Progent's Ransomware Settlement Negotiation Services in Allen
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that calls for a mix of field experience, IT skills and business acumen. It also calls for working closely with the ransomware victim's IT team and the insurance carrier, if there is one. Since the number one priority of the ransomware target is fast recovery, it is critical to establish response groups that work effectively, concurrently, and in close communication. Progent has the breadth of IT skills and the depth of personnel to complement your IT staff and restore your network quickly and economically.
Services provided by Progent's ransomware negotiation team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the assault
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Testing the hacker's decryption tool
- Deciding on an acceptable settlement payment with the victim and the insurance provider
- Negotiating a settlement and timeline with the threat actor
- Confirming adherence to anti-money laundering (AML) laws
- Carrying out the crypto-currency payment to the hacker
- Receiving, reviewing, and operating the TA's decryption utility
- If necessary, contacting the hacker for assistance with the decryption utility
After the decryption utility has been mastered, Progent can assist you to recover machines and software services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and generate a report to deliver to the insurance carrier. This report helps you to understand cybersecurity gaps that must be corrected and suggests actions that can be performed to counter subsequent ransomware assaults.
- Quarantining infected endpoints to arrest the spread of the assault
- Making digital copies of every compromised device and data store in order to perform forensics in parallel with restoration
- Adding A/V agents to all clean endpoints
- Recovering data from offline backups or uncompromised endpoints
- Creating a clean recovery environment
- Remapping and reconnecting drives to reflect exactly their pre-attack state
Settling Exfiltration Ransoms
In addition to extorting payment for a decryption utility, current strains of crypto-ransomware such as Ryuk, Maze, Netwalker, and Nephilim commonly attempt to exfiltrate information. Hackers can then demand an extra ransom in exchange for not publishing this information on the dark web. Sadly, there exists no way to prove that stolen data have been totally erased by the threat actor. In fact, in numerous cases the threat actor has little control over data custody. Paying an exfiltration ransom does not free you from the need for getting the guidance of legal counsel, performing an audit on which data were stolen, and carrying out the mandated notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite network services throughout the United States for more than 20 years and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in foundation technologies including Cisco infrastructure, VMware, and major Linux distros. Progent's data security consultants have earned industry-recognized certifications including CISA, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has guidance in financial management and Enterprise Resource Planning application software. This scope of expertise gives Progent the ability to salvage and consolidate the surviving parts of your network following a ransomware assault and rebuild them quickly into a viable network. Progent has collaborated with leading insurance carriers including Chubb to assist businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Allen
To contact with Progent about crypto-ransomware settlement negotiation guidance in Allen, call Progent at 800-462-8800 or go to Contact Progent.