Overview of Progent's Ransomware Negotiation Consulting in Hartford
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that calls for a combination of real-word experience, IT skills and business acumen. It also calls for close co-operation with the ransomware victim's IT team and the cyber insurance provider, if any. Since the top priority of the ransomware victim is operational continuity, it is vital to deploy response groups that work efficiently, in parallel, and in close communication. Progent has the breadth of technical knowledge and the depth of experts to complement your IT support team and restore your network quickly and economically.
Support provided by Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware used in the assault
- making contact with the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Agreeing on a settlement range with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and timeline with the threat actor
- Verifying accordance with anti-money laundering (AML) sanctions
- Managing the crypto-currency payment to the hacker
- Receiving, learning, and using the TA's decryption tool
- If needed, contacting the TA for technical help with the decryption utility
After the decryption utility has been learned, Progent can assist you to restore physical and virtual devices and services to their pre-arrack condition. Progent can also help you to perform comprehensive forensics and create a report to deliver to the insurance provider. This report identifies security vulnerabilities that must be eliminated and recommends actions that can be taken to counter subsequent ransomware assaults.
- Isolating affected endpoints to prevent further spread of the attack
- Making replicas of each infected device and data store to allow forensics in parallel with recovery
- Installing A/V protection to all virus-free endpoints
- Salvaging data from air-gapped restores or uncompromised endpoints
- Building a clean recovery environment
- Mapping and reconnecting drives to reflect exactly their pre-encryption state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption utility, modern strains of ransomware such as Ryuk, Maze, Netwalker, and Nephilim commonly attempt to exfiltrate information. TAs are then able to require an additional ransom in exchange for not publishing this information or selling it. Unfortunately, there exists no way to prove that stolen data have been totally deleted by the TA. Actually, in many instances the hacker has little say over where the information ends up. Paying an exfiltration ransom does not free you from the need for engaging the guidance of legal counsel, performing an audit on which data were taken, and performing the mandated notifications to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and on-premises IT services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced certifications in core technology platforms including Cisco infrastructure, VMware, and popular Linux distros. Progent's cybersecurity consultants have earned prestigious certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning software. This scope of skills gives Progent the ability to salvage and consolidate the surviving pieces of your network after a ransomware intrusion and rebuild them quickly into a viable network. Progent has collaborated with leading cyber insurance providers like Chubb to assist businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Hartford
To contact with Progent about crypto-ransomware settlement expertise in Hartford, call Progent at 800-462-8800 or go to Contact Progent.