Overview of Progent's Ransomware Negotiation Services in Long Beach
Progent has experience negotiating ransomware settlements with threat actors. Reaching an acceptable settlement is a complicated activity that requires a combination of real-word experience, technical knowledge and business savvy. It also requires close co-operation with the victim's IT team and the insurance carrier, if any. Since the number one priority of the ransomware victim is operational continuity, it is vital to deploy recovery groups that operate effectively, in parallel, and in close communication. Progent has the breadth of IT knowledge and the depth of personnel to complement your IT support team and recover your network environment quickly and economically.
Support available from Progent's ransomware settlement negotiation team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware involved in the attack
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Validating the threat actor's decryption tool
- Determining a settlement with the ransomware victim and the cyber insurance provider
- Establishing a settlement and timeline with the TA
- Checking compliance with anti-money laundering sanctions
- Managing the crypto-currency transfer to the hacker
- Receiving, learning, and using the threat actor's decryptor tool
- If necessary, contacting the hacker for technical assistance with the decryption utility
After the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and software services to their original state. Progent can also assist you to conduct a complete forensics analysis and create a report to share with the cyber insurance provider. This report identifies security gaps that need to be fixed and recommends actions that can be performed to counter future ransomware attacks.
- Isolating infected endpoints and data stores to arrest the progress of the attack
- Making replicas of every infected device and data store to allow forensics in parallel with recovery
- Installing anti-virus protection to all virus-free endpoints
- Recovering data from air-gapped backups or unscathed endpoints
- Building a pristine environment
- Mapping and connecting drives to reflect precisely their pre-attack state
Beyond demanding payment for a decryption utility, modern variants of ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often attempt to exfiltrate files. Hackers can then require a separate payment in exchange for not divulging this information or selling it. Unfortunately, there is no method to guarantee that exfiltrated data have been completely deleted by the TA. In fact, in numerous instances the threat actor has little control over where the information ends up. Settling an exfiltration ransom does not eliminate the need for getting the guidance of legal counsel, performing an investigation into which files were taken, and performing the necessary alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services across the U.S. for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes professionals who have earned advanced certifications in core technologies such as Cisco networking, VMware virtualization, and popular Linux distros. Progent's data security experts have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to identify and consolidate the undamaged parts of your IT environment after a ransomware intrusion and reconstruct them quickly into a functioning network. Progent has worked with top cyber insurance providers like Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Long Beach
To contact with Progent about ransomware settlement negotiation expertise in Long Beach, call Progent at 800-462-8800 or go to Contact Progent.