Ransomware : Your Worst IT Nightmare
Crypto-Ransomware Recovery ExpertsRansomware has become a modern cyber pandemic that represents an enterprise-level threat for businesses of all sizes poorly prepared for an assault. Multiple generations of ransomware such as Dharma, CryptoWall, Bad Rabbit, Syskey and MongoLock cryptoworms have been circulating for many years and still inflict damage. More recent strains of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Egregor, as well as additional unnamed viruses, not only encrypt on-line information but also infiltrate many accessible system restores and backups. Data synchronized to cloud environments can also be corrupted. In a poorly designed system, this can render automatic restore operations useless and basically knocks the entire system back to square one.

Restoring programs and data after a crypto-ransomware event becomes a race against the clock as the targeted business struggles to stop lateral movement and cleanup the ransomware and to restore mission-critical activity. Due to the fact that ransomware takes time to spread, assaults are usually sprung during weekends and nights, when successful penetrations may take more time to uncover. This compounds the difficulty of quickly marshalling and coordinating a knowledgeable response team.

Progent provides an assortment of solutions for protecting Brooklyn organizations from ransomware events. These include user training to help recognize and not fall victim to phishing scams, ProSight Active Security Monitoring for remote monitoring and management, plus deployment of modern security appliances with artificial intelligence technology to quickly detect and disable new threats. Progent also offers the services of seasoned ransomware recovery consultants with the talent and commitment to reconstruct a compromised system as quickly as possible.

Progent's Ransomware Restoration Support Services
Soon after a ransomware penetration, even paying the ransom in cryptocurrency does not ensure that distant criminals will provide the keys to decrypt any or all of your information. Kaspersky estimated that 17% of crypto-ransomware victims never recovered their files even after having paid the ransom, resulting in more losses. The gamble is also very costly. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is well higher than the usual ransomware demands, which ZDNET determined to be approximately $13,000 for smaller organizations. The other path is to piece back together the mission-critical elements of your IT environment. Without access to complete data backups, this calls for a wide complement of IT skills, well-coordinated project management, and the ability to work non-stop until the job is completed.

For two decades, Progent has made available certified expert IT services for businesses throughout the U.S. and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes engineers who have earned advanced certifications in key technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security experts have earned internationally-recognized certifications including CISA, CISSP, CRISC, and SANS GIAC. (See Progent's certifications). Progent in addition has experience with accounting and ERP applications. This breadth of expertise gives Progent the skills to rapidly ascertain critical systems and integrate the surviving components of your Information Technology system after a ransomware event and assemble them into an operational network.

Progent's ransomware group deploys top notch project management applications to coordinate the complex restoration process. Progent knows the urgency of acting swiftly and in concert with a customer’s management and Information Technology resources to assign priority to tasks and to put key applications back online as fast as possible.

Customer Case Study: A Successful Ransomware Attack Restoration
A business escalated to Progent after their network system was crashed by Ryuk ransomware. Ryuk is believed to have been created by Northern Korean state sponsored cybercriminals, suspected of adopting approaches leaked from the United States National Security Agency. Ryuk goes after specific businesses with little or no tolerance for operational disruption and is among the most lucrative incarnations of ransomware. High publicized targets include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's customer is a small manufacturer based in Chicago and has about 500 workers. The Ryuk intrusion had shut down all company operations and manufacturing capabilities. The majority of the client's data protection had been directly accessible at the start of the attack and were destroyed. The client was evaluating paying the ransom (in excess of two hundred thousand dollars) and wishfully thinking for the best, but ultimately brought in Progent.

"I can’t tell you enough in regards to the help Progent gave us throughout the most stressful period of (our) businesses existence. We may have had to pay the cyber criminals behind the attack except for the confidence the Progent experts afforded us. That you could get our e-mail and key applications back on-line faster than a week was beyond my wildest dreams. Each expert I spoke to or texted at Progent was laser focused on getting us working again and was working all day and night on our behalf."

Progent worked together with the customer to quickly determine and prioritize the critical systems that had to be recovered in order to resume departmental operations:

  • Active Directory (AD)
  • Electronic Messaging
  • Accounting and Manufacturing Software
To begin, Progent adhered to Anti-virus penetration mitigation industry best practices by halting lateral movement and clearing up compromised systems. Progent then started the task of bringing back online Windows Active Directory, the foundation of enterprise systems built on Microsoft technology. Microsoft Exchange Server messaging will not work without Windows AD, and the customer’s financials and MRP software leveraged Microsoft SQL, which needs Active Directory services for security authorization to the data.

In less than two days, Progent was able to recover Active Directory to its pre-virus state. Progent then helped perform reinstallations and storage recovery on the most important applications. All Microsoft Exchange Server data and attributes were intact, which facilitated the rebuild of Exchange. Progent was able to locate local OST data files (Outlook Offline Folder Files) on staff PCs and laptops to recover email information. A not too old off-line backup of the customer’s accounting systems made them able to recover these essential applications back on-line. Although significant work still had to be done to recover fully from the Ryuk attack, critical systems were recovered rapidly:

"For the most part, the manufacturing operation never missed a beat and we delivered all customer shipments."

Over the next month critical milestones in the recovery project were made in tight cooperation between Progent engineers and the client:

  • Self-hosted web sites were returned to operation with no loss of data.
  • The MailStore Exchange Server exceeding four million archived messages was spun up and available for users.
  • CRM/Product Ordering/Invoicing/AP/Accounts Receivables/Inventory Control capabilities were 100% functional.
  • A new Palo Alto Networks 850 firewall was installed and configured.
  • Most of the user workstations were fully operational.
"A huge amount of what happened during the initial response is mostly a haze for me, but my team will not forget the care each and every one of you put in to help get our business back. I’ve utilized Progent for the past ten years, maybe more, and each time Progent has impressed me and delivered as promised. This time was a testament to your capabilities."

Conclusion
A possible company-ending catastrophe was averted through the efforts of hard-working professionals, a wide range of IT skills, and tight collaboration. Although in analyzing the event afterwards the ransomware attack described here would have been blocked with up-to-date security technology solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, team education, and well designed incident response procedures for data protection and proper patching controls, the fact remains that state-sponsored criminal cyber gangs from China, Russia, North Korea and elsewhere are relentless and are an ongoing threat. If you do get hit by a ransomware attack, remember that Progent's roster of experts has extensive experience in ransomware virus blocking, cleanup, and data restoration.

"So, to Darrin, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (along with others who were contributing), thanks very much for letting me get rested after we got over the initial push. All of you did an fabulous effort, and if anyone is in the Chicago area, a great meal is the least I can do!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this ransomware incident report, please click:
Progent's Ryuk Incident Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24-7 Brooklyn Crypto-Ransomware Spora Vulnerability Audit Brooklyn Brooklyn Ransomware Maze Preparedness Consultation Brooklyn
  • At Home Workforce Assistance near Brooklyn - Infrastructure Consulting Experts Brooklyn Remote Workforce Guidance nearby Brooklyn - Integration Guidance Brooklyn, New York
  • BSD Outsource IT UNIX Networking Companies
  • BlackBerry Desktop Manager Network Design Consultant Brooklyn BlackBerry Email IT Outsourcing Firms Brooklyn
  • Brooklyn At Home Workforce Collaboration Technology Consultants Brooklyn, NY Brooklyn, New York At Home Workforce Expertise in Brooklyn - Collaboration Systems Consulting Experts
  • Brooklyn Award Winning 24-Hour Brooklyn Crypto Recovery Brooklyn Urgent Crypto-Ransomware Repair Experts Brooklyn NY

    • Urgent Online Troubleshooting Cisco ASA firewall VPN
    Cisco ASA Configuration Consulting Services

    Progent’s Cisco-Premier network consultants offer professional PIX Firewall consulting services encompassing architecture, implementation and support of Cisco firewall and Cisco security products. The Cisco PIX 500 Security Appliance Series of Cisco firewalls delivers strong user and application policy enforcement, mutlivector threat security, and secure connectivity services. Ranging from compact, easy-to-install desktop appliances for small businesses and home offices to scalable gigabit products, Cisco PIX firewalls provide a sensible level of security, speed and reliability for information networks of all sizes. PIX firewalls are build around a proven, purpose-built operating system, PIX OS, minimizing potential OS-specific security holes. The Cisco PIX Firewall has been awarded ICSA Firewall and IPsec certification as well as Common Criteria EAL4 evaluation status. PIX firewalls deliver an array of integrated protection and networking services, including advanced application-aware firewall services, VoIP and multimedia security, site-to-site and remote-access IPsec VPN networking, intelligent networking services, and extensive management tools. Progent’s network experts can show you how to select and deploy any Cisco PIX 500 Series firewalls such as the Cisco PIX 501 Firewall, the Cisco PIX 506 Firewall, the Cisco PIX 506E, PIX 515 Firewalls, the PIX 515E Firewall, the Cisco PIX 520 Firewall, Cisco PIX 525 Firewalls and the Cisco PIX 535.

  • Brooklyn Brooklyn At Home Workforce Cybersecurity Systems Consulting Offsite Workforce Consulting and Support Services nearby Brooklyn - Endpoint Security Solutions Consulting Services Brooklyn, United States

    • Project Server Contract Programming Firm
    Top Quality Microsoft Project Server 2010 Technical Support

    Progent's Microsoft-certified engineers can provide in-depth expertise in deploying, using and debugging all versions of Microsoft Project, Microsoft Project Server, and Project Online and can deliver a broad variety of affordable online support services following industry best practices to help businesses of any size to receive all the benefits of this powerful project management solution. Support services offered by Progent include system planning, software configuration and upgrades, setting up safe file and status sharing among local and remote or mobile users, network infrastructure optimization, and specialized webinar training classes.

  • Brooklyn Brooklyn Consulting Expertise for Computer Support Providers Consultants for Brooklyn Network Support Providers Brooklyn New York, U.S.A.
  • Brooklyn Brooklyn Ryuk Crypto-Ransomware Data-Recovery
  • Brooklyn Brooklyn Egregor Crypto-Ransomware Forensics Analysis Brooklyn Crypto-Ransomware Incident Reporting Brooklyn, New York
  • Brooklyn Hermes Ransomware Cleanup Brooklyn, NY Ryuk Remote Ransomware Recovery Consultants Brooklyn Brooklyn
  • Brooklyn Immediate Remote Workforce Brooklyn Assistance - Help Desk Solutions Consulting and Support Services Brooklyn Telecommuters Call Desk Solutions Guidance Brooklyn
  • Brooklyn Maze Crypto-Ransomware Settlement Help Brooklyn Brooklyn Ryuk Ransomware Settlement Negotiation Help Brooklyn
  • Brooklyn NY 24/7 Brooklyn Remote Workers Endpoint Management Tools Consulting and Support Services Work at Home Employees Expertise nearby Brooklyn - Endpoint Management Solutions Consulting Brooklyn

    • UNIX, Windows Technology Professional
    Remote Onsite Technical Support Windows, UNIX, Solaris

    Progent can help your business to design and implement a smooth migration from a UNIX-based IT environment to a network powered by Microsoft Windows and suited for supporting Microsoft's powerful office productivity suites, business applications, and developer tools. Progent's UNIX, Windows and Cisco consultants and software development specialists can show you how to guard your information and minimize productivity discontinuity by designing an effective migration plan that protects your current assets in UNIX application and infrastructure. UNIX-to-Windows transition support expertise offered by Progent include evaluation of current environment, transition strategy and validation, Microsoft Exchange migration services, information and application software porting, and server and mass storage transition and consolidation.

  • Brooklyn New York, United States Remote Workers Brooklyn Expertise - Cloud Solutions Expertise At Home Workers Brooklyn Consulting and Support Services - Cloud Integration Solutions Consulting and Support Services Brooklyn New York
  • Brooklyn Spora Ransomware System-Restore Brooklyn NY, United States Brooklyn, United States Brooklyn Ryuk Ransomware Infection Mitigation Example
  • Brooklyn Temporary IT Staffing Support Services Brooklyn Temporary Network Support Staffing Help Consulting Expertise Brooklyn, NY
  • Brooklyn WannaCry Crypto-Ransomware Rollback Brooklyn NY Brooklyn, United States Best Brooklyn Lockbit Crypto-Ransomware Mitigation

    • CRISC Certified Risk and Information Systems Control Manager Specialists
    Technology Professional CRISC Certified Risk and Information Systems Control Manager

    Progent can provide the guidance of a CRISC-certified risk management consultant to assist your company to plan and implement an enterprise risk management (ERM) strategy following best practices promoted by CRISC and crafted to match your organization's risk tolerance, business objectives, and IT budget.

  • After Hours Brooklyn Avaddon Crypto-Ransomware Mitigation
  • Brooklyn, NY Brooklyn Telecommuters IP Voice Systems Guidance Work at Home Employees Brooklyn Consulting - IP Voice Solutions Consulting Services Brooklyn, New York
  • Brooklyn, NY Remote Workers Brooklyn Expertise - Integration Expertise Remote Workers Assistance near me in Brooklyn - Connectivity Guidance Brooklyn, New York
  • Brooklyn, New York City Consulting Team Information Technology Outsource Brooklyn
  • Brooklyn, New York City Migrations Microsoft Experts Brooklyn, New York Small Office Computer Consultant
  • CCDP Expert Certified Configuration wi-fi controller WLAN controller On-site Technical Support
  • Cisco CCIE Subcontractor Cisco CCNA Contract Job Opportunities

    • CISM Security Management Consultant Services
    CISM Network Security Evaluation

    Progent offers the services of CISM Certified security professionals. The Certified Information Security Manager (CISM) organization describes the core capabilities and international standards of performance that IT security managers are required to master. It gives executive management the confidence that those who have qualified for their CISM credential possess the experience and capability to provide effective security management and support consulting.

  • Brooklyn Maze Ransomware Repair
  • Cisco Computer Consulting Services Brooklyn After Hours Cisco Computer Support Firms Brooklyn, New York
  • Brooklyn MongoLock Ransomware File-Recovery Brooklyn NY
  • Exchange 2013 eDiscovery Remote Consulting Exchange 2013 Configuration Integration
  • Brooklyn Nephilim Ransomware Data-Recovery Brooklyn
  • Exchange 2016 Information Technology Installation Service Brooklyn Network Admin Companies Microsoft Exchange Brooklyn

    • SCCM 2016 Patch Management Remote Troubleshooting
    SCCM 2016 Hybrid Integration Technology Consulting

    System Center Configuration Manager 2016 automates software deployment and updating, centralizes security and compliance settings control, keeps track of network assets, guards against corporate data leakage, provides health reporting, allows secure self service, and delivers a common control mechanism for managing multi-operating system networks running on-prem, cloud, or hybrid deployment topologies. Progent's Microsoft-certified Configuration Manager 2016 consultants and Azure cloud specialists can help your organization with any facet of planning, implementing, using and troubleshooting a SCCM 2016 deployment for on-premises, cloud-based, or hybrid environments.

  • Brooklyn NY Brooklyn Maze Crypto-Ransomware Removal
  • Fortinet FortiGate Firewalls Technology Consulting Fortinet FortiOps Technology Consulting

    • Remote Computer Support Professionals
    Phone Support IT Consulting

    For mid-size businesses looking for network support, Progent offers a variety of options including local service, on-line support, off-site Call Center, 24x7 support with automatic network monitoring, temporary staffing, business relocation support, software development, and professional consulting. For medium-size companies in California or other areas covered by Progent's onsite consultants, Progent provides professional in-person help for fixing network issues rapidly and affordably.

  • Immediate Brooklyn Telecommuters Video Conferencing Technology Guidance Brooklyn NY Remote Workforce Assistance in Brooklyn - Voice/Video Conferencing Technology Consulting Brooklyn New York

    • SQL Server 2019 Disaster Recovery IT Consulting
    Top Ranked Network Consulting SQL Server 2019 High Availability

    Progent's certified SharePoint Server 2019 and SharePoint Online consultants can provide affordable online and on-premises consulting expertise, software development, and technical support services for organizations of all sizes who want to migrate to SharePoint 2019 or SharePoint Online from legacy releases of SharePoint. Progent can help customers design and carry out an efficient upgrade to SharePoint 2019 on prem, SharePoint Online, or a hybrid network model that combines local and cloud-based infrastructure into a seamless intranet solution.

  • Immediate Progent Phone Numbers Top Quality Progent Phone Numbers
  • Immediate SharePoint Server 2010 Outsourcing Brooklyn SharePoint Server 2010 Consulting Services Brooklyn New York

    • Risk Assessment Onsite Technical Support
    Risk Mitigation Consulting Services

    Progent's disaster recovery planning and business continuity engineers can show you how to design a disaster recovery plan in case of an IT network disaster. Progent can help you develop a comprehensive disaster recovery strategy that incorporates periodic disaster recovery evaluations and testing. Progent's Microsoft and Cisco-certified engineers can also help you create an affordable, non-stop network architecture that addresses reliability issues involving a wide range of network technologies and processes.

  • Largest Gentoo Linux On-site Support Redhat Linux Professionals

    • Outsourced Programming Amazon Web Services enterprise hybrid cloud solutions
    Development Companies Amazon EC2 endpoint

    Progent offers cost-effective remote consulting to help companies to integrate Amazon AWS cloud services such as Amazon EC2 for virtual server hosting, Amazon Simple Storage Service (Amazon S3), and Amazon Glacier. Progent can assist you with every phase of Amazon AWS migration and troubleshooting including needs analysis, readiness assessment, system design, pilot testing, deployment, administration, performance optimization, software license management, backup/restore mechanisms, and security strategies.

  • MS Dynamics GP VAR in Brooklyn - Recovery Experts Brooklyn NY Dynamics GP (Great Plains) Gold Partner in Brooklyn - Training Help Brooklyn
  • Microsoft SQL 2008 System Consulting Services Brooklyn, NY 24-Hour Microsoft SQL Server Small Business IT Consulting Group
  • OS X and Cisco On-site Technical Support Top Mac Infrastructure Professional

    • SPA300 Series IP Phone Support Services
    After Hours UC520 Outsourcing

    Progent's Cisco-certified IP phone and video IP phone experts can help your business to configure, maintain, and debug Cisco IP phones, video IP phones and wireless IP handsets. Progent offers support for all models of Cisco's IP phones from legacy Voice over IP devices to the newest HD media phones. Progent's IP telephony experts can also assist you to integrate your VoIP phones and video IP phones with Cisco Unified Communications Manager, originally named CallManager, or with Unified CM Express (CME) to build a modern IP-PBX environment for unified messaging and company-wide collaboration. Progent can also help you to install Cisco Unified CM applications like Cisco Unified Communications Manager IM and Presence Service with Jabber support, Unity Express (CUE) for voicemail management, Cisco Unified Mobility for Single Number Reach (SNR, and Unified Contact Center Enterprise (UCCE) for creating an advanced customer contact solution. Progent's consultants can deliver expertise with all aspects of Cisco VoIP Phone integration including reviewing dial plans, setting up SIP gateways, deploying ISR G2 routers with CUBE internetworking capability, and creating UCS server failover and Cisco Survivable Remote Site Telephony solutions for high availability.

  • Ransomware Cleanup and Restore Brooklyn New York Ransomware Cleanup and Recovery Brooklyn New York
  • Recruiter Home Based Cisco Consultant Employment Home Based Microsoft Consultant Subcontractor
  • SCCM Security Technical Consultant Immediate Consultants SCCM Migration
  • Brooklyn Nephilim Ransomware File-Recovery Brooklyn NY, United States
  • Security Network Security Test Brooklyn Firewall Security Tech Services Brooklyn
  • Top Quality Installer Windows Server 2016 Brooklyn, United States Support Firm Windows Server 2012 R2 Brooklyn NY
  • Top Quality Work from Home Employees Brooklyn Guidance - Backup Solutions Consulting Brooklyn Work at Home Employees Consulting Services nearby Brooklyn - Backup/Restore Technology Assistance Brooklyn
  • Ubuntu Linux, Solaris, UNIX Technical Consultant Brooklyn 24/7 Gentoo Linux, Solaris, UNIX Specialists Brooklyn New York

    • Top Rated MS SQL Security Auditing
    MS SQL Server Integration Firm

    Microsoft SQL Server 2000 is a rich, web-aware database and data analysis package that enables the fast creation of a new generation of high-end programs that can give your business a critical competitive edge. Microsoft SQL Server 2000 provides core support for XML and the ability to query across the Internet and beyond the firewall. The knowledge and experience of Progent's certified SQL Server 2000 consultants, averaging more than over 10 years of work helping with Microsoft technology, assures you success in designing, installing and managing Microsoft SQL Server solutions that are seamlessly integrated with other applications based on Microsoft's .NET platform.
    © 2002-2021 Progent Corporation. All rights reserved.