Progent's Ransomware Settlement Negotiation Services in Rancho Cordova
Progent is experienced in negotiating ransomware settlements with hackers. Reaching an optimum settlement is a complicated exercise that calls for a combination of field experience, technical knowledge and business savvy. It also calls for close co-operation with the ransomware victim's IT staff and the cyber insurance carrier, if there is one. Since the top priority of the ransomware victim is fast recovery, it is vital to deploy response groups that operate efficiently, in parallel, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of personnel to complement your IT staff and restore your network environment quickly and economically.
Services provided by Progent's ransomware settlement negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker persona
- Assessing the recovery risk
- Verifying the hacker's decryption tool
- Determining a settlement with the ransomware victim and the insurance provider
- Negotiating a settlement amount and timeline with the hacker
- Confirming accordance with anti-money laundering (AML) regulations
- Overseeing the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the hacker's decryption utility
- If needed, contacting the TA for technical help with the decryptor utility
After the decryption tool has been learned, Progent can help you to restore computers and services to their original state. Progent can also help you to conduct a forensics investigation and create a document to deliver to the cyber insurance carrier. This document helps you to understand security vulnerabilities that need to be corrected and recommends steps that should be performed to block subsequent ransomware assaults.
- Quarantining affected endpoints and data stores to prevent further progress of the attack
- Making digital copies of every compromised device and data store to allow forensics without interfering with restoration
- Adding A/V agents to all clean endpoints
- Salvaging files from air-gapped backups or unscathed machines
- Creating a pristine environment
- Mapping and connecting datastores to match precisely their pre-attack state
Paying Exfiltration Ransoms
Beyond extorting payment for a decryption tool, current variants of ransomware such as Ryuk, Maze, Netwalker, and Nephilim commonly attempt to exfiltrate files. Hackers are then able to demand an extra payment for not publishing this information or selling it. Sadly, there is no method to be certain that exfiltrated files have been totally deleted by the TA. In fact, in numerous instances the TA has limited control about who can access the stolen files. Paying an exfiltration ransom does not eliminate the necessity of engaging the advice of privacy lawyers, conducting an investigation into which data were taken, and performing the necessary notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite IT services throughout the United States for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in core technologies including Cisco infrastructure, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This breadth of skills allows Progent to salvage and integrate the undamaged parts of your information system after a ransomware intrusion and rebuild them rapidly into a functioning network. Progent has worked with top cyber insurance providers like Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Rancho Cordova
To get in touch with Progent about ransomware settlement negotiation guidance in Rancho Cordova, phone Progent at 800-993-9400 or go to Contact Progent.