Progent's Ransomware Negotiation Services in Saddle Brook
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex exercise that requires a mix of real-word experience, IT skills and business acumen. It also demands working closely with the cyber-extortion target's IT team and the insurance provider, if there is one. Because the top priority of the ransomware victim is fast recovery, it is critical to deploy response teams that operate efficiently, in parallel, and in close communication. Progent offers the scope of IT skills and the depth of experts to complement your IT support team and recover your network rapidly and affordably.
Support available from Progent's ransomware settlement negotiation experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can assist with:
- Establishing the type of ransomware used in the assault
- Identifying and communicating with the hacker
- Evaluating the recovery risk
- Verifying the TA's decryption capabilities
- Determining a settlement payment with the victim and the cyber insurance carrier
- Establishing a settlement amount and schedule with the threat actor
- Confirming compliance with anti-money laundering (AML) sanctions
- Managing the crypto-currency disbursement to the TA
- Acquiring, reviewing, and using the TA's decryptor utility
- If needed, contacting the TA for technical assistance with the decryption utility
Once the decryption tool has been learned, Progent can assist you to restore machines and software services to their pre-arrack state. Progent can also help you to conduct a full forensic review and generate a document to deliver to the cyber insurance carrier. This document helps you to understand security vulnerabilities that must be corrected and recommends actions that can be taken to combat subsequent ransomware attacks.
- Isolating affected endpoints to arrest the spread of the assault
- Making digital copies of every infected device and data store to allow forensics in parallel with restoration
- Adding anti-virus protection to all clean endpoints
- Salvaging data from offline restores or uncompromised machines
- Creating a clean environment
- Remapping and reconnecting drives to reflect exactly their pre-attack state
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern strains of ransomware like Ryuk, Maze, DopplePaymer, and Egregor often try to exfiltrate files. Hackers can then require an extra payment for not publishing this information on the dark web. Unfortunately, there exists no method to guarantee that exfiltrated data have been completely deleted by the TA. Actually, in numerous instances the hacker has little say about data custody. Paying an exfiltration ransom does not eliminate the need for engaging the advice of legal counsel, conducting an inventory of data were taken, and sending the mandated alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has delivered remote and on-premises network services across the U.S. for over 20 years and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's team of SBEs includes professionals who have earned high-level certifications in core technologies including Cisco networking, VMware, and major distributions of Linux. Progent's data security experts have earned internationally recognized certifications such as CISA, CISSP-ISSAP, and CRISC. (Refer to certifications earned by Progent consultants). Progent also has top-tier support in financial and ERP application software. This breadth of skills allows Progent to salvage and consolidate the surviving pieces of your IT environment following a ransomware attack and rebuild them quickly into an operational network. Progent has worked with top insurance providers like Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Saddle Brook
To contact with Progent about ransomware settlement guidance in Saddle Brook, call Progent at 800-462-8800 or go to Contact Progent.