Overview of Progent's Ransomware Settlement Negotiation Services in Albany
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complex activity that requires a mix of real-word experience, IT skills and business acumen. It also calls for close co-operation with the victim's IT team and the insurance carrier, if there is one. Since the number one priority of the ransomware target is operational continuity, it is critical to deploy response teams that operate efficiently, in parallel, and with intimate collaboration. Progent offers the breadth of technical skills and the depth of personnel to complement your network support team and recover your network environment rapidly and economically.
Services available from Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware involved in the attack
- making contact with the hacker
- Evaluating the likelihood of recovery
- Validating the TA's decryption capabilities
- Budgeting a settlement with the victim and the insurance provider
- Negotiating a settlement amount and schedule with the hacker
- Confirming accordance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and using the TA's decryption mechanism
- If necessary, contacting the threat actor for technical help with the decryption utility
Once the decryption tool has been learned, Progent can assist you to recover machines and services to their original state. Progent can also assist you to perform comprehensive forensics and create a document to deliver to the insurance provider. This report identifies security vulnerabilities that need to be eliminated and recommends steps that should be performed to counter subsequent ransomware attacks.
- Isolating infected endpoints and data stores to arrest the spread of the attack
- Creating replicas of every infected device and data store to allow forensics without interfering with recovery
- Adding anti-virus agents to all virus-free endpoints
- Restoring data from air-gapped backups or unscathed machines
- Building a pristine environment
- Remapping and reconnecting datastores to match exactly their pre-attack state
Beyond demanding payment for a decryption utility, current strains of ransomware like Ryuk, Maze, Netwalker, and Nephilim commonly try to exfiltrate files. Hackers are then able to demand an additional settlement for not publishing this data on the dark web. Unfortunately, there is no way to guarantee that exfiltrated data have been completely erased by the threat actor. In fact, in many cases the TA has little say about data custody. Settling an exfiltration ransom does not eliminate the need for getting the advice of privacy lawyers, conducting an audit on which files were taken, and carrying out the mandated notifications to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and onsite IT services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes professionals who have been awarded high-level certifications in foundation technology platforms such as Cisco networking, VMware, and major Linux distros. Progent's data security experts have earned industry-recognized certifications such as CISM, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers top-tier support in financial and ERP software. This broad array of expertise allows Progent to identify and consolidate the surviving pieces of your information system after a ransomware assault and rebuild them quickly into a functioning system. Progent has worked with leading cyber insurance carriers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Albany
To contact with Progent about ransomware settlement services in Albany, phone Progent at 800-462-8800 or go to Contact Progent.