Overview of Progent's Ransomware Negotiation Services in Jersey City
Progent has experience negotiating ransomware settlements with hackers. Negotiating an optimum settlement is a complex exercise that requires a combination of real-word experience, IT skills and business savvy. It also requires working closely with the cyber-extortion target's IT staff and the insurance carrier, if any. Since the number one priority of the ransomware target is operational continuity, it is vital to establish response groups that operate efficiently, in parallel, and in close communication. Progent has the scope of technical skills and the depth of personnel to complement your network staff and recover your network environment quickly and affordably.
Support available from Progent's ransomware settlement team include:
In parallel with the settlement negotiations, Progent's ransomware team can assist with:
- Establishing the type of ransomware used in the assault
- making contact with the hacker persona
- Evaluating the recovery risk
- Verifying the TA's decryption tool
- Determining a settlement with the victim and the insurance provider
- Negotiating a settlement amount and schedule with the TA
- Checking adherence to anti-money laundering regulations
- Overseeing the crypto-currency transfer to the hacker
- Acquiring, learning, and using the TA's decryption mechanism
- If necessary, contacting the hacker for assistance with the decryptor utility
Once the decryption tool has been mastered, Progent can help you to recover physical and virtual devices and software services to their pre-arrack state. Progent can also help you to perform a full forensic review and generate a report to share with the insurance provider. This document identifies security gaps that need to be fixed and recommends steps that can be performed to combat subsequent ransomware assaults.
- Isolating infected endpoints and data stores to arrest the spread of the attack
- Making replicas of each compromised server and endpoint and data store to allow forensics without interfering with cleanup
- Installing A/V agents to all virus-free endpoints
- Salvaging files from offline backups or uncompromised endpoints
- Building a pristine recovery environment
- Mapping and reconnecting drives to match precisely their pre-attack condition
In addition to extorting money for a decryption utility, modern strains of ransomware like Ryuk, Maze, Netwalker, and Egregor often attempt to steal (or "exfiltrate") files. Hackers can then require an extra settlement in exchange for not posting this data or selling it. Unfortunately, there exists no method to be certain that stolen data have been totally erased by the TA. Actually, in many instances the TA has little control over where the information ends up. Settling an exfiltration ransom does not eliminate the necessity of seeking the guidance of privacy attorneys, conducting an audit on which files were compromised, and carrying out the required alerts to impacted entities. In general, paying an exfiltration ransom is a waste.
Progent has provided online and onsite network services across the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes professionals who have earned advanced certifications in foundation technologies such as Cisco infrastructure, VMware, and major distributions of Linux. Progent's data security consultants have earned industry-recognized certifications including CISM, CISSP-ISSAP, and GIAC. (See certifications earned by Progent consultants). Progent also offers top-tier support in financial and Enterprise Resource Planning software. This breadth of expertise allows Progent to identify and consolidate the undamaged parts of your information system after a ransomware intrusion and rebuild them rapidly into an operational system. Progent has collaborated with leading cyber insurance providers including Chubb to help organizations clean up after ransomware attacks.
Contact Progent about Ransomware Settlement Negotiation Guidance in Jersey City
To contact with Progent about ransomware settlement negotiation guidance in Jersey City, phone Progent at 800-462-8800 or go to Contact Progent.