Overview of Progent's Ransomware Negotiation Services in Edmonton
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complex activity that requires a combination of real-word experience, IT skills and business savvy. It also calls for close co-operation with the victim's IT team and the cyber insurance carrier, if there is one. Because the top goal of the ransomware target is fast recovery, it is critical to deploy response teams that work effectively, concurrently, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of experts to supplement your network support team and restore your network environment quickly and affordably.
Support available from Progent's ransomware settlement negotiation experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Establishing the type of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the recovery risk
- Validating the hacker's decryption tool
- Deciding on an acceptable settlement amount with the ransomware victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the threat actor
- Checking compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the hacker
- Acquiring, learning, and using the TA's decryption utility
- If needed, contacting the threat actor for technical help with the decryption tool
After the decryption tool has been mastered, Progent can help you to recover machines and software services to their original state. Progent can also assist you to perform a complete forensics analysis and create a report to share with the insurance provider. This report identifies cybersecurity gaps that must be fixed and suggests actions that should be performed to counter future ransomware attacks.
- Quarantining affected endpoints to arrest the progress of the attack
- Making digital copies of each breached device and data store in order to perform forensics without interfering with restoration
- Adding anti-virus protection to all clean endpoints
- Recovering data from offline backups or unscathed endpoints
- Building a pristine environment
- Remapping and connecting datastores to reflect exactly their pre-encryption state
Beyond demanding payment for a decryption tool, current variants of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") information. TAs are then able to require an extra payment for not posting this information or selling it. Sadly, there is no way to prove that stolen data have been totally erased by the hacker. In fact, in numerous instances the TA has limited say over where the information ends up. Paying an exfiltration ransom does not free you from the need for engaging the guidance of legal counsel, performing an inventory of data were stolen, and performing the mandated notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has delivered remote and onsite IT services across the United States for more than 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have been awarded advanced certifications in foundation technologies including Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security consultants have earned internationally recognized certifications including CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This breadth of expertise allows Progent to identify and integrate the surviving pieces of your IT environment following a ransomware assault and rebuild them rapidly into a functioning network. Progent has collaborated with top cyber insurance carriers like Chubb to assist organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Edmonton
To contact with Progent about ransomware settlement services in Edmonton, phone Progent at 800-462-8800 or go to Contact Progent.