Progent's Ransomware Negotiation Consulting in Dallas
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complicated activity that calls for a combination of field experience, IT skills and business acumen. It also calls for close co-operation with the ransomware victim's IT staff and the cyber insurance provider, if any. Since the number one priority of the ransomware victim is operational continuity, it is vital to deploy response groups that work efficiently, in parallel, and with intimate collaboration. Progent offers the scope of IT knowledge and the depth of experts to supplement your IT support team and recover your network environment rapidly and affordably.
Support available from Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware used in the assault
- identifying and contacting the hacker
- Assessing the recovery risk
- Verifying the hacker's decryption capabilities
- Determining a settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and timeline with the TA
- Confirming accordance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and operating the threat actor's decryptor utility
- If needed, contacting the TA for technical help with the decryptor tool
Once the decryption tool has been learned, Progent can assist you to recover machines and services to their pre-arrack state. Progent can also help you to perform a full forensic review and generate a report to share with the insurance provider. This document identifies cybersecurity gaps that must be fixed and suggests actions that can be performed to block future ransomware attacks.
- Isolating infected endpoints to prevent further spread of the assault
- Making digital copies of each infected device and data store to allow forensics in parallel with restoration
- Installing anti-virus protection to all clean endpoints
- Restoring files from air-gapped backups or uncompromised machines
- Creating a clean recovery environment
- Remapping and reconnecting datastores to match precisely their pre-encryption condition
In addition to extorting payment for a decryption tool, modern variants of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") information. Hackers can then require a separate settlement in exchange for not publishing this data or selling it. Unfortunately, there exists no method to be certain that stolen files have been completely erased by the threat actor. Actually, in numerous cases the TA has little control over the disposition of the data. Paying an exfiltration ransom does not eliminate the necessity of engaging the guidance of privacy attorneys, conducting an audit on which files were stolen, and carrying out the required notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes professionals who have been awarded high-level certifications in foundation technologies including Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned internationally recognized certifications including CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning application software. This broad array of expertise gives Progent the ability to identify and integrate the undamaged pieces of your IT environment after a ransomware assault and reconstruct them rapidly into a functioning system. Progent has collaborated with top cyber insurance carriers like Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Guidance in Dallas
To get in touch with Progent about crypto-ransomware settlement negotiation services in Dallas, call Progent at 800-462-8800 or go to Contact Progent.