Progent's Ransomware Settlement Negotiation Consulting in Manhattan Beach
Progent has experience negotiating ransomware settlements with threat actors (TAs). Negotiating an acceptable settlement is a complex exercise that requires a mix of real-word experience, IT knowledge and business savvy. It also calls for working closely with the ransomware victim's IT staff and the insurance carrier, if there is one. Because the top priority of the ransomware victim is fast recovery, it is vital to deploy response groups that work effectively, in parallel, and with intimate collaboration. Progent has the scope of IT skills and the depth of experts to supplement your network staff and restore your network environment rapidly and economically.
Services provided by Progent's ransomware negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware involved in the attack
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Testing the hacker's decryption tool
- Deciding on an acceptable settlement range with the ransomware victim and the insurance carrier
- Negotiating a settlement and schedule with the hacker
- Confirming accordance with anti-money laundering sanctions
- Overseeing the crypto-currency transfer to the hacker
- Receiving, learning, and operating the TA's decryption mechanism
- If needed, contacting the hacker for assistance with the decryptor tool
Once the decryption tool has been mastered, Progent can help you to recover computers and services to their original state. Progent can also help you to conduct a forensics investigation and generate a report to share with the cyber insurance carrier. This report identifies security vulnerabilities that need to be eliminated and recommends steps to be taken to counter future ransomware attacks.
- Isolating infected endpoints and data stores to arrest the progress of the attack
- Making digital copies of every compromised server and endpoint and data store to allow forensics without interfering with restoration
- Installing A/V protection to all clean endpoints
- Salvaging files from offline restores or uncompromised endpoints
- Building a clean recovery environment
- Mapping and reconnecting drives to match precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond extorting payment for a decryption tool, current variants of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim commonly try to exfiltrate files. TAs can then demand an extra ransom in exchange for not posting this data or selling it. Unfortunately, there is no way to guarantee that stolen data have been completely deleted by the TA. Actually, in many cases the hacker has little say about the disposition of the data. Settling an exfiltration ransom does not free you from the need for seeking the advice of privacy lawyers, performing an inventory of files were taken, and carrying out the required alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered remote and on-premises network services across the U.S. for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have been awarded advanced certifications in core technologies including Cisco networking, VMware, and major Linux distros. Progent's cybersecurity experts have earned internationally recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial management and Enterprise Resource Planning software. This breadth of expertise allows Progent to salvage and consolidate the surviving parts of your information system following a ransomware attack and reconstruct them rapidly into a viable network. Progent has worked with leading cyber insurance carriers including Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Manhattan Beach
To contact with Progent about crypto-ransomware settlement services in Manhattan Beach, phone Progent at 800-462-8800 or go to Contact Progent.