Overview of Progent's Ransomware Negotiation Consulting in Midtown Manhattan
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex exercise that requires a combination of real-word experience, IT skills and business acumen. It also demands working closely with the ransomware victim's IT team and the cyber insurance provider, if any. Because the number one goal of the ransomware victim is fast recovery, it is vital to deploy response groups that work effectively, in parallel, and in close communication. Progent has the scope of technical skills and the deep bench of experts to supplement your network support team and restore your network environment quickly and economically.
Support available from Progent's ransomware negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware involved in the attack
- Identifying and communicating with the hacker persona
- Evaluating the likelihood of recovery
- Validating the threat actor's decryption capabilities
- Budgeting a settlement amount with the ransomware victim and the insurance carrier
- Establishing a settlement amount and timeline with the TA
- Verifying compliance with anti-money laundering regulations
- Managing the crypto-currency transfer to the TA
- Acquiring, learning, and using the TA's decryptor utility
- If necessary, contacting the TA for technical help with the decryption tool
After the decryption utility has been mastered, Progent can help you to recover physical and virtual devices and services to their pre-arrack state. Progent can also assist you to perform a complete forensics analysis and create a report to share with the insurance carrier. This document identifies cybersecurity vulnerabilities that must be corrected and suggests actions that should be taken to block subsequent ransomware attacks.
- Quarantining infected endpoints to arrest the progress of the assault
- Making digital copies of every breached server and endpoint and data store in order to perform forensics in parallel with restoration
- Adding A/V protection to all virus-free endpoints
- Restoring files from offline backups or unscathed endpoints
- Creating a pristine recovery environment
- Remapping and connecting datastores to match precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond extorting payment for a decryption tool, current strains of crypto-ransomware like Ryuk, Maze, DopplePaymer, and Nephilim often try to steal (or "exfiltrate") information. Hackers can then require an additional ransom in exchange for not divulging this information on the dark web. Sadly, there is no way to be certain that stolen files have been totally erased by the TA. Actually, in numerous instances the threat actor has limited control about data custody. Settling an exfiltration ransom does not free you from the need for seeking the guidance of privacy attorneys, conducting an inventory of data were compromised, and performing the mandated alerts to affected entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered remote and on-premises network services across the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have earned advanced certifications in core technology platforms including Cisco networking, VMware virtualization, and popular distributions of Linux. Progent's data security consultants have earned internationally recognized certifications such as CISA, CISSP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has guidance in financial and ERP application software. This scope of skills allows Progent to identify and integrate the surviving parts of your IT environment after a ransomware intrusion and reconstruct them rapidly into a viable system. Progent has worked with top insurance carriers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Expertise in Midtown Manhattan
To get in touch with Progent about crypto-ransomware settlement negotiation guidance in Midtown Manhattan, phone Progent at 800-462-8800 or go to Contact Progent.