Overview of Progent's Ransomware Settlement Negotiation Consulting in Fort Wayne
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated activity that requires a combination of real-word experience, IT skills and business acumen. It also calls for working closely with the cyber-extortion target's IT team and the insurance carrier, if any. Since the top goal of the ransomware target is fast recovery, it is vital to establish recovery teams that work efficiently, in parallel, and in close communication. Progent has the breadth of technical skills and the depth of experts to supplement your IT staff and restore your network quickly and economically.
Support available from Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the kind of ransomware involved in the assault
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Testing the TA's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the insurance carrier
- Negotiating a settlement and schedule with the threat actor
- Confirming adherence to anti-money laundering regulations
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and operating the hacker's decryption mechanism
- If necessary, contacting the TA for assistance with the decryptor utility
Once the decryption tool has been learned, Progent can assist you to recover physical and virtual devices and services to their pre-arrack state. Progent can also help you to conduct a full forensic review and generate a document to deliver to the cyber insurance provider. This document identifies cybersecurity gaps that must be fixed and recommends steps that can be performed to block future ransomware assaults.
- Isolating infected endpoints to arrest the spread of the assault
- Making replicas of each compromised server and endpoint and data store in order to perform forensics in parallel with restoration
- Installing A/V protection to all virus-free endpoints
- Salvaging files from air-gapped restores or uncompromised machines
- Creating a clean environment
- Remapping and connecting datastores to reflect exactly their pre-attack condition
In addition to demanding payment for a decryption utility, modern variants of ransomware such as Ryuk, Maze, Netwalker, and Egregor often attempt to steal (or "exfiltrate") information. Hackers can then demand an additional payment for not divulging this information or selling it. Unfortunately, there is no way to prove that exfiltrated data have been totally deleted by the threat actor. Actually, in numerous cases the TA has little control over data custody. Paying an exfiltration ransom does not eliminate the necessity of getting the guidance of privacy lawyers, conducting an inventory of data were compromised, and sending the required notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services throughout the United States for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced certifications in foundation technologies such as Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity experts have earned prestigious certifications including CISM, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning applications. This breadth of expertise allows Progent to identify and consolidate the surviving pieces of your network after a ransomware assault and reconstruct them rapidly into a functioning network. Progent has worked with leading cyber insurance providers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Guidance in Fort Wayne
To get in touch with Progent about crypto-ransomware settlement negotiation services in Fort Wayne, phone Progent at 800-462-8800 or go to Contact Progent.