Progent's Ransomware Settlement Negotiation Consulting in Midtown Manhattan
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complex exercise that requires a mix of real-word experience, IT knowledge and business savvy. It also requires close co-operation with the cyber-extortion target's IT staff and the insurance provider, if any. Since the number one goal of the ransomware victim is fast recovery, it is critical to establish response groups that work effectively, concurrently, and with intimate collaboration. Progent has the breadth of technical skills and the depth of experts to supplement your network support team and restore your network environment rapidly and affordably.
Support provided by Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware involved in the attack
- making contact with the hacker persona
- Assessing the recovery risk
- Testing the TA's decryption capabilities
- Determining a settlement with the ransomware victim and the insurance carrier
- Establishing a settlement amount and schedule with the threat actor
- Confirming adherence to anti-money laundering sanctions
- Managing the crypto-currency disbursement to the hacker
- Acquiring, learning, and using the hacker's decryption tool
- If needed, contacting the TA for assistance with the decryption utility
After the decryption tool has been mastered, Progent can assist you to restore physical and virtual devices and software services to their pre-arrack state. Progent can also help you to conduct a full forensic review and generate a document to deliver to the cyber insurance provider. This document identifies security gaps that need to be fixed and suggests actions that can be taken to combat subsequent ransomware attacks.
- Quarantining affected endpoints and data stores to prevent further spread of the assault
- Creating replicas of every infected server and endpoint and data store to allow forensics without interfering with cleanup
- Installing anti-virus agents to all virus-free endpoints
- Salvaging data from air-gapped backups or unscathed machines
- Building a clean environment
- Remapping and reconnecting drives to reflect precisely their pre-encryption state
Beyond extorting payment for a decryption tool, current strains of ransomware such as Ryuk, Maze, DopplePaymer, and Nephilim commonly try to exfiltrate files. TAs can then require an additional payment in exchange for not divulging this information or selling it. Sadly, there exists no method to prove that stolen files have been completely deleted by the hacker. Actually, in numerous cases the hacker has little say over who can access the stolen files. Paying an exfiltration ransom does not free you from the need for engaging the advice of privacy lawyers, conducting an audit on which files were taken, and sending the necessary notifications to impacted entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered online and onsite network services across the U.S. for more than 20 years and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's roster of subject matter experts (SMEs) includes consultants who have earned advanced certifications in core technologies such as Cisco networking, VMware, and major Linux distros. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISA, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial management and Enterprise Resource Planning applications. This broad array of skills gives Progent the ability to salvage and consolidate the undamaged pieces of your IT environment following a ransomware intrusion and reconstruct them quickly into an operational network. Progent has collaborated with top cyber insurance providers like Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Expertise in Midtown Manhattan
To get in touch with Progent about ransomware settlement guidance in Midtown Manhattan, phone Progent at 800-462-8800 or go to Contact Progent.