Ransomware Prevention and Removal Services Boston
Ransomware Mitigation: An Example
Ransomware : Your Worst IT Nightmare
Ransomware has become an escalating cyber pandemic that poses an extinction-level threat for businesses unprepared for an assault. Different versions of ransomware such as Reveton, WannaCry, Locky, Syskey and MongoLock cryptoworms have been running rampant for years and continue to inflict harm. Modern variants of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, LockBit and Nephilim, plus frequent unnamed viruses, not only do encryption of on-line information but also infect any configured system backups. Files synched to off-site disaster recovery sites can also be rendered useless. In a vulnerable environment, this can render automated restore operations hopeless and basically sets the entire system back to square one.
Restoring applications and information following a crypto-ransomware attack becomes a sprint against time as the victim fights to contain and cleanup the virus and to resume business-critical operations. Because ransomware requires time to replicate, attacks are usually sprung at night, when successful penetrations typically take longer to recognize. This multiplies the difficulty of rapidly marshalling and organizing an experienced mitigation team.
Progent provides an assortment of solutions for securing Boston organizations from ransomware attacks. These include team education to help identify and avoid phishing attempts, ProSight Active Security Monitoring for remote monitoring and management, plus installation of next-generation security gateways with AI capabilities to rapidly identify and extinguish new threats. Progent also provides the services of experienced ransomware recovery consultants with the track record and commitment to reconstruct a breached network as soon as possible.
Progent's Ransomware Restoration Services
Soon after a crypto-ransomware penetration, sending the ransom demands in cryptocurrency does not provide any assurance that merciless criminals will return the needed codes to decrypt all your files. Kaspersky Labs ascertained that seventeen percent of crypto-ransomware victims never recovered their files even after having paid the ransom, resulting in additional losses. The risk is also expensive. Ryuk ransoms frequently range from 15-40 BTC ($120,000 and $400,000). This is significantly above the typical ransomware demands, which ZDNET estimated to be around $13,000 for small businesses. The fallback is to setup from scratch the vital parts of your IT environment. Absent access to essential information backups, this requires a wide complement of skill sets, professional project management, and the ability to work 24x7 until the task is finished.
For decades, Progent has provided professional IT services for businesses across the United States and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes engineers who have attained top certifications in foundation technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security engineers have garnered internationally-renowned certifications including CISM, CISSP, ISACA CRISC, and GIAC. (Visit Progent's certifications). Progent also has experience with accounting and ERP software solutions. This breadth of expertise provides Progent the capability to knowledgably determine critical systems and integrate the surviving components of your network environment after a crypto-ransomware attack and rebuild them into an operational network.
Progent's recovery team of experts deploys best of breed project management tools to orchestrate the complicated recovery process. Progent knows the urgency of acting rapidly and in concert with a client's management and Information Technology staff to prioritize tasks and to put critical services back online as fast as possible.
Client Story: A Successful Ransomware Attack Response
A client escalated to Progent after their organization was taken over by the Ryuk crypto-ransomware. Ryuk is thought to have been deployed by Northern Korean state sponsored cybercriminals, suspected of adopting approaches leaked from America’s NSA organization. Ryuk seeks specific companies with limited ability to sustain disruption and is among the most profitable versions of crypto-ransomware. High publicized organizations include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a single-location manufacturing business headquartered in the Chicago metro area and has about 500 staff members. The Ryuk intrusion had disabled all essential operations and manufacturing processes. The majority of the client's information backups had been online at the beginning of the intrusion and were eventually encrypted. The client was taking steps for paying the ransom demand (more than $200,000) and wishfully thinking for the best, but ultimately reached out to Progent.
Progent worked with the customer to rapidly get our arms around and prioritize the critical areas that had to be restored to make it possible to continue company functions:
- Active Directory
- Electronic Messaging
- MRP System
Within two days, Progent was able to re-build Active Directory services to its pre-intrusion state. Progent then charged ahead with reinstallations and hard drive recovery of essential applications. All Exchange ties and attributes were intact, which accelerated the rebuild of Exchange. Progent was also able to collect local OST files (Outlook Offline Data Files) on team workstations in order to recover mail data. A recent offline backup of the customer’s accounting software made them able to return these required applications back on-line. Although significant work still had to be done to recover completely from the Ryuk virus, core services were returned to operations rapidly:
During the following month key milestones in the recovery process were accomplished in close cooperation between Progent team members and the client:
- Self-hosted web applications were restored without losing any data.
- The MailStore Server exceeding four million historical emails was spun up and available for users.
- CRM/Orders/Invoices/AP/AR/Inventory Control modules were fully functional.
- A new Palo Alto 850 firewall was set up.
- 90% of the desktops and laptops were functioning as before the incident.
Conclusion
A potential business-ending catastrophe was evaded with dedicated experts, a wide range of knowledge, and tight collaboration. Although upon completion of forensics the ransomware virus incident detailed here could have been stopped with advanced cyber security systems and best practices, staff training, and well designed security procedures for information backup and applying software patches, the fact remains that government-sponsored cybercriminals from China, North Korea and elsewhere are tireless and are not going away. If you do fall victim to a ransomware virus, remember that Progent's team of professionals has proven experience in crypto-ransomware virus blocking, cleanup, and data recovery.
Download the Crypto-Ransomware Removal Case Study Datasheet
To read or download a PDF version of this customer story, click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)
Contact Progent for Ransomware Cleanup Expertise in Boston
For ransomware system restoration consulting services in the Boston metro area, phone Progent at
An index of content::
Juniper J Series Firewall Security Contractor
Juniper J Series Gateway Consulting
Progent's Juniper-certified network engineers can assist your organization to design and carry out the installation of Juniper J Series firewall/VPN routers, configure security policies and fault-tolerant redundancy, and provide ongoing technical consulting and troubleshooting services.
Email Polymorphic Virus Protection Professional
Remote ProSight Email Content Filtering Service Services
Progent's ProSight Email Guard solution uses the services and infrastructure of leading data security vendors to provide web-based control and world-class security for your email traffic. The hybrid structure of Email Guard managed service combines a Cloud Protection Layer with a local gateway appliance to provide complete protection against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks, and other email-borne threats. The cloud filter acts as a preliminary barricade and keeps most unwanted email from reaching your network firewall. This decreases your exposure to inbound attacks and saves system bandwidth and storage space. ProSight Email Guard's onsite security gateway appliance provides a deeper level of analysis for incoming email. For outgoing email, the on-premises security gateway provides AV and anti-spam protection, DLP, and encryption. The onsite gateway can also assist Exchange Server to track and protect internal email traffic that stays inside your security perimeter.
High-Availability Load Balancing Remote Troubleshooting
High-Availability Load Balancing Online Technical Support
Progent provides fault tolerant load balancing consulting that addresses network load balancing, load balanced applications, network backbone routing, and content delivery technology such as Cisco Content Engine. fault tolerant load balancing providers for which Progent offers consulting expertise include Microsoft Windows Server 2003 Network Load Balancing Manager, Citrix Metaframe and Presentation Server, Cisco CSS, Cisco Distributed Director and ACNS, and F5 Networks 3-DNS.
ransomware recovery planning Technology Professional
Snatch ransomware protection and recovery Specialists
The ProSight Ransomware Preparedness Report service is a low-cost service built around a brief interview with a Progent information assurance consultant. The fact-finding interview is designed to help assess your company's ability to defend against ransomware or recover rapidly after a ransomware attack. Progent will work with you directly to gather information about your existing antivirus tools and backup system, and Progent will then deliver a custom Basic Security and Best Practices Report document describing how you can follow industry best practices to create a cost-effective AV and backup/recovery environment that minimizes your vulnerability to a ransomware attack and meets your company's needs.
Application Consulting QuickBooks Pro
Urgent Microsoft Dynamics AX Setup and Support
Progent can give you access to application developers who can modify your Microsoft Business Solutions ERP, MRP, and financial system programs to meet your specific company requirements. Progent’s Microsoft consultants provide experience in Microsoft Dynamics Microsoft Axapta, Microsoft Dynamics Microsoft Navision, Microsoft Solomon, and Microsoft Retail Management Software. Progent also provides custom e-Commerce consulting support for secure, company-wide information sharing plus integration with Customer Relationship Management products.
Immediate Microsoft Lync Server 2013 IM Computer Consulting
Expert Microsoft Certified Lync Server 2013 Online Technical Support
Lync 2013, now called Skype for Business, allows organizations of any size to build a manageable and protected communications environment that supports the modern BYOD computing style with instant messaging, real-time presence, audio/video and web conferencing with app sharing, as well as IP and PSTN calling across a broad assortment of desktop and mobile clients. Progent's Microsoft-certified Lync 2013 experts and system integrators can help your company to evaluate the business benefits of Lync Server 2013, design an in-house, cloud-resident (with Lync Online) or hybrid topology appropriate for your current and long-term goals, implement Lync Server 2013 so as to speed up your ROI, and provide custom webinar and onsite training to your IT team and users. Progent offers in-depth expertise in key components of a Lync Server 2013 deployment including Windows Server, SQL Server and Exchange, and Progent can assist you to integrate Lync 2013 with popular Microsoft Office and Microsoft 365 apps such as Outlook clients and PowerPoint.
Best Call Desk for Remote Workforce IT Consultant
Work from Home Solutions Onsite Technical Support
Progent has 20 years of background assisting small and mid-size businesses to design, deploy, optimize, administer, and troubleshoot IT networks that incorporate telecommuters.
Microsoft Hyper-V 3.0 Server Consolidation Computer Consultants
MS Virtual Server Administration Website Help and Support
Progent's certified consultants can help you analyze the possible benefits of Hyper-V-based virtualization for your business, conduct pilot installations to verify Hyper-V's operation with your line-of-business applications, evaluate your network architecture for smooth performance with virtual server solutions, assist you in migrating to Microsoft Windows Server 2008 and configuring Hyper-V, educate your IT staff to track and administer Hyper-V, offer world-class consulting help for enhancing the security of your virtual machines, design and test business continuity procedures that maximize system uptime, and deliver continuing consulting and technical support including low-cost online troubleshooting and turn-key Help Desk outsourcing.
Remote Support Exchange 2016 Mailbox migration
Computer Consultants Exchange 2016 Outlook on the web
Progent can assist your business in any and all phases of your upgrade to Microsoft Exchange 2016 such as designing HA architecture for an on-premises, cloud-based or hybrid environment; CAL licensing requirements for Exchange 2016 Server and Windows Server 2012 R2 or later; moving mailboxes; Hyper-V virtualization design; specifying mass storage requirements for your virtual machines (VMs), mailbox databases and logs; configuring hardware load balancing (HLB) for high-availability CAS services; designing, setting up and validating Exchange and Windows Servers and DAG groups; integration with SharePoint; updating the firewall; resolving SSL issues; performing client remediation with Office desktop or Microsoft 365; and configuring Outlook on the web (formerly Outlook Web App).
Example Application Building to Building Wireless
Proxim Tsunami Wireless Case Studies
Progent delivered a wireless networking solution that enabled a school to increase efficiency and eliminate the ongoing costs of a dedicated link. Progent proposed a Proxim Tsunami wireless 60Mbps bridge. The low-cost building-to-building Proxim bridge is designed for connecting separate locations up to 2.5 miles apart and can extend to even longer distances. This wireless alternative offered better performance and dependability than recourse to amplifying the 802.11b network, and since it uses the 5.8Ghz spectrum it offered protection against outside interference.
Great Plains Support
Dynamics GP Great Plains Accounting Outsourcing
Progent’s Microsoft certified experts provide a variety of consulting services for Dynamics GP (formerly Great Plains). Dynamics GP is a financial and ERP solution based, like all Microsoft accounting solutions, on the expandable and popular foundation of Microsoft Windows technology. Dynamics GP provides an affordable solution for controlling and combining finances, e-commerce, supply chain, manufacturing, project accounting, on-site support, and human resources. Dynamics GP is simple to deploy and configure, and with its segmented design you are able to purchase only the capability you currently need, with the ability to expand clients and increase capabilities when necessary. Progent’s Dynamics GP/Great Plains support experts can help you deploy, customize and administer the latest release of Microsoft Dynamics GP or migrate smoothly from an earlier edition.
Postini Technology Consulting Services
Anti-Spam Help and Support
E-Mail Guard from Postini provides constantly upgraded spam and virus blocking, content filtering, and protection from e-mail-borne DHA attacks and DSA attacks. Progent is a Postini partner and service specialist. If your organization is too small to purchase for a standard Postini license, you can still get access to Postini’s Perimeter Manager technology through Progent’s E-Mail Guard spam filtering and virus defense aggregation offering. Progent’s certified email protection professionals can show you how to devise an email security strategy that includes spam filtering and anti-virus products and policies.
Internal Network Security Inventory Consulting
Top Ranked Internal Network Security Scan Professional
Progent has put together two ultra-affordable service packages designed to enable small businesses to receive an independent network security assessment from a premier security consultant. With Progent's External Security Inventory Checkup, a security expert administers an extensive test of your IT infrastructure from outside your company firewall to uncover potential risks in the security profile you expose to the public. With Progent's Internal Security Inventory Checkup, an engineer executes a network scan from a secure machine within your company firewall to uncover vulnerabilities to inside assaults. Both security inventory services are set up and executed from a protected external site.
Select Topic: