Ransomware : Your Feared IT Nightmare
Crypto-Ransomware  Recovery ExpertsRansomware has become a modern cyberplague that presents an existential threat for businesses vulnerable to an attack. Multiple generations of ransomware like the Reveton, Fusob, Bad Rabbit, SamSam and MongoLock cryptoworms have been running rampant for many years and still cause destruction. Modern variants of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Conti and Egregor, along with daily as yet unnamed newcomers, not only do encryption of online information but also infiltrate any configured system restores and backups. Information synched to cloud environments can also be ransomed. In a vulnerable system, it can render automatic restoration hopeless and basically knocks the entire system back to zero.

Retrieving services and data following a crypto-ransomware outage becomes a race against time as the targeted business struggles to contain the damage and clear the ransomware and to restore mission-critical activity. Due to the fact that ransomware takes time to move laterally, penetrations are often sprung at night, when penetrations may take more time to detect. This compounds the difficulty of rapidly mobilizing and orchestrating an experienced response team.

Progent offers an assortment of support services for securing Atlanta enterprises from ransomware attacks. Among these are team training to become familiar with and not fall victim to phishing attempts, ProSight Active Security Monitoring for remote monitoring and management, in addition to deployment of the latest generation security appliances with machine learning technology to intelligently discover and quarantine day-zero cyber threats. Progent also offers the assistance of experienced ransomware recovery engineers with the track record and perseverance to re-deploy a compromised environment as rapidly as possible.

Progent's Crypto-Ransomware Restoration Support Services
Soon after a crypto-ransomware event, even paying the ransom demands in cryptocurrency does not guarantee that merciless criminals will return the needed keys to unencrypt any or all of your files. Kaspersky Labs estimated that 17% of ransomware victims never restored their files after having sent off the ransom, resulting in additional losses. The risk is also expensive. Ryuk ransoms often range from fifteen to forty BTC ($120,000 and $400,000). This is greatly higher than the average ransomware demands, which ZDNET determined to be approximately $13,000 for small organizations. The other path is to re-install the essential parts of your IT environment. Absent the availability of full system backups, this calls for a wide complement of IT skills, top notch project management, and the ability to work continuously until the job is complete.

For decades, Progent has provided certified expert Information Technology services for companies throughout the United States and has earned Microsoft's Gold Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have been awarded advanced industry certifications in key technologies such as Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity experts have earned internationally-recognized certifications including CISA, CISSP-ISSAP, CRISC, and SANS GIAC. (Visit Progent's certifications). Progent also has experience with accounting and ERP software solutions. This breadth of experience gives Progent the capability to quickly identify critical systems and organize the surviving components of your network system following a crypto-ransomware penetration and configure them into an operational system.

Progent's security group utilizes powerful project management systems to coordinate the complicated restoration process. Progent appreciates the urgency of working swiftly and in unison with a customerís management and Information Technology staff to prioritize tasks and to get the most important systems back on-line as soon as humanly possible.

Customer Story: A Successful Ransomware Incident Response
A business escalated to Progent after their company was crashed by Ryuk ransomware. Ryuk is thought to have been created by North Korean state hackers, possibly adopting algorithms leaked from the U.S. National Security Agency. Ryuk attacks specific businesses with limited room for operational disruption and is among the most profitable iterations of ransomware viruses. Major organizations include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's customer is a single-location manufacturing business based in Chicago with about 500 employees. The Ryuk penetration had frozen all business operations and manufacturing processes. Most of the client's information backups had been directly accessible at the time of the attack and were damaged. The client was pursuing financing for paying the ransom (more than two hundred thousand dollars) and hoping for good luck, but ultimately called Progent.


"I canít tell you enough about the help Progent gave us during the most stressful period of (our) businesses life. We would have paid the criminal gangs if it wasnít for the confidence the Progent experts gave us. The fact that you were able to get our e-mail and essential servers back into operation sooner than 1 week was beyond my wildest dreams. Every single consultant I talked with or communicated with at Progent was absolutely committed on getting us back on-line and was working at all hours to bail us out."

Progent worked with the customer to quickly determine and prioritize the critical applications that needed to be addressed to make it possible to continue business operations:

  • Active Directory
  • Electronic Mail
  • Accounting/MRP
To start, Progent followed AV/Malware Processes penetration mitigation industry best practices by isolating and performing virus removal steps. Progent then started the task of restoring Active Directory, the foundation of enterprise networks built on Microsoft Windows technology. Exchange messaging will not function without Windows AD, and the customerís accounting and MRP system used Microsoft SQL, which requires Windows AD for security authorization to the databases.

Within 2 days, Progent was able to rebuild Active Directory services to its pre-attack state. Progent then assisted with setup and storage recovery on needed servers. All Exchange data and attributes were usable, which accelerated the rebuild of Exchange. Progent was also able to assemble intact OST data files (Outlook Off-Line Data Files) on user workstations and laptops to recover mail messages. A recent offline backup of the businesses financials/MRP software made them able to restore these essential services back servicing users. Although a large amount of work needed to be completed to recover completely from the Ryuk event, essential services were returned to operations quickly:


"For the most part, the manufacturing operation never missed a beat and we made all customer deliverables."

Throughout the next couple of weeks critical milestones in the restoration process were achieved through tight collaboration between Progent consultants and the customer:

  • Internal web applications were brought back up without losing any information.
  • The MailStore Microsoft Exchange Server with over 4 million historical messages was brought online and available for users.
  • CRM/Orders/Invoices/AP/Accounts Receivables (AR)/Inventory Control capabilities were 100% restored.
  • A new Palo Alto 850 firewall was set up.
  • 90% of the user workstations were back into operation.

"A lot of what was accomplished that first week is mostly a blur for me, but I will not forget the urgency each and every one of your team put in to give us our company back. Iíve utilized Progent for the past 10 years, maybe more, and each time I needed help Progent has impressed me and delivered. This situation was a Herculean accomplishment."

Conclusion
A possible business disaster was evaded through the efforts of hard-working experts, a wide range of IT skills, and close collaboration. Although in post mortem the ransomware virus penetration described here would have been blocked with modern security solutions and security best practices, staff training, and well thought out security procedures for data backup and proper patching controls, the fact remains that government-sponsored hackers from Russia, China and elsewhere are relentless and represent an ongoing threat. If you do get hit by a ransomware virus, feel confident that Progent's team of experts has a proven track record in ransomware virus blocking, cleanup, and file disaster recovery.


"So, to Darrin, Matt, Aaron, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were contributing), Iím grateful for allowing me to get some sleep after we got through the first week. Everyone did an incredible job, and if anyone is visiting the Chicago area, dinner is on me!"

Download the Crypto-Ransomware Cleanup Case Study Datasheet
To read or download a PDF version of this case study, please click:
Progent's Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24 Hour At Home Workforce Atlanta Expertise - Setup Expertise Atlanta Georgia Atlanta At Home Workers Infrastructure Assistance Decatur - Buckhead - Norcross
  • 24-Hour Security Consultancy Security Marietta - Alpharetta Security Security Certification Marietta - Alpharetta
  • After Hours Positions Cisco CCIE Voice Network Engineer Atlanta Hartsfield-Jackson Airport ATL Top Quality Cisco CCIE CCNA CCDP CCNP CCIP CCSP CCVP Consultant Contract Job
  • Atlanta At Home Workforce Solutions Assistance Atlanta Georgia, America Atlanta Offsite Workforce Integration Solutions Consulting Atlanta, GA

  • Remote Office Professional
    Branch Offices Onsite Technical Support

    Years of background delivering Microsoft support and Cisco network consulting has enabled Progent to develop an unmatched ability for supporting branch offices that require IT service with the flexibility common to with small firms but which includes effective communications, complete documentation, and adherence to enterprise IT protocols. If your corporation maintains a remote office situated anywhere in California or any region covered by Progent's engineers, Progent can offer a wide array of on-premises and remote IT consulting services and system design expertise.

  • Atlanta Atlanta IT Staffing Support Temporary IT Staffing for IT Support Organizations Atlanta, Fulton County, US

  • Microsoft Small Business Server 2011 Computer Consulting
    Support and Integration Microsoft SBS 2011

    Microsoft Small Business Server (SBS) is a low-cost collection of essential servers that offers the foundation for a powerful but easy-to-manage information. The integration requirements of the Microsoft .NET functions bundled with Small Business Server calls for a network expert with real-world expertise and broad knowledge in designing and implementing cohesive end-to-end information technology systems. Progent's Microsoft-certified consultants have extensive backgrounds with the technologies incorporated in SBS 2011 and Microsoft SBS 2008. This expertise assures you success in deploying, managing, and servicing IT environments based on the SBS suite of servers and applications.

  • Atlanta Consultants for Computer Support Firms Fulton County Georgia, United States Immediate Atlanta Consulting Experts for IT Service Organizations Atlanta Georgia, US
  • Atlanta Hartsfield-Jackson Airport ATL At Home Workers Consulting and Support Services near me in Atlanta - Collaboration Solutions Consultants Telecommuters Expertise near me in Atlanta - Collaboration Technology Consulting Fulton County Georgia
  • Atlanta Network Consulting Firms Atlanta, GA Onsite Technical Support
  • Atlanta Offsite Workforce Backup Technology Consulting and Support Services Atlanta Hartsfield-Jackson Airport ATL Fulton County Georgia, America 24x7 Teleworkers Guidance - Atlanta - Data Protection Systems Expertise
  • Atlanta Urgent Crypto-Ransomware Recovery Atlanta Georgia, U.S.A. Atlanta Crypto-Ransomware Repair Atlanta, GA
  • Atlanta Work at Home Employees Call Desk Outsourcing Consulting Experts Atlanta, GA Remote Workforce Consulting near Atlanta - Call Desk Augmentation Consultants Decatur - Buckhead - Norcross
  • Atlanta, Georgia Consulting Companies Cisco Certified Expert Outsourcing IT Support Atlanta
  • Best Atlanta At Home Workers Network Security Systems Consulting Atlanta Hartsfield-Jackson Airport ATL Teleworkers Assistance in Atlanta - Network Security Solutions Consulting Experts Atlanta, Fulton County
  • BlackBerry Data Recovery Decatur - Buckhead - Norcross Remote Support BlackBerry Wireless Atlanta
  • Cisco Computer Network Consultants Atlanta, GA Cisco Expert Atlanta Georgia
  • Co-Location Facility Server Support Atlanta Georgia Network Service Data Center Colocation Georgia
  • Decatur - Buckhead - Norcross Atlanta Work from Home Employees IP Voice Systems Assistance Atlanta, GA Teleworkers Atlanta Assistance - VoIP Systems Consulting Experts
  • Enterprise hybrid cloud integration Technology Professional Microsoft Azure hybrid cloud integration Professional

  • Microsoft Windows Consolidate
    Network Support Company Microsoft Office XP

    Progentís computer outsourcing services for small companies feature planning Server 2003, .NET Server, and BackOffice environments, coordinating upgrades to Microsoft Windows XP, Windows 2003 Server, Active Directory, and Microsoft Exchange Server 2003, Help Desk Call Center, remote and in-person troubleshooting, resolving chronic integration issues, and creating a comprehensive security strategy. Progent can show you how to maximize system availability and performance with zero-downtime technologies, resilient network topology, and proactive server monitoring. Progent also offers project management assistance for large-scale upgrades and can help with requirements assessment, resource identification, bill of materials development, sourcing selection, purchasing coordination, and complete documentation. Progentís IT outsourcing service also includes education for office productivity products such as Microsoft Office.

  • Exchange 2003 Upgrade Onsite Technical Support Exchange Server 2003 Upgrade Integration Support
  • MS Dynamics GP (Great Plains) Gold Partner - Atlanta - Training Development ATL Atlanta Dynamics GP Upgrades Support Atlanta Georgia
  • Atlanta Ransomware Remediation Atlanta Hartsfield-Jackson Airport ATL, US
  • Mandrake Linux, Sun Solaris, UNIX Remote Support Atlanta, Fulton County Network Consultant Suse Linux, Solaris, UNIX ATL
  • Microsoft Exchange 2007 Consulting Services Exchange Server 2007 Technology Consulting
  • Atlanta Locky Ransomware System-Restore Fulton County Georgia
  • Microsoft Exchange Server Migration Specialists Open Now Consult Exchange 2010 Upgrade

  • SCVMM 2016 Storage Spaces Direct Computer Engineer
    Computer Consultants SCVMM 2016 and VMware

    Microsoft System Center 2016 Virtual Machine Manager (SCVMM 2016) is part of Microsoft's System Center 2016 suite of IT infrastructure monitoring and management tools and is designed to provide a centralized solution for configuring and administering virtualized datacenters across hybrid networks that can incorporate private clouds and Azure publics cloud resources. Progent's Virtual Machine Manager 2016 consulting experts can help businesses of all sizes with any aspect of designing, deploying, and maintaining a SCVMM 2016 ecosystem. Progent can assess your virtualization architecture, help you upgrade efficiently from legacy versions of Virtual Machine Manager, develop processes for building and deploying virtual machines and VM hosts, implement high-availability scale-out clusters, integrate your private cloud infrastructure with public cloud services, configure virtual switches and load balancers, develop and refine PowerShell scripts, and help you evaluate the potential advantages of new capabilities such as Storage Spaces Direct and Host Guardian Service. Progent's hypervisor experts offer advanced Hyper-V consulting and VMware vSphere expertise.

  • Microsoft SQL Server 2016 Small Business IT Consulting Company Georgia 24-7 SQL 2014 Engineer
  • Microsoft Virtual Machines Troubleshooting Microsoft Server Consolidation Consultants
  • Network Help Microsoft Exchange 2016 Atlanta Georgia Best Microsoft Exchange Migration Company Fulton County Georgia

  • Cisco Firesight Remote Technical Support
    CCDP Certified Firepower NGFW Firewalls Remote Support

    Cisco's Firepower Next Generation Firewalls (NGFWs) deliver a significant performance boost compared to Cisco's previous-generation ASA 5500-X security appliances and include centralized management and automation of advanced cybersecurity capabilities like application visibility and control, next-generation intrusion protection (NGIPS) with intelligent prioritization of risks, advanced malware protection (AMP), URL filtering, and sandboxing. Progent's Cisco CCIE firewall consultants can help you to plan and execute an efficient upgrade to Firepower Series firewalls from Cisco's from ASA 5500-X, ASA 5500, or PIX firewalls and help you integrate Firepower firewalls with Cisco's subscription-based security services to build and centrally manage IT environments that span branch offices, data centers, and cloud resources.

  • Atlanta, GA Atlanta Ryuk Ransomware Infection Removal Case Study
  • One-On-One Training Server Server Training
  • Remote Workers Expertise in Atlanta - Endpoint Management Solutions Consulting Experts Atlanta Georgia Teleworkers Consulting Experts - Atlanta - Endpoint Management Tools Assistance Atlanta Hartsfield-Jackson Airport ATL
  • SharePoint 2010 Online Technical Support Atlanta Georgia Microsoft SharePoint Server Network Consultants Georgia

  • Small Business Wi-Fi Support and Help
    Immediate Wireless Bridge Specialist

    Progent's Wireless Consulting Services offer a fast, affordable option for businesses of any size to configure, manage and troubleshoot the latest wireless connectivity solutions. For 802.11n and the latest 802.11ac Wi-Fi environments, Progent can help you plan and install appliances such as Cisco's Aironet and Meraki wireless access points and wireless network controllers. For mobile messaging and online applications, Progent supports Apple iPhones, Apple iPads, Google Androids, and Windows phones and tablets.

  • Atlanta Dharma Crypto-Ransomware Recovery
  • Support and Setup Windows Server 2008 R2 Windows Server 2008 Active Directory On-site Support
  • Windows Server 2012 Systems Support ATL Windows Server 2012 R2 Install Georgia
  • Work at Home Employees Consulting and Support Services nearby Atlanta - Cloud Solutions Consultants Atlanta Georgia Work from Home Employees Atlanta Assistance - Cloud Technology Consultants ATL
  • Work from Home Employees Atlanta Consulting and Support Services - Conferencing Systems Assistance Decatur - Buckhead - Norcross Remote Workforce Atlanta Consulting Services - Video Conferencing Systems Consulting and Support Services Fulton County Georgia

  • Microsoft Expert Lync Server 2013 VoIP Professional
    Professional Lync Server 2013 topology

    Lync Server 2010 provides IM, Presence, audio and video conferencing, desktop collaboration, and both VoIP and traditional PSTN calling. Microsoft Lync 2010 can enhance the capability of Microsoft Exchange Server, SharePoint Server and Office desktop or cloud-based Office 365 and streamlines management through integration with Windows AD. Lync 2010 can also reduce capital and operational costs by doing away with VoIP equipment and subscription services, PBX systems, or conventional teleconferencing solutions. Progent's certified unified communications consultants can provide online and onsite support to help you to maintain and repair your current Lync 2010 environment or assess the benefits of upgrading from Lync to Skype for Business, which is Microsoft's renamed and revamped version of the product. Progent can also help your organization to plan and execute an efficient Skype for Business migration.

  • Atlanta Atlanta Spora Crypto-Ransomware Remediation

  • © 2002-2021 Progent Corporation. All rights reserved.