Overview of Progent's Ransomware Negotiation Services in Jacksonville
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that calls for a combination of field experience, technical skills and business acumen. It also requires working closely with the victim's IT staff and the insurance provider, if there is one. Because the number one goal of the ransomware target is fast recovery, it is critical to deploy response teams that work effectively, concurrently, and in close communication. Progent has the breadth of technical knowledge and the deep bench of experts to complement your IT support team and restore your network quickly and affordably.
Services offered by Progent's ransomware settlement negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the recovery risk
- Validating the threat actor's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the insurance carrier
- Establishing a settlement and schedule with the threat actor
- Checking accordance with anti-money laundering (AML) laws
- Overseeing the crypto-currency payment to the hacker
- Acquiring, reviewing, and using the TA's decryption tool
- If needed, contacting the hacker for assistance with the decryption utility
After the decryption utility has been learned, Progent can assist you to recover computers and software services to their pre-arrack condition. Progent can also help you to perform a forensics investigation and create a report to deliver to the cyber insurance carrier. This report identifies cybersecurity vulnerabilities that need to be eliminated and suggests actions to be performed to combat future ransomware attacks.
- Quarantining infected endpoints and data stores to prevent further progress of the assault
- Creating replicas of every infected device and data store to allow forensics in parallel with recovery
- Installing A/V agents to all clean endpoints
- Restoring data from air-gapped backups or unscathed machines
- Building a clean recovery environment
- Remapping and reconnecting datastores to match precisely their pre-encryption state
Paying Exfiltration Ransoms
Beyond extorting money for a decryption tool, modern variants of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate files. TAs are then able to require an extra payment for not divulging this data or selling it. Sadly, there exists no method to be certain that exfiltrated files have been totally erased by the threat actor. In fact, in many instances the hacker has little control about who can access the stolen files. Settling an exfiltration ransom does not free you from the necessity of engaging the advice of privacy attorneys, conducting an inventory of data were taken, and performing the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite network services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have been awarded advanced certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This broad array of skills allows Progent to salvage and integrate the surviving pieces of your information system following a ransomware assault and rebuild them rapidly into a viable network. Progent has worked with top insurance carriers including Chubb to help organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Jacksonville
To contact with Progent about crypto-ransomware settlement negotiation services in Jacksonville, call Progent at 800-462-8800 or go to Contact Progent.