Ransomware : Your Feared IT Catastrophe
Crypto-Ransomware  Recovery ConsultantsRansomware has become a too-frequent cyberplague that represents an existential danger for businesses of all sizes poorly prepared for an assault. Different versions of ransomware like the Dharma, Fusob, Locky, Syskey and MongoLock cryptoworms have been around for years and continue to inflict destruction. Newer variants of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Snatch and Nephilim, plus frequent as yet unnamed newcomers, not only encrypt on-line files but also infiltrate any available system protection mechanisms. Information synchronized to cloud environments can also be encrypted. In a poorly architected system, it can make automated restore operations impossible and effectively sets the network back to zero.

Retrieving applications and information following a ransomware intrusion becomes a race against time as the victim fights to contain the damage and cleanup the crypto-ransomware and to restore enterprise-critical activity. Due to the fact that ransomware takes time to move laterally, penetrations are often launched on weekends and holidays, when attacks are likely to take more time to notice. This multiplies the difficulty of rapidly marshalling and orchestrating a knowledgeable response team.

Progent provides a variety of solutions for securing Brooklyn enterprises from ransomware events. Among these are team member training to help identify and avoid phishing attempts, ProSight Active Security Monitoring for endpoint detection and response using SentinelOne's behavior-based cyberthreat defense to identify and disable zero-day malware assaults. Progent also provides the services of expert ransomware recovery professionals with the track record and perseverance to reconstruct a compromised system as urgently as possible.

Progent's Ransomware Recovery Help
Following a ransomware attack, paying the ransom demands in cryptocurrency does not ensure that distant criminals will respond with the codes to decipher any of your information. Kaspersky Labs estimated that seventeen percent of ransomware victims never restored their information even after having sent off the ransom, resulting in additional losses. The risk is also costly. Ryuk ransoms often range from 15-40 BTC ($120,000 and $400,000). This is well higher than the typical ransomware demands, which ZDNET estimated to be around $13,000 for small businesses. The fallback is to setup from scratch the key parts of your Information Technology environment. Absent the availability of full data backups, this requires a broad complement of IT skills, professional project management, and the capability to work 24x7 until the recovery project is done.

For two decades, Progent has provided certified expert Information Technology services for businesses across the United States and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts includes consultants who have been awarded advanced certifications in key technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security engineers have earned internationally-renowned industry certifications including CISM, CISSP, ISACA CRISC, and GIAC. (Refer to Progent's certifications). Progent in addition has expertise in accounting and ERP application software. This breadth of expertise affords Progent the skills to knowledgably determine necessary systems and organize the surviving pieces of your Information Technology system after a ransomware attack and assemble them into a functioning system.

Progent's recovery team utilizes powerful project management systems to coordinate the sophisticated restoration process. Progent appreciates the importance of acting swiftly and in unison with a customer's management and IT staff to prioritize tasks and to get critical services back online as soon as possible.

Case Study: A Successful Ransomware Virus Recovery
A customer sought out Progent after their network was crashed by the Ryuk crypto-ransomware. Ryuk is believed to have been launched by Northern Korean government sponsored hackers, suspected of using techniques exposed from America's National Security Agency. Ryuk seeks specific organizations with limited ability to sustain disruption and is one of the most lucrative iterations of ransomware malware. High publicized organizations include Data Resolution, a California-based data warehousing and cloud computing company, and the Chicago Tribune. Progent's client is a regional manufacturer located in the Chicago metro area with around 500 staff members. The Ryuk attack had frozen all business operations and manufacturing processes. The majority of the client's data backups had been online at the start of the intrusion and were damaged. The client was actively seeking loans for paying the ransom demand (exceeding two hundred thousand dollars) and wishfully thinking for the best, but in the end utilized Progent.


"I cannot thank you enough about the help Progent gave us during the most stressful time of (our) company's existence. We may have had to pay the cybercriminals if not for the confidence the Progent group provided us. The fact that you could get our e-mail and key applications back quicker than five days was amazing. Every single consultant I interacted with or communicated with at Progent was amazingly focused on getting my company operational and was working 24/7 to bail us out."

Progent worked together with the client to rapidly determine and prioritize the essential systems that had to be recovered in order to continue business functions:

  • Active Directory (AD)
  • Microsoft Exchange Email
  • Accounting and Manufacturing Software
To get going, Progent adhered to Anti-virus incident response industry best practices by halting the spread and disinfecting systems. Progent then began the process of rebuilding Windows Active Directory, the core of enterprise networks built on Microsoft Windows technology. Microsoft Exchange Server messaging will not operate without Windows AD, and the client's MRP applications utilized SQL Server, which needs Windows AD for security authorization to the databases.

In less than 48 hours, Progent was able to re-build Active Directory to its pre-virus state. Progent then initiated setup and storage recovery on the most important servers. All Exchange data and configuration information were intact, which greatly helped the restore of Exchange. Progent was also able to assemble local OST data files (Outlook Email Off-Line Folder Files) on various workstations in order to recover email data. A not too old offline backup of the businesses manufacturing systems made it possible to return these vital programs back online for users. Although significant work needed to be completed to recover totally from the Ryuk event, the most important services were recovered rapidly:


"For the most part, the production line operation did not miss a beat and we produced all customer orders."

During the next month important milestones in the restoration process were completed in close cooperation between Progent team members and the customer:

  • Internal web sites were brought back up with no loss of information.
  • The MailStore Server with over 4 million historical emails was brought on-line and accessible to users.
  • CRM/Product Ordering/Invoicing/AP/Accounts Receivables (AR)/Inventory modules were 100% functional.
  • A new Palo Alto Networks 850 security appliance was brought on-line.
  • Nearly all of the desktop computers were functioning as before the incident.

"A lot of what occurred those first few days is nearly entirely a blur for me, but my team will not soon forget the dedication each of you accomplished to help get our business back. I've entrusted Progent for the past 10 years, maybe more, and every time I needed help Progent has impressed me and delivered. This event was a testament to your capabilities."

Conclusion
A probable enterprise-killing disaster was averted due to dedicated professionals, a wide range of IT skills, and close collaboration. Although in post mortem the ransomware virus attack detailed here could have been shut down with modern cyber security technology solutions and ISO/IEC 27001 best practices, user and IT administrator education, and properly executed incident response procedures for information protection and proper patching controls, the reality is that state-sponsored criminal cyber gangs from Russia, North Korea and elsewhere are relentless and represent an ongoing threat. If you do get hit by a crypto-ransomware incident, remember that Progent's team of professionals has a proven track record in crypto-ransomware virus defense, mitigation, and data recovery.


"So, to Darrin, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (along with others who were contributing), I'm grateful for letting me get rested after we made it over the first week. Everyone did an amazing effort, and if anyone is in the Chicago area, a great meal is on me!"

Download the Ransomware Removal Case Study Datasheet
To read or download a PDF version of this ransomware incident report, click:
Progent's Crypto-Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Services in Brooklyn
For ransomware recovery consulting services in the Brooklyn area, phone Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • 24 Hour Consulting for Network Support Organizations - Brooklyn - Short-Term Staff Augmentation Brooklyn Brooklyn, New York Brooklyn Specialists for IT Support Companies

  • Microsoft Certified Expert CIO Remote Troubleshooting
    24x7 CIO Online Technical Support

    Progent can provide small businesses with an IT management expert who can act as a part-time Chief Information Officer. This part-time CIO can offer strategic direction to help you deploy appropriate technology to improve business processes so they align better with your business goals. Your business can develop and implement a well conceived information technology plan without incurring the expense of a full-time Chief Information Officer.

  • 24/7/365 Brooklyn Offsite Workforce Conferencing Systems Consulting Brooklyn, NY, United States Brooklyn, USA Work at Home Employees Consultants near me in Brooklyn - Video Conferencing Solutions Consulting Services
  • 24x7 Offsite Workforce Brooklyn Guidance - Call Desk Outsourcing Expertise Brooklyn Brooklyn At Home Workers Help Desk Call Center Augmentation Consulting Brooklyn, US

  • 24-Hour Lync Server 2013 and Android Engineers
    Microsoft Lync Server 2013 IM Online Help

    Microsoft Lync Server 2013, rebranded Skype for Business, enables organizations of all sizes to create a manageable and secure communications environment that permits a Bring-Your-Own-Device computing style with instant messaging, presence, audio/video and web meetings with app sharing and whiteboard, as well as IP and PSTN telephony enabled for a wide range of stationary PCs and handheld devices. Progent's certified Lync Server 2013 consultants and network integrators can assist you to evaluate the advantages of Lync 2013, create an in-house, cloud-based (with Lync Online) or hybrid topology appropriate for your current and future goals, implement Lync 2013 in a way that expedites your ROI, and deliver live online and onsite training to your management team and users. Progent has in-depth expertise in key components of a Lync 2013 deployment that include Windows Server, SQL Server Express and Exchange Server, and Progent can help your organization to integrate Lync Server 2013 with popular Microsoft 365 apps including Outlook and PowerPoint.

  • Anti-Spam Consulting Anti-Spam Technology Consulting Services
  • Brooklyn Crypto Removal Help Brooklyn 24/7/365 Brooklyn Crypto Recovery Brooklyn NY

  • MRTG Outsourcing
    Linux Network Monitoring IT Services

    Network monitoring commonly consists of observing a network's resource utilization to help uncover throughput backups or fix hardware or program problems. Nagios and Multi Router Traffic Grapher (MRTG) are useful, free monitoring utilities that run under Linux and can be deployed to monitor mixed-platform networks where Linux and Windows coexist. Progent's network support engineers can show you how to take advantage of both these tools to tune and troubleshoot your network. Progent's Linux support services provide small businesses and developers assistance with administering and supporting UNIX/Linux and Solaris networks that coexist with Microsoft-based products.

  • Brooklyn Exchange 2010 Server Migration Consultants Microsoft Exchange Server 2013 Service Brooklyn
  • Brooklyn Hermes Crypto-Ransomware Cleanup Brooklyn Brooklyn, NY Brooklyn DopplePaymer Crypto-Ransomware Data-Recovery
  • Brooklyn IT Staff Temps Help Brooklyn Temporary IT Staffing for Network Service Teams Brooklyn

  • Hybrid Microsoft 365 integration Support Services
    24-Hour Troubleshooting Hybrid Microsoft 365 and Exchange

    Microsoft 365 Exchange Online lets you utilize cloud-resident servers, mailboxes and other Exchange infrastructure to lower hardware expense and administrative hassle. You can configure Exchange Online to host all your mailboxes, or you can integrate a hybrid solution that incorporates both local and cloud-hosted mailboxes. Progent's Microsoft-certified consultants offer budget-friendly remote technical support to help your organizations to assess the potential advantages of Exchange Online, design a solution that aligns with your business needs and IT budget, implement a non-disruptive move from your existing Exchange organization to one that includes Exchange Online, train your IT staff and users, and provide ongoing consulting and troubleshooting.

  • Brooklyn NY SQL Server 2012 Computer Support Firms SQL 2012 Contractor
  • Award Winning Brooklyn Egregor Ransomware Removal Brooklyn, America
  • Brooklyn New York Brooklyn Ransomware Ryuk Preparedness Audit Open Now Brooklyn Ransomware Susceptibility Evaluation Brooklyn

  • Specialists ProSight DPS Backup and Recovery Services
    Offsite Managed Backup and Recovery Services Consult

    ProSight Data Protection Services ECHO from Progent provide small and medium-sized businesses an affordable and fully managed solution for secure backup/disaster recovery. Available at a fixed monthly rate, ProSight Data Protection Services automates your backup activities and allows rapid restoration of vital data, applications and VMs that have become unavailable or corrupted as a result of component failures, software glitches, disasters, human error, or malicious attacks like ransomware. ProSight Data Protection Services can help you protect, recover and restore files, folders, applications, system images, as well as Microsoft Hyper-V and VMware images/. Critical data can be backed up on the cloud, to an on-promises device, or mirrored to both. Progent's BDR consultants can provide world-class support to set up ProSight Data Protection Services to be compliant with regulatory requirements such as HIPAA, FINRA, and PCI and, when needed, can help you to restore your business-critical data.

  • Brooklyn Phobos Ransomware Settlement Negotiation Consulting Brooklyn Brooklyn Brooklyn Hermes Ransomware Settlement Experts

  • Juniper SSL VPN Router Technology Consulting Services
    Juniper SA6500 SSL VPN Network Security Testing

    SSL VPN makes it possible to establish a secure Internet connection between an enterprise network and virtually any remote computer without the need for pre-installed client software. Progent's Juniper-certified consultants can help you design, manage, and troubleshoot SSL VPN solutions based on Juniper's AS Series of remote access appliances.

  • Brooklyn Phobos Ransomware System-Restore Brooklyn Brooklyn Hermes Ransomware Repair Brooklyn
  • Brooklyn Ransomware Mitigation and File Recovery Brooklyn 24/7 Brooklyn Avaddon Crypto-Ransomware Repair Brooklyn NY
  • Brooklyn Remote Workers Setup Guidance Brooklyn New York Offsite Workforce Brooklyn Consulting Experts - Integration Consulting Experts Brooklyn New York
  • Brooklyn Sodinokibi Ransomware Hot Line 24 Hour Ransomware Business Recovery
  • Cisco Troubleshoot Brooklyn Brooklyn New York Computer Consultancy Firm Cisco
  • Computer Network Consultant New York City Technical Services New York City
  • MS Dynamics GP-Great Plains Vendor in Brooklyn - Reporting Consultant Brooklyn Dynamics GP-Great Plains Partner - Brooklyn - Customization Help Brooklyn, United States
  • Online Support Services BlackBerry Desktop Manager Brooklyn 24 Hour Professional Services BlackBerry Synchronization Brooklyn

  • Network Services Monitoring Specialist
    ProSight Remote Infrastructure Management Remote Support Services

    ProSight WAN Watch is an infrastructure monitoring and management service that makes it simple and affordable for smaller businesses to map out, track, optimize and troubleshoot their connectivity hardware like routers and switches, firewalls, and load balancers plus servers, endpoints and other networked devices. Using cutting-edge Remote Monitoring and Management (RMM) technology, ProSight WAN Watch ensures that network diagrams are kept current, captures and displays the configuration of almost all devices connected to your network, tracks performance, and sends notices when problems are detected. By automating time-consuming network management activities, WAN Watch can knock hours off ordinary chores such as network mapping, expanding your network, locating devices that need important updates, or resolving performance bottlenecks.

  • Remote Workforce Brooklyn Guidance - Collaboration Systems Consulting Services Brooklyn, NY At Home Workers Consulting Experts near Brooklyn - Collaboration Systems Expertise Brooklyn
  • Remote Workforce Consultants - Brooklyn - Backup Systems Guidance Brooklyn Brooklyn At Home Workers Backup Systems Consulting Brooklyn
  • Security Cybersecurity Firms Brooklyn CISSP Security Auditing Brooklyn

  • Technical Support Services Offsite Workers Cloud Integration
    Remote Workforce Cloud Integration Consultants

    Progent can assist small and medium-size organizations to set up their remote employees with transparent integration with public cloud services.

  • SharePoint 2010 Outsourcing Brooklyn 24/7/365 Engineer Microsoft SharePoint Brooklyn, NY
  • Specialist New York, New York Brooklyn, New York City Outsource IT

  • Hornetsecurity Altaro M365 SharePoint Backup Remote Troubleshooting
    Hornetsecurity Altaro M365 Teams Chat Backup Online Technical Support

    Progent is an authorized Hornetsecurity/Altaro partner and can plan, install, and manage a deployment of 365 Total Backup to protect your Microsoft 365 user and group mailboxes, files residing on your company's OneDrive Accounts and SharePoint sites, user and group Teams Chats, plus files on Windows endpoints.

  • Support Services Debian Linux, Solaris, UNIX Brooklyn NY Debian Linux, Solaris, UNIX Consultants Brooklyn, U.S.A.
  • Telecommuter Jobs Q and A about Contract Cisco Consulting Freelancing Job Q and A about Cisco Consultants

  • Citrix Presentation Server Consultants
    Setup and Support Citrix XenApp

    Progent's Citrix-certified consultants can assist your business to plan, deploy, manage, and troubleshoot a virtual application delivery solution based on Citrix XenApp. Progent's Cisco CCIE network consultants can show you how to optimize your infrastructure for delivering server and client-side applications, and Progent's datacenter management and support consultants can help you to manage and support an off-site datacenter that offers high uptime, advanced protection, and rapid recovery.

  • Teleworkers Brooklyn Consultants - Cybersecurity Systems Consulting Services Brooklyn Brooklyn NY Remote Workers Assistance - Brooklyn - Security Systems Assistance
  • Teleworkers Consulting Services near Brooklyn - Support Guidance Brooklyn, NY Offsite Workforce Consulting Experts near me in Brooklyn - Support Consulting Brooklyn
  • Top Brooklyn Spora Crypto-Ransomware Forensics Investigation Brooklyn NY Brooklyn DopplePaymer Crypto-Ransomware Forensics Analysis Brooklyn, NY, United States
  • Top Ranked Brooklyn At Home Workforce Management Systems Consulting Services Brooklyn Work at Home Employees Brooklyn Assistance - Management Systems Consulting and Support Services Brooklyn New York
  • Urgent Brooklyn Remote Workers IP Voice Solutions Consulting Experts Brooklyn, United States Brooklyn Teleworkers IP Voice Systems Consulting and Support Services Brooklyn
  • Windows 10 Edge Network Consultant Engineers Windows 10 Upgrade
  • Windows Server 2016 Information Technology Consulting Brooklyn, US Windows 2019 Server Network Specialists Brooklyn
  • Work at Home Employees Brooklyn Consultants - Cloud Integration Systems Assistance Brooklyn, USA At Home Workers Guidance near Brooklyn - Cloud Solutions Consulting and Support Services Brooklyn NY
  • Top Quality Brooklyn Hermes Ransomware Business-Recovery

  • © 2002-2022 Progent Corporation. All rights reserved.