Progent's Ransomware Negotiation Consulting in Eugene
Progent is experienced in negotiating ransomware settlements with threat actors. Reaching an acceptable settlement is a complicated exercise that requires a combination of field experience, IT skills and business acumen. It also requires working closely with the ransomware victim's IT team and the cyber insurance provider, if any. Since the top priority of the ransomware victim is fast recovery, it is vital to deploy response teams that operate efficiently, concurrently, and with intimate collaboration. Progent has the breadth of IT skills and the depth of experts to supplement your IT staff and restore your network quickly and affordably.
Services offered by Progent's ransomware settlement team include:
Concurrent with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware used in the attack
- identifying and contacting the hacker persona
- Assessing the recovery risk
- Validating the threat actor's decryption tool
- Deciding on an acceptable settlement with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the hacker
- Confirming adherence to anti-money laundering (AML) regulations
- Overseeing the crypto-currency disbursement to the TA
- Receiving, reviewing, and using the threat actor's decryption utility
- If needed, contacting the hacker for assistance with the decryption tool
Once the decryption tool has been learned, Progent can help you to recover computers and services to their original state. Progent can also assist you to conduct a complete forensics analysis and create a document to deliver to the cyber insurance provider. This report identifies security gaps that must be corrected and recommends steps to be performed to counter subsequent ransomware assaults.
- Quarantining affected endpoints to prevent further spread of the assault
- Making replicas of every compromised device and data store in order to perform forensics without interfering with restoration
- Adding A/V agents to all virus-free endpoints
- Recovering files from offline restores or unscathed endpoints
- Building a pristine environment
- Remapping and reconnecting datastores to reflect precisely their pre-attack condition
Settling Exfiltration Ransoms
In addition to demanding payment for a decryption tool, current strains of crypto-ransomware such as Ryuk, Maze, Netwalker, and Egregor commonly attempt to exfiltrate files. Hackers can then demand an extra ransom for not publishing this data on the dark web. Sadly, there is no way to guarantee that stolen data have been totally deleted by the TA. In fact, in numerous cases the hacker has limited say over data custody. Paying an exfiltration ransom does not eliminate the necessity of seeking the advice of legal counsel, conducting an inventory of data were compromised, and sending the required notifications to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises network services across the United States for more than two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes professionals who have been awarded high-level certifications in foundation technologies including Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity consultants have earned prestigious certifications such as CISM, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also has top-tier support in financial and ERP applications. This scope of skills allows Progent to salvage and integrate the undamaged parts of your IT environment following a ransomware attack and reconstruct them quickly into an operational system. Progent has collaborated with top cyber insurance carriers like Chubb to help businesses recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Eugene
To contact with Progent about crypto-ransomware settlement negotiation expertise in Eugene, phone Progent at 800-462-8800 or go to Contact Progent.