Progent's Ransomware Settlement Negotiation Services in Dallas
Progent has experience negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complex exercise that requires a mix of field experience, IT skills and business acumen. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if any. Since the number one goal of the ransomware victim is operational continuity, it is vital to establish recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of IT skills and the depth of experts to supplement your network staff and recover your network quickly and affordably.
Services provided by Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the hacker's decryption tool
- Determining a settlement with the ransomware victim and the cyber insurance provider
- Establishing a settlement and timeline with the threat actor
- Confirming accordance with anti-money laundering laws
- Carrying out the crypto-currency disbursement to the hacker
- Receiving, learning, and operating the threat actor's decryptor tool
- If needed, contacting the hacker for technical assistance with the decryption tool
After the decryption tool has been learned, Progent can help you to recover computers and services to their pre-arrack state. Progent can also help you to perform comprehensive forensics and generate a report to deliver to the cyber insurance carrier. This report helps you to understand security vulnerabilities that must be eliminated and recommends steps that can be performed to block future ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further progress of the attack
- Creating replicas of every infected server and endpoint and data store to allow forensics in parallel with restoration
- Installing A/V protection to all virus-free endpoints
- Recovering files from air-gapped backups or uncompromised machines
- Creating a clean environment
- Remapping and connecting drives to match exactly their pre-attack condition
In addition to demanding money for a decryption tool, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to steal (or "exfiltrate") information. TAs can then demand a separate ransom in exchange for not publishing this data on the dark web. Sadly, there is no method to guarantee that exfiltrated data have been completely erased by the threat actor. Actually, in many cases the hacker has little say over who can access the stolen files. Paying an exfiltration ransom does not eliminate the need for engaging the advice of privacy lawyers, conducting an inventory of data were stolen, and performing the required notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite IT services across the United States for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have been awarded high-level certifications in core technology platforms such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned internationally recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and ERP applications. This broad array of expertise gives Progent the ability to identify and integrate the surviving parts of your network following a ransomware attack and reconstruct them rapidly into a functioning network. Progent has collaborated with leading cyber insurance carriers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Dallas
To get in touch with Progent about ransomware settlement negotiation guidance in Dallas, call Progent at 800-462-8800 or go to Contact Progent.