Progent's Ransomware Negotiation Consulting in Jacksonville
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated exercise that requires a combination of field experience, technical skills and business savvy. It also requires working closely with the cyber-extortion target's IT team and the insurance carrier, if any. Because the number one priority of the ransomware target is fast recovery, it is critical to establish recovery teams that operate effectively, in parallel, and with intimate collaboration. Progent offers the breadth of IT knowledge and the deep bench of personnel to supplement your IT staff and restore your network quickly and affordably.
Support available from Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the kind of ransomware used in the assault
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Validating the hacker's decryption capabilities
- Budgeting a settlement range with the ransomware victim and the insurance provider
- Establishing a settlement amount and schedule with the TA
- Checking accordance with anti-money laundering (AML) sanctions
- Managing the crypto-currency transfer to the TA
- Acquiring, learning, and using the TA's decryption utility
- If necessary, contacting the threat actor for technical assistance with the decryptor utility
Once the decryption utility has been mastered, Progent can assist you to restore computers and services to their original state. Progent can also assist you to perform comprehensive forensics and generate a report to share with the cyber insurance provider. This report helps you to understand cybersecurity gaps that need to be eliminated and recommends actions that can be performed to counter subsequent ransomware assaults.
- Quarantining affected endpoints to prevent further progress of the attack
- Creating replicas of each compromised device and data store in order to perform forensics without interfering with restoration
- Adding anti-virus protection to all virus-free endpoints
- Salvaging files from offline restores or unscathed machines
- Creating a clean environment
- Remapping and connecting drives to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
In addition to demanding payment for a decryption utility, modern variants of ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to exfiltrate files. Hackers can then require a separate settlement for not posting this data or selling it. Sadly, there is no method to be certain that exfiltrated data have been completely erased by the hacker. In fact, in numerous instances the TA has limited say about where the information ends up. Paying an exfiltration ransom does not free you from the need for seeking the guidance of privacy lawyers, performing an inventory of files were taken, and carrying out the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises network services across the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes consultants who have earned advanced certifications in core technologies such as Cisco networking, VMware virtualization, and popular distributions of Linux. Progent's cybersecurity experts have earned industry-recognized certifications such as CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and Enterprise Resource Planning applications. This breadth of skills gives Progent the ability to salvage and integrate the undamaged pieces of your information system after a ransomware intrusion and reconstruct them quickly into an operational system. Progent has collaborated with top insurance providers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Ransomware Settlement Guidance in Jacksonville
To get in touch with Progent about crypto-ransomware settlement negotiation services in Jacksonville, phone Progent at 800-462-8800 or go to Contact Progent.