Progent's Ransomware Settlement Negotiation Consulting in Hartford
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that requires a combination of field experience, IT skills and business savvy. It also calls for close co-operation with the cyber-extortion target's IT team and the insurance provider, if there is one. Since the number one priority of the ransomware target is fast recovery, it is critical to deploy recovery teams that operate effectively, in parallel, and with intimate collaboration. Progent offers the breadth of IT skills and the deep bench of personnel to supplement your network staff and recover your network rapidly and affordably.
Support available from Progent's ransomware settlement experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware involved in the assault
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and timeline with the hacker
- Checking accordance with anti-money laundering regulations
- Managing the crypto-currency payment to the TA
- Acquiring, learning, and operating the hacker's decryption tool
- If needed, contacting the threat actor for technical help with the decryptor utility
After the decryption tool has been mastered, Progent can help you to recover machines and software services to their pre-arrack condition. Progent can also help you to conduct a complete forensics analysis and generate a report to share with the cyber insurance provider. This document identifies security vulnerabilities that need to be fixed and recommends actions that can be taken to combat subsequent ransomware assaults.
- Isolating infected endpoints to prevent further progress of the attack
- Creating replicas of each breached server and endpoint and data store to allow forensics in parallel with restoration
- Installing A/V protection to all virus-free endpoints
- Salvaging data from air-gapped restores or uncompromised machines
- Creating a pristine environment
- Mapping and connecting datastores to reflect exactly their pre-attack condition
In addition to extorting payment for a decryption tool, modern variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim often try to steal (or "exfiltrate") information. Hackers are then able to demand an extra payment for not divulging this information on the dark web. Unfortunately, there exists no way to prove that stolen data have been completely deleted by the hacker. Actually, in many cases the hacker has limited say about where the information ends up. Settling an exfiltration ransom does not free you from the necessity of seeking the guidance of privacy attorneys, performing an audit on which files were taken, and performing the mandated notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite IT services throughout the United States for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded advanced certifications in core technologies including Cisco infrastructure, VMware, and major Linux distros. Progent's data security experts have earned prestigious certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This scope of expertise allows Progent to identify and integrate the undamaged parts of your IT environment following a ransomware assault and rebuild them quickly into an operational system. Progent has collaborated with leading cyber insurance providers like Chubb to assist organizations clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Services in Hartford
To contact with Progent about ransomware settlement guidance in Hartford, phone Progent at 800-462-8800 or go to Contact Progent.