Overview of Progent's Ransomware Negotiation Services in Jersey City
Progent is experienced in negotiating ransomware settlements with threat actors. Negotiating an acceptable settlement is a complex activity that requires a mix of field experience, IT knowledge and business savvy. It also requires close co-operation with the cyber-extortion target's IT team and the cyber insurance carrier, if there is one. Since the number one priority of the ransomware victim is fast recovery, it is critical to establish recovery groups that work effectively, concurrently, and with intimate collaboration. Progent offers the scope of IT skills and the depth of personnel to complement your IT staff and recover your network quickly and economically.
Services offered by Progent's ransomware settlement experts include:
In parallel with the ransom negotiations, Progent's ransomware staff can help with:
- Determining the type of ransomware involved in the attack
- Identifying and communicating with the hacker
- Evaluating the likelihood of recovery
- Verifying the hacker's decryption tool
- Determining a settlement payment with the ransomware victim and the cyber insurance carrier
- Establishing a settlement and timeline with the hacker
- Verifying compliance with anti-money laundering laws
- Carrying out the crypto-currency payment to the hacker
- Acquiring, reviewing, and using the hacker's decryption mechanism
- If necessary, contacting the threat actor for technical help with the decryptor tool
After the decryption tool has been mastered, Progent can help you to recover machines and services to their pre-arrack state. Progent can also assist you to perform a full forensic review and generate a report to share with the insurance carrier. This report identifies security gaps that need to be fixed and recommends steps that can be performed to combat subsequent ransomware attacks.
- Isolating affected endpoints to prevent further spread of the attack
- Making digital copies of each compromised device and data store to allow forensics without interfering with recovery
- Adding anti-virus agents to all virus-free endpoints
- Restoring files from air-gapped restores or unscathed endpoints
- Creating a clean recovery environment
- Remapping and reconnecting drives to match precisely their pre-attack condition
Paying Exfiltration Ransoms
In addition to demanding money for a decryption tool, modern strains of crypto-ransomware such as Ryuk, Sodinokibi, DopplePaymer, and Egregor often try to steal (or "exfiltrate") information. TAs can then demand a separate payment for not publishing this information or selling it. Unfortunately, there is no way to guarantee that stolen data have been completely deleted by the threat actor. In fact, in numerous instances the hacker has little say over the disposition of the data. Paying an exfiltration ransom does not eliminate the need for engaging the guidance of privacy attorneys, conducting an audit on which data were compromised, and performing the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises IT services across the U.S. for over two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts (SMEs) includes professionals who have been awarded high-level certifications in core technologies including Cisco networking, VMware virtualization, and popular Linux distros. Progent's cybersecurity experts have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and GIAC. (See Progent's certifications). Progent also offers top-tier support in financial management and ERP application software. This scope of skills allows Progent to salvage and integrate the undamaged pieces of your network following a ransomware assault and rebuild them rapidly into a viable system. Progent has collaborated with leading cyber insurance carriers including Chubb to assist businesses recover from ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Negotiation Guidance in Jersey City
To contact with Progent about ransomware settlement negotiation guidance in Jersey City, phone Progent at 800-462-8800 or go to Contact Progent.