Overview of Progent's Ransomware Negotiation Consulting in London
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex activity that calls for a combination of field experience, technical skills and business savvy. It also calls for close co-operation with the ransomware victim's IT staff and the insurance carrier, if any. Because the top priority of the ransomware victim is operational continuity, it is critical to deploy response groups that operate efficiently, concurrently, and in close communication. Progent has the breadth of IT skills and the deep bench of personnel to complement your network support team and restore your network quickly and affordably.
Support provided by Progent's ransomware settlement negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Determining the kind of ransomware involved in the attack
- identifying and contacting the hacker
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Deciding on an acceptable settlement range with the ransomware victim and the cyber insurance provider
- Establishing a settlement and timeline with the TA
- Confirming accordance with anti-money laundering sanctions
- Managing the crypto-currency disbursement to the TA
- Receiving, learning, and operating the TA's decryption tool
- If needed, contacting the threat actor for assistance with the decryptor utility
Once the decryption utility has been learned, Progent can help you to recover physical and virtual devices and software services to their pre-arrack state. Progent can also help you to perform comprehensive forensics and create a report to deliver to the insurance carrier. This document helps you to understand cybersecurity gaps that need to be fixed and suggests actions to be performed to counter subsequent ransomware attacks.
- Isolating infected endpoints and data stores to arrest the progress of the attack
- Creating digital copies of every compromised device and data store in order to perform forensics without interfering with cleanup
- Installing A/V protection to all clean endpoints
- Salvaging data from offline backups or unscathed endpoints
- Building a clean recovery environment
- Mapping and connecting datastores to reflect exactly their pre-attack condition
Paying Exfiltration Ransoms
Beyond demanding money for a decryption tool, modern variants of crypto-ransomware like Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to exfiltrate information. Hackers can then require a separate payment in exchange for not divulging this data on the dark web. Sadly, there exists no way to prove that stolen files have been totally deleted by the threat actor. Actually, in numerous instances the TA has limited control about where the information ends up. Paying an exfiltration ransom does not eliminate the need for getting the guidance of legal counsel, performing an inventory of files were taken, and performing the necessary notifications to affected entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided online and onsite IT services throughout the U.S. for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes consultants who have earned advanced certifications in foundation technology platforms such as Cisco infrastructure, VMware, and popular Linux distros. Progent's data security consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial and Enterprise Resource Planning applications. This broad array of skills allows Progent to salvage and integrate the surviving pieces of your information system following a ransomware assault and rebuild them quickly into a functioning system. Progent has worked with top insurance providers like Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in London
To contact with Progent about ransomware settlement services in London, phone Progent at 800-462-8800 or go to Contact Progent.