Overview of Progent's Ransomware Negotiation Consulting in Long Beach
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that requires a combination of field experience, IT knowledge and business savvy. It also calls for close co-operation with the cyber-extortion target's IT team and the cyber insurance carrier, if any. Because the top goal of the ransomware target is fast recovery, it is vital to establish response teams that operate effectively, concurrently, and with intimate collaboration. Progent has the breadth of IT knowledge and the depth of personnel to complement your IT staff and restore your network quickly and affordably.
Support available from Progent's ransomware settlement negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the assault
- identifying and contacting the hacker persona
- Evaluating the recovery risk
- Testing the threat actor's decryption capabilities
- Deciding on an acceptable settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and timeline with the hacker
- Confirming adherence to anti-money laundering (AML) laws
- Overseeing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and operating the threat actor's decryptor utility
- If needed, contacting the threat actor for technical assistance with the decryption utility
Once the decryption tool has been learned, Progent can assist you to recover computers and services to their original state. Progent can also assist you to conduct a full forensic review and generate a report to share with the cyber insurance provider. This document identifies cybersecurity gaps that need to be eliminated and recommends actions that can be taken to combat future ransomware attacks.
- Quarantining infected endpoints and data stores to arrest the progress of the assault
- Creating digital copies of every infected server and endpoint and data store in order to perform forensics in parallel with restoration
- Installing A/V agents to all clean endpoints
- Restoring data from air-gapped backups or uncompromised endpoints
- Creating a pristine recovery environment
- Mapping and connecting datastores to match precisely their pre-encryption condition
In addition to demanding money for a decryption utility, modern variants of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to steal (or "exfiltrate") information. Hackers are then able to demand an extra ransom in exchange for not divulging this information on the dark web. Sadly, there is no method to be certain that exfiltrated files have been totally deleted by the threat actor. In fact, in numerous instances the TA has little control about data custody. Paying an exfiltration ransom does not free you from the need for seeking the guidance of privacy attorneys, performing an inventory of data were stolen, and performing the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services throughout the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of SBEs includes professionals who have earned advanced certifications in core technologies such as Cisco networking, VMware virtualization, and popular distributions of Linux. Progent's data security consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has guidance in financial and ERP software. This scope of skills gives Progent the ability to identify and consolidate the surviving pieces of your information system after a ransomware attack and reconstruct them rapidly into a functioning network. Progent has worked with leading cyber insurance carriers including Chubb to help businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Services in Long Beach
To contact with Progent about ransomware settlement services in Long Beach, call Progent at 800-462-8800 or go to Contact Progent.