As society becomes increasingly reliant on technology, cyber-criminals continue to find new and effective ways of exploiting your IT resources for their personal gain. Using targeted cyber-attacks designed to irrecoverably encrypt your data, render key servers inoperable, or steal your data and then threaten its release, cyber-criminals have developed an expansive range of intrusion methods. Additionally, cyber-criminals have become increasingly focused on extorting money from unsuspecting and unprepared individuals.
Cyber-extortion typically involves some form of malware that provides malicious access to your systems and networks. This malware obtains passwords and credentials for your systems and ultimately encrypts your data using ransomware. During this process, cyber-attackers will delete backups in order to ensure that they are the only option for you to recover your data.
Your files are then held for ransom until you pay a fee to receive a decryption key. Another form of extortion involves DDoS attacks, whereby attackers use a vast network of infected computers to overload servers and other critical IT resources, resulting in their being unavailable until the attacks stop; again, payment is usually requested by the attacker to stop the attacks. Lastly, cyber-attackers have begun stealing confidential data about companies, threatening to release the data to the public unless they are paid.
In combatting cyber-extortion, Prudential Associates has become one of the leading cyber-security companies to offer comprehensive cyber-extortion and ransomware response services. Our experts are well-versed in identifying ways to prevent such occurrences, as well as responding to cyber-extortion incidents after they’ve occurred. Additionally, our cyber-incident response experts are highly experienced in dealing with cyber-extortionists. Due to our experience and familiarity with various cyber-crime groups that are involved in these attacks, we are more likely to secure more effective and reasonable terms for the release of our clients’ data.
Our services include, but are not limited to, the following:
Assessment: Prudential Associates can provide a comprehensive risk assessment to determine your specific risk factors and evaluate the likelihood of a successful attack on your system. The goal of such an assessment is to identify possible vulnerabilities of your system and to provide you with advice on how you can best protect yourself against ransomware. Many vulnerabilities leveraged by cyber-attackers are ones that can usually be easily fixed once they have been identified by cyber-experts.
Identification: If cyber-attackers succeed in accessing your network, Prudential Associates’ experts can determine what type of malware was used, what data was accessed or encrypted, and the extent of the intrusion into your network. If your data has been encrypted, our experts can determine the exact variant of ransomware that was used and the probability of successfully recovering your data.
Recovery & Response: Once our examiners determine what variant of ransomware has been used in your environment, we may be able to recover some of the encrypted data using our specialized decryption software.
Extortion Negotiations: Sometimes it’s less costly to pay a ransom in order to recover data than it is to try decrypting it; additionally, we’ve found that some attackers are open to negotiations. Prudential Associates offers negotiation services with the goal of reducing the cost of any ransom. If negotiation is successful, our experts can provide an anonymous bitcoin payment to the attackers, confirm that any decryption keys work properly, decrypt your data without the need for you to communicate with the attacker, ensure that your system is free of further malware, and preserve all evidence of the attack for law enforcement. Prudential Associates operates several covert accounts from which a ransom can be paid; utilizing such accounts ensures client confidentiality. Additionally, the systems and networks on which Prudential Associates carries out these activities are all sandboxed and secured against further compromise, thus protecting our systems and ensuring that any data returned decrypted to our clients is free from persistent threat.
Post-Ransomware Assessment: Once data has been recovered from ransomware, whether through decryption or payment of the ransom, it’s important to ensure that any vulnerabilities have been patched and that all remnants of the ransomware have been removed. Prudential Associates’ team of computer forensics experts can perform a comprehensive analysis of your system in order to identify the relevant vulnerability, patch it, and ensure that your system/network is free from ransomware and related malware. At the client’s discretion, our experts can carry out this analysis remotely in our highly secure forensics lab or on-site.
Documentation: Throughout all processes, Prudential Associates documents every step taken and offers Chain of Custody documentation for all devices. Importantly, all communication with those carrying out the attack will be preserved and recorded for the client. This is important for reasons relating to insurance claims, showing that companies have taken due diligence steps, and supporting any investigations by law enforcement.
Prudential Associates will handle everything from fortifying your systems against a potential cyber-attack to recovering your data if such an attack has occurred. Our experts pride themselves on their decades of experience in the cyber-security industry and their reputation for quick, comprehensive, and effective responses to a wide range of potential threats. If you’re interested in fortifying yourself against cyber-extortion attacks or have fallen victim to one, Prudential Associates is staffed 24/7 and is prepared to provide you with the services you require.