Overview of Progent's Ransomware Settlement Negotiation Consulting in Brooklyn
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an optimum settlement is a complicated activity that calls for a combination of real-word experience, technical skills and business savvy. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance carrier, if any. Since the top priority of the ransomware target is fast recovery, it is critical to deploy response groups that work effectively, in parallel, and in close communication. Progent has the scope of IT skills and the depth of experts to complement your network staff and recover your network quickly and affordably.
Support offered by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the kind of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Validating the threat actor's decryption capabilities
- Agreeing on a settlement payment with the ransomware victim and the cyber insurance provider
- Establishing a settlement amount and timeline with the TA
- Confirming accordance with anti-money laundering regulations
- Overseeing the crypto-currency disbursement to the TA
- Receiving, reviewing, and operating the TA's decryption mechanism
- If needed, contacting the hacker for technical assistance with the decryptor tool
Once the decryption tool has been learned, Progent can assist you to restore computers and software services to their pre-arrack condition. Progent can also assist you to conduct a full forensic review and generate a document to share with the insurance provider. This document identifies security gaps that must be fixed and suggests steps to be performed to block future ransomware assaults.
- Quarantining affected endpoints to arrest the spread of the assault
- Creating replicas of each breached server and endpoint and data store to allow forensics without interfering with recovery
- Installing anti-virus protection to all clean endpoints
- Salvaging data from air-gapped backups or unscathed machines
- Creating a clean environment
- Mapping and connecting datastores to reflect exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption utility, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Egregor commonly try to exfiltrate files. Hackers can then demand an additional payment in exchange for not publishing this information or selling it. Unfortunately, there exists no method to guarantee that exfiltrated data have been totally erased by the hacker. Actually, in numerous instances the threat actor has limited say about who can access the stolen files. Settling an exfiltration ransom does not free you from the necessity of getting the guidance of privacy lawyers, conducting an inventory of files were stolen, and performing the mandated notifications to affected entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided online and on-premises IT services across the United States for over 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of SBEs includes consultants who have earned high-level certifications in core technology platforms including Cisco networking, VMware virtualization, and popular Linux distros. Progent's data security consultants have earned industry-recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and ERP application software. This scope of expertise allows Progent to salvage and integrate the undamaged parts of your IT environment following a ransomware attack and rebuild them quickly into an operational network. Progent has worked with leading cyber insurance carriers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Ransomware Settlement Guidance in Brooklyn
To get in touch with Progent about ransomware settlement negotiation services in Brooklyn, call Progent at 800-993-9400 or go to Contact Progent.