Progent's Ransomware Negotiation Consulting in Bristol
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex exercise that requires a mix of field experience, technical knowledge and business acumen. It also demands working closely with the victim's IT staff and the insurance provider, if any. Since the top priority of the ransomware victim is fast recovery, it is vital to deploy recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent has the breadth of IT knowledge and the deep bench of personnel to supplement your network support team and restore your network rapidly and affordably.
Support provided by Progent's ransomware settlement negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the kind of ransomware used in the assault
- making contact with the hacker persona
- Assessing the likelihood of recovery
- Validating the threat actor's decryption capabilities
- Deciding on an acceptable settlement with the victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the TA
- Checking compliance with anti-money laundering (AML) laws
- Overseeing the crypto-currency transfer to the TA
- Acquiring, learning, and operating the TA's decryptor tool
- If necessary, contacting the TA for assistance with the decryptor utility
After the decryption tool has been learned, Progent can assist you to recover physical and virtual devices and software services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and create a report to share with the cyber insurance provider. This report helps you to understand cybersecurity vulnerabilities that must be eliminated and recommends actions that can be taken to combat subsequent ransomware assaults.
- Quarantining affected endpoints to arrest the spread of the attack
- Creating replicas of each breached device and data store to allow forensics without interfering with restoration
- Adding A/V agents to all virus-free endpoints
- Salvaging files from air-gapped restores or unscathed endpoints
- Creating a pristine recovery environment
- Remapping and connecting drives to match precisely their pre-attack condition
Paying Exfiltration Ransoms
In addition to demanding payment for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim commonly attempt to exfiltrate information. TAs can then demand a separate payment for not divulging this data or selling it. Sadly, there is no way to be certain that exfiltrated data have been completely erased by the hacker. Actually, in numerous cases the TA has limited say about who can access the stolen files. Settling an exfiltration ransom does not free you from the necessity of getting the guidance of privacy attorneys, performing an audit on which data were stolen, and sending the mandated alerts to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has delivered online and on-premises network services throughout the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes consultants who have been awarded high-level certifications in foundation technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's data security consultants have earned industry-recognized certifications including CISM, CISSP, and CRISC. (See Progent's certifications). Progent also has top-tier support in financial and ERP application software. This broad array of expertise allows Progent to salvage and integrate the undamaged pieces of your information system following a ransomware attack and rebuild them rapidly into an operational network. Progent has worked with leading cyber insurance providers including Chubb to help organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Bristol
To contact with Progent about ransomware settlement services in Bristol, call Progent at 800-462-8800 or go to Contact Progent.