Crypto-Ransomware : Your Feared IT Nightmare
Ransomware  Recovery ExpertsRansomware has become an escalating cyber pandemic that represents an extinction-level danger for organizations vulnerable to an attack. Different iterations of ransomware such as CryptoLocker, CryptoWall, Bad Rabbit, NotPetya and MongoLock cryptoworms have been running rampant for years and continue to inflict harm. Modern variants of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Snatch and Nephilim, as well as daily unnamed malware, not only encrypt online critical data but also infect all configured system backup. Data synched to off-premises disaster recovery sites can also be corrupted. In a poorly architected system, it can render any restoration impossible and basically sets the entire system back to square one.

Getting back applications and data after a ransomware intrusion becomes a sprint against time as the victim tries its best to stop lateral movement, clear the ransomware, and resume business-critical activity. Because ransomware needs time to spread throughout a targeted network, penetrations are frequently launched during weekends and nights, when penetrations in many cases take longer to notice. This multiplies the difficulty of rapidly mobilizing and organizing a qualified response team.

Progent has a range of services for protecting Brooklyn enterprises from ransomware attacks. Among these are user training to help recognize and avoid phishing attempts, ProSight Active Security Monitoring (ASM) for endpoint detection and response (EDR) using SentinelOne's behavior-based threat defense to detect and quarantine zero-day modern malware assaults. Progent also provides the services of seasoned crypto-ransomware recovery professionals with the skills and perseverance to restore a compromised network as rapidly as possible.

Progent's Ransomware Recovery Services
Soon after a crypto-ransomware penetration, sending the ransom in cryptocurrency does not provide any assurance that cyber criminals will respond with the needed keys to unencrypt any or all of your information. Kaspersky estimated that 17% of crypto-ransomware victims never recovered their files even after having paid the ransom, resulting in additional losses. The gamble is also very costly. Ryuk ransoms are typically several hundred thousand dollars. For larger organizations, the ransom demand can be in the millions of dollars. The other path is to setup from scratch the critical components of your IT environment. Without access to complete data backups, this calls for a wide range of IT skills, professional team management, and the capability to work non-stop until the job is complete.

For decades, Progent has offered certified expert IT services for companies across the U.S. and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts (SMEs) includes professionals who have attained high-level certifications in important technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity engineers have earned internationally-recognized industry certifications including CISM, CISSP, CRISC, SANS GIAC, and CMMC 2.0. (See Progent's certifications). Progent in addition has expertise in financial management and ERP applications. This breadth of expertise affords Progent the capability to rapidly determine necessary systems and re-organize the surviving components of your Information Technology system after a ransomware event and assemble them into an operational network.

Progent's ransomware group utilizes best of breed project management systems to coordinate the complicated restoration process. Progent understands the urgency of working quickly and together with a client's management and IT staff to prioritize tasks and to get essential services back on line as soon as possible.

Customer Case Study: A Successful Ransomware Virus Restoration
A small business contacted Progent after their company was brought down by Ryuk ransomware. Ryuk is thought to have been developed by North Korean government sponsored hackers, possibly adopting technology exposed from the U.S. NSA organization. Ryuk targets specific businesses with limited tolerance for operational disruption and is among the most profitable incarnations of ransomware. Headline organizations include Data Resolution, a California-based info warehousing and cloud computing business, and the Chicago Tribune. Progent's customer is a small manufacturing company located in Chicago with about 500 employees. The Ryuk attack had paralyzed all business operations and manufacturing capabilities. The majority of the client's data backups had been online at the time of the attack and were damaged. The client was pursuing financing for paying the ransom demand (exceeding $200,000) and wishfully thinking for good luck, but in the end made the decision to use Progent.


"I cannot thank you enough about the care Progent gave us throughout the most critical period of (our) businesses life. We would have paid the criminal gangs if it wasn't for the confidence the Progent experts provided us. The fact that you were able to get our e-mail and important applications back online in less than one week was amazing. Every single consultant I got help from or communicated with at Progent was laser focused on getting our system up and was working 24/7 to bail us out."

Progent worked hand in hand the customer to quickly identify and prioritize the key elements that needed to be addressed in order to resume departmental functions:

  • Active Directory
  • Electronic Mail
  • Accounting and Manufacturing Software
To start, Progent followed AV/Malware Processes incident mitigation best practices by stopping lateral movement and clearing up compromised systems. Progent then started the steps of restoring Microsoft AD, the foundation of enterprise networks built on Microsoft Windows technology. Exchange messaging will not work without Windows AD, and the businesses' financials and MRP system leveraged Microsoft SQL, which depends on Active Directory services for access to the databases.

In less than 48 hours, Progent was able to rebuild Active Directory services to its pre-penetration state. Progent then accomplished rebuilding and hard drive recovery of essential servers. All Microsoft Exchange Server data and configuration information were usable, which greatly helped the restore of Exchange. Progent was also able to find local OST data files (Microsoft Outlook Off-Line Data Files) on user desktop computers and laptops to recover mail data. A recent off-line backup of the client's accounting systems made it possible to restore these vital programs back online for users. Although a large amount of work needed to be completed to recover totally from the Ryuk event, core services were restored quickly:


"For the most part, the production operation ran fairly normal throughout and we produced all customer orders."

Over the next few weeks critical milestones in the restoration process were made in close cooperation between Progent consultants and the customer:

  • Internal web sites were returned to operation without losing any information.
  • The MailStore Exchange Server exceeding 4 million archived emails was spun up and accessible to users.
  • CRM/Customer Orders/Invoices/Accounts Payable (AP)/AR/Inventory capabilities were fully functional.
  • A new Palo Alto Networks 850 firewall was deployed.
  • Most of the user PCs were back into operation.

"Much of what occurred in the early hours is mostly a fog for me, but my team will not soon forget the countless hours each and every one of you accomplished to give us our business back. I have been working together with Progent for the past ten years, maybe more, and every time I needed help Progent has outperformed my expectations and delivered as promised. This time was a life saver."

Conclusion
A likely company-ending catastrophe was averted by top-tier professionals, a wide spectrum of subject matter expertise, and close teamwork. Although upon completion of forensics the ransomware attack described here should have been identified and disabled with current cyber security technology solutions and best practices, staff training, and well designed incident response procedures for backup and applying software patches, the reality remains that state-sponsored criminal cyber gangs from China, North Korea and elsewhere are tireless and represent an ongoing threat. If you do fall victim to a ransomware attack, feel confident that Progent's roster of experts has proven experience in crypto-ransomware virus blocking, cleanup, and information systems recovery.


"So, to Darrin, Matt, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others that were contributing), I'm grateful for allowing me to get rested after we got through the initial push. Everyone did an incredible effort, and if anyone that helped is around the Chicago area, a great meal is my treat!"

Download the Ransomware Recovery Case Study Datasheet
To review or download a PDF version of this ransomware incident report, please click:
Progent's Crypto-Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Cleanup Services in Brooklyn
For ransomware system recovery consulting in the Brooklyn area, call Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24 Hour Brooklyn Ransomware Negotiation Consultants Brooklyn Brooklyn Sodinokibi Crypto-Ransomware Negotiation Services
  • 24-7 Brooklyn Remote Workers Collaboration Solutions Consultants Brooklyn, New York Remote Workforce Brooklyn Consulting Services - Collaboration Technology Expertise Brooklyn
  • ASA 5500 Remote Troubleshooting ASA 5550 Firewall Support and Integration
  • Brooklyn New York Brooklyn Ryuk Ransomware Operational-Recovery
  • Automatic Network Diagrams Computer Consultant ProSight Automatic Network Mapping Onsite Technical Support
  • BlackBerry Software Upgrading Brooklyn NY, United States Brooklyn, New York BlackBerry Enterprise Server Small Office Computer Consulting

  • Consulting Services Flexential Colocation Center
    Consultants Flexential Tampa Colocation Center

    Progent utilizes the Flexential Tampa data center mainly to provide private cloud hosting services. Progent has a team of IT experts located in the Tampa area, and Progent can also provide remote support from Progent's nationwide roster of Microsoft-certified consultants, Cisco-certified CCIE network engineers, CISM and CISSP-certified security consultants, Hyper-V and VMware specialists, and senior disaster recovery/business continuity preparedness experts. Progent can also help you to plan and execute a migration to the Flexential data center by providing services such as designing solution architecture, specifying hardware, system configuration and validation, troubleshooting, streamlining online network management, and educating your IT staff.

  • Brooklyn At Home Workers Brooklyn Guidance - Security Systems Consulting Offsite Workforce Consulting Services - Brooklyn - Network Security Systems Consultants Brooklyn New York
  • Brooklyn Sodinokibi Ransomware Operational-Recovery
  • Brooklyn At Home Workers Endpoint Management Tools Consulting Services Brooklyn, America Teleworkers Brooklyn Expertise - Endpoint Management Tools Expertise Brooklyn, New York
  • Brooklyn Sodinokibi Crypto-Ransomware Removal Brooklyn, U.S.A.
  • Brooklyn Avaddon Ransomware Forensics Brooklyn New York Brooklyn Brooklyn Netwalker Crypto-Ransomware Forensics

  • Microsoft Azure hybrid cloud solutions Professionals
    Hybrid cloud integration Consulting

    Progent can provide expert remote consulting support to help businesses connect their networks with popular public cloud platforms including Azure and Amazon Web Services. Progent can assist you to plan and administer hybrid ecosystems that can include Windows and Linux systems and apps in either cloud-centric solutions or in hybrid network models that seamlessly combine on-premises resources as well as public clouds. To assist you to integrate cloud services with physical datacenters, Progent can provide a variety of public cloud integration support services that include Microsoft Azure enterprise hybrid cloud planning and deployment services, Amazon AWS cloud integration support, and Amazon Web Marketing Service (WMS) programming and troubleshooting. Progent has more than two decades of experience delivering high-level consulting expertise online, and Progent can help you complete your cloud migration initiatives on schedule and affordably.

  • Brooklyn Brooklyn Ransomware Removal Brooklyn WannaCry Crypto-Ransomware Repair Brooklyn

  • UNIX Consultants
    Sun Solaris Support and Integration

    Progent's Sun Solaris family support experts offer small companies and developers help with administering and supporting Sun Solaris environments that coexist with Microsoft-based technology. Progent offers your business contact with Sun Solaris consultants, support professionals certified by Microsoft and Cisco, and security experts with CISA credentials. This broad range of expertise offers you an easy single consulting firm to show you how to create and manage a secure and robust cross-platform connectivity and communications environment that supports Sun Solaris and Microsoft coexistence by combining Microsoft Windows with popular variants of UNIX such as Mac OS X, Sun Solaris, IBM AIX, Hewlett Packard HP-UX, Berkeley UNIX (BSD), SCO, and SGI/Irix or major Linux variations including RedHat, SUSE Linux, CentOS, Ubuntu, PCLOS, fedora Linux, Gentoo Linux, Mandriva Linux, Debian-GNU, and Slackware.

  • Brooklyn Consulting Experts for IT Service Organizations Brooklyn Brooklyn Consulting Services for Network Support Providers
  • Brooklyn Maze Ransomware Mitigation Brooklyn Brooklyn Avaddon Crypto-Ransomware Rollback Brooklyn
  • Brooklyn NY Offsite Workforce Brooklyn Expertise - Infrastructure Assistance Work from Home Employees Consulting in Brooklyn - Setup Expertise Brooklyn NY

  • Small Business Computer Tech
    Software Consultants Small Office

    Progent delivers the help of Microsoft and Cisco-Premier network support professionals to show clients affordable alternatives to help organizations maximize the benefits of Microsoft and Cisco technology. For environments that range from small offices to nationwide enterprises, Progent's expert engineers can assist you to enhance your information system's e-mail infrastructure, security, reliability, throughput, and network management.

  • Brooklyn New York Dynamics GP-Software Partner near me in Brooklyn - Customization Programming and Support MS Dynamics GP-Great Plains Brooklyn Supplier - Installation Consultant Brooklyn, New York

  • Microsoft Project Server Contract Development
    Microsoft Project Server Reporting Consulting

    Progent's Microsoft engineers offer advanced expertise in deploying, operating and debugging all versions of Project Server and can deliver a wide range of cost-effective online consulting services based on proven best practices to help businesses of all sizes to get all the advantages of this powerful platform. Consulting support available from Progent include system design, installation and upgrades, strategies for secure collaboration among onsite and remote or mobile users, network optimization, and specialized online training.

  • Brooklyn New York Remote Workers Assistance - Brooklyn - Call Desk Augmentation Guidance Remote Workers Brooklyn Guidance - Help Desk Call Center Solutions Expertise Brooklyn
  • Brooklyn NotPetya Ransomware System-Restore Brooklyn NY Brooklyn MongoLock Ransomware System-Restore Brooklyn
  • Brooklyn Ransomware Mitigation and File Recovery Brooklyn Conti Ransomware System-Restoration
  • Brooklyn Temporary IT Staffing Support Services Brooklyn, NY Brooklyn Temporary Staffing Support Services Consulting Expertise

  • Immediate Windows Server 2019 Live Migration Integration Support
    Engineer Windows Server 2019 Cluster Operating System Rolling Upgrade

    Progent's Windows Server 2019 disaster recovery planning consultants can help you to design a DR/BC system based on Microsoft's advanced Failover Clustering technologies such as Cluster Sets, Storage Replica, Storage Spaces Direct, VM Load Balancing, and Cloud Witness.

  • Brooklyn, New York Brooklyn Crypto-Ransomware NotPetya Vulnerability Review Brooklyn Crypto-Ransomware Netwalker Readiness Report Brooklyn
  • CISSP Network Consultants Brooklyn Compliance Auditor Firewall Brooklyn
  • Catalyst Wi-Fi 6 AP Management Remote Consulting 24 Hour Catalyst AP Management Specialist
  • Brooklyn NY Brooklyn Lockbit Crypto-Ransomware Data-Recovery
  • Cisco Information Technology Outsource Brooklyn NY Cisco Networking Organization Brooklyn
  • Computer Expert Windows Server 2016 Brooklyn Windows 2019 Server Networking Company Brooklyn, NY
  • Contract Development Xamarin ASP.NET Reporting
  • Emergency Remote Workforce Assistance in Brooklyn - Backup/Restore Technology Assistance Brooklyn, New York At Home Workforce Consulting in Brooklyn - Data Protection Solutions Consultants Brooklyn NY
  • Immediate Brooklyn Ryuk Crypto-Ransomware Infection Cleanup Case Study Brooklyn, New York
  • IT Consultants SQL Server Management Studio After Hours Support Outsourcing SQL Server 2016 Standard
  • IT Consulting SharePoint 2010 Brooklyn Microsoft SharePoint 2013 IT Consultants Brooklyn
  • Biggest Brooklyn Avaddon Ransomware Mitigation Brooklyn, NY
  • Information Technology Consulting 7800 Series IP Phone Cisco VoIP Phones and Unified Communications Onsite Technical Support
  • Information Technology Outsourcing Companies Exchange Server 2010 Brooklyn, New York Support Group Exchange Server 2010
  • Juniper J2320 Router Security Consulting Juniper J Series Firewall Security Consultancy
  • Microsoft Project Server Development Company Microsoft Project Server My Sites Specialist
  • New York City Information Technology Consultant New York City Technical Support Company
  • New York Computer Support Firms Top Design Firm New York City
  • ProSight Email Data Leakage Prevention Consult Consultant Services Email White Lists
  • Remote Technical Support Mandrake Linux, Sun Solaris, UNIX Award Winning Slackware Linux, Solaris, UNIX Consulting Services Brooklyn

  • Developer Firm VB.NET
    After Hours .NET Application Programming Firm

    Progent's software experts have worked for 20 years with .NET technologies and the Visual Studio development environment and can build or modernize .NET apps quickly and at low cost.

  • Remote Workers Brooklyn Consulting and Support Services - VoIP Systems Assistance Brooklyn Work at Home Employees Consulting Services nearby Brooklyn - VoIP Systems Consulting and Support Services Brooklyn
  • Remote Workers Brooklyn Guidance - Cloud Technology Guidance Brooklyn Brooklyn New York, United States After Hours At Home Workforce Consulting - Brooklyn - Cloud Technology Guidance
  • Remote Workforce Assistance nearby Brooklyn - Solutions Consulting Experts Brooklyn 24-Hour Offsite Workforce Consulting Experts nearby Brooklyn - Solutions Assistance Brooklyn, New York
  • Spam filter Network Help Microsoft Exchange 2007 Computer Network Consultant
  • Technology Consultancy Firm Configuration Manager Microsoft Intune Outsourced IT Services
  • Telecommuters Consultants near Brooklyn - Voice/Video Conferencing Solutions Guidance Brooklyn, NY Urgent Brooklyn Offsite Workforce Conferencing Solutions Consulting Brooklyn

  • Urgent Hornetsecurity Altaro VM Backup and vCenter Technical Consultant
    Altaro VM Backup Management Support Outsourcing

    Altaro VM Backup from Hornetsecurity provides small and mid-size businesses a dependable and affordable platform for backing up and recovering Hyper-V and VMware-powered VMs. Altaro VM Backup can be used for on-premises, offsite, distributed, and cloud-hosted environments and also supports cost-effective backup to Azure storage. Altaro VM Backup defends against ransomware by leveraging Immutable Cloud Storage. This creates tamper-proof backup data that cannot be modified by anyone including administrators or root users. Progent is a certified Hornetsecurity/Altaro partner and can provide a broad array of remote or onsite consulting services to help you to plan, install, manage and debug a comprehensive backup and disaster recovery system based on Altaro VM Backup software. With ProSight DPS Altaro VM Backup, Progent delivers a fully managed backup/restore service powered by on Altaro VM Backup.

  • Top SQL Server 2014 Consulting Companies Brooklyn Technology Consulting Company Microsoft SQL Server Brooklyn
  • UCS server Professionals UCS server Computer Consultant
  • WannaCry Ransomware Hot Line Brooklyn 24 Hour Dharma Ransomware Hot Line
  • Brooklyn DopplePaymer Crypto-Ransomware Remediation

  • © 2002-2024 Progent Corporation. All rights reserved.