Ransomware : Your Crippling Information Technology Nightmare
Ransomware  Remediation ConsultantsRansomware has become an escalating cyberplague that poses an existential threat for businesses vulnerable to an attack. Different versions of ransomware such as CryptoLocker, WannaCry, Bad Rabbit, SamSam and MongoLock cryptoworms have been running rampant for years and still cause damage. Newer variants of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Snatch and Nephilim, along with frequent as yet unnamed newcomers, not only encrypt on-line data but also infiltrate any accessible system protection. Files synched to off-site disaster recovery sites can also be encrypted. In a vulnerable system, it can render any restoration useless and effectively knocks the entire system back to zero.

Restoring applications and information following a ransomware attack becomes a sprint against time as the targeted business fights to contain the damage and clear the crypto-ransomware and to resume enterprise-critical operations. Since ransomware takes time to replicate, assaults are often sprung during weekends and nights, when penetrations tend to take more time to uncover. This multiplies the difficulty of promptly marshalling and organizing an experienced response team.

Progent makes available a range of services for securing Cambridge enterprises from ransomware penetrations. These include user training to help identify and not fall victim to phishing attempts, ProSight Active Security Monitoring for remote monitoring and management, in addition to deployment of next-generation security gateways with AI capabilities to intelligently detect and suppress zero-day threats. Progent also provides the services of expert ransomware recovery professionals with the talent and commitment to rebuild a breached system as urgently as possible.

Progent's Crypto-Ransomware Restoration Help
Soon after a ransomware penetration, sending the ransom demands in cryptocurrency does not ensure that cyber criminals will provide the codes to decrypt all your information. Kaspersky Labs determined that 17% of crypto-ransomware victims never restored their data even after having sent off the ransom, resulting in additional losses. The risk is also costly. Ryuk ransoms often range from fifteen to forty BTC ($120,000 and $400,000). This is well above the typical crypto-ransomware demands, which ZDNET determined to be in the range of $13,000 for smaller businesses. The alternative is to re-install the vital elements of your IT environment. Absent the availability of essential data backups, this requires a wide range of skill sets, top notch team management, and the ability to work 24x7 until the job is finished.

For decades, Progent has provided professional IT services for businesses throughout the United States and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts (SMEs) includes engineers who have been awarded high-level industry certifications in foundation technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security specialists have garnered internationally-renowned industry certifications including CISM, CISSP-ISSAP, ISACA CRISC, and GIAC. (Refer to Progent's certifications). Progent in addition has expertise with financial systems and ERP application software. This breadth of experience affords Progent the skills to rapidly determine necessary systems and consolidate the surviving components of your IT environment following a ransomware event and rebuild them into a functioning network.

Progent's security group has powerful project management applications to coordinate the complex restoration process. Progent appreciates the urgency of acting rapidly and together with a customerís management and Information Technology staff to prioritize tasks and to get the most important systems back on line as soon as humanly possible.

Customer Story: A Successful Crypto-Ransomware Intrusion Response
A small business sought out Progent after their organization was penetrated by the Ryuk crypto-ransomware. Ryuk is believed to have been launched by North Korean state hackers, possibly adopting approaches leaked from the U.S. NSA organization. Ryuk seeks specific organizations with little tolerance for disruption and is one of the most profitable examples of ransomware. Headline targets include Data Resolution, a California-based info warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a single-location manufacturer located in Chicago and has around 500 employees. The Ryuk intrusion had shut down all business operations and manufacturing capabilities. The majority of the client's data protection had been on-line at the beginning of the intrusion and were eventually encrypted. The client was actively seeking loans for paying the ransom (in excess of two hundred thousand dollars) and wishfully thinking for the best, but ultimately brought in Progent.


"I canít thank you enough about the care Progent provided us throughout the most critical period of (our) businesses survival. We may have had to pay the Hackers except for the confidence the Progent group provided us. The fact that you could get our messaging and essential applications back faster than five days was earth shattering. Each expert I interacted with or messaged at Progent was laser focused on getting us back online and was working 24 by 7 to bail us out."

Progent worked with the client to rapidly get our arms around and assign priority to the most important services that needed to be restored in order to continue departmental functions:

  • Microsoft Active Directory
  • Microsoft Exchange
  • Financials/MRP
To start, Progent followed ransomware event response best practices by isolating and clearing up compromised systems. Progent then began the task of rebuilding Microsoft Active Directory, the key technology of enterprise environments built upon Microsoft Windows technology. Exchange messaging will not work without Active Directory, and the client's financials and MRP applications used Microsoft SQL, which requires Windows AD for authentication to the databases.

In less than two days, Progent was able to re-build Active Directory services to its pre-intrusion state. Progent then initiated rebuilding and hard drive recovery on critical systems. All Exchange ties and attributes were usable, which accelerated the rebuild of Exchange. Progent was also able to locate intact OST files (Outlook Email Offline Folder Files) on various desktop computers and laptops to recover mail messages. A not too old offline backup of the businesses accounting/MRP software made them able to recover these essential applications back online for users. Although a lot of work remained to recover completely from the Ryuk virus, core systems were restored quickly:


"For the most part, the manufacturing operation survived unscathed and we delivered all customer sales."

During the following few weeks important milestones in the restoration project were accomplished through tight cooperation between Progent team members and the customer:

  • Internal web applications were restored with no loss of data.
  • The MailStore Server containing more than 4 million archived messages was spun up and accessible to users.
  • CRM/Customer Orders/Invoicing/AP/Accounts Receivables (AR)/Inventory Control capabilities were fully operational.
  • A new Palo Alto 850 firewall was set up and programmed.
  • Nearly all of the user workstations were operational.

"A huge amount of what was accomplished during the initial response is mostly a fog for me, but my team will not forget the urgency each and every one of your team accomplished to give us our business back. I have entrusted Progent for at least 10 years, possibly more, and each time Progent has shined and delivered as promised. This situation was the most impressive ever."

Conclusion
A likely business extinction disaster was avoided with top-tier experts, a broad spectrum of technical expertise, and tight collaboration. Although in post mortem the ransomware incident detailed here should have been identified and prevented with advanced cyber security technology solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, staff education, and appropriate security procedures for information protection and keeping systems up to date with security patches, the reality remains that state-sponsored cybercriminals from Russia, North Korea and elsewhere are tireless and are an ongoing threat. If you do get hit by a crypto-ransomware incident, remember that Progent's roster of experts has extensive experience in ransomware virus defense, cleanup, and file recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Tony and Chris (and any others that were contributing), thanks very much for making it so I could get some sleep after we made it past the initial push. Everyone did an impressive job, and if anyone is around the Chicago area, dinner is on me!"

Download the Ransomware Removal Case Study Datasheet
To read or download a PDF version of this customer case study, please click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24-7 Cambridge Avaddon Crypto-Ransomware System-Restoration Cambridge Ryuk Online Ransomware Recovery Services Cambridge Cambridge, Cambridgeshire
  • 24-Hour At Home Workforce Consultants near Cambridge - Help Desk Outsourcing Assistance Cambridge Remote Workers Cambridge Expertise - Help Desk Call Center Solutions Consulting and Support Services Huntingdon
  • 24/7 Instant Messaging Professional Cisco Certified Experts Microsoft IM Infrastructure Remote Troubleshooting
  • Altaro O365 SharePoint Backup Online Consulting Altaro Office 365 Teams Chat Backup Setup and Support

  • Nexus Switch Upgrade Computer Consulting
    Nexus 9000 Switch Computer Consulting

    Nexus switches are intended to provide the speed, expandability, availability, virtualization support, density, data protection and ease of management needed to function as the foundation of an enterprise data center. Progent's Cisco-certified Nexus switch experts can provide online and on-premises consulting and troubleshooting expertise to assist your IT staff to create an optimal switch architecture, build test systems to validate your network design, install and configure Nexus switches, define and implement appropriate policies, perform security vulnerability tests, set up proactive monitoring, consolidate resources through virtualization technologies, troubleshoot switching and routing issues, optimize performance, plan for expected growth, and set up the powerful high-availability (HA) capabilities incorporated into Nexus switches. Progent can also assist your business to migrate non-disruptively from legacy Nexus switches or Cisco Catalyst switches to up-to-date Nexus switches.

  • Amazon Web Services integration Programmer Amazon AWS integration Designer
  • At Home Workers Cambridge Consulting - Backup/Recovery Systems Assistance Cambridge At Home Workers Consulting Experts nearby Cambridge - Backup/Restore Solutions Consulting Experts Cambridge
  • Cambridge At Home Workers Consulting Services nearby Cambridge - Cloud Integration Systems Consulting and Support Services Top Ranked Cambridge At Home Workers Cloud Technology Consulting Cambridge, United Kingdom
  • Cambridge BlackBerry BES Data Recovery After Hours BlackBerry Synchronization IT Consulting Companies Cambridge

  • Amazon AWS hybrid cloud solutions Consult
    Engineer Microsoft Azure hybrid cloud solutions

    Progent can assist your it team to design and manage cost-effective ecosystems that can include Windows and Linux operating systems and applications in either cloud-based systems or in hybrid topologies that utilize physical resources along with public cloud services. To help you to incorporate public clouds with physical datacenters, Progent can provide a range of public cloud migration services that include Microsoft Azure enterprise hybrid cloud planning and deployment consulting, Amazon Web Services cloud integration support, and Amazon Web Marketing Service programming and troubleshooting. Progent has two decades of background delivering high-level consulting support remotely, and Progent can make sure you successfully carry out your cloud integration projects on schedule and affordably.

  • Cambridge Conti Ransomware Forensics Analysis Cambridge Cambridge Avaddon Crypto-Ransomware Forensics East of England
  • Cambridge Crypto-Ransomware Assault Operational Recovery Cambridge, Cambridgeshire Cambridge Cambridge Locky Ransomware Removal
  • Cambridge Crypto-Ransomware Sodinokibi Readiness Consultation Cambridgeshire Cambridge Crypto-Ransomware MongoLock Readiness Review

  • MongoLock ransomware protection and recovery Consultant Services
    MongoLock ransomware protection and recovery Technology Professional

    ProSight Active Security Monitoring is an endpoint protection solution that utilizes cutting edge behavior machine learning technology to defend endpoint devices and physical and virtual servers against new malware attacks like ransomware and email phishing, which routinely evade traditional signature-based anti-virus tools. ProSight ASM protects on-premises and cloud resources and provides a unified platform to address the entire threat progression including blocking, identification, containment, cleanup, and forensics. Top capabilities include one-click rollback with Windows Volume Shadow Copy Service and automatic system-wide immunization against new threats.

  • Cambridge Dynamics GP Vendor near Cambridge - Setup Development 24 Hour Dynamics GP-Great Plains Reseller nearby Cambridge - Implementation Consultant Cambridgeshire, East of England
  • Cambridge Hermes Ransomware Recovery East of England Cambridge Spora Crypto-Ransomware Repair Cambridge

  • Juniper Junos Configuration Computer Security
    Juniper Junos Network and Security Manager Consulting

    Progent's Juniper-certified network engineers can help you utilize Junos OS and the Junos platform of network management applications to configure, administer, and monitor Junos-powered devices; migrate to the Junos OS operating system from other Juniper software platforms such as ScreenOS; and upgrade your Juniper routers, switches, and gateways to the latest version of Junos OS.

  • Cambridge Lowell Top Ranked Small Business Network Computer Consulting Services IT Outsourcing Information Technology Consulting Group Cambridge, MA, U.S.A.

  • Operations Manager Professionals
    Configuration Application Monitoring

    Remote continuous network monitoring, proactive alarms, and actionable reports are crucial to maintaining the proper operation of your IT system and eliminating unnecessary and costly disruptions. Remote Monitoring and Management (RMM) solutions have progressed to the point that businesses of all sizes can get a degree of protection that was previously reserved for large enterprises. Progent offers a variety Remote Monitoring and Management (RMM) solutions delivered as low-cost services created to help your company to detect and resolve a most network issues before they get big enough to impact productivity.

  • Cambridge Microsoft SQL 2008 Solutions Provider Microsoft SQL Server Setup Service Cambridge

  • Skype for Business and Cisco Unified Communications Consultancy
    After Hours Microsoft Skype for Business 2015 Consultants

    Progent's Microsoft-certified consultants can provide online and onsite expertise for companies of all sizes to assess the benefits of migrating to Skype for Business or Skype for Business Online from any version of Microsoft Lync Server or Office Communications Server. Progent can assist your business to plan an on-premises, cloud-based or hybrid deployment; integrate Skype for Business with SQL Server,Exchange Server, SharePoint and Office or Office 365; configure HA solutions; connect Skype for Business with your PSTN gateway; and integrate third-party communication platforms such as Cisco UC. Progent's certified information security consultants can assist you create and validate a security environment for your Skype for Business solution that meets regulatory requirements.

  • Cambridge MongoLock Crypto-Ransomware Business-Recovery Cambridgeshire, East of England
  • Cambridge Remote Workers Collaboration Technology Expertise Cambridge, United Kingdom Work from Home Employees Consulting near me in Cambridge - Collaboration Solutions Expertise
  • Cambridge Remote Workforce Cambridge Consulting - Network Security Systems Guidance Offsite Workforce Guidance nearby Cambridge - Cybersecurity Solutions Assistance Cambridge
  • Cambridge Snatch Crypto-Ransomware Negotiation Guidance St Neots Cambridge Crypto-Ransomware Settlement Negotiation Services Cambridge
  • Cambridge, England Emergency Cisco Technician Cisco Technical Support Group Cambridge
  • Cambridge, UK Cambridge Crypto Recovery Services Cambridge Crypto-Ransomware Remediation Consultants
  • Cambridge-Norwich IT Specialist Cambridge-Peterborough Computer Support Companies
  • Cambridge-Norwich Server Migration Specialists Cambridge-Peterborough Implementation Services

  • Consultant QTS Sacramento Natomas Data Center
    QTS Sacramento Data Center Specialists

    The QTS Colocation Center is situated in the seismically-stable Natomas neighborhood of Sacramento, CA. If you are currently utilizing the QTS Sacramento data center as a colocation facility or if you are considering moving your primary or offsite backup equipment to the Herakles data center, Progent offers a variety of budget-friendly services that include colocation relocation, equipment installation and upgrades, network improvements, project management services, virtual server expertise, remote network monitoring, centralized network management, application development, disaster recovery planning and testing, data security evaluation, and the use of Progent's Test Lab.

  • CentOS Linux Network Consultants Redhat Linux Engineers
  • Computer Consultancy Services Windows 8.1 DirectAccess Microsoft Experts Consult Windows 8
  • Computer Consultants Catalyst Switch IOS Online Support Catalyst MPLS
  • Consult Ubiquiti UniFi access point Ubiquiti UniFi access point Consult

  • VPN Information Technology Consulting
    Cisco RADIUS Security Consulting

    Cisco's security and offsite access technology for small to medium sized companies represent a complete range of easy-to-administer security products to help you safeguard your wired and wireless information system. Cisco's Virtual Private Network line includes routers, firewalls, and VPN solutions. Progent's expert staff of consultants includes experienced specialists with Cisco Certified Internetwork Expert and Cisco Certified Network Professional qualifications who can help your organization to select Cisco VPN, Cisco RADIUS Security, and additional Cisco protection solutions that fit best with your corporate goals.

  • Debian Linux, Sun Solaris, UNIX Integration Support Cambridge St Neots Suse Linux, Solaris, UNIX IT Consultants
  • Emergency Information Technology Outsourcing Companies Exchange 2019 Cambridge, Cambridgeshire Exchange Server 2013 Help Cambridge
  • Exchange 2007 Consulting Services Outsourcing Exchange 2007 Edge Server
  • Firewall Intrusion Detection Cambridge CISSP Forensics Services Cambridge
  • Home Based Jobs Compensation for Cisco Engineer Remote Telecommuting Job Compensation for Microsoft Consultants

  • IT Outsourcing Company Small Office
    Microsoft Experts Small Office Small Business Outsourcing

    Progent's Microsoft and Cisco premier computer engineers can provide expert support for a wide array of technologies and can provide that assistance online anywhere in the U.S. or in person in select cities throughout the United States and anywhere in . Progent offers remote help for networks powered by Microsoft Windows, UNIX, Linux, Solaris, or Apple ac, or for systems that include a mix of Microsoft and UNIX-based technology. Progent also can provide access to the help of Cisco CCIE network engineers for the toughest network problems, as well as the the support of CISA and CISM-accredited security engineers to assist with complex security design and problem solving. Progent has delivered remote troubleshooting to businesses in all 50 states in the United States.

  • Cambridge Maze Crypto-Ransomware Mitigation
  • Hybrid Configuration Wizard IT Consulting Office 365 Exchange migration Integration Support
  • MS SQL 2008 Network Consulting Microsoft SQL 2008 Server Online Consulting
  • Maryland Consultancy Firms North Dakota Online Troubleshooting

  • ISA 2006 Engineer
    Microsoft ISA Server 2006 Consultants

    Application Publishing with Internet Security and Acceleration Server 2006 allows more control over intranet applications while enabling enhanced efficiency by making these applications available to authorized remote users. ISA Server helps protect corporate applications, services, and data across all network components with application-layer filtering and powerful publishing tools. Progent's Microsoft-certified Internet Security and Acceleration Server experts can help you design, install, set up, and maintain ISA Server 2006 on your network so your business benefits from a highly functional and affordable balance of security, productivity, and speed.

  • Microsoft Certified Macola Development Company Award Winning Microsoft Dynamics AX Help and Support
  • Cambridge Ryuk Ransomware Remediation Cambridge
  • NetDocuments Troubleshooting Professional NetDocuments Document Management System Services
  • NotPetya Ransomware Hot Line Cambridge Ransomware Cleanup and Restore Cambridge

  • Anti-Virus Support and Setup
    Immediate Postini Technology Consulting Services

    E-Mail Guard is Progent's economical antispam and virus protection service that gives small businesses world-class defense from spam, viruses, directory harvesting, and other forms of email-borne assaults on computer systems. E-Mail Guard is based on Postini's Perimeter Manager, a sophisticated library of web-managed anti-spam and virus protection services that defuse email attacks before they can breech the corporate firewall. Perimeter Manager also allows administrators monitor and control their email systems, irrespective of server platform, hardware technology, or geographic location.

  • Cambridge DopplePaymer Ransomware System-Rebuild Cambridge
  • Progent Small Office Technical Consultants Progent Start-Up Business Remote Support
  • Remote Microsoft Office 2003 Remote Consulting Network System Support Consultant Microsoft Office 2000
  • Remote Workforce Expertise in Cambridge - Set up Expertise Cambridge At Home Workers Assistance in Cambridge - Set up Assistance Cambridge
  • SharePoint 2013 Online Support Huntingdon Microsoft SharePoint Server 2013 IT Consulting Cambridge
  • St Neots System Consultants Windows Server 2016 Windows 2008 Server Systems Consultant Cambridge
  • Subcontractor Jobs Contract Microsoft Consultant Full-Time Jobs Cisco Certified
  • Support and Setup Outlook Web App and Mac Exchange and Apple Mac Consultant Services
  • Cambridge Nephilim Ransomware Business-Recovery Bedford, England
  • Telecommuters Cambridge Expertise - Management Solutions Assistance Cambridge Teleworkers Cambridge Assistance - Endpoint Management Solutions Assistance Cambridgeshire, East of England

  • MS SQL Security Consultant
    MS SQL Server Development Firms

    Progent's Microsoft-certified SQL Server programmers and DBAs can provide remote consulting to assist organizations of any size to build, administer, and maintain applications powered by Microsoft's SQL Server RDBMS platform and .NET framework. Progent's SQL Server experts can provide support for any facet of application development in environments that can include small business or departmental databases to VLDB applications and enterprise-class data warehousing.

  • Teleworkers Cambridge Guidance - IP Voice Systems Consulting Cambridge Teleworkers VoIP Technology Consulting Services Cambridge
  • Cambridge WannaCry Crypto-Ransomware Business-Recovery Cambridgeshire, East of England
  • Temporary IT Staffing Support Services Consulting Experts Cambridge Remote Cambridge IT Staffing Support Cambridgeshire
  • UNIX Upgrade UNIX Migration
  • Urgent Remote Endpoint Monitoring for Ransomware Integration Consult Locky ransomware protection and recovery
  • 24x7x365 Cambridge Conti Crypto-Ransomware Repair Cambridge
  • Windows Server 2016 Storage Spaces Direct Setup and Support Windows Server 2016 PowerShell Computer Consulting

  • VMware VDP Backup, Specialist
    Urgent HP Data Protector Technology Professional

    Progent can provide affordable remote support from IT engineers skilled in a wide range of utilities and services that provide solutions for backing up Windows, Mac, and Linux physical and virtual servers and desktops plus notebooks and handhelds. Progent offers help for leading backup platforms such as Acronis Backup and Recovery, Barracuda Backup, Altaro VM Backup, Symantec Backup Exec, BackupAssist, CrashPlan PRO, Double-Take Software, Mozy, Retrospect for Macintosh, Time Machine, VMware Data Recovery (VDR), and FLARs. Progent can assist you to install, enhance, or maintain backup/restore systems for a variety of topologies such as local, edge to datacenter, cloud-based, or hybrid.

  • Award Winning Cambridge Sodinokibi Ransomware Restoration Cambridge
  • Wireless Network Computer Consultants Wireless Link Online Support
  • Work at Home Employees Cambridge Assistance - Voice/Video Conferencing Solutions Consulting Cambridge Emergency Cambridge Teleworkers Conferencing Solutions Guidance St Neots
  • Work from Home Employees Consulting Services - Cambridge - Setup Consultants Cambridge Cambridge Cambridge Work at Home Employees Setup Consulting Experts
  • Cambridge Nephilim Crypto-Ransomware Cleanup St Neots

  • © 2002-2021 Progent Corporation. All rights reserved.