Progent's Ransomware Negotiation Services in Detroit
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated activity that calls for a combination of field experience, IT skills and business acumen. It also calls for working closely with the victim's IT team and the cyber insurance carrier, if any. Because the number one goal of the ransomware victim is fast recovery, it is vital to deploy recovery teams that work efficiently, concurrently, and in close communication. Progent has the breadth of IT skills and the depth of personnel to complement your network support team and restore your network environment quickly and affordably.
Services offered by Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the assault
- making contact with the hacker
- Evaluating the likelihood of recovery
- Verifying the hacker's decryption tool
- Agreeing on a settlement with the ransomware victim and the cyber insurance provider
- Establishing a settlement amount and schedule with the hacker
- Confirming adherence to anti-money laundering regulations
- Overseeing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryption utility
- If necessary, contacting the TA for technical help with the decryption tool
Once the decryption tool has been learned, Progent can assist you to recover computers and software services to their original condition. Progent can also assist you to perform a complete forensics analysis and generate a document to deliver to the cyber insurance provider. This report helps you to understand cybersecurity gaps that need to be corrected and recommends actions that can be taken to counter future ransomware assaults.
- Quarantining infected endpoints to arrest the spread of the attack
- Creating replicas of each compromised device and data store in order to perform forensics without interfering with recovery
- Installing anti-virus agents to all clean endpoints
- Restoring files from air-gapped restores or unscathed machines
- Building a pristine environment
- Mapping and reconnecting datastores to match exactly their pre-encryption state
Beyond extorting money for a decryption tool, current strains of crypto-ransomware like Ryuk, Sodinokibi, Netwalker, and Nephilim commonly attempt to steal (or "exfiltrate") information. Hackers can then require a separate ransom for not publishing this information or selling it. Sadly, there exists no way to guarantee that stolen data have been completely erased by the threat actor. In fact, in numerous cases the TA has limited control about who can access the stolen files. Paying an exfiltration ransom does not free you from the need for engaging the guidance of legal counsel, conducting an inventory of data were stolen, and performing the required alerts to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises network services throughout the U.S. for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of SMEs includes professionals who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISM, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial and ERP application software. This scope of skills gives Progent the ability to salvage and consolidate the undamaged pieces of your IT environment after a ransomware attack and rebuild them quickly into an operational system. Progent has worked with top insurance providers including Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Detroit
To contact with Progent about crypto-ransomware settlement negotiation guidance in Detroit, phone Progent at 800-462-8800 or go to Contact Progent.