Ransomware Prevention and Recovery Consulting Cabo Frio
Crypto-Ransomware Remediation: A Case Study
Ransomware : Your Worst Information Technology Nightmare
Crypto-Ransomware has become an escalating cyberplague that represents an enterprise-level threat for businesses poorly prepared for an assault. Versions of ransomware such as CryptoLocker, WannaCry, Locky, SamSam and MongoLock cryptoworms have been out in the wild for years and still inflict destruction. Newer variants of crypto-ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Nephilim, plus more as yet unnamed viruses, not only perform encryption of online data but also infiltrate any available system restores and backups. Information synchronized to cloud environments can also be corrupted. In a vulnerable system, this can render any restore operations hopeless and basically knocks the network back to square one.
Getting back online applications and data after a ransomware attack becomes a sprint against time as the targeted business struggles to contain the damage, eradicate the ransomware, and resume enterprise-critical operations. Due to the fact that ransomware takes time to replicate throughout a targeted network, assaults are frequently sprung during nights and weekends, when successful penetrations are likely to take longer to detect. This compounds the difficulty of promptly assembling and organizing a capable response team.
Progent offers a range of solutions for securing Cabo Frio organizations from crypto-ransomware penetrations. Among these are staff training to become familiar with and avoid phishing scams, ProSight Active Security Monitoring for endpoint detection and response (EDR) utilizing SentinelOne's behavior-based cyberthreat protection to identify and suppress zero-day malware attacks. Progent in addition can provide the assistance of seasoned crypto-ransomware recovery engineers with the talent and perseverance to re-deploy a compromised environment as rapidly as possible.
Progent's Crypto-Ransomware Recovery Services
After a ransomware event, paying the ransom in cryptocurrency does not provide any assurance that distant criminals will provide the keys to unencrypt any or all of your data. Kaspersky determined that 17% of crypto-ransomware victims never recovered their data even after having paid the ransom, resulting in more losses. The risk is also expensive. Ryuk ransoms are commonly a few hundred thousand dollars. For larger organizations, the ransom can be in the millions. The fallback is to re-install the vital components of your Information Technology environment. Without access to full data backups, this calls for a broad complement of skill sets, professional project management, and the ability to work non-stop until the recovery project is over.
For decades, Progent has made available professional Information Technology services for companies throughout the US and has earned Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes consultants who have been awarded high-level industry certifications in key technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security experts have earned internationally-recognized certifications including CISM, CISSP-ISSAP, ISACA CRISC, SANS GIAC, and CMMC 2.0. (Visit Progent's certifications). Progent also has experience with accounting and ERP software solutions. This breadth of expertise provides Progent the skills to rapidly identify necessary systems and re-organize the surviving components of your computer network environment after a ransomware attack and configure them into an operational network.
Progent's ransomware team of experts deploys best of breed project management systems to orchestrate the complicated recovery process. Progent knows the urgency of acting swiftly and in unison with a customer's management and IT team members to assign priority to tasks and to get essential applications back on-line as soon as possible.
Client Story: A Successful Ransomware Intrusion Response
A small business hired Progent after their company was attacked by Ryuk crypto-ransomware. Ryuk is believed to have been developed by North Korean state cybercriminals, suspected of adopting approaches exposed from the U.S. NSA organization. Ryuk targets specific companies with little or no ability to sustain disruption and is one of the most lucrative iterations of crypto-ransomware. High publicized victims include Data Resolution, a California-based data warehousing and cloud computing company, and the Chicago Tribune. Progent's client is a single-location manufacturer headquartered in the Chicago metro area with around 500 workers. The Ryuk penetration had brought down all company operations and manufacturing processes. The majority of the client's data protection had been directly accessible at the time of the intrusion and were eventually encrypted. The client considered paying the ransom (exceeding $200K) and wishfully thinking for good luck, but ultimately called Progent.
Progent worked together with the client to rapidly determine and assign priority to the mission critical elements that needed to be addressed in order to resume business operations:
- Microsoft Active Directory
- Electronic Mail
- Financials/MRP
Within 2 days, Progent was able to rebuild Windows Active Directory to its pre-virus state. Progent then performed setup and storage recovery on critical servers. All Microsoft Exchange Server ties and attributes were usable, which greatly helped the restore of Exchange. Progent was also able to collect non-encrypted OST files (Outlook Email Offline Folder Files) on staff desktop computers and laptops in order to recover email information. A not too old offline backup of the client's financials/ERP software made it possible to recover these required programs back servicing users. Although major work needed to be completed to recover totally from the Ryuk damage, critical services were restored quickly:
During the following couple of weeks important milestones in the restoration project were made through close collaboration between Progent engineers and the client:
- Internal web sites were returned to operation without losing any data.
- The MailStore Exchange Server with over 4 million historical emails was brought on-line and accessible to users.
- CRM/Product Ordering/Invoicing/AP/Accounts Receivables (AR)/Inventory modules were completely restored.
- A new Palo Alto 850 firewall was brought on-line.
- Ninety percent of the user PCs were being used by staff.
Conclusion
A potential business-killing disaster was dodged with dedicated professionals, a broad spectrum of IT skills, and tight collaboration. Although in post mortem the crypto-ransomware virus incident detailed here would have been identified and prevented with current cyber security technology and best practices, user education, and appropriate security procedures for information protection and keeping systems up to date with security patches, the reality remains that government-sponsored cybercriminals from Russia, North Korea and elsewhere are relentless and are an ongoing threat. If you do fall victim to a crypto-ransomware penetration, feel confident that Progent's roster of experts has substantial experience in ransomware virus defense, removal, and information systems restoration.
Download the Crypto-Ransomware Cleanup Case Study Datasheet
To read or download a PDF version of this ransomware incident report, please click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)
Contact Progent for Ransomware Recovery Consulting in Cabo Frio
For ransomware recovery consulting in the Cabo Frio metro area, call Progent at
An index of content::
64-bit Processing Engineers
Troubleshooting 64-bit Upgrade
Progent's Microsoft-certified engineers can help you design, document, implement, manage, and troubleshoot a system-wide move to 64-bit server and desktop operating systems and applications. Progent can help you test your 64-bit environment to verify that it supports all of the key 32-bit applications which you intend to keep as well as the new 64-bit editions of software you plan to install.
Consultants Cloud-managed Email Security
Cloud Protection for Email Consulting Services
Progent's ProSight Email Guard uses the technology of leading information security vendors to provide web-based management and world-class protection for your inbound and outbound email. The hybrid architecture of ProSight Email Guard combines cloud-based filtering with a local gateway device to offer advanced protection against spam, viruses, Dos Attacks, Directory Harvest Attacks (DHAs), and other email-based threats. The cloud filter serves as a preliminary barricade and blocks most unwanted email from making it to your security perimeter. This decreases your exposure to external attacks and conserves system bandwidth and storage. Email Guard's on-premises gateway device adds a deeper level of inspection for inbound email. For outgoing email, the local security gateway provides anti-virus and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The onsite security gateway can also help Microsoft Exchange Server to track and safeguard internal email that stays within your security perimeter.
XenApp and Citrix Access Gateway Remote Support Services
Virtual Applications Hub Network Consultant
Progent's Citrix-certified consultants can help you to plan, install, administer, and troubleshoot a virtual Windows application delivery and management solution based on Citrix XenApp. Progent's Cisco CCIE network consultants can show you how to enhance your infrastructure for delivering server-side and client-side applications, and Progent's remote datacenter support consultants can help you to manage and maintain an off-site datacenter that features high uptime, enhanced security, and rapid recovery.
VirtualPC for Mac Specialists
Windows Virtual Desktop for Apple Mac Onsite Technical Support
For companies that have a mix of Mac and Windows desktops, there exist two basic solutions for using Windows-only software on an Apple Mac: remote access to a physical Windows PC or local emulation of a Windows operating system on a macOS or Mac OS X desktop. Microsoft's Remote Desktop Connection for Apple Mac allows you to attach a Mac to a networked Microsoft Windows-powered computer to use Windows software and share network resources. Virtual PC for Mac simulates Microsoft Windows on a Mac system so you are able to use Microsoft Windows software directly. Progent's macOS and Mac OS X technology consultants can assist you to manage these products for using Windows applications on your Macs and can in addition help your company to evaluate and configure other products for Windows PC simulation.
QTS Sacramento Colocation Center Professionals
QTS Data Center Sacramento Technology Professional
The QTS Internet Data Center is situated in the seismically-stable Natomas area of Sacramento, CA. If your company is now utilizing the QTS Sacramento data center as a colocation site or if you are planning on migrating your primary or offsite backup equipment to the Herakles data center, Progent can provide a variety of budget-friendly services that include data center migration, system installation and upgrades, infrastructure optimization, comprehensive project management services, virtualization expertise, offsite monitoring, streamlined network administration, software programming, disaster recovery/business continuity planning and testing, security assessment, and the support of Progent's Test Lab.
GIAC Certified Incident Handler (GCIH) Small Business Network Consulting Group
Nortel Networks Certified Support Specialist (NNCSS) Problem Resolution
Progent offers customers the services of consultants who have been awarded some of the computer industry's most prized credentials. Progent thinks that customers deserve to know that their IT support professionals have formal testing as well as extensive real-world experience so that Progent's customers can engage Progent's service with trust. Often, vendor credentials such as the Cisco Certified Internetwork Experts confers priority for substantially better vendor support than is offered to uncertified consultants, enabling Progent to offer clients a better class of computer service. In addition, major credentials such as CISA or ISSAP for IT security can help enterprise clients to show compliance with regulatory requirements by using the assistance of recognized IT experts.
Windows 2012 R2 Onsite Technical Support
Windows Server 2012 R2 upgrade Consultant
Progent's Microsoft-certified professionals can assist you to evaluate the benefits of Windows Server 2012 R2 for your company, create pilot environments and rollout strategies, tune your network infrastructure for local, multi-site, cloud-based, and hybrid datacenters, educate your IT management, staff, create an enterprise-wide security strategy, automate IT management, assist with application development, and build and validate a DR/BC plan.
Mac Online Technical Support Services
OS X Remote Technology Professional
Progent offers national online help and consulting services for businesses who run Apple Mac networks or whose information systems feature a combination of Mac with Microsoft technology. Progent's consultants can provide Apple macOS and Mac OS X clients a variety of IT services such as desktop support, upgrading to the current version of Mac OS X from earlier versions of Mac, plus expertise with Apple macOS and OS X applications. Progent's specialists in Apple technology can also help your business with Apple iPhone and Apple iPad integration and management, or moving to iCloud. Remote IT help offers maximum leverage for your IT dollar by preserving client efficiency and shortening the hours charged for computer repair services. Sophisticated remote access tools and experienced technicians and consultants allow Progent to solve the majority of network problems without wasting time and money by going to your site. In the vast majority of cases your network problems can be remediated by telephone or through a combination of phone support and remote connectivity. Progent can offer the services of Cisco CCIE network experts and CISM certified security specialists to assist you with the most difficult system problems.
Automated Desktop Inventory Online Support
ProSight Server and Desktop Management Remote Support
ProSight LAN Watch with NinjaOne RMM is Progent's network, server and endpoint remote monitoring service that uses state-of-the-art remote monitoring and management techniques to help keep your IT system operating efficiently by tracking the state of critical assets.
Meraki Wireless Access Point Technical Consultant
Cisco Certified Experts Meraki Dashboard On-site Technical Support
Progent's Meraki Wi-Fi AP experts provide online and onsite support to help businesses of any size to design, deploy, manage, upgrade or repair Wi-Fi networks that include Cisco Meraki wireless access points. Progent can help your business to configure and support Meraki-based Wi-Fi networks for environments that range from a teleworker's home or a remote office all the way to a large campus or a nationwide enterprise. Progent can also assist you to configure other Cisco products including switches, ASR routers and ASA firewalls to build a seamless ecosystem that delivers the same access, responsiveness, security, ease of management and availability for wired and wireless clients regardless of their mobility or computing device.
Consulting Ubiquiti U6 Enterprise WiFi 6E AP
Ubiquiti U6 Lite WiFi access points Specialist
Ubiquiti's UniFi family of Wi-Fi products includes indoor and outdoor Wave 2 Wi-Fi APs, WiFi 6/6E and WiFi 7 APs, security gateways, switches, IP phones, and security cameras. Progent offers the skills of seasoned wireless professionals who can assist you to determine the value of Ubiquiti's UniFi technology for your environment and assist you to plan, deploy, administer, and maintain your UniFi ecosystem.
Supplemental Service Desk Professional
Shared Network Support Help Desk Remote Consulting
Progent provides several basic kinds of Helpdesk services : Microsoft and Cisco Help Desk Outsourcing Services, Virtual Help Desk Services, and Call Center Process Consulting and Staffing. Progent is a Microsoft-certified Partner and Progent's Help Desk staff of authorized Microsoft and Cisco professionals gives your customers instant access to a dependable technical resource with extensive experience providing phone support and remote access repair for IT systems based on Microsoft technology. Progent's concentration is on earning the support Call Center a respected reputation as a solid contributor to business productivity. Progent's goal is to resolve and not merely record problems.
Consulting LockBit ransomware hot line
DopplePaymer ransomware hot line Consultants
Progent's Ransomware Hot Line provides 24x7 access to a proven ransomware recovery consultant who can help your business to halt the spread of an active ransomware breach. Call 800-462-8800
IT Consulting Microsoft Exchange Server 2016 Migration Planning
Microsoft Exchange 2016 Migration Engineer
Progent can assist you in any and all phases of your migration to Exchange 2016 including designing high availability (HA) system topology for a local, Microsoft cloud connected or hybrid environment; licensing compliance for Exchange Server and Windows Server 2012 R2+; moving mailboxes; Windows Hyper-V design; specifying storage requirements for your virtual machines (VMs), databases and logs; configuring hardware load balancing (HLB) for high-availability CAS services; planning, configuring and validating Exchange and Windows Servers and Database Availability Groups (DAGs); integration with SharePoint; updating the firewall; creating SSL certs; providing client integration with Office desktop or Microsoft 365; and configuring Outlook on the web (formerly Outlook Web App).
After Hours Amazon Marketplace Web Service integration Developer
Immediate Amazon MWS programming Coding
Amazon Marketplace Web Service (Amazon MWS) is an integrated collection of APIs that enables Amazon sellers to improve the efficiency of their operations by automating crucial sales functions including listings, orders, shipments, inbound and outbound fulfillment, and finances. By tapping into Amazon's vast online selling environment and automating their sales processes, merchants can broaden their market, reduce their cost of sales, accelerate response time to customers, and add to their profits. Progent's Amazon Marketplace Web Service consultants can work with your development team and provide programming, workflow integration, project management support, and mentoring to help you cut development time and costs and expedite your ROI.
Branch Offices Support and Integration
CISSP Certified Security Branch Office Onsite Technical Support
Years of background providing Microsoft support and Cisco network consulting has enabled Progent to develop an unmatched ability for serving branch offices that require network service with the responsiveness associated with with small firms but which offers effective client interaction, thorough documentation, and compliance with enterprise IT standards. If your enterprise has a sales office situated anywhere in California or any area covered by Progent's consultants, Progent can provide a wide array of on-premises and on-line network consulting services and system design expertise.
Teleworker Cybersecurity Support and Setup
At Home Employees Security Remote Technical Support
Progent can assist small and mid-size businesses to configure security protection solutions and deliver cleanup expertise for teleworkers.
System Center 2016 Business Continuity Help and Support
24-7 Consultant Services System Center 2016 Orchestrator
Small to middle size companies can now get all the benefits of Operations Manager 2007 and in addition have quick access to Progent's Microsoft and Cisco Certified network support experts. With Progent's economically priced network support packages, small and midsize organizations can select a basic Microsoft System Center Operations Manager-based co-sourcing package with server monitoring, reporting, Help Desk and online troubleshooting or a complete 24x7 outsourcing package. Progent offers expertise in Operations Manager to offer small business information systems world-class availability, security, and productivity.
Monitoring and Reporting Support and Integration
System Center MOM Specialist
Progent's Microsoft-certified consultants have over 10 years of background designing, implementing, enhancing and troubleshooting System Center Operations Manager environments and offer companies of all sizes advanced online or on-premises consulting support for System Center 2012 Operations Manager. Progent can help your company to plan an architecture for SCOM 2012 servers that delivers the responsiveness and resilience required to monitor your datacenter efficiently, whether your datacenters are on-premises, in the cloud, or a hybrid solution. Progent's SCOM consultants can also help you to import and set up System Center 2012 Operations Manager management packs according to leading practices for monitoring network infrastructure as well as both Microsoft and third-party apps and services. Also, Progent can deliver responsive remote or on-premises technical support to assist you to remediate critical problems uncovered by System Center 2012 Operations Manager.
24-7 64-bit Server Consulting
64-bit Server Support
Progent's Microsoft-certified consultants can help you design, document, implement, administer, and repair a system-wide move to 64-bit server and client OS software and business applications. Progent can help you test your 64-bit environment to verify that it handles all of the important 32-bit applications which you intend to keep as well as the new 64-bit editions of applications you plan to run.
Small Business 100 Access Point Information Technology Consulting
24/7/365 Small Business WAP361 Setup and Support
Cisco's Small Business series of wireless access points are Linux-powered devices engineered as entry-level Wi-Fi solutions for light workloads. Progent's Cisco CCIE-certified wireless infrastructure consultants can provide online or on-premises integration and troubleshooting services to assist your organization to plan, implement, upgrade, optimize, administer and troubleshoot Cisco Small Business wireless access point environments of any scale or topology.
Urgent Solaris Network Consultant
Solaris Engineer
Progent's Sun Solaris platform support services provide small companies and developers assistance with managing and supporting Sun Solaris environments that run with Microsoft-based technology. Progent can give your organization access to Sun Solaris consultants, consulting professionals premier by Microsoft and Cisco, and security experts with CISA certification. This wide array of experience offers you an easy single consulting firm to show you how to build and manage a secure and reliable mixed-platform network and communications environment that supports Sun Solaris and Microsoft coexistence by integrating MS Windows with major variants of UNIX including Mac OS X, Sun Solaris, AIX UNIX from IBM, Hewlett Packard HP-UX, Berkeley UNIX (BSD), SCO UNIX, and Silicon Graphics IRIX (SGI/IRIX or leading Linux derivatives including RedHat, SUSE, CentOS, Ubuntu Linux, PCLinuxOS, fedora Linux, Gentoo, Mandriva Linux, Debian-GNU, and Slackware.
Duo MFA and Single Sign-on (SSO) IT Consultants
Help and Support Duo Multi-factor Authentication
Progent's Duo managed services incorporate Cisco's Duo technology to defend against compromised passwords by using two-factor authentication (2FA). Duo enables single-tap identity confirmation with iOS, Android, and other out-of-band devices.
Non-stop Clustered Servers Network Consultant
Fault Tolerant Server Clustering Remote Support
Progent offers Microsoft Windows 2003 Cluster Server expertise to help your company utilize high availability server clusters that can provide 24x7 uptime. Windows cluster servers for non-stop systems include Windows Cluster Server, SQL Cluster Server, and Microsoft Exchange Cluster Server. By helping you create fault-tolerant clustered server solutions based on Microsoft Windows Server 2003 Cluster, Progent's Premier Windows consultants make sure that your fault-tolerant clustered servers are set up to maximize the business value of your IT system.
Windows 7 Wireless Computer Consulting
Windows 7 Security Professional
Progent's certified engineers offers remote and on-premises consulting expertise to assist you to administer, maintain, and troubleshoot PCs powered by Windows 7 and also offers assistance with upgrading to Windows 8.1 or Windows 10 from Windows 7. Progent offers support for change management, data and identity protection, backup and restore, online connectivity, smartphone and tablet integration, Wi-Fi configuration, and remote system monitoring and alerts.
NetDocuments and iPhones Specialists
Professionals NetDocs
NetDocuments (NetDocs) is a leading cloud-based document management system (DMS) designed specifically for the legal profession. Progent can provide online guidance from NetDocuments consultants who can help legal departments and law firms to design, deploy, administer, optimize, or debug a document management system (DMS) environment based on NetDocs.
Duo Two-factor Authentication (2FA) Remote Troubleshooting
24x7 Duo Two-factor Authentication (2FA) Outsourcing
Progent's Duo services incorporate Cisco's Duo cloud technology to defend against stolen passwords through the use of two-factor authentication. Duo supports one-tap identity confirmation with Apple iOS, Android, and other personal devices.
Consulting for Service Providers Support and Integration
Consultant Support for IT Service Providers
Progent's Support Program for IT Service Organizations lets you use Progent's consulting engineers while retaining your own brand as a transparent extension of your IT consulting team.
Support and Setup SCVMM 2012 PowerShell
System Center 2012 Virtual Machine Manager Support and Setup
Progent's Microsoft-certified consultants can assist organizations of any size to adhere to best practices to configure SCVMM 2012 hosts and host groups, fabric, storage systems, and libraries; design, implement, and administer private clouds, virtual machines, and VMM services in SCVMM 2012; and combine SCVMM 2012 with System Center 2012 Operations Manager for comprehensive monitoring and reporting. Progent can assist you to move from an earlier release of System Center Virtual Machine Manager or from another management platform, and Progent can assist you to enhance and troubleshoot your existing SCVMM 2012 ecosystem so you realize the highest possible return on investment.
24/7 Offsite Workers Collaboration Software Onsite Technical Support
At Home Workforce Collaboration Support Outsourcing
Progent can help small and mid-size organizations to implement collaborative technology to make it easy for their at-home workforce to engage in productive interaction with colleagues and other stakeholders.
Independent CRM Consultant Telecommute Jobs
From Home Job Independent Microsoft MCSE Contractor
Progent's Experts Team provides consulting in important fields such as Apple OS networking and applications; Consulting for Linux-powered, UNIX, and Sun Solaris systems; MRP, Enterprise Resource Planning, or Customer Relationship Management expertise; Mission-critical and vertical program support; CIO, management information analyst, and project management services; Special applications design and deployment; Web, electronic business, EDI, and client portal design and integration; DBM support and performance help; Management intelligence expertise; and Telecom architecture support.
Select Topic: