Ransomware : Your Crippling IT Nightmare
Ransomware  Remediation ConsultantsRansomware has become a modern cyber pandemic that presents an extinction-level threat for organizations poorly prepared for an attack. Different iterations of crypto-ransomware like the CryptoLocker, CryptoWall, Locky, SamSam and MongoLock cryptoworms have been running rampant for years and still cause harm. Newer strains of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Conti and Egregor, along with daily unnamed viruses, not only encrypt online files but also infiltrate any configured system backup. Information synchronized to the cloud can also be encrypted. In a poorly designed environment, it can render automated restore operations hopeless and basically knocks the entire system back to zero.

Retrieving programs and data following a crypto-ransomware intrusion becomes a sprint against the clock as the targeted business fights to stop the spread and clear the virus and to restore business-critical operations. Since ransomware requires time to move laterally, attacks are usually launched on weekends, when attacks in many cases take more time to detect. This multiplies the difficulty of quickly marshalling and coordinating an experienced mitigation team.

Progent has a variety of support services for protecting Brooklyn enterprises from ransomware attacks. These include team education to become familiar with and not fall victim to phishing scams, ProSight Active Security Monitoring (ASM) for endpoint detection and response utilizing SentinelOne's behavior-based threat defense to detect and quarantine day-zero modern malware assaults. Progent in addition offers the services of expert ransomware recovery professionals with the skills and perseverance to re-deploy a compromised system as urgently as possible.

Progent's Ransomware Restoration Support Services
After a crypto-ransomware event, sending the ransom in cryptocurrency does not ensure that merciless criminals will return the keys to decrypt all your information. Kaspersky determined that seventeen percent of ransomware victims never restored their files after having sent off the ransom, resulting in increased losses. The risk is also costly. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is significantly higher than the average crypto-ransomware demands, which ZDNET determined to be around $13,000 for small organizations. The fallback is to re-install the essential elements of your Information Technology environment. Absent access to essential system backups, this requires a wide complement of IT skills, well-coordinated project management, and the capability to work non-stop until the recovery project is finished.

For two decades, Progent has offered expert Information Technology services for companies throughout the U.S. and has earned Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts includes consultants who have earned top certifications in key technologies such as Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's security consultants have garnered internationally-recognized industry certifications including CISM, CISSP, CRISC, and SANS GIAC. (See Progent's certifications). Progent in addition has expertise with accounting and ERP software solutions. This breadth of expertise gives Progent the skills to knowledgably understand important systems and consolidate the surviving parts of your computer network system following a crypto-ransomware attack and rebuild them into an operational system.

Progent's security team of experts deploys state-of-the-art project management applications to coordinate the sophisticated restoration process. Progent appreciates the urgency of working rapidly and in concert with a client's management and Information Technology resources to prioritize tasks and to put critical services back on-line as soon as possible.

Client Case Study: A Successful Ransomware Intrusion Recovery
A client sought out Progent after their organization was attacked by Ryuk crypto-ransomware. Ryuk is generally considered to have been launched by Northern Korean state sponsored hackers, suspected of adopting technology leaked from America's National Security Agency. Ryuk targets specific businesses with little or no ability to sustain disruption and is among the most profitable iterations of ransomware viruses. Well Known victims include Data Resolution, a California-based information warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a regional manufacturing company based in Chicago and has around 500 employees. The Ryuk penetration had frozen all essential operations and manufacturing capabilities. The majority of the client's information backups had been on-line at the time of the attack and were encrypted. The client considered paying the ransom (in excess of two hundred thousand dollars) and hoping for the best, but ultimately brought in Progent.


"I cannot speak enough about the expertise Progent gave us during the most critical time of (our) company's existence. We most likely would have paid the hackers behind this attack if not for the confidence the Progent team provided us. The fact that you could get our e-mail system and essential applications back on-line quicker than seven days was something I thought impossible. Every single staff member I worked with or messaged at Progent was absolutely committed on getting my company operational and was working at all hours to bail us out."

Progent worked together with the client to rapidly understand and prioritize the essential services that had to be recovered to make it possible to restart company operations:

  • Active Directory
  • Electronic Messaging
  • MRP System
To get going, Progent followed Anti-virus incident mitigation best practices by isolating and disinfecting systems. Progent then initiated the steps of restoring Microsoft AD, the key technology of enterprise environments built upon Microsoft Windows Server technology. Microsoft Exchange email will not work without Windows AD, and the businesses' MRP system used Microsoft SQL Server, which depends on Active Directory services for authentication to the data.

In less than two days, Progent was able to re-build Active Directory services to its pre-intrusion state. Progent then charged ahead with setup and hard drive recovery of mission critical servers. All Exchange Server schema and configuration information were intact, which accelerated the restore of Exchange. Progent was also able to locate local OST data files (Microsoft Outlook Offline Data Files) on user PCs to recover mail messages. A recent off-line backup of the customer's manufacturing software made it possible to restore these required applications back available to users. Although a large amount of work was left to recover totally from the Ryuk attack, the most important systems were returned to operations quickly:


"For the most part, the assembly line operation did not miss a beat and we did not miss any customer shipments."

Throughout the following few weeks critical milestones in the restoration process were achieved in close cooperation between Progent consultants and the customer:

  • In-house web applications were returned to operation with no loss of information.
  • The MailStore Exchange Server containing more than four million historical messages was brought online and accessible to users.
  • CRM/Customer Orders/Invoices/AP/Accounts Receivables (AR)/Inventory Control functions were 100% operational.
  • A new Palo Alto Networks 850 firewall was set up.
  • Most of the desktop computers were functioning as before the incident.

"A lot of what was accomplished in the initial days is mostly a fog for me, but my management will not forget the countless hours all of you accomplished to give us our business back. I've been working with Progent for the past ten years, possibly more, and each time I needed help Progent has shined and delivered. This situation was a stunning achievement."

Conclusion
A possible business catastrophe was averted by dedicated experts, a broad spectrum of subject matter expertise, and tight teamwork. Although in post mortem the ransomware penetration described here could have been identified and prevented with modern cyber security solutions and best practices, user training, and properly executed security procedures for information backup and proper patching controls, the reality is that state-sponsored cybercriminals from China, North Korea and elsewhere are tireless and are an ongoing threat. If you do get hit by a ransomware attack, feel confident that Progent's roster of experts has a proven track record in ransomware virus defense, cleanup, and file recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Tony and Chris (and any others that were involved), thanks very much for allowing me to get some sleep after we got over the most critical parts. All of you did an impressive job, and if anyone is around the Chicago area, a great meal is the least I can do!"

Download the Crypto-Ransomware Cleanup Case Study Datasheet
To read or download a PDF version of this customer case study, click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Expertise in Brooklyn
For ransomware system restoration services in the Brooklyn area, phone Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24 Hour Brooklyn Ryuk Crypto-Ransomware Settlement Experts Brooklyn New York Brooklyn Maze Crypto-Ransomware Settlement Negotiation Services Brooklyn, USA
  • 24/7 CISSP Technology Consulting Brooklyn CISSP Security Consultants Brooklyn New York
  • 24x7 Brooklyn IT Staffing Support Brooklyn Supplemental Network Support Staffing Support Expertise Brooklyn, NY, United States
  • 24x7 Windows 2019 Server Computer Network Support Company Brooklyn, USA Windows Server 2016 Implementation Brooklyn
  • 64-bit Server Setup and Support 64-bit Upgrade Online Troubleshooting
  • Top Ranked Brooklyn Spora Crypto-Ransomware File-Recovery Brooklyn, NY
  • After Hours Brooklyn Hermes Ransomware Mitigation Brooklyn Brooklyn Egregor Crypto-Ransomware Operational Recovery Brooklyn NY
  • At Home Workers Expertise near me in Brooklyn - Collaboration Systems Consultants Brooklyn, NY, United States Telecommuters Guidance near Brooklyn - Collaboration Technology Expertise Brooklyn
  • At Home Workforce Brooklyn Consultants - Integration Solutions Consulting Brooklyn NY Offsite Workforce Consultants - Brooklyn - Solutions Consultants Brooklyn
  • Brooklyn Sodinokibi Ransomware File-Recovery Brooklyn NY
  • At Home Workforce Brooklyn Guidance - Data Protection Systems Consulting and Support Services Brooklyn, United States Work at Home Employees Brooklyn Expertise - Backup/Restore Technology Expertise Brooklyn
  • Award Winning At Home Workforce Brooklyn Consulting and Support Services - IP Voice Solutions Consultants Brooklyn NY Offsite Workforce Consulting - Brooklyn - VoIP Technology Guidance Brooklyn
  • BlackBerry Exchange Networking Help Brooklyn Small Office Server Support BlackBerry BES Brooklyn NY, USA
  • Brooklyn At Home Workers Endpoint Management Tools Consultants Brooklyn, NY, US Urgent Teleworkers Consulting Services nearby Brooklyn - Management Systems Consulting Experts Brooklyn, NY
  • Brooklyn At Home Workforce Setup Assistance Brooklyn, New York Brooklyn Remote Workers Infrastructure Consulting and Support Services Brooklyn

  • Phobos ransomware hot line Services
    Netwalker ransomware hot line Specialist

    Progent's Ransomware Hot Line provides 24x7 access to a experienced ransomware recovery expert who can assist you to halt the spread of an ongoing ransomware attack. Call 800-462-8800

  • Brooklyn Brooklyn Remote Workers Call Desk Augmentation Expertise Brooklyn 24-7 Teleworkers Brooklyn Assistance - Call Desk Solutions Assistance
  • Brooklyn Dharma Ransomware Mitigation Brooklyn
  • Brooklyn Brooklyn Teleworkers Conferencing Solutions Consulting 24x7 At Home Workers Brooklyn Consulting and Support Services - Voice/Video Conferencing Systems Assistance Brooklyn
  • Brooklyn Consulting Experts for Network Service Providers Brooklyn Consultants for Brooklyn Computer Support Providers Brooklyn New York
  • Brooklyn Crypto-Ransomware Lockbit Vulnerability Report Brooklyn Brooklyn Ransomware MongoLock Readiness Checkup Brooklyn NY
  • Brooklyn Hermes Crypto-Ransomware Remediation Brooklyn New York Brooklyn Sodinokibi Crypto-Ransomware Remediation Brooklyn
  • Brooklyn New York Top Rated Cisco IT Consulting Cisco Computer Specialist Brooklyn NY

  • Remote Employees Data Protection Online Technical Support
    Network Consulting Remote Workers Data Protection

    Progent can help small and medium-size companies to design, install, verify and maintain backup/restore systems to support offsite workers.

  • Brooklyn Sodinokibi Crypto-Ransomware Mitigation Brooklyn, NY Brooklyn MongoLock Crypto-Ransomware Data-Recovery Brooklyn, NY
  • Brooklyn WannaCry Ransomware Forensics Investigation Brooklyn, New York, America Brooklyn New York Top Quality Brooklyn Hermes Ransomware Forensics
  • Brooklyn Ransomware Mitigation Brooklyn New York
  • Brooklyn, New York City Outsourced IT Support Network Support Technician New York City
  • Cisco Experts Small Business Designer CISM Security Security Network Consulting Firm Small Office
  • Computer Consulting Microsoft Exchange Server 2013 Brooklyn Exchange 2010 Server Network Integration Brooklyn
  • Consultancies New York City Consulting Team New York City
  • Dynamics GP Dealer nearby Brooklyn - Setup Consulting Brooklyn MS Dynamics GP Vendor near me in Brooklyn - Upgrade Outsourcing Brooklyn
  • Largest Crypto-Ransomware Remediation Consultants Brooklyn Ransomware Repair Services Brooklyn, NY
  • Microsoft SharePoint Server 2013 IT Services Brooklyn, US Brooklyn NY Microsoft SharePoint Server 2013 Support

  • Windows Server 2016 Business Continuity Online Support Services
    Windows Server 2016 Scale Out Clusters Online Technical Support

    Progent's certified information technology experts offer Windows Server 2016 integration consulting to help businesses of any size to design and implement a smooth upgrade to Windows Server 2016 and Windows Hyper-V 2016 using a local, cloud, or hybrid deployment model. Progent can help your company to assess the value of Windows Server 2016 for your enterprise and can help you with any facet of planning, configuring, managing or debugging your Windows Server 2016 and Windows Hyper-V 2016 solution. Progent can assist your organization to take advantage of the many innovative high-availability and security capabilities of Windows Server 2016 and Hyper-V 2016 such as Windows Containers, Shielded Virtual Machines, Credential Guard, JIT Privileged Access Management, Virtual Machine load balancing, Storage Replica for zero-data-loss disaster recovery, plus workgroup and multi-domain failover clusters.

  • Outsourced Programming Amazon EC2 instances Amazon Web Services integration Programming Company
  • Ransomware Removal and Data Recovery Brooklyn NY Netwalker Ransomware Hot Line Brooklyn
  • Technical Consultant Microsoft DPM Offsite Data Backup Service Data Protection Manager Backup Service Consultancy

  • Windows Server 2022 migration Remote Support
    Open Now Computer Consultant Windows Server 2022 Storage bus cache

    Progent's certified Windows Server 2022 experts can assist your company to plan and carry out an efficient migration to Windows Server 2022 that features high availability and that is based on an on-premises deployment architecture or a hybrid model that combines cloud-hosted Windows Server Online with a self-hosted implementation of Windows Server 2022.

  • Brooklyn Locky Crypto-Ransomware Recovery Brooklyn, New York
  • Technology Providers SQL Server 2012 Brooklyn SQL Server 2012 Information Technology Consulting Firms Brooklyn
  • Telecommuter Job FAQ about Microsoft MCSE FAQ about Microsoft MCSE Freelancing Jobs

  • SCOM 2012 Microsoft Azure Monitoring IT Consulting
    System Center 2012 Operations Manager Remote Troubleshooting

    Progent's Microsoft-certified consultants have more than a decade of experience planning, deploying, enhancing and fixing SCOM environments and offer organizations of any size expert online or on-premises consulting services for Microsoft SCOM 2012. Progent can help you to plan an architecture for Microsoft SCOM 2012 servers that delivers the performance and availability required to watch over your IT resources effectively, whether your infrastructure are onsite, in the cloud, or a hybrid environment. Progent can also assist you to install and set up System Center 2012 Operations Manager management packs based on industry best practices for monitoring network fabric and both Microsoft and 3rd-party apps and services. In addition, Progent can deliver fast remote or onsite troubleshooting to assist you to fix critical issues detected by Microsoft SCOM 2012.

  • Teleworkers Brooklyn Consulting and Support Services - Endpoint Security Systems Consulting Experts Brooklyn Work at Home Employees Consulting Services - Brooklyn - Network Security Systems Consulting Services Brooklyn New York
  • Top Quality Support Outsourcing Gentoo Linux, Solaris, UNIX Brooklyn Engineer Suse Linux, Sun Solaris, UNIX Brooklyn
  • Work from Home Employees Assistance nearby Brooklyn - Cloud Integration Technology Assistance Brooklyn, New York Biggest At Home Workers Expertise near Brooklyn - Cloud Integration Technology Guidance Brooklyn

  • Hornetsecurity Altaro 365 Total Backup Integration Support
    Engineer Hornetsecurity Altaro M365 SharePoint Backup

    Progent is an authorized Hornetsecurity/Altaro partner and can plan, configure, and manage a deployment of 365 Total Backup to back up and restore your Microsoft 365 user and group mailboxes, files stored within your organization's OneDrive Accounts and SharePoint sites, Teams Chats, plus files on Windows endpoints.


    © 2002-2024 Progent Corporation. All rights reserved.