfiltrate information. Hackers are then able to demand an additional settlement for not divulging this data or selling it. Unfortunately, there exists no way to prove that exfiltrated data have been totally erased by the threat actor. Actually, in many instances the threat actor has little control over who can access the stolen files. Paying an exfiltration ransom does not free you from the necessity of engaging the guidance of privacy lawyers, conducting an inventory of files were compromised, and performing the necessary notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services across the United States for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SBEs) includes professionals who have been awarded advanced certifications in core technology platforms such as Cisco networking, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned internationally recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning software. This broad array of expertise gives Progent the ability to identify and consolidate the undamaged parts of your IT environment following a ransomware intrusion and reconstruct them quickly into a functioning network. Progent has worked with leading cyber insurance carriers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Albany
To get in touch with Progent about ransomware settlement expertise in Albany, phone Progent at 800-993-9400 or go to Contact Progent.