Ransomware : Your Worst IT Catastrophe
Crypto-Ransomware  Recovery ExpertsRansomware has become an escalating cyberplague that presents an extinction-level threat for organizations unprepared for an assault. Different versions of ransomware like the CrySIS, Fusob, Bad Rabbit, SamSam and MongoLock cryptoworms have been around for a long time and continue to cause destruction. More recent strains of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Egregor, along with additional unnamed newcomers, not only do encryption of online critical data but also infect any available system backups. Information synched to the cloud can also be ransomed. In a vulnerable environment, this can make automated recovery hopeless and effectively sets the entire system back to zero.

Recovering services and data following a crypto-ransomware intrusion becomes a race against time as the targeted organization struggles to stop lateral movement and remove the ransomware and to resume enterprise-critical operations. Due to the fact that ransomware requires time to move laterally, assaults are frequently sprung during weekends and nights, when penetrations may take longer to discover. This compounds the difficulty of rapidly mobilizing and orchestrating a qualified response team.

Progent makes available a range of services for securing Brooklyn enterprises from ransomware penetrations. Among these are staff training to help identify and not fall victim to phishing attempts, ProSight Active Security Monitoring (ASM) for endpoint detection and response utilizing SentinelOne's behavior-based threat protection to detect and quarantine day-zero modern malware assaults. Progent in addition offers the services of expert ransomware recovery professionals with the talent and perseverance to re-deploy a breached system as quickly as possible.

Progent's Ransomware Recovery Support Services
Soon after a ransomware penetration, even paying the ransom in cryptocurrency does not guarantee that merciless criminals will provide the needed codes to unencrypt any of your files. Kaspersky determined that seventeen percent of ransomware victims never recovered their information even after having sent off the ransom, resulting in increased losses. The risk is also costly. Ryuk ransoms frequently range from fifteen to forty BTC ($120,000 and $400,000). This is well higher than the usual ransomware demands, which ZDNET estimated to be approximately $13,000 for small businesses. The fallback is to re-install the critical elements of your IT environment. Absent the availability of full data backups, this requires a broad complement of skill sets, well-coordinated team management, and the willingness to work continuously until the job is complete.

For twenty years, Progent has provided expert IT services for companies across the U.S. and has achieved Microsoft's Gold Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes engineers who have earned high-level certifications in key technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security specialists have earned internationally-recognized certifications including CISA, CISSP, ISACA CRISC, and SANS GIAC. (See Progent's certifications). Progent also has experience with financial management and ERP applications. This breadth of expertise gives Progent the skills to knowledgably determine important systems and re-organize the remaining pieces of your network environment following a ransomware attack and configure them into an operational network.

Progent's ransomware team has best of breed project management systems to orchestrate the complex recovery process. Progent knows the importance of acting rapidly and in concert with a client's management and Information Technology staff to prioritize tasks and to put the most important systems back on-line as soon as humanly possible.

Business Case Study: A Successful Ransomware Incident Response
A customer contacted Progent after their company was penetrated by Ryuk crypto-ransomware. Ryuk is generally considered to have been developed by North Korean state cybercriminals, possibly adopting approaches leaked from the U.S. NSA organization. Ryuk attacks specific businesses with little or no tolerance for operational disruption and is among the most profitable iterations of crypto-ransomware. Well Known organizations include Data Resolution, a California-based information warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a small manufacturing business located in Chicago with about 500 employees. The Ryuk attack had disabled all company operations and manufacturing processes. The majority of the client's data backups had been directly accessible at the beginning of the attack and were destroyed. The client was taking steps for paying the ransom demand (more than two hundred thousand dollars) and praying for good luck, but ultimately called Progent.


"I can't tell you enough in regards to the help Progent provided us throughout the most stressful period of (our) businesses existence. We may have had to pay the cyber criminals except for the confidence the Progent team provided us. That you could get our e-mail system and important applications back in less than five days was amazing. Each consultant I got help from or communicated with at Progent was totally committed on getting us operational and was working 24/7 on our behalf."

Progent worked with the customer to rapidly get our arms around and assign priority to the mission critical areas that needed to be recovered in order to continue departmental operations:

  • Windows Active Directory
  • Microsoft Exchange Server
  • Accounting and Manufacturing Software
To begin, Progent followed AV/Malware Processes incident mitigation best practices by halting the spread and cleaning systems of viruses. Progent then initiated the task of rebuilding Microsoft Active Directory, the core of enterprise systems built on Microsoft technology. Microsoft Exchange Server email will not work without Windows AD, and the customer's financials and MRP system used SQL Server, which needs Active Directory services for authentication to the information.

Within 48 hours, Progent was able to rebuild Active Directory to its pre-attack state. Progent then accomplished reinstallations and hard drive recovery of critical applications. All Microsoft Exchange Server ties and configuration information were usable, which facilitated the rebuild of Exchange. Progent was able to collect local OST files (Microsoft Outlook Off-Line Data Files) on various desktop computers to recover email data. A recent offline backup of the businesses accounting/ERP systems made it possible to restore these essential applications back online. Although significant work remained to recover totally from the Ryuk attack, essential systems were returned to operations rapidly:


"For the most part, the production line operation showed little impact and we delivered all customer sales."

Throughout the following couple of weeks critical milestones in the recovery process were accomplished in tight collaboration between Progent engineers and the client:

  • In-house web applications were restored with no loss of information.
  • The MailStore Microsoft Exchange Server with over four million historical messages was brought on-line and accessible to users.
  • CRM/Product Ordering/Invoicing/Accounts Payable (AP)/AR/Inventory capabilities were completely functional.
  • A new Palo Alto 850 security appliance was brought online.
  • Ninety percent of the desktops and laptops were fully operational.

"So much of what was accomplished those first few days is mostly a haze for me, but our team will not soon forget the urgency each and every one of you put in to give us our company back. I have been working with Progent for the past ten years, possibly more, and each time Progent has shined and delivered. This time was a life saver."

Conclusion
A likely business-killing disaster was avoided with hard-working experts, a broad array of IT skills, and close collaboration. Although in hindsight the ransomware virus penetration detailed here should have been identified and disabled with advanced security technology and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, user training, and well designed incident response procedures for information protection and keeping systems up to date with security patches, the fact remains that government-sponsored hackers from Russia, China and elsewhere are tireless and will continue. If you do get hit by a crypto-ransomware virus, remember that Progent's roster of professionals has proven experience in crypto-ransomware virus defense, cleanup, and data restoration.


"So, to Darrin, Matt, Aaron, Dan, Jesse, Arnaud, Allen, Tony and Chris (and any others that were involved), I'm grateful for making it so I could get rested after we got through the initial fire. All of you did an fabulous job, and if any of your team is in the Chicago area, a great meal is the least I can do!"

Download the Crypto-Ransomware Cleanup Case Study Datasheet
To review or download a PDF version of this case study, please click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Cleanup Expertise in Brooklyn
For ransomware recovery expertise in the Brooklyn area, call Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • 24-Hour Brooklyn Netwalker Crypto-Ransomware System-Rebuild Brooklyn New York Brooklyn Nephilim Ransomware Mitigation Brooklyn NY
  • At Home Workforce Consulting nearby Brooklyn - Integration Assistance Brooklyn NY Brooklyn NY Work at Home Employees Assistance nearby Brooklyn - Infrastructure Consulting
  • Best Exchange 2016 Network Services Brooklyn Exchange Server 2019 Small Office IT Consulting Services Brooklyn
  • BlackBerry Email Small Business Network Consulting Group Brooklyn BlackBerry Smartphone Service Brooklyn, NY
  • Brooklyn At Home Workforce Cloud Systems Expertise Remote Workers Consultants near me in Brooklyn - Cloud Solutions Consulting and Support Services Brooklyn
  • Brooklyn Brooklyn Dharma Ransomware Removal 24-7 Brooklyn Avaddon Ransomware Removal Brooklyn, NY

  • Penetration Testing Security Consultants
    Top Ranked Security Tech Services PEN Testing

    Stealth penetration checking is a key part of any overall network security strategy. Progent's security experts can perform thorough penetration tests without the knowledge of your organization's internal network support staff. Stealth penetration checking uncovers whether current security defense systems such as intrusion incident warnings and event log analysis are correctly configured and consistently observed. Progent can implement ongoing autonomous penetration testing to map your internal/external attack surface and to identify ways that exploitable vulnerabilities, unsafe configurations, stolen credentials, missing patches, and dangerous IT product defaults can be combined by threat actors into the multi-vector attacks typical of the latest variants of ransomware.

  • Brooklyn Firewall IT Services Firewall Audit Brooklyn, United States
  • Brooklyn Lockbit Ransomware Forensics Brooklyn, New York Brooklyn Dharma Crypto-Ransomware Forensics Brooklyn, NY
  • Brooklyn NY Remote Workforce Consulting Experts near Brooklyn - VoIP Systems Consulting and Support Services Brooklyn New York At Home Workers Expertise in Brooklyn - IP Voice Technology Expertise
  • Brooklyn New York, U.S.A. Temporary Network Support Staffing Support Services Consultants Brooklyn Short Term IT Staffing Support Services Brooklyn, NY, United States
  • Brooklyn Ransomware Egregor Preparedness Audit Brooklyn Brooklyn Brooklyn Ransomware Preparedness
  • Brooklyn Sodinokibi Ransomware Settlement Negotiation Consultants Brooklyn New York Brooklyn Snatch Ransomware Settlement Consultants Brooklyn, America
  • Brooklyn DopplePaymer Crypto-Ransomware Repair Brooklyn
  • Brooklyn Work at Home Employees Management Solutions Assistance Brooklyn Work at Home Employees Consultants near me in Brooklyn - Endpoint Management Tools Consulting and Support Services Brooklyn, United States
  • Brooklyn, NY Brooklyn 24x7 Crypto-Ransomware Recovery Consulting Brooklyn, New York Brooklyn Crypto-Ransomware Cleanup Experts
  • Brooklyn, New York Technical Support Organization Consulting Company Brooklyn
  • Cisco Integration Specialist Brooklyn, New York, US Cisco Computer Installation
  • Help and Support Microsoft LCS Server Instant Messaging Live Communications Server Help and Support
  • MS Dynamics GP Gold Partner nearby Brooklyn - Upgrade Consultant Microsoft Dynamics GP Reseller - Brooklyn - Implementation Experts Brooklyn
  • New York, New York Server Consulting Biggest Network Design and Consulting Brooklyn
  • Position Recruiter Home Based Microsoft Consultant Part-Time Jobs Work from Cisco Certified

  • Network Consulting SMS Server 2003 Migration
    SMS Server Upgrade Support Services

    Microsoft Systems Management Server 2003 offers added capability for change and configuration management of Windows-powered networks via SMS Feature Packs. Feature Packs lower the net operational expense of managing and deploying software products by making it simpler to copy system images, control mobile devices, and run management utilities. In addition to alerting you about techniques to save management expenses by installing Microsoft SMS 2003 Feature Packs, Progent's consultants can show you how to plan and perform IT tasks that cover processes that Feature Packs are designed to streamline. Progent's migration and upgrade services can minimize cost and eliminate business disruption as you transition to the latest operating systems and programs. Progent's wireless engineers can help you develop efficient procedures and standards to manage handheld computers and intelligent portable communication devices so your field force stays efficient and secure. Progent's CISSP-certified consultants and CISM-certified security experts can show you how to design a security strategy that incorporates standards, procedures and IT products to keep your IT computer system safe.

  • Redhat Linux, Sun Solaris, UNIX Remote Technical Support Brooklyn Brooklyn, US Immediate Fedora Linux, Sun Solaris, UNIX Specialists
  • Remote Brooklyn Ryuk Crypto-Ransomware Removal Services Brooklyn Brooklyn Nephilim Ransomware Mitigation Brooklyn New York
  • Remote Workers Expertise near me in Brooklyn - Help Desk Augmentation Guidance Brooklyn New York Brooklyn Offsite Workforce Consulting Services near me in Brooklyn - Call Desk Augmentation Consulting
  • After Hours Brooklyn MongoLock Ransomware Cleanup
  • Remote Workforce Brooklyn Guidance - Collaboration Systems Expertise Brooklyn Brooklyn Offsite Workforce Collaboration Systems Guidance
  • Ryuk Ransomware Hot Line Brooklyn Phobos Ransomware Hot Line Brooklyn, New York, U.S.A.

  • Aironet 802.11ac Access Point Computer Consultant
    Aironet AP Management Outsourcing

    Progent's certified wireless networking consultants can assist businesses of all sizes to plan, implement, administer and troubleshoot Cisco Aironet Wi-Fi AP environments to achieve the throughput, coverage, capacity, scale, security and manageability required for transparent access between Wi-Fi and wired networks. Progent can provide affordable online and onsite support for both legacy and current 802.11ac Aironet wireless access points and Progent can help your business design and manage deployments of indoor and outdoor Aironet Wi-Fi access points.

  • SQL Server 2019 Network Providers Brooklyn, NY Configuration Services SQL Server 2019 Brooklyn
  • Brooklyn NotPetya Crypto-Ransomware Remediation Brooklyn, NY
  • SharePoint 2010 Consultant Services Brooklyn, NY Microsoft SharePoint Server 2013 Computer Consultants Brooklyn New York
  • Software Consulting Firm Small Office Small Offices Network Assessment
  • Specialists for IT Support Firms near me in Brooklyn - Seamless Temporary Support Staff Augmentation Brooklyn, New York Brooklyn Consultants for IT Support Companies
  • Sun Solaris Specialists Solaris Information Technology Consulting Company
  • Teleworkers Assistance in Brooklyn - Integration Consultants Brooklyn, NY Top Brooklyn Remote Workers Integration Consulting Experts Brooklyn
  • Teleworkers Brooklyn Consulting Services - Conferencing Technology Consultants Brooklyn Teleworkers Consulting near me in Brooklyn - Video Conferencing Technology Consulting Services Brooklyn NY

  • Development Microsoft 365 Excel Power Query
    Excel Power View Design Firms

    Progent's Microsoft-certified Office Excel and Office 365 Excel application consultants offer a broad range of online services to help your organization to design, develop, test, install, administer, and troubleshoot applications based on any version of Excel, including Excel Online and Microsoft Office 365 Excel. Progent can help your business to upgrade your current Excel applications to the newest versions of Excel, support Excel on iOS-based iPhones and iPads and Google Android phones and tablets, and fix compatibility issues between different versions of Excel. Progent offers on-demand help to organizations looking for a fast fix to a specific issue associated with Office Excel and Progent also offers full project management support for upgrading or creating line-of-business applications based on Office Excel. Progent's cost-effective webinar training for Office Excel can be custom tailored to meet the special requirements of individual users or groups.

  • Top Rated Telecommuters Guidance near me in Brooklyn - Cybersecurity Solutions Assistance Brooklyn NY, USA Immediate Work from Home Employees Expertise nearby Brooklyn - Network Security Solutions Consulting and Support Services Brooklyn
  • Windows Server 2019 Network Design Brooklyn, America Windows Server 2012 R2 Outsourcing Technical Support Brooklyn
  • Work from Home Employees Brooklyn Consulting - Backup/Restore Systems Guidance Brooklyn, America Top Rated Offsite Workforce Consulting Services in Brooklyn - Backup Solutions Consulting Brooklyn

  • © 2002-2024 Progent Corporation. All rights reserved.