Overview of Progent's Ransomware Negotiation Services in Brooklyn
Progent has experience negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complicated exercise that calls for a mix of field experience, technical skills and business acumen. It also demands working closely with the ransomware victim's IT staff and the insurance carrier, if there is one. Because the top priority of the ransomware target is fast recovery, it is vital to establish recovery teams that operate effectively, concurrently, and with intimate collaboration. Progent offers the scope of technical knowledge and the deep bench of personnel to complement your network support team and recover your network rapidly and affordably.
Services provided by Progent's ransomware settlement experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can help with:
- Establishing the kind of ransomware used in the attack
- making contact with the hacker persona
- Assessing the recovery risk
- Validating the hacker's decryption capabilities
- Deciding on an acceptable settlement payment with the ransomware victim and the insurance carrier
- Establishing a settlement and schedule with the threat actor
- Checking adherence to anti-money laundering (AML) sanctions
- Managing the crypto-currency disbursement to the hacker
- Receiving, reviewing, and operating the threat actor's decryptor mechanism
- If needed, contacting the TA for technical assistance with the decryptor utility
After the decryption tool has been learned, Progent can assist you to recover computers and services to their pre-arrack state. Progent can also assist you to conduct comprehensive forensics and generate a report to share with the cyber insurance provider. This report helps you to understand security vulnerabilities that must be eliminated and suggests actions that should be performed to combat subsequent ransomware assaults.
- Isolating affected endpoints to prevent further spread of the attack
- Creating replicas of each compromised device and data store in order to perform forensics in parallel with cleanup
- Adding A/V protection to all virus-free endpoints
- Salvaging data from air-gapped backups or uncompromised endpoints
- Creating a pristine environment
- Remapping and connecting datastores to reflect exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, current variants of crypto-ransomware such as Ryuk, Maze, DopplePaymer, and Egregor often try to steal (or "exfiltrate") files. Hackers are then able to demand an additional ransom for not publishing this data or selling it. Unfortunately, there exists no way to prove that stolen files have been totally erased by the hacker. In fact, in numerous instances the hacker has little say over data custody. Settling an exfiltration ransom does not free you from the need for engaging the guidance of privacy lawyers, conducting an inventory of files were compromised, and sending the required notifications to affected entities. Generally, paying an exfiltration ransom is not recommended.
Progent has provided remote and onsite network services throughout the U.S. for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have earned high-level certifications in core technology platforms including Cisco infrastructure, VMware virtualization, and major Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISA, CISSP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers guidance in financial and ERP software. This broad array of expertise allows Progent to salvage and integrate the undamaged parts of your IT environment following a ransomware intrusion and reconstruct them quickly into a functioning network. Progent has worked with top cyber insurance providers including Chubb to help organizations recover from ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Services in Brooklyn
To contact with Progent about ransomware settlement negotiation guidance in Brooklyn, call Progent at 800-462-8800 or go to Contact Progent.