Progent's Ransomware Negotiation Consulting in Edmonton
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex exercise that requires a mix of field experience, IT skills and business acumen. It also demands working closely with the ransomware victim's IT team and the cyber insurance carrier, if there is one. Since the top goal of the ransomware target is operational continuity, it is vital to deploy response groups that operate efficiently, concurrently, and in close communication. Progent has the breadth of technical knowledge and the depth of experts to supplement your network support team and restore your network quickly and affordably.
Services provided by Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can assist with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Testing the hacker's decryption tool
- Deciding on an acceptable settlement with the victim and the cyber insurance carrier
- Establishing a settlement and schedule with the threat actor
- Verifying accordance with anti-money laundering (AML) laws
- Overseeing the crypto-currency disbursement to the hacker
- Acquiring, reviewing, and using the threat actor's decryptor utility
- If needed, contacting the TA for assistance with the decryptor utility
Once the decryption tool has been learned, Progent can assist you to restore physical and virtual devices and software services to their original condition. Progent can also assist you to perform a full forensic review and generate a document to share with the insurance provider. This report identifies security gaps that must be eliminated and recommends actions to be taken to combat future ransomware attacks.
- Isolating infected endpoints to arrest the progress of the attack
- Creating replicas of every breached device and data store in order to perform forensics in parallel with recovery
- Installing anti-virus agents to all clean endpoints
- Recovering data from offline restores or unscathed endpoints
- Building a pristine environment
- Mapping and reconnecting datastores to reflect exactly their pre-encryption condition
Paying Exfiltration Ransoms
Beyond extorting payment for a decryption utility, current strains of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor commonly attempt to steal (or "exfiltrate") information. TAs can then require an additional settlement for not publishing this information or selling it. Unfortunately, there exists no method to be certain that stolen files have been totally erased by the hacker. Actually, in numerous instances the hacker has little say over data custody. Settling an exfiltration ransom does not eliminate the need for getting the guidance of privacy lawyers, performing an audit on which data were stolen, and carrying out the required notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises IT services throughout the U.S. for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned high-level certifications in core technology platforms including Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned industry-recognized certifications such as CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers guidance in financial management and ERP software. This scope of skills allows Progent to identify and consolidate the undamaged parts of your IT environment following a ransomware assault and reconstruct them rapidly into a functioning system. Progent has worked with top cyber insurance providers like Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Edmonton
To contact with Progent about crypto-ransomware settlement negotiation expertise in Edmonton, phone Progent at 800-462-8800 or go to Contact Progent.