Overview of Progent's Ransomware Settlement Negotiation Consulting in Midtown Manhattan
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an optimum settlement is a complicated exercise that requires a mix of real-word experience, technical skills and business savvy. It also calls for working closely with the victim's IT staff and the insurance provider, if any. Since the top priority of the ransomware victim is operational continuity, it is critical to deploy response groups that operate effectively, in parallel, and in close communication. Progent offers the scope of IT knowledge and the depth of personnel to supplement your IT staff and recover your network quickly and affordably.
Support offered by Progent's ransomware settlement team include:
Concurrent with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the attack
- making contact with the hacker persona
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Deciding on an acceptable settlement range with the victim and the insurance carrier
- Establishing a settlement and schedule with the threat actor
- Verifying adherence to anti-money laundering sanctions
- Carrying out the crypto-currency transfer to the TA
- Acquiring, learning, and operating the hacker's decryption mechanism
- If necessary, contacting the hacker for assistance with the decryption utility
After the decryption utility has been learned, Progent can help you to recover physical and virtual devices and software services to their original condition. Progent can also assist you to perform comprehensive forensics and generate a report to share with the insurance carrier. This document identifies cybersecurity gaps that must be eliminated and recommends actions to be performed to counter future ransomware assaults.
- Isolating affected endpoints and data stores to prevent further spread of the assault
- Making replicas of every compromised server and endpoint and data store to allow forensics in parallel with cleanup
- Installing anti-virus agents to all clean endpoints
- Restoring files from offline restores or unscathed endpoints
- Creating a clean recovery environment
- Remapping and reconnecting datastores to reflect precisely their pre-encryption state
Paying Exfiltration Ransoms
Beyond demanding payment for a decryption utility, current variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor often attempt to exfiltrate files. TAs are then able to require an additional ransom in exchange for not posting this data on the dark web. Unfortunately, there is no way to guarantee that exfiltrated data have been completely erased by the hacker. Actually, in numerous cases the TA has little say about where the information ends up. Paying an exfiltration ransom does not free you from the need for seeking the advice of privacy attorneys, conducting an investigation into which data were taken, and sending the mandated alerts to affected entities. In general, paying an exfiltration ransom is not recommended.
Progent has delivered remote and onsite IT services throughout the United States for over two decades and has been awarded Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity practice areas. Progent's team of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in core technologies such as Cisco infrastructure, VMware, and major Linux distros. Progent's data security experts have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (Refer to Progent's certifications). Progent also has top-tier support in financial management and Enterprise Resource Planning applications. This broad array of skills gives Progent the ability to identify and integrate the undamaged pieces of your IT environment after a ransomware assault and rebuild them quickly into a functioning network. Progent has collaborated with top insurance providers including Chubb to help businesses clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Services in Midtown Manhattan
To get in touch with Progent about crypto-ransomware settlement negotiation expertise in Midtown Manhattan, phone Progent at 800-462-8800 or go to Contact Progent.