Overview of Progent's Ransomware Negotiation Consulting in Denver
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complicated exercise that calls for a combination of field experience, IT skills and business savvy. It also demands close co-operation with the victim's IT team and the insurance carrier, if any. Because the top goal of the ransomware target is fast recovery, it is critical to establish recovery teams that work effectively, concurrently, and in close communication. Progent has the scope of IT skills and the depth of experts to supplement your network staff and recover your network quickly and economically.
Services offered by Progent's ransomware settlement negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker
- Assessing the recovery risk
- Verifying the hacker's decryption capabilities
- Agreeing on a settlement amount with the victim and the insurance provider
- Establishing a settlement and schedule with the threat actor
- Checking accordance with anti-money laundering (AML) laws
- Carrying out the crypto-currency disbursement to the TA
- Receiving, reviewing, and operating the TA's decryptor tool
- If needed, contacting the hacker for assistance with the decryption utility
Once the decryption tool has been learned, Progent can help you to restore physical and virtual devices and software services to their pre-arrack state. Progent can also help you to perform a forensics investigation and generate a document to share with the insurance provider. This report identifies security gaps that need to be corrected and recommends actions that can be taken to counter future ransomware assaults.
- Isolating infected endpoints to prevent further progress of the assault
- Making replicas of each compromised server and endpoint and data store in order to perform forensics in parallel with cleanup
- Installing A/V protection to all clean endpoints
- Restoring data from offline backups or uncompromised machines
- Creating a pristine recovery environment
- Mapping and reconnecting datastores to reflect exactly their pre-encryption condition
Settling Exfiltration Ransoms
Beyond demanding payment for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to exfiltrate information. Hackers are then able to demand an extra ransom in exchange for not divulging this data on the dark web. Unfortunately, there exists no method to guarantee that exfiltrated data have been totally erased by the threat actor. In fact, in numerous instances the hacker has limited control over where the information ends up. Settling an exfiltration ransom does not free you from the necessity of seeking the advice of legal counsel, performing an audit on which files were stolen, and carrying out the necessary alerts to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite network services across the United States for over 20 years and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes consultants who have earned high-level certifications in foundation technologies including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISM, CISSP, and GIAC. (See certifications earned by Progent consultants). Progent also offers guidance in financial management and ERP applications. This broad array of skills gives Progent the ability to salvage and integrate the undamaged parts of your IT environment following a ransomware intrusion and rebuild them rapidly into a functioning system. Progent has collaborated with leading cyber insurance providers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Denver
To get in touch with Progent about crypto-ransomware settlement negotiation services in Denver, phone Progent at 800-462-8800 or go to Contact Progent.