Ransomware : Your Feared Information Technology Catastrophe
Ransomware  Recovery ExpertsCrypto-Ransomware has become a modern cyber pandemic that presents an extinction-level threat for businesses of all sizes vulnerable to an attack. Different versions of crypto-ransomware such as Reveton, CryptoWall, Locky, NotPetya and MongoLock cryptoworms have been replicating for a long time and continue to inflict harm. Newer versions of ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Nephilim, along with daily unnamed malware, not only encrypt online files but also infect any accessible system protection. Files synchronized to the cloud can also be encrypted. In a poorly architected data protection solution, this can render automated restoration impossible and effectively sets the entire system back to square one.

Getting back on-line programs and information following a ransomware event becomes a race against time as the targeted organization struggles to stop the spread and remove the ransomware and to restore enterprise-critical operations. Due to the fact that crypto-ransomware takes time to replicate, attacks are often launched during nights and weekends, when penetrations typically take more time to uncover. This multiplies the difficulty of promptly mobilizing and orchestrating a knowledgeable mitigation team.

Progent provides an assortment of solutions for securing Atlanta enterprises from ransomware events. These include team training to help identify and not fall victim to phishing exploits, ProSight Active Security Monitoring (ASM) for endpoint detection and response using SentinelOne's behavior-based cyberthreat defense to detect and suppress day-zero malware assaults. Progent also provides the assistance of expert ransomware recovery engineers with the skills and commitment to reconstruct a compromised system as rapidly as possible.

Progent's Ransomware Recovery Services
Soon after a ransomware attack, even paying the ransom in cryptocurrency does not ensure that cyber criminals will provide the needed keys to decipher all your information. Kaspersky determined that 17% of ransomware victims never restored their information even after having sent off the ransom, resulting in additional losses. The risk is also expensive. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is well higher than the typical crypto-ransomware demands, which ZDNET determined to be approximately $13,000 for smaller businesses. The other path is to piece back together the mission-critical parts of your IT environment. Absent access to complete information backups, this requires a wide complement of skill sets, top notch team management, and the willingness to work non-stop until the recovery project is done.

For twenty years, Progent has made available certified expert IT services for businesses across the US and has earned Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts (SMEs) includes consultants who have earned top certifications in foundation technologies such as Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security consultants have earned internationally-recognized industry certifications including CISA, CISSP-ISSAP, CRISC, and GIAC. (Refer to Progent's certifications). Progent also has experience in accounting and ERP application software. This breadth of experience gives Progent the skills to efficiently ascertain important systems and integrate the remaining components of your computer network environment following a crypto-ransomware attack and assemble them into an operational network.

Progent's security team has best of breed project management tools to coordinate the sophisticated recovery process. Progent appreciates the urgency of working swiftly and in unison with a customer's management and Information Technology team members to assign priority to tasks and to put key systems back on line as soon as humanly possible.

Customer Case Study: A Successful Crypto-Ransomware Intrusion Restoration
A small business hired Progent after their company was attacked by Ryuk ransomware. Ryuk is generally considered to have been deployed by North Korean state sponsored hackers, suspected of adopting strategies exposed from the United States NSA organization. Ryuk goes after specific companies with little tolerance for disruption and is among the most profitable incarnations of crypto-ransomware. Headline victims include Data Resolution, a California-based data warehousing and cloud computing firm, and the Chicago Tribune. Progent's client is a small manufacturing company based in the Chicago metro area with around 500 workers. The Ryuk attack had paralyzed all essential operations and manufacturing processes. The majority of the client's system backups had been online at the beginning of the intrusion and were destroyed. The client was actively seeking loans for paying the ransom (more than two hundred thousand dollars) and praying for good luck, but in the end utilized Progent.


"I can't speak enough in regards to the support Progent provided us during the most critical time of (our) company's existence. We had little choice but to pay the cyber criminals if not for the confidence the Progent group provided us. The fact that you were able to get our messaging and important applications back online quicker than five days was incredible. Each expert I talked with or messaged at Progent was totally committed on getting our company operational and was working at all hours to bail us out."

Progent worked with the client to rapidly get our arms around and prioritize the critical areas that needed to be recovered to make it possible to resume business operations:

  • Active Directory
  • Microsoft Exchange Email
  • Accounting and Manufacturing Software
To begin, Progent adhered to Anti-virus penetration mitigation industry best practices by stopping the spread and disinfecting systems. Progent then began the process of rebuilding Active Directory, the foundation of enterprise systems built on Microsoft technology. Microsoft Exchange email will not function without Active Directory, and the customer's MRP system used SQL Server, which needs Active Directory services for security authorization to the information.

In less than two days, Progent was able to rebuild Active Directory to its pre-attack state. Progent then helped perform setup and storage recovery of needed systems. All Exchange data and configuration information were usable, which facilitated the rebuild of Exchange. Progent was able to locate intact OST files (Outlook Offline Data Files) on various desktop computers and laptops to recover mail data. A not too old off-line backup of the customer's accounting/MRP systems made them able to restore these essential applications back servicing users. Although significant work was left to recover completely from the Ryuk attack, critical systems were recovered rapidly:


"For the most part, the production line operation ran fairly normal throughout and we delivered all customer sales."

Over the next month important milestones in the restoration project were made in tight cooperation between Progent consultants and the customer:

  • Self-hosted web sites were restored without losing any data.
  • The MailStore Server exceeding 4 million archived emails was spun up and available for users.
  • CRM/Orders/Invoices/Accounts Payable/AR/Inventory Control modules were completely functional.
  • A new Palo Alto Networks 850 security appliance was set up.
  • 90% of the user desktops were being used by staff.

"A huge amount of what happened during the initial response is nearly entirely a haze for me, but my team will not forget the care each of you put in to help get our business back. I've been working with Progent for the past 10 years, maybe more, and each time Progent has outperformed my expectations and delivered as promised. This time was a life saver."

Conclusion
A potential company-ending disaster was evaded due to hard-working professionals, a wide range of subject matter expertise, and tight collaboration. Although in post mortem the ransomware attack described here could have been stopped with up-to-date security technology and recognized best practices, user education, and well thought out incident response procedures for backup and applying software patches, the fact remains that state-sponsored criminal cyber gangs from China, Russia, North Korea and elsewhere are tireless and represent an ongoing threat. If you do get hit by a crypto-ransomware attack, feel confident that Progent's roster of experts has a proven track record in ransomware virus blocking, removal, and file recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Chris (along with others who were helping), I'm grateful for making it so I could get some sleep after we got over the initial push. Everyone did an incredible effort, and if anyone that helped is visiting the Chicago area, dinner is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this customer case study, click:
Progent's Crypto-Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Services in Atlanta
For ransomware system restoration consulting in the Atlanta area, phone Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24/7/365 Consultants BES Express 24-Hour Consultant Services BES Express
  • 24/7/365 Windows and UNIX Professionals Remote Support UNIX with Windows
  • 24x7x365 Atlanta DopplePaymer Ransomware Business-Recovery Fulton County Georgia Atlanta MongoLock Crypto-Ransomware Data-Recovery Fulton County Georgia
  • ATL Ubuntu Linux, Solaris, UNIX Information Technology Consulting Technology Consulting Red Hat Linux, Sun Solaris, UNIX Marietta - Alpharetta

  • Word Remote Troubleshooting
    Excel Development

    Progent's team of application experts can provide in-depth support, software development, integration help, and online classes for popular business applications covering key areas including ERP, general accounting, management reporting, web commerce application design, and the Microsoft Office suite of business productivity solutions. As a Microsoft Partner with years of background providing high-level consulting services remotely, Progent can help clients anywhere in the U.S. to avoid the lost productivity and expense related to travel and on-site activity without sacrificing the effectiveness of technical support.

  • At Home Workers Atlanta Guidance - Cloud Integration Systems Consulting Experts Atlanta, Fulton County Atlanta Georgia 24-Hour Atlanta Remote Workers Cloud Systems Consulting

  • Windows Skills Transfer
    Router One-On-One Training

    Progent is committed to knowledge transfer from Progent's support experts to clients. By educating customers to handle problems that are within their scope, Progent can focus on delivering high-value skills where Progent has little competition. Medium-size companies who work with trusted independent consultants or who employ in-house IT staffs benefit when Progent transfers knowledge about new technology and proven processes to make their IT environments more reliable, protected, and efficient.

  • Atlanta Consulting Services for Computer Support Firms Atlanta, GA, United States Atlanta Consulting Experts for Computer Support Organizations Atlanta
  • Atlanta Dynamics GP Upgrade Help Fulton County Georgia 24/7/365 Microsoft Dynamics GP-Software Atlanta Solution Provider - Upgrade Experts Atlanta, GA
  • Atlanta Hartsfield-Jackson Airport ATL Atlanta At Home Workers Collaboration Systems Expertise Atlanta Remote Workers Collaboration Systems Consultants Marietta - Alpharetta
  • Atlanta Migration Company Atlanta, Georgia Computer Networking
  • Atlanta Ransomware Cleanup Help 24-Hour 24/7 Atlanta Crypto-Ransomware Removal
  • Atlanta Ransomware Ryuk Susceptibility Testing Fulton County Georgia Atlanta Crypto-Ransomware Sodinokibi Susceptibility Report Decatur - Buckhead - Norcross

  • Mobile Device Management Engineer
    Computer Consultants Microsoft Enterprise Mobility Suite

    Progent's Intune consultants can help your organization to assess the business case for utilizing Intune for managing your web-facing mobile devices including laptops, phones, and tablets powered by Windows, iOS, and Google Android. Progent's Intune consultants can assist your company to define policies, plan and deploy pilot environments to evaluate the appropriateness of Microsoft Intune for your network, deploy Intune throughout your enterprise, combine Intune with System Center Configuration Manager for unified change management, and maintain your Microsoft Intune deployment.

  • Atlanta Remote Workforce Backup/Restore Solutions Guidance Marietta - Alpharetta At Home Workforce Atlanta Consultants - Backup/Restore Solutions Consulting ATL

  • Expert Microsoft Certified Consultant Windows Server 2003
    Emergency Windows 2003 Support and Integration

    Progent's certified Windows 2003 Server consultants can provide computer help and expert consulting services for the entire line of Microsoft .NET Enterprise Servers, Microsoft Windows 2003 Server, and Windows 2000 Server. Progent's Microsoft Windows Server 2003 migration, integration, administration, and support services include system planning, deployment, project management, on-premises and off-site network support and repair, Call Center services, CISM-certified security consulting, comprehensive outsourcing, and expert co-sourcing.

  • Atlanta Remote Workforce Video Conferencing Technology Consulting and Support Services Atlanta Georgia Atlanta Remote Workers Voice/Video Conferencing Solutions Consulting ATL
  • Atlanta Remote Workforce VoIP Solutions Consulting Atlanta, U.S.A. Marietta - Alpharetta Telecommuters Atlanta Consulting - VoIP Technology Consulting and Support Services
  • Atlanta Ryuk Ransomware Reporting ATL Atlanta Spora Crypto-Ransomware Forensics Atlanta, Fulton County

  • ransomware protection report Specialist
    24-Hour ransomware response and recovery Professionals

    Progent's ProSight Ransomware Preparedness Report service is an affordable service based on a phone discussion with a Progent information assurance expert. The interview is intended to help evaluate your company's preparedness to block ransomware or recover rapidly after a ransomware incident. Progent will consult with you personally to collect information about your current security profile and backup/recovery system, and Progent will then deliver a custom Basic Security and Best Practices Report detailing how you can apply industry best practices to create an efficient security and backup system that reduces your vulnerability to a ransomware attack and meets your business needs.

  • Atlanta Sodinokibi Crypto-Ransomware Rollback Atlanta Atlanta Georgia Atlanta WannaCry Crypto-Ransomware Rollback
  • BES Express Consulting Services Emergency Microsoft Experts Engineers BES Express
  • BlackBerry BES Consulting Companies Urgent BlackBerry Email Networking Group Marietta - Alpharetta
  • Cisco On Site service Atlanta, GA Integration Company Cisco Georgia
  • Colocation Center Network Providers Atlanta Hartsfield-Jackson Airport ATL, United States Largest Data Center Colocation Small Business IT Consulting Firm Fulton County Georgia, USA
  • Decatur - Buckhead - Norcross Atlanta Ryuk Crypto-Ransomware Operational Recovery Atlanta Ransomware Remediation and File Recovery Marietta - Alpharetta
  • Employment Microsoft Consultant Decatur - Buckhead - Norcross, U.S.A. Georgia 24-Hour CISSP Consulting Subcontractor
  • Exchange 2000 Migration Troubleshooting Exchange Server 2000 Upgrade
  • Exchange Server 2016 Small Business Computer Consulting Marietta - Alpharetta Exchange Server 2010 Consultant ATL
  • Firewall Protecting Atlanta Security Network Security Audit Atlanta, Fulton County
  • Fortinet NGFW Firewalls Technology Consulting Fortinet 400 Series Firewalls Support and Integration
  • Georgia, USA Atlanta Egregor Ransomware Negotiation Experts Atlanta Ryuk Ransomware Negotiation Support ATL
  • IT Staffing for Computer Support Teams Atlanta Georgia Best Short Term IT Staffing for IT Support Teams
  • Largest Atlanta Computer Outsourcing Consultant Atlanta Tech Support

  • FRx Reports Onsite Technical Support
    Microsoft Access application programming Consulting

    Progent's expert software programmers, database designers, and program managers can assist large businesses to carry out development programs for Windows, Linux/UNIX, or Web applications. Progent's enterprise co-sourcing services include access to veteran project managers for high-level planning and program co-ordination or Progent can help clients fill in expertise gaps by providing database designers and software programmers skilled in developing line-of-business applications powered by Microsoft SQL Server, Oracle, or MySQL. Progent's SharePoint experts can help clients to integrate SharePoint with other applications such as Microsoft SQL and Office Excel to create data-intensive intranets and portal sites. Progent also can provide expertise with multiple web development technologies and can help businesses to build, enhance, troubleshoot, or port web-based applications to utilize the latest advances in web technology.

  • MS Dynamics NAV Consulting Services Online Troubleshooting MS Dynamics NAV ERP
  • Microsoft Certified Partner Exchange 2019 Server Online Technical Support Online Troubleshooting Exchange 2019 DLP

  • Technology Consulting Microsoft CRM
    MSCRM Technical Support

    Microsoft CRM helps small companies build positive customer interactions. Built-in Sales and Customer Service components allow in-house staff to share information to help promote selling success and offer consistent, effective customer service. Progent can configure the most sensible network environment, including mobile wireless connectivity, to support Microsoft CRM, and Progent's Experts Team can provide your small business with a certified MSCRM consultant who can help you combine Microsoft CRM with your sales or customer service data.

  • Microsoft SharePoint Server 2013 Computer Engineer Atlanta, GA Microsoft SharePoint Server Consulting Atlanta, Fulton County

  • Workspace ONE Endpoint Management IT Outsourcing Group
    Microsoft Intune Security Consultant

    Progent's Microsoft-certified engineers can assist your company to automate desktop PC update and patch deployment by delivering expertise with management tools that include Microsoft System Center Configuration Manager, SMS 2003, and Windows Server Update Services.

  • Ransomware Removal and Restore Atlanta Hartsfield-Jackson Airport ATL Georgia Ransomware Cleanup and Restore
  • Remote Work at Home Employees Assistance near me in Atlanta - Endpoint Management Tools Consulting and Support Services Decatur - Buckhead - Norcross Atlanta Work from Home Employees Management Tools Consulting Services
  • Remote Workforce Consulting Experts near me in Atlanta - Cybersecurity Solutions Consulting Experts Georgia Atlanta Remote Workforce Security Solutions Consulting and Support Services Atlanta Georgia
  • Remote Workforce Endpoint Security Engineer Engineer Offsite Workforce Endpoint Security
  • SQL 2014 Information Technology Outsource Atlanta Georgia SQL Server Small Business IT Consulting Atlanta, Fulton County
  • Tech Expert Windows Server 2016 Atlanta Georgia, United States Windows Server 2016 Service Providers Marietta - Alpharetta, United States

  • Network Consultant Cisco Firepower NGIPS
    Firepower NGFW Firewalls Information Technology Consulting

    The latest generation of ASA 5500-X Series Next-Generation Firewalls with Firepower Services deliver significantly more bang for the buck than Cisco's previous PIX and ASA 5500 firewalls and have superseded the ASA 5500 and PIX 500 security appliances for new installations. Progent's Cisco-premier CCIE network consultants can assist you to manage your existing PIX or Cisco ASA 5500 firewalls and upgrade to Cisco ASA 5500-X firewalls with Firepower Services. Progent can also assist you to design, deploy, tune, administer and debug firewall environments built on ASA 5500-X firewalls with Firepower Services.

  • Atlanta Snatch Crypto-Ransomware Operational-Recovery Atlanta Hartsfield-Jackson Airport ATL
  • Urgent Juniper Firewalls Cybersecurity Companies Juniper NetScreen 5400 Firewall Evaluation
  • Windows 11 Autopilot Configuration Windows 11 Power Automate Online Help

  • SentinelOne Cybersecurity Consultants
    Biggest Specialist SentinelOne Ransomware Protection

    ProSight Active Security Monitoring (ASM) is an endpoint protection service that incorporates cutting edge behavior-based machine learning tools by SentinelOne to guard endpoints and physical and virtual servers against modern malware assaults like ransomware and file-less exploits, which routinely get by traditional signature-based AV tools. ProSight Active Security Monitoring protects local and cloud-based resources and provides a unified platform to address the entire malware attack progression including blocking, detection, mitigation, cleanup, and post-attack forensics. Top features include one-click rollback with Windows Volume Shadow Copy Service (VSS) and automatic network-wide immunization against newly discovered attacks.

  • Windows Server 2012R2 Professionals Windows Server 2012R2 Hyper-V Virtual Switch Network Consultants
  • Windows Server 2022 with Linux Technical Consultant Windows Server 2022 Cybersecurity Online Support Services
  • Work at Home Employees Atlanta Guidance - Help Desk Outsourcing Consulting and Support Services Atlanta, GA Atlanta Work from Home Employees Help Desk Call Center Outsourcing Consultants Atlanta Georgia

  • Cisco VPN Support and Integration
    Cisco VPN Online Support

    Progent's Cisco Security/VPN professionals and CCIE and CCNP certified support staff can help your small or medium sized business integrate and maintain Cisco's security and Virtual Private Network technology such as routers, switches, firewalls, intrusion detection systems and VPN access concentrators. Cisco Virtual Private Network solutions include both remote access and site-to-site VPNs with Cisco IOS Software and Advanced Integrated Module hardware encryption cards, and hardware devices, such as a VPN concentrator, router, Cisco PIX Firewall, or dedicated VPN server for dial-up services. Cisco VPN products are simple to administer and offer the flexibility to evolve with your growing business requirements. Progent's Cisco-Premier network consultants support Cisco's comprehensive family of hardware and software aimed at preventing data pilfering, virus and worm outbreaks, DDoS attacks, and other threats to your information system. Progent can show you how to integrate Cisco technology to achieve secure access, intrusion protection, and full Identity services based on Cisco ACS using RADIUS security and TACACS to establish a centralized client access control framework for user authentication, authorization, and accounting from an easy-to-use Web interface.

  • Atlanta Dharma Crypto-Ransomware System-Restore Atlanta, Fulton County
  • Work at Home Employees Consulting Services near me in Atlanta - Integration Assistance Fulton County Georgia Teleworkers Consultants in Atlanta - Setup Guidance Fulton County Georgia
  • Work from Home Employees Expertise near me in Atlanta - Integration Solutions Expertise ATL At Home Workers Consultants nearby Atlanta - Solutions Consultants Atlanta

  • IT Support Outsourcing Specialist
    IT Outsourcing Services Technology Professional

    Progent is structured to deliver comprehensive remote support for all major technical areas associated with today's small company information networks and offers a variety of vital, as-needed support services including a temporary Chief Information Officer to provide senior-level IT design and budgeting capability, a Call Center for help desk services, 24x7 remote monitoring, spam and email-borne virus protection as a managed service, best-practices project management help for critical projects such as office relocations oroperating system migrations, connectivity consultants for designing high-performance and reliable infrastructure, certified security specialists to ensure information protection and compliance, disaster recovery experts to design and document business continuity strategies, and software developers to write, customize, or repair business applications.


    © 2002-2022 Progent Corporation. All rights reserved.