Ransomware : Your Worst IT Disaster
Ransomware  Remediation ConsultantsRansomware has become a modern cyber pandemic that represents an enterprise-level danger for businesses unprepared for an assault. Versions of crypto-ransomware like the Dharma, CryptoWall, Bad Rabbit, SamSam and MongoLock cryptoworms have been circulating for years and still inflict havoc. Modern versions of ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Nephilim, along with additional unnamed viruses, not only encrypt on-line critical data but also infect any available system backup. Files synchronized to off-site disaster recovery sites can also be rendered useless. In a poorly designed environment, this can render automatic restore operations useless and effectively knocks the network back to zero.

Getting back online programs and data after a ransomware attack becomes a sprint against the clock as the targeted business tries its best to contain and clear the ransomware and to resume enterprise-critical activity. Due to the fact that crypto-ransomware requires time to move laterally, attacks are frequently sprung during nights and weekends, when successful penetrations are likely to take longer to recognize. This compounds the difficulty of rapidly assembling and orchestrating an experienced response team.

Progent has a range of solutions for protecting Brooklyn businesses from ransomware events. Among these are user training to help identify and avoid phishing attempts, ProSight Active Security Monitoring (ASM) for endpoint detection and response utilizing SentinelOne's behavior-based cyberthreat defense to identify and suppress zero-day modern malware assaults. Progent also can provide the assistance of experienced crypto-ransomware recovery engineers with the skills and perseverance to rebuild a breached environment as soon as possible.

Progent's Ransomware Restoration Support Services
Following a ransomware penetration, sending the ransom demands in cryptocurrency does not provide any assurance that cyber hackers will return the needed codes to decrypt all your information. Kaspersky determined that seventeen percent of ransomware victims never restored their information after having sent off the ransom, resulting in additional losses. The risk is also expensive. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is significantly above the average crypto-ransomware demands, which ZDNET determined to be around $13,000 for small businesses. The alternative is to setup from scratch the vital parts of your IT environment. Absent access to essential system backups, this requires a wide range of skills, professional project management, and the capability to work 24x7 until the task is completed.

For decades, Progent has made available expert Information Technology services for businesses across the United States and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have earned high-level industry certifications in important technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security engineers have earned internationally-recognized industry certifications including CISA, CISSP-ISSAP, ISACA CRISC, and SANS GIAC. (See Progent's certifications). Progent in addition has expertise with financial systems and ERP applications. This breadth of expertise provides Progent the ability to rapidly ascertain necessary systems and integrate the surviving parts of your IT environment after a ransomware attack and rebuild them into a functioning network.

Progent's ransomware group utilizes best of breed project management systems to orchestrate the sophisticated restoration process. Progent appreciates the importance of acting rapidly and in unison with a client's management and IT team members to prioritize tasks and to get critical systems back on line as fast as possible.

Client Story: A Successful Ransomware Virus Recovery
A client hired Progent after their organization was brought down by the Ryuk ransomware virus. Ryuk is thought to have been launched by North Korean state cybercriminals, possibly using techniques leaked from America's National Security Agency. Ryuk attacks specific companies with little room for operational disruption and is among the most lucrative incarnations of ransomware malware. Major targets include Data Resolution, a California-based info warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a small manufacturing business based in the Chicago metro area and has around 500 workers. The Ryuk intrusion had shut down all company operations and manufacturing processes. The majority of the client's system backups had been directly accessible at the time of the intrusion and were damaged. The client was evaluating paying the ransom (in excess of $200,000) and praying for the best, but ultimately made the decision to use Progent.


"I can't speak enough in regards to the care Progent provided us throughout the most stressful time of (our) company's existence. We would have paid the Hackers if not for the confidence the Progent experts provided us. The fact that you could get our messaging and key applications back on-line faster than five days was earth shattering. Every single person I talked with or communicated with at Progent was hell bent on getting us back on-line and was working non-stop to bail us out."

Progent worked hand in hand the customer to quickly identify and assign priority to the essential areas that had to be recovered to make it possible to continue departmental functions:

  • Microsoft Active Directory
  • Exchange Server
  • Financials/MRP
To get going, Progent followed ransomware incident response best practices by stopping lateral movement and disinfecting systems. Progent then began the process of restoring Microsoft Active Directory, the key technology of enterprise networks built on Microsoft Windows technology. Microsoft Exchange Server email will not operate without Active Directory, and the customer's financials and MRP applications used Microsoft SQL Server, which requires Active Directory for authentication to the information.

Within two days, Progent was able to recover Active Directory to its pre-intrusion state. Progent then assisted with rebuilding and storage recovery of the most important systems. All Microsoft Exchange Server data and configuration information were usable, which accelerated the restore of Exchange. Progent was able to locate local OST data files (Outlook Off-Line Data Files) on team PCs and laptops to recover email information. A not too old off-line backup of the businesses accounting software made it possible to restore these essential programs back on-line. Although significant work still had to be done to recover completely from the Ryuk virus, core systems were restored rapidly:


"For the most part, the production operation never missed a beat and we made all customer sales."

Over the following few weeks key milestones in the recovery project were completed in close collaboration between Progent team members and the customer:

  • In-house web sites were returned to operation with no loss of data.
  • The MailStore Microsoft Exchange Server containing more than four million historical emails was restored to operations and accessible to users.
  • CRM/Orders/Invoices/Accounts Payable (AP)/Accounts Receivables/Inventory modules were completely restored.
  • A new Palo Alto 850 firewall was brought on-line.
  • Nearly all of the desktops and laptops were operational.

"Much of what went on in the initial days is nearly entirely a fog for me, but we will not forget the dedication all of your team put in to give us our business back. I've entrusted Progent for the past 10 years, possibly more, and every time I needed help Progent has outperformed my expectations and delivered. This situation was a stunning achievement."

Conclusion
A possible business catastrophe was avoided with results-oriented experts, a broad range of subject matter expertise, and tight teamwork. Although in hindsight the ransomware virus incident detailed here could have been identified and stopped with up-to-date security solutions and recognized best practices, staff training, and properly executed incident response procedures for backup and keeping systems up to date with security patches, the reality remains that state-sponsored cyber criminals from Russia, China and elsewhere are relentless and are not going away. If you do get hit by a crypto-ransomware penetration, feel confident that Progent's roster of professionals has proven experience in crypto-ransomware virus defense, mitigation, and data disaster recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Tony (and any others who were involved), I'm grateful for allowing me to get some sleep after we got over the first week. All of you did an fabulous job, and if any of your guys is in the Chicago area, dinner is on me!"

Download the Ransomware Cleanup Case Study Datasheet
To read or download a PDF version of this case study, please click:
Progent's Crypto-Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Recovery Expertise in Brooklyn
For ransomware system recovery expertise in the Brooklyn area, phone Progent at 800-462-8800 or visit Contact Progent.



An index of content::

  • 24-7 Computer Consulting Firms BlackBerry Smartphone Brooklyn RIM BlackBerry Small Business Computer Consulting Group Brooklyn
  • 24-7 Windows Server 2012 Software Consultant Brooklyn, New York Urgent Windows Server 2016 Computer Support Firms Brooklyn New York
  • 24/7 Remote Workers Consulting - Brooklyn - VoIP Solutions Expertise Brooklyn Remote Workforce Brooklyn Consulting - IP Voice Technology Consulting Brooklyn NY
  • 24/7/365 NYC-Brooklyn Computer Consulting Firm New York, New York Information Technology Consulting Firms
  • 24x7 Brooklyn Crypto-Ransomware Settlement Negotiation Consultants Brooklyn Brooklyn Crypto-Ransomware Settlement Guidance
  • At Home Workers Consulting nearby Brooklyn - Endpoint Security Systems Consulting Brooklyn 24x7x365 Telecommuters Consultants - Brooklyn - Endpoint Security Systems Expertise Brooklyn, NY
  • At Home Workforce Consultants nearby Brooklyn - Setup Consulting Services Brooklyn Offsite Workforce Brooklyn Consulting Services - Integration Consultants Brooklyn

  • After Hours Mac Online Technical Support Specialists
    macOS Remote Consult

    Progent offers nationwide online help and troubleshooting services for businesses who operate Apple macOS and OS X environments or whose IT systems feature a combination of Apple Mac and Microsoft products. Progent's consultants offer macOS and OS X users a range of services such as desktop assistance, migration to the most recent version of macOS from other earlier versions of macOS or OS X, plus help with Mac applications. Progent can also help you with Apple iPhone and Apple iPad support, or moving to iCloud. Online technical support offers maximum leverage for your IT budget by extending user productivity and shortening the hours billed for network repair services. Advanced remote support utilities and skilled service specialists and engineers combine to enable Progent to handle most IT issues without squandering time and money by traveling to your location. In most of situations your network issues can be dealt with over the phone or through a combination of phone support and remote network analysis. Progent can offer the services of Cisco CCIE infrastructure engineers and CISSP and ISSAP certified security specialists to help with the most difficult network problems.

  • Azure hybrid cloud integration Consulting Microsoft Azure enterprise hybrid cloud solutions Professional
  • Brooklyn Avaddon Ransomware Repair Brooklyn Award Winning Brooklyn WannaCry Crypto-Ransomware Business-Recovery Brooklyn
  • Brooklyn Brooklyn Locky Ransomware Removal Brooklyn Brooklyn Snatch Crypto-Ransomware Remediation
  • Brooklyn Conti Ransomware System-Rebuild Brooklyn, New York Urgent Brooklyn Egregor Ransomware Cleanup Brooklyn, United States
  • Brooklyn Ransomware NotPetya Susceptibility Audit Brooklyn Brooklyn Crypto-Ransomware Sodinokibi Vulnerability Consultation

  • CISM Certified Security Management Consulting
    CISM Certified Security Management Consulting

    Progent can provide the support of CISM Certified security consultants. The Certified Information Security Manager (CISM) committee describes the core competencies and global standards of performance that information security professionals are required to learn. CISM gives executive management the assurance that consultants who have qualified for their CISM credential possess the background and knowledge to deliver effective security administration and consulting consulting.

  • Brooklyn Remote Workforce Video Conferencing Technology Consulting Brooklyn Brooklyn Remote Workers Voice/Video Conferencing Solutions Assistance Brooklyn, New York
  • Brooklyn WannaCry Crypto-Ransomware Forensics Analysis Brooklyn, NY Brooklyn Phobos Crypto-Ransomware Forensics Analysis Brooklyn NY
  • Brooklyn, New York Brooklyn IT Staff Temps Services Supplemental IT Support Staffing Support Consulting Support
  • CISSP Firewall Support Brooklyn, NY Brooklyn, NY Security Security Contractor

  • Chief Information Officer Consultants
    Part-Time CIO Technology Consulting

    Progent offers the part-time or temporary assistance of a veteran CIO to offer a broad perspective to assist your company select and maintain IT solutions appropriate for your current needs and that can serve as a firm basis for your growth. Progent's part-time or temporary CIO services provide economic advantages to companies who want to optimize the impact of their IT investment but who are without the budget or unwilling to add another executive-level position to their head count. Since Progent is vendor-agnostic, with a large staff of engineers certified to maintain all major operating systems and networking technologies plus a broad range and business applications, Progent is in an ideal position to offer objective recommendations as well as advanced technical help for developing IT solutions that fit the special needs of your organization.

  • Cisco Small Business Network Consulting Services Brooklyn New York Help Cisco Brooklyn, New York
  • Consulting for Network Service Companies near Brooklyn - Transparent Short-Term Staff Augmentation Brooklyn Consulting Experts for Network Service Providers Brooklyn, NY
  • Crypto Repair Help Brooklyn, NY 24x7x365 Immediate Brooklyn CryptoLocker Repair Brooklyn, United States

  • Solaris-Windows Upgrading
    Migration Consulting Sun Solaris

    Progent can assist your company to design and implement an efficient transition from a Solaris-powered information system to a network based on MS Windows and capable of running Microsoft's popular office productivity products, commercial applications, and developer platforms. Progent's Sun Solaris, Windows and Cisco engineers and software development experts can help you guard your information and minimize business discontinuity by developing an efficient migration plan that preserves your current investments in Solaris software and infrastructure. UNIX-to-Windows transition support expertise available from Progent include evaluation of existing environment, migration strategy and validation, MS Exchange migration support, data and application software transition, and processor and media transition and consolidation.

  • MS Dynamics GP Brooklyn Solution Provider - Customization Consulting Brooklyn MS Dynamics GP Brooklyn Partner - Database Help Brooklyn New York, United States

  • IM and Presence Service Setup and Support
    Technical Support Unified CM clustering

    Cisco Unified Communications Manager, originally named CallManager, operates as the core of Cisco's communications and collaboration platform. Unified CM and Cisco Unified CM Express offer an advanced IP-PBX by integrating tightly with unified messaging applications such as Cisco Unified Communications Manager IM and Presence Service, Cisco Unity Express for voicemail management, Cisco Unified Mobility for Single Number Reach, and Unified Contact Center Enterprise (UCCE) for creating an advanced customer contact center. Progent's Cisco-certified network consultants can deliver efficient and affordable online and on-premises support to help businesses of all sizes to build and administer CUCM ecosystems by providing Unified Communications Manager integration and troubleshooting consulting services that add optimum productivity. Progent can help with any facet of Unified Communications Manager setup and debugging in areas that include integrating Voice over IP phones and desktop Video phones, designing dial plans, configuring SIP trunking and PSTN support, deploying ISR routers with CUBE VoIP networking support, creating Cisco UCS server clustering systems for survivability, capacity planning, and integration with Microsoft Exchange Server.

  • Microsoft SQL Server 2016 Consulting Services Firm Brooklyn Brooklyn Microsoft SQL Server 2017 Network Support Service
  • Online Consulting Forefront Network Inspection System Top Rated Forefront TMG 2010 Specialist
  • Outsourcing SQL Server 2017 Migration SQL Server 2017 OLTP Online Help
  • ProSight Email Security Consulting Consult ProSight Outbound Email Filtering
  • Ransomware Data Restore Brooklyn Sodinokibi Ransomware Hot Line Brooklyn
  • Remote Workers Consulting and Support Services near Brooklyn - Help Desk Augmentation Consulting Brooklyn, NY Brooklyn Remote Workers Call Desk Augmentation Assistance
  • Remote Workforce Brooklyn Consulting - Backup Technology Expertise Brooklyn, US Teleworkers Consulting and Support Services near me in Brooklyn - Data Protection Solutions Consulting
  • Remote Workforce Consulting Experts nearby Brooklyn - Cloud Systems Expertise At Home Workers Expertise - Brooklyn - Cloud Integration Systems Consulting Experts Brooklyn, US
  • Brooklyn Dharma Crypto-Ransomware Data-Recovery Brooklyn, U.S.A.
  • SharePoint 2013 Support and Integration Brooklyn, NY 24/7 Microsoft SharePoint 2013 Technical Support Services Brooklyn, US
  • Specialist 64-bit Computing Microsoft Certified Expert 64-bit Server Computer Consultants
  • Telecommuters Consultants in Brooklyn - Solutions Consultants At Home Workforce Consultants - Brooklyn - Connectivity Consultants Brooklyn
  • Top Quality Exchange Server 2016 Small Office IT Consultants Brooklyn, New York Brooklyn, NY, United States Consulting Exchange 2019
  • Top Quality New York Computer Installation Top Quality New York Outsourced IT Management Services
  • Ubuntu Linux, Solaris, UNIX Support and Help Brooklyn Gentoo Linux, Sun Solaris, UNIX Consultants
  • Urgent Auditor Check Point VPN-1 Check Point UTM-1 Edge Network Security Evaluation

  • ProSight Reporting Network Infrastructure Management Consultant Services
    ProSight Reporting Auvik Network Managemrnt Support and Integration

    ProSight Reporting is a growing suite of in-depth reporting tools created to integrate with the industry's leading ticketing and remote network monitoring platforms including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne.

  • Windows 2003 Server Network Consulting Windows 2003 Server Technical Consultant

  • Server Management Consultant Services
    Virtual Server Technology Specialist

    Server growth puts pressure on IT budgets and management resources. Server reduction via a virtual infrastructure offers lower TCO of servers and quicker ROI, more efficient use of physical computers, streamlined operations, enhanced network availability, and easier manageability. Typical uses for virtual machines include hardware consolidation, low-cost hosts for line-of-business legacy applications running on obsolete operating systems, and inexpensive quarantine of software development or pilot testing environments from on-line systems.

  • Work at Home Employees Consulting Services nearby Brooklyn - Collaboration Solutions Consulting Services Brooklyn Work from Home Employees Assistance - Brooklyn - Collaboration Technology Consulting Services Brooklyn New York
  • Work from Home Employees Consultants nearby Brooklyn - Endpoint Management Solutions Guidance Brooklyn New York Brooklyn Work from Home Employees Brooklyn Consulting Services - Endpoint Management Tools Guidance

  • © 2002-2023 Progent Corporation. All rights reserved.