Overview of Progent's Ransomware Settlement Negotiation Services in Jacksonville
Progent has experience negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complex activity that requires a combination of real-word experience, IT skills and business acumen. It also requires working closely with the ransomware victim's IT team and the cyber insurance carrier, if any. Since the number one goal of the ransomware target is fast recovery, it is vital to deploy recovery groups that operate efficiently, in parallel, and in close communication. Progent has the scope of technical skills and the deep bench of experts to supplement your network staff and restore your network quickly and affordably.
Services available from Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the kind of ransomware involved in the assault
- making contact with the hacker
- Assessing the recovery risk
- Validating the TA's decryption capabilities
- Budgeting a settlement with the ransomware victim and the insurance carrier
- Establishing a settlement amount and schedule with the TA
- Confirming accordance with anti-money laundering (AML) laws
- Carrying out the crypto-currency transfer to the hacker
- Acquiring, reviewing, and operating the hacker's decryption mechanism
- If necessary, contacting the hacker for technical assistance with the decryption tool
After the decryption tool has been mastered, Progent can assist you to restore machines and software services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and generate a report to share with the cyber insurance provider. This document identifies cybersecurity vulnerabilities that need to be fixed and recommends actions to be performed to counter subsequent ransomware attacks.
- Quarantining infected endpoints and data stores to arrest the spread of the attack
- Making digital copies of every breached server and endpoint and data store in order to perform forensics without interfering with cleanup
- Adding anti-virus agents to all clean endpoints
- Salvaging files from offline backups or unscathed machines
- Creating a clean recovery environment
- Remapping and connecting datastores to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to demanding money for a decryption utility, modern strains of ransomware like Ryuk, Sodinokibi, Netwalker, and Egregor commonly try to steal (or "exfiltrate") information. Hackers are then able to demand an additional payment for not divulging this information on the dark web. Sadly, there is no way to guarantee that stolen data have been totally erased by the hacker. In fact, in numerous instances the TA has limited control about data custody. Paying an exfiltration ransom does not eliminate the need for getting the guidance of privacy lawyers, conducting an investigation into which files were stolen, and sending the necessary alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts includes professionals who have been awarded high-level certifications in foundation technologies including Cisco networking, VMware, and popular Linux distros. Progent's cybersecurity experts have earned internationally recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial management and ERP software. This breadth of skills allows Progent to identify and integrate the undamaged parts of your network after a ransomware assault and rebuild them rapidly into a viable system. Progent has worked with top cyber insurance providers like Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Guidance in Jacksonville
To contact with Progent about ransomware settlement guidance in Jacksonville, call Progent at 800-462-8800 or go to Contact Progent.