Overview of Progent's Ransomware Settlement Negotiation Services in Rancho Cordova
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complicated exercise that calls for a combination of real-word experience, IT skills and business acumen. It also calls for close co-operation with the cyber-extortion target's IT team and the insurance provider, if there is one. Since the number one priority of the ransomware target is operational continuity, it is vital to deploy response groups that operate efficiently, in parallel, and in close communication. Progent has the scope of technical knowledge and the deep bench of experts to complement your IT staff and recover your network quickly and affordably.
Support offered by Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the attack
- identifying and contacting the hacker
- Assessing the likelihood of recovery
- Testing the hacker's decryption tool
- Budgeting a settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and timeline with the TA
- Checking accordance with anti-money laundering (AML) laws
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and using the TA's decryption tool
- If needed, contacting the hacker for assistance with the decryption tool
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and services to their original condition. Progent can also help you to perform comprehensive forensics and create a document to share with the insurance provider. This report identifies cybersecurity gaps that must be fixed and recommends actions to be taken to combat future ransomware assaults.
- Quarantining infected endpoints to prevent further progress of the attack
- Making digital copies of each compromised device and data store in order to perform forensics without interfering with cleanup
- Adding A/V agents to all clean endpoints
- Recovering data from air-gapped backups or uncompromised machines
- Creating a clean environment
- Remapping and connecting drives to match exactly their pre-attack condition
Paying Exfiltration Ransoms
Beyond demanding money for a decryption tool, modern strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim often attempt to exfiltrate information. Hackers are then able to require an additional settlement in exchange for not posting this data on the dark web. Sadly, there exists no way to prove that stolen files have been totally erased by the threat actor. In fact, in many instances the TA has little control over data custody. Paying an exfiltration ransom does not eliminate the need for engaging the guidance of legal counsel, performing an audit on which files were stolen, and performing the necessary alerts to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite network services throughout the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes professionals who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware, and major Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications such as CISA, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP software. This broad array of expertise allows Progent to salvage and consolidate the undamaged pieces of your information system following a ransomware attack and rebuild them rapidly into a functioning system. Progent has worked with leading cyber insurance carriers including Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Services in Rancho Cordova
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Rancho Cordova, call Progent at 800-462-8800 or go to Contact Progent.