Overview of Progent's Ransomware Settlement Negotiation Consulting in Allen
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complex activity that calls for a combination of field experience, IT skills and business acumen. It also calls for working closely with the ransomware victim's IT team and the insurance carrier, if any. Since the number one goal of the ransomware target is operational continuity, it is vital to deploy recovery groups that operate effectively, in parallel, and in close communication. Progent offers the scope of technical skills and the depth of experts to supplement your network support team and recover your network environment rapidly and affordably.
Services available from Progent's ransomware settlement experts include:
Concurrent with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the hacker's decryption capabilities
- Deciding on an acceptable settlement with the ransomware victim and the insurance carrier
- Establishing a settlement amount and schedule with the TA
- Verifying compliance with anti-money laundering sanctions
- Overseeing the crypto-currency payment to the hacker
- Receiving, learning, and operating the TA's decryption tool
- If necessary, contacting the hacker for technical assistance with the decryptor tool
After the decryption utility has been mastered, Progent can assist you to recover machines and software services to their original condition. Progent can also help you to perform a full forensic review and create a report to share with the cyber insurance provider. This report identifies cybersecurity vulnerabilities that must be fixed and recommends steps that should be performed to block future ransomware attacks.
- Quarantining infected endpoints and data stores to arrest the spread of the assault
- Creating replicas of each breached device and data store to allow forensics in parallel with cleanup
- Adding anti-virus agents to all clean endpoints
- Salvaging files from air-gapped restores or unscathed machines
- Building a pristine recovery environment
- Mapping and connecting drives to reflect exactly their pre-attack condition
Beyond demanding money for a decryption tool, modern variants of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim commonly try to steal (or "exfiltrate") files. TAs can then require an additional settlement for not publishing this data on the dark web. Unfortunately, there exists no way to be certain that exfiltrated data have been completely deleted by the threat actor. In fact, in numerous instances the threat actor has limited say over the disposition of the data. Settling an exfiltration ransom does not eliminate the necessity of seeking the guidance of legal counsel, conducting an inventory of files were taken, and performing the mandated notifications to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided remote and onsite network services across the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes consultants who have earned advanced certifications in core technologies including Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned industry-recognized certifications including CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also has guidance in financial management and ERP software. This broad array of skills allows Progent to salvage and integrate the surviving parts of your network following a ransomware attack and reconstruct them rapidly into a functioning network. Progent has collaborated with leading insurance providers like Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Ransomware Settlement Services in Allen
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Allen, call Progent at 800-462-8800 or go to Contact Progent.