Progent's Ransomware Settlement Negotiation Services in Des Moines
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex exercise that calls for a combination of field experience, technical skills and business savvy. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if there is one. Because the top priority of the ransomware target is fast recovery, it is vital to deploy response teams that operate effectively, in parallel, and in close communication. Progent offers the scope of technical knowledge and the deep bench of personnel to supplement your network support team and recover your network environment rapidly and economically.
Support available from Progent's ransomware negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware involved in the attack
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Testing the hacker's decryption capabilities
- Determining a settlement amount with the victim and the insurance provider
- Negotiating a settlement amount and timeline with the hacker
- Verifying adherence to anti-money laundering regulations
- Managing the crypto-currency payment to the hacker
- Acquiring, learning, and operating the hacker's decryption utility
- If necessary, contacting the hacker for technical assistance with the decryptor utility
After the decryption utility has been learned, Progent can help you to recover computers and software services to their pre-arrack condition. Progent can also assist you to conduct a full forensic review and generate a report to share with the insurance provider. This document helps you to understand security gaps that need to be eliminated and recommends actions that can be performed to combat future ransomware assaults.
- Quarantining affected endpoints to prevent further progress of the attack
- Making digital copies of each breached server and endpoint and data store to allow forensics without interfering with cleanup
- Adding A/V protection to all virus-free endpoints
- Restoring files from air-gapped restores or unscathed machines
- Building a pristine recovery environment
- Remapping and connecting datastores to match precisely their pre-encryption state
Paying Exfiltration Ransoms
In addition to demanding money for a decryption utility, modern strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor often try to exfiltrate information. TAs can then demand an extra settlement in exchange for not posting this information or selling it. Sadly, there exists no method to guarantee that stolen data have been totally erased by the TA. In fact, in many instances the hacker has limited say over the disposition of the data. Paying an exfiltration ransom does not eliminate the need for getting the advice of privacy attorneys, conducting an inventory of data were stolen, and performing the required notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and onsite IT services across the U.S. for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts includes professionals who have earned advanced certifications in core technologies including Cisco networking, VMware, and popular distributions of Linux. Progent's cybersecurity experts have earned prestigious certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also has guidance in financial and Enterprise Resource Planning software. This breadth of skills allows Progent to salvage and integrate the undamaged parts of your IT environment following a ransomware assault and reconstruct them rapidly into a functioning network. Progent has worked with leading cyber insurance carriers including Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Expertise in Des Moines
To get in touch with Progent about ransomware settlement expertise in Des Moines, phone Progent at 800-462-8800 or go to Contact Progent.