Ransomware : Your Worst Information Technology Disaster
Ransomware  Remediation ConsultantsCrypto-Ransomware has become a too-frequent cyberplague that presents an existential threat for businesses poorly prepared for an assault. Versions of ransomware like the Reveton, CryptoWall, Locky, SamSam and MongoLock cryptoworms have been running rampant for many years and still inflict harm. More recent strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Snatch and Egregor, plus more as yet unnamed viruses, not only encrypt on-line information but also infiltrate many configured system protection mechanisms. Files synchronized to off-site disaster recovery sites can also be ransomed. In a poorly designed data protection solution, it can render any recovery impossible and basically sets the entire system back to square one.

Recovering services and data after a crypto-ransomware outage becomes a sprint against time as the victim struggles to contain the damage and cleanup the virus and to restore business-critical operations. Since ransomware requires time to replicate, penetrations are often launched during nights and weekends, when attacks may take longer to notice. This multiplies the difficulty of rapidly assembling and coordinating a qualified mitigation team.

Progent offers an assortment of services for protecting Beverly Hills enterprises from crypto-ransomware attacks. Among these are user training to help recognize and not fall victim to phishing attempts, ProSight Active Security Monitoring (ASM) for remote monitoring and management, along with setup and configuration of next-generation security gateways with AI technology to intelligently discover and disable zero-day threats. Progent in addition offers the assistance of veteran ransomware recovery professionals with the talent and perseverance to re-deploy a breached system as soon as possible.

Progent's Ransomware Restoration Help
Following a ransomware attack, paying the ransom demands in Bitcoin cryptocurrency does not ensure that merciless criminals will provide the needed codes to unencrypt all your files. Kaspersky ascertained that 17% of crypto-ransomware victims never restored their data after having paid the ransom, resulting in increased losses. The gamble is also expensive. Ryuk ransoms commonly range from fifteen to forty BTC ($120,000 and $400,000). This is well above the average ransomware demands, which ZDNET determined to be around $13,000 for small businesses. The alternative is to piece back together the essential components of your Information Technology environment. Without access to essential data backups, this requires a broad complement of skill sets, well-coordinated team management, and the willingness to work continuously until the job is completed.

For two decades, Progent has provided expert IT services for businesses across the United States and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have earned advanced industry certifications in important technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity consultants have garnered internationally-renowned industry certifications including CISM, CISSP-ISSAP, CRISC, and GIAC. (Visit Progent's certifications). Progent also has experience with financial management and ERP applications. This breadth of expertise provides Progent the capability to efficiently identify important systems and organize the surviving components of your computer network environment following a crypto-ransomware penetration and configure them into an operational network.

Progent's recovery group utilizes top notch project management applications to orchestrate the complicated recovery process. Progent appreciates the importance of acting rapidly and together with a client's management and Information Technology staff to prioritize tasks and to put essential services back online as soon as humanly possible.

Customer Story: A Successful Crypto-Ransomware Attack Recovery
A small business escalated to Progent after their company was attacked by the Ryuk crypto-ransomware. Ryuk is thought to have been created by Northern Korean government sponsored cybercriminals, suspected of using algorithms leaked from America’s National Security Agency. Ryuk goes after specific businesses with little or no tolerance for operational disruption and is among the most lucrative iterations of ransomware. High publicized targets include Data Resolution, a California-based data warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a single-location manufacturing company located in Chicago and has about 500 staff members. The Ryuk attack had paralyzed all essential operations and manufacturing processes. The majority of the client's system backups had been directly accessible at the beginning of the attack and were destroyed. The client was taking steps for paying the ransom demand (more than $200K) and hoping for good luck, but in the end made the decision to use Progent.


"I cannot speak enough about the help Progent gave us during the most stressful period of (our) businesses existence. We had little choice but to pay the criminal gangs if it wasn’t for the confidence the Progent experts gave us. The fact that you were able to get our e-mail and critical servers back sooner than one week was earth shattering. Each staff member I talked with or e-mailed at Progent was totally committed on getting my company operational and was working non-stop on our behalf."

Progent worked with the customer to quickly understand and assign priority to the most important applications that needed to be restored in order to continue company functions:

  • Active Directory (AD)
  • Microsoft Exchange
  • Financials/MRP
To begin, Progent followed Anti-virus incident response best practices by isolating and removing active viruses. Progent then initiated the work of restoring Active Directory, the core of enterprise environments built on Microsoft Windows technology. Microsoft Exchange Server email will not work without Active Directory, and the client's financials and MRP applications utilized Microsoft SQL, which depends on Active Directory services for authentication to the databases.

In less than 2 days, Progent was able to re-build Active Directory services to its pre-penetration state. Progent then helped perform rebuilding and storage recovery on the most important systems. All Microsoft Exchange Server schema and configuration information were intact, which accelerated the rebuild of Exchange. Progent was also able to assemble non-encrypted OST files (Outlook Email Off-Line Data Files) on team PCs and laptops to recover mail information. A not too old off-line backup of the businesses manufacturing software made it possible to return these vital programs back on-line. Although a large amount of work needed to be completed to recover completely from the Ryuk event, essential systems were returned to operations rapidly:


"For the most part, the production line operation did not miss a beat and we made all customer orders."

During the following month important milestones in the recovery process were completed through tight collaboration between Progent consultants and the client:

  • In-house web applications were restored with no loss of data.
  • The MailStore Microsoft Exchange Server containing more than 4 million historical emails was brought online and available for users.
  • CRM/Customer Orders/Invoicing/AP/Accounts Receivables/Inventory capabilities were fully operational.
  • A new Palo Alto 850 firewall was set up.
  • Nearly all of the user desktops were operational.

"A huge amount of what went on those first few days is mostly a blur for me, but my team will not forget the dedication each and every one of the team put in to give us our business back. I have trusted Progent for at least 10 years, maybe more, and every time Progent has shined and delivered. This time was a Herculean accomplishment."

Conclusion
A likely enterprise-killing catastrophe was averted due to hard-working experts, a wide range of knowledge, and tight teamwork. Although upon completion of forensics the crypto-ransomware incident detailed here would have been blocked with modern cyber security technology and best practices, staff training, and well thought out incident response procedures for data backup and applying software patches, the fact is that state-sponsored criminal cyber gangs from China, Russia, North Korea and elsewhere are tireless and are not going away. If you do get hit by a crypto-ransomware virus, remember that Progent's roster of experts has substantial experience in ransomware virus blocking, remediation, and data disaster recovery.


"So, to Darrin, Matt, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were contributing), thanks very much for allowing me to get rested after we got over the initial push. Everyone did an fabulous effort, and if anyone is around the Chicago area, a great meal is on me!"

Download the Crypto-Ransomware Remediation Case Study Datasheet
To read or download a PDF version of this ransomware incident report, click:
Progent's Ryuk Virus Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24-Hour Beverly Hills Ransomware Removal Help Beverly Hills-Bel Air, CA Immediate Beverly Hills CryptoLocker Remediation Experts Beverly Hills-Century City, CA
  • 24-Hour ransomware removal and data recovery Consulting After Hours Egregor ransomware recovery Consultant Services
  • 24x7 Q and A about Microsoft Certified Professional Employment Opportunities 24-7 Contract Job Q and A about Telecommuting Cisco Consulting
  • 24x7x365 Dynamics GP (Great Plains) Premier Partner in Beverly Hills - Training Consultant Beverly Hills-West Hollywood, CA, America Microsoft Dynamics GP Beverly Hills Partner - Upgrades Support
  • 64-bit Upgrade Remote Technical Support 64-bit Server Technical Support
  • At Home Workers Beverly Hills Consultants - Set up Guidance Beverly Hills-Westwood, CA Beverly Hills Teleworkers Integration Solutions Consultants Beverly Hills-Westwood
  • Beverly Hills-Westwood Beverly Hills Egregor Crypto-Ransomware File-Recovery
  • At Home Workforce Consulting Experts - Beverly Hills - Endpoint Management Systems Expertise Beverly Hills Open Now Work from Home Employees Beverly Hills Consulting Services - Management Tools Consulting Services
  • Beverly Hills At Home Workers Infrastructure Consulting and Support Services Beverly Hills Work at Home Employees Beverly Hills Consulting and Support Services - Integration Consulting Experts Beverly Hills-Westwood

  • Microsoft ISA 2004 Server Integration Support
    Online Support Services ISA 2004 Enterprise Edition Server

    Progent's certified ISA Server 2004 consultants have extensive backgrounds with Internet Security and Acceleration Server configuring ISA Server-based security installations for information systems with many sites, remote workers, and mission-critical web applications. Progent's Microsoft Firewall consultants can assist your small business in planning and implementing a configuration of ISA 2000 Server or ISA Server 2004 that supports your network security needs without adversely limiting your IT system accessibility. Progent's consulting professionals can help you migrate from Microsoft Proxy Server from ISA 2000 Server to ISA 2004 Enterprise Edition Server, Microsoft ISA 2004 Standard Edition Server, or other up-to-date versions of Internet Security and Acceleration Server.

  • Beverly Hills At Home Workforce Help Desk Outsourcing Consultants Beverly Hills Work from Home Employees Help Desk Solutions Assistance Beverly Hills California
  • Beverly Hills At Home Workforce Voice/Video Conferencing Solutions Consulting Beverly Hills-Bel Air, California Beverly Hills At Home Workforce Conferencing Solutions Consulting Beverly Hills-West Hollywood, CA
  • Beverly Hills Beverly Hills Sodinokibi Ransomware Forensics Investigation Beverly Hills Spora Ransomware Forensics Investigation Beverly Hills-West Hollywood, California
  • Beverly Hills Crypto-Ransomware Assault Removal Beverly Hills-Westwood, California Beverly Hills NotPetya Ransomware Rollback Beverly Hills-Century City, California, United States
  • Beverly Hills Crypto-Ransomware Computer-Virus Preparedness Beverly Hills, CA Beverly Hills Crypto-Ransomware Ryuk Vulnerability Assessment Beverly Hills
  • Beverly Hills Ryuk Crypto-Ransomware Settlement Support Beverly Hills, U.S.A. After Hours Beverly Hills Ryuk Crypto-Ransomware Negotiation Support Beverly Hills
  • Beverly Hills Sodinokibi Ransomware System-Rebuild Beverly Hills Beverly Hills-Century City Beverly Hills Conti Crypto-Ransomware Data-Recovery
  • Beverly Hills-Bel Air, CA Beverly Hills MongoLock Crypto-Ransomware Rollback Beverly Hills-West Hollywood, CA Top Quality Beverly Hills Ryuk Ransomware Virus System-Restore Case Study
  • Beverly Hills-Bel Air, California Network Support Group BlackBerry Beverly Hills Open Now System Engineers BlackBerry Professional Software
  • Beverly Hills-Hollywood Troubleshooting Beverly Hills, CA Technical Consultants
  • Beverly Hills-West Hollywood Technical Support Company Beverly Hills-Century City Small Business IT Consultant

  • Top VMware Data Recovery Engineer
    Engineers CrashPlan Backup

    Progent can provide affordable remote support from engineers skilled in a wide range of utilities and technologies that deliver solutions for protecting Microsoft Windows, Apple Mac, and Linux servers and workstations plus notebooks and smartphones. Progent offers expertise for leading data protection platforms such as Acronis Backup and Recovery, Barracuda Backup, Altaro VM Backup, Symantec Backup Exec, BackupAssist, CrashPlan, Double-Take Software, Mozy, Retrospect for Macintosh, Time Machine, VMware Data Recovery (VDR), and Solaris FLARs. Progent can assist your company to implement, upgrade, or troubleshoot backup systems for a variety of architectures such as local, edge to datacenter, cloud, or a mix.

  • Call Desk for at Home Workforce Onsite Technical Support Remote Working IT Consultants
  • Cisco Computer Consulting Beverly Hills-Bel Air, CA Cisco Information Technology Outsourcing Firms
  • Computer Expert OS X macOS Troubleshooting Consultant
  • Consultant Microsoft DPM Offsite Data Backup Service Engineer Offsite DPM Backup Service
  • Beverly Hills Spora Crypto-Ransomware Data-Recovery Beverly Hills-West Hollywood, California, United States
  • Consulting for Beverly Hills IT Support Organizations Beverly Hills California, US Beverly Hills Consulting Services for IT Support Providers Beverly Hills
  • Exchange 2019 Support Companies Beverly Hills-Century City, California Exchange Networking Consultancy Beverly Hills-Westwood, California
  • Beverly Hills DopplePaymer Ransomware Remediation Beverly Hills-Bel Air
  • Information Technology Consulting Red Hat Linux, Sun Solaris, UNIX CentOS Linux, Solaris, UNIX Online Consulting
  • Microsoft Outlook for Mac Online Consulting Support and Integration Mac Email client for Exchange

  • Best VMware Consulting
    Top VMware vRealize Orchestrator vRO Technology Professional

    Progent can provide the support of a certified VMware VCDX expert to help you design, configure, administer and troubleshoot VMware vSphere and vCloud-based virtualization solution for on-premises datacenters, private and public clouds, or hybrid cloud systems. Progent offers advanced expertise for deploying and integrating VMware Site Recovery Manager (SRM) and VMware's NSX virtual network system for disaster recovery and application continuity. Progent has in-depth experience of VMware vCloud Director, VMware vRealize Automation (vRA), vRealize Orchestrator and vCloud used for managing private and hybrid cloud environments that provide high availability, data security, and application mobility.

  • Microsoft SQL Server 2017 Outsourcing Services Beverly Hills-West Hollywood, CA Microsoft SQL Server 2017 Consulting Companies
  • Microsoft SharePoint Server 2007 Network Consultants Beverly Hills-Westwood SharePoint Remote Consulting Beverly Hills California

  • Emergency Amazon AWS cloud services integration Engineer
    Amazon hybrid cloud integration Integration Companies

    Progent can provide affordable online support to help businesses of any size to integrate Amazon Web Services (AWS) cloud services such as Amazon EC2 for virtual server hosting, Amazon Simple Storage Service (Amazon S3) for scalable low-latency storage, and Glacier for value-priced archival storage. Progent can help your IT team with every aspect of Amazon AWS integration including requirements analysis, readiness assessment, system design and review, testing, configuration, centralized administration, performance optimization, software license management, backup/restore solutions, and security strategies. Progent offers advanced expertise with firewall configuration and VPN connections and can show you how to create all-cloud or hybrid cloud ecosystems that seamlessly integrate Amazon AWS services. Progent offers as-needed consulting to help you to overcome complex technical issues or Progent can deliver project management outsourcing or co-sourcing services to help you migrate to the Amazon AWS cloud on time and on budget.

  • NetApp Clustered Data ONTAP Services Top Consultancy NetApp MetroCluster Synchronous Replication
  • Beverly Hills WannaCry Crypto-Ransomware Repair
  • Network Consulting Service Windows Server 2016 Beverly Hills-West Hollywood, CA Repairing Windows Server 2016 Beverly Hills-West Hollywood
  • Offsite Workforce Beverly Hills Guidance - Cybersecurity Solutions Consulting Services Beverly Hills-Century City, California Beverly Hills, USA Offsite Workforce Beverly Hills Consulting Experts - Security Systems Guidance
  • Project Planning Computer Consulting Collocation Consultant Services
  • Ransomware Rebuild Beverly Hills-Century City Ryuk Ransomware Hot Line Beverly Hills-Century City
  • Remote Workers Beverly Hills Assistance - Backup Technology Consulting Beverly Hills Beverly Hills Beverly Hills Offsite Workforce Data Protection Systems Consulting
  • Remote Workforce Guidance near me in Beverly Hills - VoIP Systems Assistance Beverly Hills-West Hollywood Offsite Workforce Consulting Services near me in Beverly Hills - IP Voice Solutions Consulting Beverly Hills-West Hollywood, United States
  • Remote and Mobile Email Access Consultancy Firms Open Now Microsoft Exchange and Outlook Information Technology Consultants
  • Security Cybersecurity Team Beverly Hills-West Hollywood, CA Beverly Hills-Bel Air, California 24x7 Computer Security Specialist Firewall
  • SharePoint 2016 Workflow Manager Consultant Microsoft Certified Expert Computer Consultant SharePoint 2016 PowerShell

  • Outlook for Mac Remote Support Services
    Microsoft Outlook for Mac IT Consultant

    Microsoft Office for Mac allows Apple Macintosh users to run the world's most popular business programs. Progent's Apple-certified Macintosh experts can show you how to set up Mac Office on a multi-vendor environment combining Apple OS X and Windows-powered computers so that Macintosh users can take advantage of the new capabilities of Microsoft Word, Excel, PowerPoint and Entourage for Mac in order to share data and system resources with co-workers who use Windows. Progent's consultants have expertise with both Mac and Windows platforms and can support networks that mix Apple Macintosh with Microsoft Windows systems with complete resource sharing, or environments which intentionally limit collaboration between Apple Mac and Windows systems.

  • Specialist macOS and OS X Emergency Apple iPhone Integration Support
  • Beverly Hills, CA 24 Hour Beverly Hills Dharma Crypto-Ransomware File-Recovery
  • Teleworkers Consulting Services in Beverly Hills - Cloud Integration Technology Consulting and Support Services Beverly Hills-West Hollywood, CA After Hours Teleworkers Assistance near Beverly Hills - Cloud Integration Technology Consulting Experts Beverly Hills-Century City
  • Temporary IT Staffing for Network Support Teams Beverly Hills-Bel Air, CA Beverly Hills Staffing Support Services Beverly Hills-Century City, CA
  • Work from Home Employees Beverly Hills Expertise - Collaboration Solutions Consulting Beverly Hills-Westwood Beverly Hills-Bel Air, California 24x7 Beverly Hills Telecommuters Collaboration Technology Assistance

  • © 2002-2021 Progent Corporation. All rights reserved.