Overview of Progent's Ransomware Settlement Negotiation Services in Brooklyn
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Negotiating an optimum settlement is a complex activity that calls for a combination of real-word experience, IT knowledge and business acumen. It also requires working closely with the ransomware victim's IT team and the cyber insurance carrier, if there is one. Since the number one priority of the ransomware victim is operational continuity, it is vital to establish response teams that operate efficiently, concurrently, and in close communication. Progent has the scope of technical knowledge and the depth of experts to complement your IT staff and restore your network environment rapidly and economically.
Services provided by Progent's ransomware settlement experts include:
Concurrent with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- identifying and contacting the hacker
- Assessing the recovery risk
- Testing the threat actor's decryption capabilities
- Determining a settlement amount with the ransomware victim and the cyber insurance provider
- Establishing a settlement and timeline with the threat actor
- Checking adherence to anti-money laundering (AML) sanctions
- Overseeing the crypto-currency payment to the hacker
- Receiving, reviewing, and operating the threat actor's decryption utility
- If necessary, contacting the hacker for technical assistance with the decryption tool
After the decryption utility has been mastered, Progent can assist you to restore machines and software services to their pre-arrack condition. Progent can also assist you to perform a full forensic review and create a document to share with the cyber insurance provider. This report helps you to understand cybersecurity gaps that need to be eliminated and suggests actions that should be taken to counter subsequent ransomware assaults.
- Isolating infected endpoints and data stores to arrest the progress of the assault
- Creating digital copies of each compromised device and data store to allow forensics in parallel with recovery
- Installing A/V protection to all clean endpoints
- Salvaging files from offline restores or uncompromised machines
- Creating a clean environment
- Remapping and reconnecting drives to reflect exactly their pre-attack state
Beyond extorting payment for a decryption utility, modern strains of ransomware like Ryuk, Maze, DopplePaymer, and Nephilim commonly try to exfiltrate files. Hackers can then require a separate settlement for not divulging this information or selling it. Unfortunately, there exists no way to guarantee that exfiltrated data have been completely deleted by the TA. In fact, in many instances the hacker has limited control over the disposition of the data. Paying an exfiltration ransom does not eliminate the need for seeking the guidance of privacy attorneys, conducting an inventory of files were stolen, and carrying out the required alerts to impacted entities. Generally, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite IT services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have been awarded high-level certifications in foundation technologies including Cisco networking, VMware, and popular distributions of Linux. Progent's cybersecurity experts have earned prestigious certifications including CISM, CISSP-ISSAP, and GIAC. (Refer to Progent's certifications). Progent also offers guidance in financial management and Enterprise Resource Planning application software. This breadth of expertise allows Progent to identify and integrate the undamaged pieces of your IT environment after a ransomware assault and rebuild them rapidly into a functioning network. Progent has worked with leading insurance carriers like Chubb to help organizations clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Services in Brooklyn
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Brooklyn, phone Progent at 800-462-8800 or go to Contact Progent.