Progent's Ransomware Settlement Negotiation Consulting in Boston
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complicated activity that requires a mix of real-word experience, technical skills and business acumen. It also calls for close co-operation with the victim's IT team and the insurance carrier, if there is one. Because the number one priority of the ransomware victim is operational continuity, it is vital to deploy recovery teams that work effectively, in parallel, and with intimate collaboration. Progent has the scope of technical skills and the deep bench of experts to complement your IT staff and restore your network rapidly and economically.
Support available from Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Assessing the recovery risk
- Validating the hacker's decryption tool
- Budgeting a settlement range with the victim and the insurance provider
- Negotiating a settlement and timeline with the hacker
- Verifying adherence to anti-money laundering (AML) sanctions
- Overseeing the crypto-currency payment to the TA
- Acquiring, learning, and using the threat actor's decryption tool
- If necessary, contacting the TA for technical help with the decryptor utility
Once the decryption utility has been mastered, Progent can assist you to recover physical and virtual devices and software services to their original condition. Progent can also help you to conduct comprehensive forensics and generate a report to deliver to the cyber insurance provider. This report identifies security gaps that need to be eliminated and recommends actions that should be taken to combat future ransomware attacks.
- Quarantining infected endpoints to arrest the progress of the attack
- Making replicas of each infected device and data store in order to perform forensics without interfering with restoration
- Installing anti-virus agents to all clean endpoints
- Salvaging data from offline backups or uncompromised machines
- Creating a pristine environment
- Remapping and connecting drives to reflect exactly their pre-attack condition
In addition to demanding money for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Nephilim commonly try to steal (or "exfiltrate") information. Hackers can then require a separate settlement in exchange for not divulging this data on the dark web. Sadly, there is no method to be certain that stolen files have been completely deleted by the threat actor. In fact, in many instances the hacker has limited say about data custody. Paying an exfiltration ransom does not free you from the necessity of getting the guidance of privacy attorneys, conducting an inventory of data were compromised, and sending the required alerts to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and onsite IT services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have earned advanced certifications in foundation technology platforms including Cisco infrastructure, VMware virtualization, and popular distributions of Linux. Progent's data security experts have earned industry-recognized certifications including CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP applications. This broad array of expertise allows Progent to salvage and integrate the surviving pieces of your IT environment after a ransomware attack and reconstruct them quickly into a functioning system. Progent has collaborated with leading insurance providers including Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Negotiation Services in Boston
To get in touch with Progent about crypto-ransomware settlement services in Boston, phone Progent at 800-993-9400 or go to Contact Progent.