Progent's Ransomware Negotiation Consulting in Jersey City
Progent is experienced in negotiating ransomware settlements with threat actors (TAs). Reaching an acceptable settlement is a complicated exercise that requires a mix of field experience, IT skills and business savvy. It also demands close co-operation with the ransomware victim's IT team and the cyber insurance carrier, if any. Because the top priority of the ransomware victim is fast recovery, it is critical to establish response teams that operate effectively, concurrently, and in close communication. Progent offers the breadth of IT knowledge and the depth of experts to complement your network staff and restore your network environment rapidly and affordably.
Services provided by Progent's ransomware negotiation team include:
In parallel with the settlement negotiations, Progent's ransomware team can help with:
- Determining the type of ransomware used in the assault
- Identifying and communicating with the hacker
- Assessing the likelihood of recovery
- Testing the hacker's decryption capabilities
- Agreeing on a settlement with the ransomware victim and the insurance carrier
- Negotiating a settlement and schedule with the hacker
- Checking accordance with anti-money laundering (AML) sanctions
- Managing the crypto-currency transfer to the hacker
- Receiving, learning, and operating the hacker's decryption utility
- If necessary, contacting the hacker for assistance with the decryption tool
After the decryption utility has been learned, Progent can help you to recover computers and services to their original condition. Progent can also assist you to perform comprehensive forensics and create a document to deliver to the insurance carrier. This document helps you to understand cybersecurity vulnerabilities that need to be corrected and recommends actions that should be performed to combat future ransomware assaults.
- Quarantining infected endpoints and data stores to arrest the progress of the attack
- Making replicas of each breached server and endpoint and data store in order to perform forensics in parallel with recovery
- Adding A/V protection to all virus-free endpoints
- Salvaging files from air-gapped restores or unscathed machines
- Building a clean recovery environment
- Remapping and connecting datastores to reflect precisely their pre-encryption state
Settling Exfiltration Ransoms
In addition to extorting money for a decryption tool, modern variants of crypto-ransomware like Ryuk, Maze, Netwalker, and Egregor commonly attempt to exfiltrate information. TAs can then require an additional payment in exchange for not divulging this data on the dark web. Sadly, there exists no method to be certain that stolen data have been completely erased by the hacker. In fact, in many cases the hacker has little say over where the information ends up. Settling an exfiltration ransom does not eliminate the need for getting the advice of privacy attorneys, conducting an inventory of data were stolen, and performing the mandated alerts to impacted entities. In almost all cases, paying an exfiltration ransom is not recommended.
Progent has provided online and on-premises IT services across the United States for over two decades and has earned Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity practice areas. Progent's roster of subject matter experts includes consultants who have been awarded high-level certifications in core technology platforms such as Cisco infrastructure, VMware, and major distributions of Linux. Progent's data security consultants have earned industry-recognized certifications such as CISM, CISSP-ISSAP, and GIAC. (Refer to certifications earned by Progent consultants). Progent also offers top-tier support in financial management and ERP application software. This breadth of skills allows Progent to identify and consolidate the surviving parts of your IT environment following a ransomware attack and reconstruct them rapidly into an operational network. Progent has collaborated with leading cyber insurance providers including Chubb to assist businesses clean up after ransomware assaults.
Contact Progent about Crypto-Ransomware Settlement Guidance in Jersey City
To get in touch with Progent about ransomware settlement negotiation services in Jersey City, phone Progent at 800-462-8800 or go to Contact Progent.