Overview of Progent's Ransomware Settlement Negotiation Services in Hartford
Progent has experience negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex activity that requires a combination of field experience, technical skills and business acumen. It also demands working closely with the cyber-extortion target's IT team and the insurance carrier, if there is one. Because the number one priority of the ransomware victim is fast recovery, it is critical to deploy recovery groups that work efficiently, in parallel, and with intimate collaboration. Progent offers the breadth of technical knowledge and the deep bench of experts to supplement your network staff and restore your network rapidly and economically.
Services offered by Progent's ransomware settlement experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware involved in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Validating the TA's decryption tool
- Agreeing on a settlement with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the hacker
- Verifying compliance with anti-money laundering laws
- Managing the crypto-currency payment to the hacker
- Receiving, reviewing, and operating the threat actor's decryption mechanism
- If necessary, contacting the threat actor for technical assistance with the decryptor tool
Once the decryption tool has been mastered, Progent can assist you to restore computers and services to their pre-arrack state. Progent can also assist you to perform a full forensic review and create a report to deliver to the cyber insurance carrier. This document helps you to understand cybersecurity gaps that need to be eliminated and recommends steps that can be taken to block subsequent ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further progress of the assault
- Creating replicas of every infected device and data store in order to perform forensics in parallel with recovery
- Installing anti-virus agents to all virus-free endpoints
- Salvaging files from offline backups or uncompromised endpoints
- Building a pristine environment
- Remapping and reconnecting datastores to reflect precisely their pre-attack condition
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, current variants of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to exfiltrate information. TAs are then able to require an extra ransom for not divulging this information on the dark web. Unfortunately, there exists no method to be certain that stolen data have been totally deleted by the TA. In fact, in numerous instances the TA has little control over where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of getting the guidance of legal counsel, conducting an investigation into which data were stolen, and performing the necessary notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and onsite network services throughout the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in foundation technologies including Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning application software. This scope of expertise gives Progent the ability to identify and consolidate the surviving pieces of your network after a ransomware attack and reconstruct them quickly into a viable system. Progent has collaborated with leading cyber insurance carriers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Hartford
To contact with Progent about ransomware settlement negotiation services in Hartford, call Progent at 800-993-9400 or go to Contact Progent.