Progent's Ransomware Negotiation Services in Jersey City
Progent is experienced in negotiating ransomware settlements with hackers. Negotiating an acceptable settlement is a complex exercise that calls for a mix of field experience, IT knowledge and business savvy. It also demands close co-operation with the cyber-extortion target's IT staff and the insurance provider, if there is one. Because the top priority of the ransomware target is fast recovery, it is critical to establish recovery groups that operate effectively, concurrently, and in close communication. Progent has the scope of technical skills and the deep bench of experts to supplement your IT support team and recover your network rapidly and affordably.
Support offered by Progent's ransomware negotiation experts include:
In parallel with the settlement negotiations, Progent's ransomware staff can assist with:
- Determining the type of ransomware involved in the attack
- identifying and contacting the hacker persona
- Evaluating the likelihood of recovery
- Verifying the threat actor's decryption capabilities
- Deciding on an acceptable settlement amount with the ransomware victim and the cyber insurance carrier
- Negotiating a settlement and schedule with the threat actor
- Checking compliance with anti-money laundering (AML) laws
- Overseeing the crypto-currency payment to the hacker
- Receiving, learning, and operating the threat actor's decryptor tool
- If needed, contacting the TA for technical assistance with the decryptor tool
After the decryption tool has been mastered, Progent can assist you to recover physical and virtual devices and services to their pre-arrack state. Progent can also help you to perform a complete forensics analysis and create a document to deliver to the cyber insurance carrier. This report helps you to understand cybersecurity vulnerabilities that need to be corrected and recommends steps to be performed to block future ransomware attacks.
- Isolating infected endpoints and data stores to prevent further progress of the attack
- Making digital copies of each compromised server and endpoint and data store to allow forensics without interfering with recovery
- Adding anti-virus protection to all virus-free endpoints
- Salvaging data from air-gapped backups or uncompromised endpoints
- Building a clean recovery environment
- Mapping and reconnecting datastores to reflect precisely their pre-encryption state
In addition to demanding payment for a decryption utility, modern strains of ransomware like Ryuk, Maze, Netwalker, and Egregor commonly try to steal (or "exfiltrate") information. TAs can then require a separate settlement in exchange for not divulging this data on the dark web. Sadly, there exists no method to be certain that exfiltrated files have been totally erased by the threat actor. In fact, in many cases the TA has limited say about data custody. Settling an exfiltration ransom does not eliminate the need for engaging the guidance of privacy attorneys, conducting an investigation into which data were stolen, and sending the required notifications to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided remote and on-premises network services across the U.S. for over two decades and has earned Microsoft's Gold Partner designation in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SBEs) includes consultants who have been awarded high-level certifications in core technologies such as Cisco networking, VMware virtualization, and major distributions of Linux. Progent's data security experts have earned industry-recognized certifications such as CISA, CISSP, and CRISC. (Refer to Progent's certifications). Progent also offers guidance in financial and Enterprise Resource Planning software. This breadth of skills allows Progent to identify and integrate the undamaged pieces of your information system following a ransomware attack and rebuild them quickly into a functioning system. Progent has worked with leading insurance providers like Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Ransomware Settlement Expertise in Jersey City
To get in touch with Progent about crypto-ransomware settlement guidance in Jersey City, call Progent at 800-462-8800 or go to Contact Progent.