Progent's Ransomware Negotiation Consulting in Edmonton
Progent has experience negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex exercise that requires a mix of real-word experience, IT skills and business acumen. It also calls for close co-operation with the cyber-extortion target's IT team and the cyber insurance provider, if there is one. Since the number one priority of the ransomware target is fast recovery, it is vital to deploy recovery groups that operate efficiently, in parallel, and with intimate collaboration. Progent offers the breadth of technical knowledge and the depth of experts to complement your IT support team and restore your network rapidly and affordably.
Services available from Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the assault
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Validating the threat actor's decryption tool
- Budgeting a settlement amount with the ransomware victim and the cyber insurance provider
- Negotiating a settlement and timeline with the hacker
- Confirming compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the TA
- Acquiring, reviewing, and operating the threat actor's decryptor utility
- If needed, contacting the threat actor for technical help with the decryptor utility
After the decryption tool has been mastered, Progent can assist you to recover computers and software services to their original condition. Progent can also help you to perform a complete forensics analysis and generate a report to deliver to the insurance provider. This report helps you to understand security gaps that must be eliminated and suggests steps to be taken to combat future ransomware attacks.
- Quarantining infected endpoints and data stores to prevent further progress of the attack
- Creating replicas of every compromised server and endpoint and data store in order to perform forensics in parallel with restoration
- Adding anti-virus protection to all clean endpoints
- Salvaging files from air-gapped backups or unscathed machines
- Building a pristine recovery environment
- Remapping and connecting datastores to match precisely their pre-encryption condition
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption utility, current variants of crypto-ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly try to exfiltrate files. TAs can then require an additional payment for not publishing this data or selling it. Sadly, there is no method to be certain that stolen data have been completely deleted by the TA. Actually, in many instances the threat actor has limited say about where the information ends up. Paying an exfiltration ransom does not eliminate the necessity of engaging the advice of legal counsel, performing an inventory of files were taken, and sending the mandated notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises IT services across the U.S. for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced certifications in foundation technologies such as Cisco networking, VMware, and popular distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISM, CISSP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and ERP software. This breadth of expertise allows Progent to salvage and integrate the undamaged pieces of your IT environment following a ransomware assault and reconstruct them quickly into an operational network. Progent has worked with top insurance carriers including Chubb to help businesses recover from ransomware attacks.
Contact Progent about Ransomware Settlement Services in Edmonton
To contact with Progent about crypto-ransomware settlement services in Edmonton, call Progent at 800-462-8800 or go to Contact Progent.