Progent's Ransomware Settlement Negotiation Services in Edmonton
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complicated exercise that requires a combination of field experience, technical knowledge and business savvy. It also calls for close co-operation with the cyber-extortion target's IT staff and the cyber insurance carrier, if there is one. Because the number one goal of the ransomware victim is operational continuity, it is vital to deploy recovery groups that operate efficiently, concurrently, and in close communication. Progent has the scope of technical knowledge and the deep bench of personnel to supplement your IT staff and recover your network environment rapidly and affordably.
Support offered by Progent's ransomware negotiation team include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware used in the attack
- making contact with the hacker persona
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Budgeting a settlement payment with the ransomware victim and the insurance provider
- Negotiating a settlement amount and schedule with the TA
- Confirming compliance with anti-money laundering (AML) sanctions
- Carrying out the crypto-currency disbursement to the TA
- Receiving, reviewing, and operating the threat actor's decryption utility
- If necessary, contacting the hacker for assistance with the decryptor tool
Once the decryption tool has been learned, Progent can help you to restore computers and services to their original condition. Progent can also assist you to perform a complete forensics analysis and create a document to share with the cyber insurance provider. This document helps you to understand security vulnerabilities that must be fixed and suggests actions that should be taken to combat future ransomware attacks.
- Isolating affected endpoints to arrest the spread of the attack
- Making replicas of each compromised server and endpoint and data store to allow forensics in parallel with restoration
- Installing anti-virus agents to all clean endpoints
- Restoring data from offline backups or unscathed machines
- Building a pristine recovery environment
- Mapping and connecting datastores to match exactly their pre-attack state
Settling Exfiltration Ransoms
In addition to demanding money for a decryption tool, current strains of ransomware like Ryuk, Maze, Netwalker, and Egregor often attempt to exfiltrate files. TAs are then able to require an additional payment for not posting this information on the dark web. Unfortunately, there exists no method to be certain that exfiltrated files have been completely deleted by the TA. Actually, in many cases the hacker has limited say about the disposition of the data. Paying an exfiltration ransom does not eliminate the need for seeking the advice of privacy attorneys, conducting an investigation into which data were stolen, and sending the mandated alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises network services throughout the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded high-level certifications in core technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned prestigious certifications such as CISA, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and Enterprise Resource Planning applications. This breadth of skills gives Progent the ability to salvage and consolidate the undamaged parts of your network after a ransomware intrusion and rebuild them rapidly into an operational system. Progent has worked with top insurance providers like Chubb to help organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Edmonton
To contact with Progent about crypto-ransomware settlement negotiation expertise in Edmonton, call Progent at 800-462-8800 or go to Contact Progent.