Ransomware : Your Worst IT Disaster
Ransomware  Recovery ConsultantsRansomware has become an escalating cyberplague that represents an existential threat for businesses of all sizes vulnerable to an assault. Different iterations of ransomware such as Dharma, Fusob, Bad Rabbit, SamSam and MongoLock cryptoworms have been replicating for years and continue to inflict havoc. More recent versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Egregor, along with daily unnamed viruses, not only encrypt on-line data but also infiltrate any accessible system backup. Files synchronized to the cloud can also be corrupted. In a poorly architected environment, it can make automated restoration useless and basically sets the entire system back to square one.

Getting back on-line services and information after a ransomware event becomes a sprint against the clock as the victim fights to contain the damage and eradicate the ransomware and to restore mission-critical operations. Due to the fact that ransomware takes time to spread, assaults are usually sprung during nights and weekends, when penetrations in many cases take longer to discover. This compounds the difficulty of promptly assembling and organizing a qualified mitigation team.

Progent has a range of help services for protecting Beverly Hills enterprises from crypto-ransomware events. Among these are user training to help identify and avoid phishing scams, ProSight Active Security Monitoring for endpoint detection and response using SentinelOne's behavior-based cyberthreat defense to discover and extinguish day-zero malware attacks. Progent also provides the services of veteran ransomware recovery professionals with the track record and commitment to reconstruct a compromised system as soon as possible.

Progent's Crypto-Ransomware Recovery Support Services
Soon after a crypto-ransomware event, even paying the ransom in cryptocurrency does not provide any assurance that merciless criminals will respond with the needed keys to decipher all your files. Kaspersky Labs determined that seventeen percent of ransomware victims never recovered their files after having sent off the ransom, resulting in increased losses. The risk is also costly. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is well above the typical crypto-ransomware demands, which ZDNET determined to be around $13,000 for small businesses. The fallback is to piece back together the mission-critical components of your Information Technology environment. Without access to essential system backups, this requires a broad range of IT skills, professional team management, and the willingness to work non-stop until the job is complete.

For decades, Progent has provided expert IT services for companies across the United States and has achieved Microsoft's Gold Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes engineers who have been awarded top industry certifications in leading technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity experts have earned internationally-renowned certifications including CISM, CISSP, ISACA CRISC, and GIAC. (Refer to Progent's certifications). Progent in addition has expertise with financial management and ERP applications. This breadth of expertise provides Progent the skills to efficiently understand important systems and re-organize the surviving components of your network environment following a crypto-ransomware penetration and assemble them into an operational system.

Progent's security team deploys best of breed project management applications to coordinate the complicated restoration process. Progent understands the urgency of acting swiftly and together with a client's management and IT resources to assign priority to tasks and to get critical services back on-line as fast as possible.

Customer Case Study: A Successful Crypto-Ransomware Intrusion Restoration
A client escalated to Progent after their network system was brought down by Ryuk ransomware virus. Ryuk is generally considered to have been created by North Korean government sponsored cybercriminals, possibly adopting algorithms exposed from the United States National Security Agency. Ryuk goes after specific companies with little or no tolerance for operational disruption and is one of the most profitable instances of ransomware malware. Headline organizations include Data Resolution, a California-based information warehousing and cloud computing company, and the Chicago Tribune. Progent's client is a small manufacturing business based in the Chicago metro area with around 500 employees. The Ryuk penetration had disabled all business operations and manufacturing processes. Most of the client's information backups had been on-line at the beginning of the intrusion and were eventually encrypted. The client was actively seeking loans for paying the ransom demand (in excess of $200,000) and hoping for good luck, but ultimately called Progent.


"I cannot tell you enough about the expertise Progent provided us throughout the most critical period of (our) company's survival. We may have had to pay the criminal gangs if it wasn't for the confidence the Progent experts provided us. That you were able to get our messaging and essential applications back in less than seven days was earth shattering. Each staff member I got help from or texted at Progent was totally committed on getting our system up and was working at all hours on our behalf."

Progent worked with the customer to rapidly get our arms around and prioritize the essential applications that had to be restored to make it possible to continue company functions:

  • Microsoft Active Directory
  • Microsoft Exchange Email
  • Financials/MRP
To begin, Progent adhered to AV/Malware Processes incident mitigation industry best practices by isolating and performing virus removal steps. Progent then began the process of rebuilding Active Directory, the heart of enterprise systems built on Microsoft Windows technology. Microsoft Exchange email will not operate without Active Directory, and the client's accounting and MRP system used SQL Server, which requires Windows AD for authentication to the databases.

In less than two days, Progent was able to re-build Active Directory to its pre-intrusion state. Progent then assisted with setup and hard drive recovery on needed systems. All Exchange ties and configuration information were intact, which accelerated the rebuild of Exchange. Progent was able to locate non-encrypted OST data files (Outlook Off-Line Folder Files) on various PCs to recover mail data. A recent offline backup of the client's accounting/ERP systems made them able to restore these required applications back online. Although a lot of work needed to be completed to recover totally from the Ryuk damage, essential systems were returned to operations quickly:


"For the most part, the production manufacturing operation showed little impact and we produced all customer sales."

During the following couple of weeks critical milestones in the recovery process were made through close cooperation between Progent engineers and the client:

  • In-house web sites were returned to operation without losing any data.
  • The MailStore Microsoft Exchange Server exceeding 4 million archived emails was spun up and available for users.
  • CRM/Customer Orders/Invoices/Accounts Payable/AR/Inventory functions were 100% restored.
  • A new Palo Alto Networks 850 security appliance was installed.
  • Most of the user desktops were being used by staff.

"A huge amount of what happened those first few days is mostly a blur for me, but our team will not soon forget the countless hours each of your team put in to give us our company back. I have been working with Progent for the past ten years, possibly more, and every time I needed help Progent has come through and delivered. This situation was a testament to your capabilities."

Conclusion
A probable business-ending disaster was dodged due to top-tier professionals, a broad spectrum of technical expertise, and close collaboration. Although in hindsight the ransomware attack detailed here should have been stopped with modern cyber security technology solutions and best practices, staff education, and appropriate incident response procedures for data protection and keeping systems up to date with security patches, the fact is that government-sponsored criminal cyber gangs from China, Russia, North Korea and elsewhere are tireless and are not going away. If you do get hit by a crypto-ransomware virus, remember that Progent's team of experts has extensive experience in ransomware virus blocking, mitigation, and data recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (along with others who were helping), thanks very much for allowing me to get rested after we made it over the most critical parts. Everyone did an incredible effort, and if anyone that helped is visiting the Chicago area, dinner is on me!"

Download the Ransomware Removal Case Study Datasheet
To read or download a PDF version of this customer story, please click:
Progent's Ryuk Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Recovery Expertise in Beverly Hills
For ransomware recovery expertise in the Beverly Hills area, phone Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • Aironet 2700 Access Point Integration Aironet Network Engineer
  • At Home Workforce Consulting and Support Services - Beverly Hills - Backup/Recovery Technology Consulting Beverly Hills-Century City, CA Telecommuters Consulting and Support Services nearby Beverly Hills - Data Protection Systems Assistance Beverly Hills-West Hollywood, California
  • Top Ranked Beverly Hills Conti Crypto-Ransomware File-Recovery Beverly Hills
  • Beverly Hills At Home Workers Beverly Hills Expertise - Help Desk Augmentation Consulting Services Beverly Hills Work from Home Employees Help Desk Call Center Augmentation Consulting Services Beverly Hills

  • Cisco CCIE Online Network Consulting Firms
    Cisco Management Technology Consulting

    Progent offers fast remote support from Cisco-certified CCIE networking experts. Progent's CCIE consultants can connect to your network using powerful remote diagnostic utilities to provide quick and economical troubleshooting and repair of urgent network infrastructure problems.

  • Beverly Hills At Home Workforce VoIP Solutions Consultants Beverly Hills, CA Beverly Hills Remote Workforce VoIP Systems Guidance
  • Beverly Hills California Work at Home Employees Beverly Hills Assistance - Cloud Technology Assistance Offsite Workforce Consultants near me in Beverly Hills - Cloud Integration Systems Consulting and Support Services Beverly Hills, America
  • Beverly Hills Crypto-Ransomware Sodinokibi Readiness Review Beverly Hills-Century City, California Beverly Hills Ransomware WannaCry Susceptibility Testing Beverly Hills-Century City, California
  • Beverly Hills Ryuk Ransomware Infection Repair Beverly Hills-Bel Air, CA
  • Beverly Hills Emergency Crypto-Ransomware Cleanup Help Beverly Hills-West Hollywood, CA 24/7/365 Beverly Hills Crypto Remediation
  • Beverly Hills Hermes Ransomware Forensics Beverly Hills-West Hollywood Beverly Hills Maze Crypto-Ransomware Forensics Investigation Beverly Hills, CA, U.S.A.
  • Beverly Hills Offsite Workforce Video Conferencing Technology Consulting Experts Beverly Hills, CA Beverly Hills-West Hollywood, CA Telecommuters Guidance - Beverly Hills - Conferencing Systems Consulting
  • Beverly Hills Online Consulting Beverly Hills, California Information Technology Consulting Firms
  • Beverly Hills Ransomware Attack Data-Recovery Beverly Hills-Westwood, CA Beverly Hills Ryuk Crypto-Ransomware Operational Recovery Beverly Hills-Century City, CA
  • Beverly Hills Snatch Crypto-Ransomware System-Restoration Beverly Hills, CA 24-Hour Beverly Hills Egregor Crypto-Ransomware System-Rebuild Beverly Hills
  • Beverly Hills Staffing for Computer Support Teams IT Staff Augmentation for IT Service Teams
  • Beverly Hills Telecommuters Endpoint Security Systems Consulting Beverly Hills-Bel Air Beverly Hills Telecommuters Expertise in Beverly Hills - Endpoint Security Solutions Consulting Services
  • Beverly Hills, California Network Consulting Beverly Hills, California IT Service Provider
  • Beverly Hills Immediate Beverly Hills Locky Ransomware File-Recovery
  • Beverly Hills-Bel Air, United States At Home Workers Beverly Hills Expertise - Endpoint Management Solutions Expertise 24x7x365 Beverly Hills Work at Home Employees Endpoint Management Tools Expertise Beverly Hills-Westwood, California

  • Microsoft Certified Partner Technical Support Services Comprehensive Event Management
    Support Microsoft System Center Operations Manager

    Remote 24x7 monitoring, automated alarms, and actionable analytical reporting are vital to maintaining the proper operation of your network and eliminating unnecessary and costly downtime. Remote Monitoring and Management (RMM) technology has advanced to the point that companies of any size can afford a degree of network stability that was once limited to enterprises. Progent can provide several RMM options available as low-cost service packages created to help you to detect and resolve a an array of network problems before they get big enough to hurt productivity.

  • Beverly Hills-Century City, California Beverly Hills Ryuk Crypto-Ransomware Restoration Beverly Hills Locky Crypto-Ransomware Business-Recovery Beverly Hills-Westwood, California
  • Beverly Hills-Westwood 24/7 Microsoft SQL 2008 Computer Network Consulting company Beverly Hills, CA, United States Urgent Microsoft SQL Server Technical Support Company

  • 24-Hour Cisco and Microsoft Small Office On-site Technical Support
    Cisco Expert Small Office Technical Support Services

    If you have a company network with 10 to 50 desktop clients, Progent's computer outsourcing services free your business from over-reliance on an individual freelance service provider while giving you cost-effective and dependable access to enterprise-class network expertise. By delivering network support service when you require it, providing advanced knowledge for critical applications, offering unique support such as 24x7 network monitoring, and billing only for services you receive, Progent offers you an affordable solution for optimizing the productivity and profitability of your small office information system. Progent is the intelligent way for small businesses to build and maintain a robust and safe information system and to have fast access to the experienced support ordinarily restricted to businesses who can support a sizeable internal IT group.

  • Beverly Hills-Westwood, CA Top Rated Beverly Hills Crypto-Ransomware Settlement Negotiation Consultants Beverly Hills-Century City, California Beverly Hills Lockbit Ransomware Settlement Negotiation Consulting

  • Consulting Dynamics GP Development
    Dynamics GP Modifier Consultant Services

    Progent's expert solution designers and programmers can assist your company to build customizations to Microsoft GP that address the unique needs of your business without losing the benefits of seamless Windows integration and connectivity. Progent can also offer expertise with a selection of software development tools that can be utilized to create integrations with Microsoft GP. These tools include Microsoft Dexterity, Modifier, Visual Studio for Dynamics, Extender, eConnect, Web Services for Microsoft Dynamics GP, Integration Manager and ODBC.

  • BlackBerry Email System Repair Beverly Hills-Century City, USA BlackBerry BES Small Business IT Outsourcing Services Beverly Hills California
  • CISSP Evaluation Beverly Hills-Bel Air, CA, America 24x7x365 Computer Security CISSP Beverly Hills-Westwood, United States
  • Cisco Network Installation Beverly Hills California 24 Hour Cisco Network Support Technician Beverly Hills
  • Consulting for Beverly Hills Computer Support Organizations Beverly Hills Award Winning Consulting Support for Beverly Hills IT Service Firms Beverly Hills-Westwood, California
  • Debian Linux, Sun Solaris, UNIX IT Consultant Beverly Hills-Westwood, CA, USA Beverly Hills California 24-7 Gentoo Linux, Solaris, UNIX Professionals

  • 24x7x365 Virtual Server Administration Website Engineer
    Virtual Server Hyper-V Remote Consulting

    Progent's Microsoft-certified professionals can help you analyze the potential advantages of Hyper-V-powered server virtualization for your company, conduct test installations to validate Hyper-V's operation with your line-of-business software, evaluate your network and server infrastructure for optimal performance with virtual server technology, help you in moving to Microsoft Windows Server 2008 and configuring Hyper-V, train your IT personnel to monitor and administer Hyper-V, offer world-class consulting support for improving the security of your virtual machines, establish and validate business continuity procedures that optimize system availability, and deliver continuing consulting and technical support including affordable online troubleshooting and comprehensive Help Desk services.

  • DopplePaymer Ransomware Hot Line Beverly Hills Ryuk Ransomware Hot Line Beverly Hills
  • Dynamics GP 2015 Management Reporter Development Firms Microsoft Certified Expert Expert Development Dynamics GP 2015 Excel Reports
  • 24x7 Beverly Hills Conti Ransomware File-Recovery
  • ERP Contract Programmer QuickBooks Pro Applications Consulting
  • Exchange 2019 Integration Support Services Exchange 2019 M365 Integration On-site Technical Support
  • Exchange Server 2000 Upgrade Troubleshooting Migration Consulting Exchange 2000 Upgrade
  • Immediate Windows Server 2016 Network Installations Beverly Hills-Bel Air Beverly Hills-West Hollywood, United States Microsoft Windows Server 2019 Help
  • Internet Service Provider Selection Professionals Internet Access Consultant Services
  • MS Dynamics GP Beverly Hills VAR - Reporting Support Beverly Hills, U.S.A. Dynamics GP-Great Plains Partner in Beverly Hills - Upgrade Help Beverly Hills-Century City
  • Microsoft Exchange Server Setup Beverly Hills-Century City Beverly Hills-Bel Air, CA Best Microsoft Exchange 2016 Support Organizations
  • Beverly Hills Netwalker Ransomware Business-Recovery
  • Remote Troubleshooting Microsoft DPM Offsite Data Backup Service Remote Data Backup and Restore Service Consult
  • Beverly Hills Ryuk Crypto-Ransomware Cleanup Beverly Hills-Westwood
  • Remote Workforce Consulting Experts near Beverly Hills - Connectivity Solutions Guidance Beverly Hills-Westwood, CA, America Beverly Hills Offsite Workforce Connectivity Consulting Experts Beverly Hills
  • SharePoint Server 2010 Computer Consulting Beverly Hills-West Hollywood 24-Hour Microsoft SharePoint 2013 Support Beverly Hills-Bel Air
  • Small Business Consultant Top Ranked Support Outsourcing Small Office
  • Top Ranked Work from Home Employees Guidance - Beverly Hills - Infrastructure Guidance Beverly Hills-West Hollywood, CA After Hours Offsite Workforce Assistance nearby Beverly Hills - Setup Consulting Beverly Hills-West Hollywood, California
  • Urgent Remote Workers Expertise near me in Beverly Hills - Collaboration Systems Assistance Beverly Hills-Westwood, California At Home Workforce Beverly Hills Consultants - Collaboration Solutions Consulting and Support Services Beverly Hills-Bel Air, California

  • Consultants Navision
    Navision Support Services

    Progent can provide you with experts who can modify your Microsoft Business Solutions ERP, MRP, and financial system packages to match your particular business needs. Progent's Microsoft-certified consultants provide experience in Microsoft Microsoft Axapta, Microsoft NAV Business Management Software, Microsoft Dynamics SL 6.5 Accounting Software, and Microsoft Retail Management Software. Progent also offers custom e-Commerce integration services for secure, corporate-wide information sharing as well as interfacing with Customer Relationship Management applications.


    © 2002-2023 Progent Corporation. All rights reserved.