Progent's Ransomware Settlement Negotiation Services in Brooklyn
Progent has experience negotiating ransomware settlements with threat actors. Reaching an optimum settlement is a complicated activity that requires a combination of field experience, technical skills and business savvy. It also requires close co-operation with the cyber-extortion target's IT staff and the insurance provider, if any. Because the number one priority of the ransomware target is fast recovery, it is vital to deploy response groups that work efficiently, in parallel, and in close communication. Progent has the breadth of IT skills and the depth of personnel to complement your IT staff and recover your network environment rapidly and affordably.
Services offered by Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker
- Evaluating the recovery risk
- Validating the TA's decryption tool
- Determining a settlement amount with the ransomware victim and the insurance carrier
- Negotiating a settlement and timeline with the hacker
- Verifying compliance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency transfer to the hacker
- Receiving, reviewing, and using the hacker's decryption utility
- If needed, contacting the TA for assistance with the decryptor utility
After the decryption tool has been learned, Progent can help you to restore machines and services to their pre-arrack state. Progent can also help you to conduct a complete forensics analysis and generate a report to deliver to the cyber insurance provider. This document helps you to understand cybersecurity vulnerabilities that need to be eliminated and recommends actions to be taken to combat subsequent ransomware attacks.
- Isolating affected endpoints to arrest the spread of the assault
- Making digital copies of each compromised device and data store to allow forensics in parallel with cleanup
- Installing A/V agents to all virus-free endpoints
- Restoring data from air-gapped restores or uncompromised machines
- Creating a clean environment
- Mapping and connecting datastores to match exactly their pre-attack state
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, current strains of ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often attempt to exfiltrate information. Hackers can then require a separate settlement for not posting this information or selling it. Unfortunately, there exists no way to be certain that stolen data have been totally erased by the threat actor. In fact, in numerous cases the hacker has limited say about who can access the stolen files. Paying an exfiltration ransom does not free you from the need for seeking the guidance of privacy attorneys, conducting an audit on which data were taken, and sending the necessary notifications to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered online and on-premises IT services across the United States for more than two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in foundation technologies such as Cisco infrastructure, VMware, and popular distributions of Linux. Progent's cybersecurity consultants have earned industry-recognized certifications including CISA, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial management and ERP application software. This breadth of expertise allows Progent to identify and consolidate the surviving pieces of your IT environment after a ransomware intrusion and rebuild them rapidly into an operational system. Progent has worked with leading cyber insurance providers like Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Brooklyn
To contact with Progent about ransomware settlement services in Brooklyn, call Progent at 800-462-8800 or go to Contact Progent.