Crypto-Ransomware : Your Crippling Information Technology Disaster
Crypto-Ransomware  Recovery ConsultantsCrypto-Ransomware has become an escalating cyber pandemic that poses an enterprise-level threat for businesses poorly prepared for an attack. Different versions of ransomware like the CrySIS, CryptoWall, Locky, NotPetya and MongoLock cryptoworms have been out in the wild for years and still inflict destruction. Newer strains of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Nephilim, as well as daily as yet unnamed viruses, not only do encryption of on-line critical data but also infiltrate all accessible system restores and backups. Information synched to cloud environments can also be corrupted. In a poorly designed system, this can render automatic restoration useless and effectively sets the entire system back to zero.

Getting back services and information following a crypto-ransomware event becomes a race against the clock as the targeted organization fights to contain and remove the crypto-ransomware and to resume business-critical activity. Since crypto-ransomware takes time to spread, attacks are often sprung on weekends and holidays, when successful attacks tend to take longer to identify. This compounds the difficulty of promptly mobilizing and coordinating an experienced mitigation team.

Progent offers an assortment of services for protecting Beverly Hills businesses from ransomware attacks. These include team member training to help identify and avoid phishing scams, ProSight Active Security Monitoring for remote monitoring and management, in addition to installation of the latest generation security appliances with machine learning capabilities to intelligently discover and extinguish new threats. Progent also offers the assistance of seasoned crypto-ransomware recovery engineers with the track record and commitment to rebuild a breached network as quickly as possible.

Progent's Ransomware Restoration Support Services
Subsequent to a ransomware attack, even paying the ransom in Bitcoin cryptocurrency does not ensure that cyber hackers will respond with the keys to decrypt any of your data. Kaspersky estimated that 17% of ransomware victims never recovered their files after having sent off the ransom, resulting in more losses. The gamble is also very costly. Ryuk ransoms often range from 15-40 BTC ($120,000 and $400,000). This is greatly above the typical ransomware demands, which ZDNET determined to be around $13,000 for small organizations. The other path is to setup from scratch the vital elements of your IT environment. Absent the availability of full data backups, this calls for a broad complement of IT skills, well-coordinated team management, and the willingness to work 24x7 until the recovery project is over.

For decades, Progent has offered expert Information Technology services for companies throughout the U.S. and has earned Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts includes consultants who have earned high-level certifications in key technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security experts have earned internationally-renowned certifications including CISM, CISSP, CRISC, and GIAC. (Visit Progent's certifications). Progent also has experience with financial management and ERP application software. This breadth of expertise affords Progent the ability to quickly understand critical systems and organize the surviving pieces of your computer network environment following a ransomware penetration and assemble them into a functioning network.

Progent's security team of experts utilizes powerful project management systems to coordinate the sophisticated recovery process. Progent understands the importance of acting quickly and in unison with a client's management and Information Technology team members to prioritize tasks and to put key applications back online as soon as humanly possible.

Business Case Study: A Successful Ransomware Intrusion Recovery
A business sought out Progent after their company was crashed by Ryuk crypto-ransomware. Ryuk is thought to have been created by North Korean state cybercriminals, possibly using strategies leaked from the United States National Security Agency. Ryuk targets specific organizations with limited ability to sustain operational disruption and is among the most lucrative incarnations of ransomware. Headline targets include Data Resolution, a California-based data warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a single-location manufacturing business based in the Chicago metro area with around 500 staff members. The Ryuk event had paralyzed all essential operations and manufacturing capabilities. Most of the client's information backups had been online at the beginning of the intrusion and were damaged. The client was pursuing financing for paying the ransom (more than two hundred thousand dollars) and wishfully thinking for good luck, but in the end made the decision to use Progent.


"I cannot thank you enough about the care Progent provided us throughout the most fearful period of (our) companyís survival. We may have had to pay the cyber criminals except for the confidence the Progent team gave us. The fact that you were able to get our messaging and essential applications back faster than a week was earth shattering. Each staff member I talked with or texted at Progent was absolutely committed on getting our company operational and was working at all hours on our behalf."

Progent worked with the customer to quickly identify and prioritize the most important systems that needed to be addressed in order to restart business operations:

  • Windows Active Directory
  • Exchange Server
  • Financials/MRP
To start, Progent followed ransomware event mitigation best practices by stopping lateral movement and cleaning systems of viruses. Progent then initiated the steps of rebuilding Microsoft Active Directory, the core of enterprise environments built on Microsoft Windows technology. Exchange messaging will not function without Active Directory, and the customerís MRP applications used SQL Server, which needs Active Directory for security authorization to the data.

In less than 2 days, Progent was able to recover Active Directory services to its pre-intrusion state. Progent then completed rebuilding and hard drive recovery of key systems. All Microsoft Exchange Server schema and configuration information were usable, which facilitated the rebuild of Exchange. Progent was also able to find non-encrypted OST files (Outlook Offline Data Files) on user PCs in order to recover email data. A not too old offline backup of the client's financials/MRP software made it possible to return these required programs back servicing users. Although a large amount of work needed to be completed to recover fully from the Ryuk attack, critical systems were restored quickly:


"For the most part, the assembly line operation showed little impact and we delivered all customer shipments."

During the following month key milestones in the restoration process were completed in close collaboration between Progent consultants and the client:

  • In-house web sites were brought back up without losing any information.
  • The MailStore Microsoft Exchange Server containing more than four million historical messages was restored to operations and accessible to users.
  • CRM/Product Ordering/Invoicing/Accounts Payable (AP)/AR/Inventory functions were completely operational.
  • A new Palo Alto Networks 850 security appliance was brought online.
  • 90% of the user desktops and notebooks were being used by staff.

"So much of what happened that first week is nearly entirely a haze for me, but my team will not soon forget the dedication each and every one of you accomplished to help get our company back. I have trusted Progent for the past ten years, maybe more, and each time Progent has come through and delivered as promised. This time was the most impressive ever."

Conclusion
A potential enterprise-killing catastrophe was dodged due to hard-working experts, a wide array of IT skills, and tight collaboration. Although in retrospect the ransomware virus attack detailed here would have been blocked with current cyber security solutions and ISO/IEC 27001 best practices, team education, and properly executed security procedures for data backup and keeping systems up to date with security patches, the fact remains that state-sponsored criminal cyber gangs from China, North Korea and elsewhere are tireless and will continue. If you do get hit by a ransomware incursion, feel confident that Progent's roster of professionals has substantial experience in ransomware virus defense, mitigation, and file disaster recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others that were involved), Iím grateful for letting me get rested after we got through the initial fire. All of you did an fabulous job, and if any of your guys is visiting the Chicago area, a great meal is on me!"

Download the Crypto-Ransomware Removal Case Study Datasheet
To review or download a PDF version of this ransomware incident report, click:
Progent's Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Services in Beverly Hills
For ransomware recovery consulting services in the Beverly Hills area, call Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • 24-7 Beverly Hills Hermes Crypto-Ransomware Forensics Analysis Beverly Hills-Bel Air, California Beverly Hills Ransomware Reporting Beverly Hills-Century City, California
  • At Home Workers Consultants nearby Beverly Hills - Collaboration Systems Assistance Beverly Hills Beverly Hills Work from Home Employees Collaboration Systems Expertise Beverly Hills-Bel Air
  • Award Winning Beverly Hills Teleworkers VoIP Technology Consulting Beverly Hills-Bel Air, California At Home Workers Beverly Hills Consultants - IP Voice Technology Expertise
  • Beverly Hills 24/7 Crypto Remediation Services Immediate Beverly Hills Crypto Cleanup Consultants Beverly Hills, USA
  • Beverly Hills At Home Workers Security Solutions Consulting and Support Services Beverly Hills-Bel Air, United States Beverly Hills Offsite Workforce Cybersecurity Systems Expertise Beverly Hills, CA
  • Beverly Hills At Home Workforce Endpoint Management Tools Consulting Experts Beverly Hills-Westwood Beverly Hills California Remote Workforce Beverly Hills Assistance - Management Systems Consultants
  • Beverly Hills California Telecommuters Consulting near me in Beverly Hills - Help Desk Solutions Consulting Experts Telecommuters Consulting nearby Beverly Hills - Help Desk Call Center Outsourcing Consulting and Support Services Beverly Hills-Westwood, California, United States
  • Beverly Hills Hermes Ransomware Repair Beverly Hills, CA Beverly Hills MongoLock Crypto-Ransomware Recovery Beverly Hills California
  • Beverly Hills IT Staffing Temps Support Services Beverly Hills California Emergency Supplemental Network Support Staffing Help Consulting Services Beverly Hills-West Hollywood, California
  • Beverly Hills Ransomware DopplePaymer Susceptibility Report Beverly Hills, CA, U.S.A. Beverly Hills Ransomware Snatch Susceptibility Evaluation Beverly Hills-Westwood, California
  • Beverly Hills Ryuk Crypto-Ransomware Malware Recovery Beverly Hills-Bel Air, CA Beverly Hills Locky Crypto-Ransomware Business-Recovery

  • Meraki Outdoor Wi-Fi AP Remote Support
    Integration Services Meraki Outdoor Wi-Fi Access Point

    Progent's Cisco Meraki Wi-Fi access point consultants offer remote and on-premises support services to assist businesses of any size to design, install, manage, upgrade or repair Wi-Fi networks that include Cisco Meraki wireless access points. Progent can help your business to set up and manage Meraki-based Wi-Fi networks for environments that range from a teleworker's home or a branch office to a campus or a nationwide enterprise. Progent can also assist you to integrate additional Cisco products such as Catalyst and Nexus switches, ASR routers and firewalls to create a cohesive ecosystem that delivers identical connectivity, responsiveness, security compliance, manageability and uptime for wired and wireless users regardless of their mobility or device.

  • Beverly Hills Small Office Network Consultant Beverly Hills-Westwood Security Consulting Companies

  • Short Term Staff Augmentation Services Integration Support
    Specialists Immediate Staffing

    Progent's short-term IT staffing services enable businesses to respond to sudden increases in demand for network professionals without incurring the costs and delays that come with vetting and recruiting experienced technical workers and without increasing your full-time head count.

  • Beverly Hills WannaCry Ransomware Remediation Beverly Hills-West Hollywood, California Beverly Hills-West Hollywood Beverly Hills WannaCry Ransomware Rollback
  • Beverly Hills-Century City, California Beverly Hills DopplePaymer Crypto-Ransomware Settlement Negotiation Experts Beverly Hills Snatch Ransomware Settlement Negotiation Services Beverly Hills-Westwood, California
  • Beverly Hills-West Hollywood, CA Exchange 2003 Server Computer Service Beverly Hills 24-7 Exchange 2010 Server Phone Support
  • Cisco Computer Support Companies Beverly Hills Beverly Hills-Bel Air, California, U.S.A. Cisco Network Consulting Firm
  • Beverly Hills Lockbit Ransomware Business-Recovery Beverly Hills-Century City
  • Consulting Beverly Hills Microsoft Certified Beverly Hills Outsourced IT Management Services
  • Consulting Support for IT Service Firms in Beverly Hills - Short-Term IT Support Assistance Beverly Hills-Westwood Biggest Consultants for Beverly Hills IT Support Firms
  • Cybersecurity Group Security Beverly Hills-West Hollywood, CA CISSP Network Consultant Beverly Hills-Westwood, California
  • DPM 2016 Specialist MCSE Expert Certified Data Protection Manager 2016 and VMware Network Engineer
  • Largest Remote Support SharePoint 2013 Beverly Hills-West Hollywood, CA Beverly Hills, CA Microsoft SharePoint Configuration
  • Largest Small Business IT Outsourcing Windows 2019 Server Beverly Hills-Century City, CA Windows Server 2016 Network System Support Consultant Beverly Hills
  • MS Dynamics GP-Software Beverly Hills Gold Partner - Migration Outsourcing Beverly Hills-Century City, CA, United States Beverly Hills MS Dynamics GP-Software Upgrades Experts Beverly Hills-West Hollywood, California
  • Microsoft SQL Server 2017 Technology Consultant Beverly Hills-Bel Air, California Immediate SQL 2012 Service Providers

  • Immediate Dynamics NAV MRP Contract Development
    Dynamics NAV ERP Programming Company

    Progent offers online and onsite configuration, migration, application development, BI reporting for Microsoft Dynamics 365 Business Central/NAV.

  • Mid-size Office Tech Support Outsource Mid-sized Business Computer Network Consulting company
  • RIM BlackBerry Computer Consultants Beverly Hills-Bel Air BlackBerry Redirector Networking Consultant

  • Technical Support Services Work at Home Data Protection
    Onsite Technical Support At Home Workforce Data Protection

    Progent can assist small and medium-size organization to plan, deploy, test and manage backup/recovery solutions needed to support offsite workers.

  • Ransomware Rebuild Beverly Hills-Westwood, California Dharma Ransomware Hot Line Beverly Hills-Westwood, California
  • Remote Workers Consulting nearby Beverly Hills - Integration Solutions Guidance Beverly Hills-Century City, California, US Beverly Hills-Bel Air, California Teleworkers Consulting Services - Beverly Hills - Connectivity Guidance

  • 24/7 Computer Engineer Windows Server 2012 R2 Clustering
    Windows Server 2012R2 Virtual Fibre Channel Technology Consulting Services

    Progent's certified consultants can help you to assess the benefits of Windows Server 2012 R2 for your company, develop test environments and rollout plans, tune your infrastructure for local, multi-site, private or public cloud-based, and hybrid environments, educate your IT support staff, create an enterprise-wide security strategy, automate network management, assist with creating applications, and build and test a disaster recovery/business continuity plan.

  • Beverly Hills DopplePaymer Ransomware System-Rebuild Beverly Hills California
  • Snatch ransomware recovery Specialists 24-Hour ransomware virus recovery Services
  • Telecommuters Beverly Hills Consulting Services - Infrastructure Assistance Beverly Hills Beverly Hills Offsite Workforce Setup Consultants Beverly Hills, USA
  • Top Microsoft MCDBA Support Career Sacramento - North Highlands, U.S.A. Job Opportunities Microsoft MCTS Consultant Sacramento - Folsom, United States
  • Ubuntu Linux, Sun Solaris, UNIX Remote Consulting Beverly Hills-Bel Air, CA Open Now Mandrake Linux, Solaris, UNIX Support and Help Beverly Hills, CA
  • Urgent 64-bit Upgrade Remote Support Services Cisco Certified 64-bit Computing Consult
  • Work at Home Employees Consulting Experts near me in Beverly Hills - Cloud Solutions Guidance Beverly Hills Beverly Hills California At Home Workforce Beverly Hills Consulting and Support Services - Cloud Integration Solutions Consulting Experts
  • Work at Home Employees Expertise near Beverly Hills - Voice/Video Conferencing Systems Consulting Services Beverly Hills Beverly Hills Offsite Workforce Video Conferencing Technology Consulting Beverly Hills, USA

  • Online Cisco Certified CCIE Remote Technical Support
    Network Consulting Firm Cisco CCIE Online

    Progent can assist your organization to utilize Cisco's infrastructure products to build a robust foundation for your onsite, cloud-centric, or hybrid data center and improve operations in key areas such as hardware utilization, security and compliance, manageability, uptime, and disaster recovery.

  • Work from Home Employees Beverly Hills Guidance - Backup Technology Consulting and Support Services Beverly Hills California At Home Workers Beverly Hills Consulting and Support Services - Backup/Restore Systems Consulting Services Beverly Hills-Century City, California

  • © 2002-2022 Progent Corporation. All rights reserved.