Overview of Progent's Ransomware Negotiation Consulting in Midtown Manhattan
Progent has experience negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated exercise that calls for a mix of field experience, technical knowledge and business acumen. It also calls for close co-operation with the cyber-extortion target's IT staff and the cyber insurance provider, if any. Because the number one priority of the ransomware victim is fast recovery, it is critical to deploy response groups that work efficiently, concurrently, and with intimate collaboration. Progent offers the breadth of technical knowledge and the depth of personnel to supplement your IT staff and restore your network environment quickly and affordably.
Services provided by Progent's ransomware settlement team include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption tool
- Determining a settlement payment with the victim and the cyber insurance carrier
- Negotiating a settlement amount and schedule with the threat actor
- Checking compliance with anti-money laundering (AML) regulations
- Overseeing the crypto-currency payment to the hacker
- Acquiring, reviewing, and using the hacker's decryption utility
- If needed, contacting the threat actor for technical assistance with the decryption utility
After the decryption utility has been learned, Progent can help you to restore computers and software services to their original state. Progent can also help you to conduct a forensics investigation and generate a report to deliver to the cyber insurance carrier. This report helps you to understand security vulnerabilities that must be corrected and recommends actions that should be taken to block future ransomware assaults.
- Quarantining infected endpoints and data stores to arrest the spread of the attack
- Creating replicas of every compromised server and endpoint and data store in order to perform forensics in parallel with restoration
- Installing A/V protection to all clean endpoints
- Recovering files from offline backups or unscathed machines
- Building a clean recovery environment
- Remapping and reconnecting datastores to match precisely their pre-attack condition
Paying Exfiltration Ransoms
Beyond extorting money for a decryption utility, current variants of crypto-ransomware such as Ryuk, Sodinokibi, Netwalker, and Nephilim often try to steal (or "exfiltrate") information. TAs are then able to require a separate ransom for not divulging this data on the dark web. Unfortunately, there exists no method to guarantee that exfiltrated files have been completely erased by the threat actor. In fact, in many cases the hacker has limited say about the disposition of the data. Settling an exfiltration ransom does not free you from the necessity of engaging the advice of privacy attorneys, conducting an audit on which files were taken, and carrying out the mandated notifications to impacted entities. Generally, paying an exfiltration ransom is a waste.
Progent has provided online and onsite IT services throughout the United States for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of SMEs includes professionals who have been awarded advanced certifications in core technology platforms such as Cisco infrastructure, VMware virtualization, and major distributions of Linux. Progent's cybersecurity experts have earned internationally recognized certifications including CISA, CISSP, and CRISC. (See Progent's certifications). Progent also has top-tier support in financial and Enterprise Resource Planning applications. This scope of expertise gives Progent the ability to salvage and integrate the undamaged pieces of your network after a ransomware attack and rebuild them quickly into a functioning system. Progent has worked with top insurance carriers like Chubb to assist organizations recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Expertise in Midtown Manhattan
To contact with Progent about ransomware settlement expertise in Midtown Manhattan, call Progent at 800-462-8800 or go to Contact Progent.