Overview of Progent's Ransomware Settlement Negotiation Services in Savannah
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated activity that calls for a combination of field experience, technical knowledge and business acumen. It also calls for working closely with the ransomware victim's IT staff and the cyber insurance provider, if there is one. Because the number one goal of the ransomware victim is operational continuity, it is vital to deploy response groups that operate efficiently, in parallel, and in close communication. Progent offers the scope of technical skills and the deep bench of personnel to complement your IT staff and restore your network environment rapidly and affordably.
Services available from Progent's ransomware settlement team include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker
- Assessing the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the insurance provider
- Establishing a settlement amount and schedule with the hacker
- Verifying accordance with anti-money laundering (AML) laws
- Managing the crypto-currency payment to the TA
- Acquiring, learning, and operating the TA's decryption utility
- If necessary, contacting the threat actor for technical help with the decryption tool
After the decryption utility has been learned, Progent can help you to recover machines and software services to their pre-arrack state. Progent can also assist you to conduct comprehensive forensics and generate a report to deliver to the cyber insurance provider. This report identifies security vulnerabilities that need to be corrected and recommends steps that can be performed to combat subsequent ransomware attacks.
- Isolating affected endpoints and data stores to arrest the progress of the assault
- Creating digital copies of every breached device and data store in order to perform forensics in parallel with recovery
- Adding anti-virus protection to all virus-free endpoints
- Salvaging data from air-gapped backups or unscathed endpoints
- Creating a clean recovery environment
- Mapping and reconnecting drives to match precisely their pre-encryption state
Paying Exfiltration Ransoms
In addition to extorting money for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor commonly attempt to steal (or "exfiltrate") files. Hackers can then require an additional ransom in exchange for not divulging this data on the dark web. Unfortunately, there is no method to be certain that exfiltrated files have been totally erased by the threat actor. Actually, in many instances the hacker has limited control about data custody. Settling an exfiltration ransom does not eliminate the need for engaging the guidance of privacy attorneys, conducting an audit on which files were compromised, and carrying out the necessary notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services across the United States for over 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have earned advanced certifications in core technologies including Cisco networking, VMware, and popular Linux distros. Progent's data security consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP software. This breadth of skills allows Progent to identify and integrate the undamaged pieces of your network after a ransomware assault and rebuild them rapidly into a functioning network. Progent has worked with leading insurance carriers including Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Savannah
To get in touch with Progent about ransomware settlement services in Savannah, call Progent at 800-462-8800 or go to Contact Progent.