Ransomware : Your Crippling IT Nightmare
Ransomware  Remediation ExpertsRansomware has become a modern cyberplague that poses an existential danger for organizations vulnerable to an assault. Different iterations of ransomware such as Dharma, WannaCry, Locky, Syskey and MongoLock cryptoworms have been out in the wild for many years and still cause damage. Newer strains of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Egregor, plus more as yet unnamed newcomers, not only encrypt online information but also infect any accessible system backup. Information synchronized to off-site disaster recovery sites can also be encrypted. In a poorly architected system, this can make any recovery impossible and effectively sets the network back to square one.

Retrieving services and information after a ransomware intrusion becomes a race against the clock as the targeted business tries its best to contain the damage and eradicate the virus and to restore mission-critical operations. Due to the fact that ransomware needs time to replicate, attacks are frequently launched on weekends and holidays, when attacks are likely to take more time to detect. This multiplies the difficulty of quickly assembling and orchestrating a knowledgeable response team.

Progent offers a variety of services for securing Boston enterprises from ransomware penetrations. Among these are user education to become familiar with and not fall victim to phishing scams, ProSight Active Security Monitoring (ASM) for endpoint detection and response (EDR) using SentinelOne's behavior-based threat protection to identify and quarantine zero-day modern malware attacks. Progent in addition offers the assistance of expert ransomware recovery consultants with the track record and commitment to reconstruct a compromised system as quickly as possible.

Progent's Crypto-Ransomware Recovery Services
Subsequent to a crypto-ransomware penetration, sending the ransom demands in Bitcoin cryptocurrency does not ensure that cyber criminals will provide the codes to decrypt any or all of your files. Kaspersky Labs estimated that 17% of crypto-ransomware victims never recovered their files after having paid the ransom, resulting in increased losses. The gamble is also very costly. Ryuk ransoms frequently range from fifteen to forty BTC ($120,000 and $400,000). This is greatly above the average ransomware demands, which ZDNET estimated to be around $13,000 for small businesses. The fallback is to piece back together the vital components of your IT environment. Without access to essential information backups, this calls for a wide range of skills, professional team management, and the capability to work non-stop until the job is done.

For decades, Progent has provided professional IT services for businesses throughout the U.S. and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have attained top certifications in important technologies like Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's security engineers have earned internationally-renowned industry certifications including CISA, CISSP-ISSAP, CRISC, and GIAC. (See Progent's certifications). Progent also has expertise with financial management and ERP software solutions. This breadth of experience provides Progent the ability to rapidly understand important systems and re-organize the surviving components of your Information Technology environment after a ransomware attack and rebuild them into a functioning system.

Progent's security group utilizes state-of-the-art project management systems to orchestrate the complicated recovery process. Progent knows the importance of acting swiftly and in unison with a client's management and IT resources to assign priority to tasks and to put key services back online as soon as humanly possible.

Business Case Study: A Successful Ransomware Penetration Recovery
A business hired Progent after their organization was crashed by Ryuk ransomware. Ryuk is generally considered to have been created by Northern Korean government sponsored hackers, suspected of adopting algorithms leaked from the United States NSA organization. Ryuk targets specific businesses with limited ability to sustain operational disruption and is among the most lucrative examples of ransomware. Major organizations include Data Resolution, a California-based info warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a regional manufacturing business based in the Chicago metro area with around 500 staff members. The Ryuk event had brought down all company operations and manufacturing processes. Most of the client's data backups had been on-line at the start of the intrusion and were destroyed. The client was actively seeking loans for paying the ransom (more than $200,000) and praying for good luck, but ultimately engaged Progent.


"I cannot say enough in regards to the support Progent provided us throughout the most fearful time of (our) company's life. We may have had to pay the Hackers if it wasn't for the confidence the Progent experts gave us. That you could get our e-mail system and critical applications back into operation quicker than one week was amazing. Each expert I talked with or communicated with at Progent was amazingly focused on getting us working again and was working non-stop to bail us out."

Progent worked hand in hand the customer to quickly assess and assign priority to the critical services that needed to be restored in order to continue business functions:

  • Windows Active Directory
  • Email
  • Accounting/MRP
To get going, Progent followed ransomware incident response best practices by halting the spread and removing active viruses. Progent then initiated the task of bringing back online Windows Active Directory, the key technology of enterprise environments built on Microsoft Windows technology. Microsoft Exchange Server email will not work without AD, and the customer's MRP applications leveraged Microsoft SQL, which depends on Active Directory services for security authorization to the information.

In less than 2 days, Progent was able to recover Active Directory to its pre-intrusion state. Progent then initiated reinstallations and storage recovery on needed servers. All Microsoft Exchange Server ties and configuration information were intact, which accelerated the rebuild of Exchange. Progent was also able to find non-encrypted OST data files (Microsoft Outlook Off-Line Folder Files) on various workstations in order to recover mail messages. A recent offline backup of the businesses accounting/ERP systems made it possible to restore these required services back online for users. Although significant work still had to be done to recover totally from the Ryuk virus, critical services were returned to operations rapidly:


"For the most part, the production line operation showed little impact and we delivered all customer shipments."

During the next month critical milestones in the recovery process were achieved in close cooperation between Progent engineers and the client:

  • Internal web sites were returned to operation without losing any data.
  • The MailStore Server with over four million archived emails was restored to operations and available for users.
  • CRM/Orders/Invoices/Accounts Payable (AP)/Accounts Receivables/Inventory modules were 100% operational.
  • A new Palo Alto 850 firewall was set up and programmed.
  • Ninety percent of the desktop computers were back into operation.

"A huge amount of what happened during the initial response is mostly a fog for me, but our team will not soon forget the commitment each and every one of the team put in to help get our company back. I have been working together with Progent for the past ten years, maybe more, and every time Progent has outperformed my expectations and delivered. This time was no exception but maybe more Herculean."

Conclusion
A likely enterprise-killing disaster was evaded with top-tier experts, a wide array of subject matter expertise, and tight teamwork. Although in hindsight the ransomware incident described here should have been identified and blocked with up-to-date cyber security systems and recognized best practices, user education, and well designed security procedures for data protection and keeping systems up to date with security patches, the reality is that state-sponsored cyber criminals from China, North Korea and elsewhere are relentless and are not going away. If you do fall victim to a crypto-ransomware incident, feel confident that Progent's team of experts has extensive experience in ransomware virus defense, mitigation, and data recovery.


"So, to Darrin, Matt, Aaron, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were contributing), thank you for making it so I could get rested after we got through the most critical parts. All of you did an incredible job, and if anyone that helped is in the Chicago area, a great meal is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this customer story, please click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Restoration Services in Boston
For ransomware system restoration services in the Boston metro area, call Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • 24-7 Boston Urgent Crypto Recovery Boston Crypto Remediation Boston Cambridge
  • 24-7 MS Dynamics GP-Software Dealer - Boston - Business Intelligence Expert New England Boston Microsoft Dynamics GP Implementation Support Boston Massachusetts
  • Boston Dharma Ransomware Mitigation Boston Cambridge
  • 24/7 Windows Server 2012R2 Storage Spaces Configuration Windows Server 2012 R2 Clustering Support and Help
  • At Home Employees IP Voice Computer Consulting Consulting Work at Home IP Voice

  • Consulting Exchange 2007 to Exchange 2010 Upgrade
    Exchange Server Upgrade Consultancy

    Progent offers comprehensive help for each step of your Microsoft Exchange Server 2010 migration with services that include end-to-end project management, site analysis, project design and documentation, cost estimates of new software licenses and equipment needed, recommended sourcing, system testing at customer site or at Progent's test facility, managing temporary coexistence of Microsoft Exchange Server 2010 and Exchange 2003 or 2007, deployment of the solution, deactivating the previous servers, and training for customer's IT group and end users.

  • At Home Workforce Boston Consulting - Endpoint Security Solutions Consulting Boston New England Offsite Workforce Expertise - Boston - Network Security Systems Consulting and Support Services
  • Best Boston Work from Home Employees Backup/Restore Systems Consulting and Support Services Boston, MA Work at Home Employees Guidance nearby Boston - Backup Technology Consulting Experts Boston Cambridge, United States
  • BlackBerry Desktop Manager Small Business IT Outsourcing Firm BlackBerry BES Integration Services Boston

  • Exchange Server Upgrade Consult
    Largest Consultant Services Exchange Migration

    Progent's Microsoft-certified network engineers can help you to assess the benefits of Microsoft Exchange Server 2010 for your company and can help you to plan and implement an efficient migration to Microsoft Exchange Server 2010 from Exchange 2003 or Exchange 2007 that will offer fast payback by improving your workers' efficiency, cutting the cost of equipment and service, streamlining administration, and consolidating your vital communications technologies.

  • Boston At Home Workers VoIP Systems Consulting and Support Services Boston Telecommuters Consulting Experts - Boston - IP Voice Systems Consulting Experts Boston, MA
  • Boston Consulting Team Boston, Massachusetts Support Group
  • Boston Hermes Crypto-Ransomware Business Recovery New England Boston Ryuk Online Ransomware Rollback Experts Boston Cambridge
  • Boston IT Staff Temps Support Services Boston Cambridge, US Boston IT Staff Temps Help Boston
  • Boston Ransomware Egregor Readiness Evaluation Boston Cambridge Boston Crypto-Ransomware Conti protection and ransomware recovery New England
  • Boston Ransomware Settlement Negotiation Expertise Boston Egregor Ransomware Settlement Consulting Boston, Suffolk County
  • Boston Work from Home Employees Collaboration Systems Consulting and Support Services Boston, MA Work at Home Employees Expertise in Boston - Collaboration Solutions Consulting Boston Cambridge
  • Boston, Suffolk County Boston Snatch Crypto-Ransomware Forensics Analysis Boston Ransomware Reporting Boston Massachusetts

  • After Hours Nexus Switch FabricPath Network Consultants
    Top Quality Nexus MPLS IT Consulting

    Cisco Nexus switches are engineered to deliver the speed, expandability, dependability, virtualization support, density, data protection and ease of management needed to function as the heart of a world-class data center. Progent's Cisco-certified Nexus switch experts can provide online and on-premises consulting and troubleshooting expertise to help your IT staff to plan an optimal switch topology, build pilot systems to confirm your network design, deploy Nexus switches, create and implement effective policies, perform security and compliance assessments, configure proactive monitoring and alert systems, fully utilize network resources through virtualization, analyze and repair switching and routing problems, maximize system performance, plan for expected growth, and set up the advanced fault-tolerant features available for Nexus switches. Progent can also help your business to upgrade efficiently from legacy Nexus models or Catalyst switches to up-to-date Nexus platforms.

  • Boston, Suffolk County Consulting for Network Service Providers nearby Boston - Transparent Temporary Staff Assistance Best Consulting Expertise for Network Service Organizations in Boston - Temporary IT Support Augmentation
  • Boston Ryuk Ransomware System-Restore Boston Cambridge
  • Boston, MA Boston Spora Ransomware File-Recovery Boston Egregor Crypto-Ransomware Cleanup Boston, United States
  • Boston, MA Small Office IT Consultant Windows Server 2012 Boston Cambridge Microsoft Windows Server 2016 Networking Support
  • Boston, Massachusetts Troubleshooters Boston, MA Technical Support Firm
  • Boston, USA Security Services Security CISSP Security Audit Services Boston

  • ProSight Virtual Hosting Consultant Services
    ProSight VM Hosting Professional

    Progent's ProSight Virtual hosting services provide small companies a variety of benefits including reduced capital costs, reductions in operational costs, better executive focus, enterprise-class security, greater availability, and business continuity.

  • Boston, USA Boston Nephilim Ransomware Cleanup
  • CRISC Certified Risk and Information Systems Control Services CRISC Risk and Information Systems Control Specialists
  • Colocation Selection IT Consulting Colocation Center Information Technology Consulting

  • Linux Online Technical Support Company
    Linux Remote Consult

    Progent offers nationwide online phone support and consulting services for businesses who run networks powered by versions of Linux or whose IT systems feature a combination of Linux platforms/Linux and Microsoft Windows products. Remote IT help provides optimum leverage for your information technology budget by preserving user efficiency and limiting the hours billed for network analysis and repair. Sophisticated remote support utilities and skilled technicians and engineers combine to enable Progent to handle the majority of network issues without squandering time and money by traveling to your location. In most of cases your IT issues can be dealt with by telephone or via a combination of telephone help and remote connectivity. Progent can offer the services of Cisco certified CCIE infrastructure engineers and CISSP and ISSAP premier security specialists to help you with the toughest network issues.

  • Computer Consultant ProSight DPS ECHO Hybrid Cloud Backup Services Offsite Managed Data Backup/Recovery Services Professional

  • Engineer MySQL application development
    MySQL database Upgrade Consultants

    Progent offers cost-effective online access to an Oracle MySQL RDBMS administrator or software developer and can assist businesses of all sizes to integrate and support MySQL in a robust IT environment that offers high levels of speed, scalability, and security. Progent also has proven skill assisting businesses port applications from an Oracle environment to MySQL.

  • Consultant Services CentOS Linux, Solaris, UNIX Boston Suse Linux, Solaris, UNIX Support Services Boston, United States
  • Exchange 2003 Server Support services Boston, MA, United States Information Technology Consulting Firm Exchange Server 2013
  • Internet Colocation Center Computer Network Support Company Boston, Suffolk County Hosting Systems Engineer
  • Juniper J Series Firewall Consulting Juniper J2320 Router Cybersecurity Firms
  • Boston Hermes Ransomware Data-Recovery
  • Largest At Home Workers Assistance - Boston - Help Desk Augmentation Guidance Top Quality Boston At Home Workers Call Desk Outsourcing Consultants Boston, Suffolk County

  • Software Consulting Services Enterprise Active Directory
    Sarbane Oxley Compliance Consultant Services

    For large businesses, Progent can leverage in-house network support groups by providing world-class experience in deploying key Microsoft and Cisco technologies. Progent's certified experts can provide Enterprise Active Directory consulting, Exchange Server 2010 support, SharePoint Server experience, and Microsoft SQL Server consulting. For the nationwide or global businesses with branch offices, Progent can act as a transparent nearby extension of enterprise network management. Progent's enterprise consulting services include company-wide security, online branch office support, network design, Sarbanes Oxley compliance, project management, and world-class support for multi-site network environments powered by Enterprise Windows 2000. Progent can offer field consultants and technicians to assist with a site move or office move, or a network architect to help with setting up or utilizing an Internet Data Center or Hosting Facility.

  • Largest Catalyst 9130AX Access Point Remote Consulting Onsite Technical Support Catalyst 9136AX Access Point
  • Microsoft MCP Consultant Full-Time Job Pittsburgh California Microsoft MCDBA Consulting Home Based Virtual Office Antioch CA
  • Microsoft SQL Server 2016 Computer Systems Consulting Boston, Suffolk County SQL Server Consultancy Services Company Boston Massachusetts, America
  • Microsoft SharePoint Server 2013 Online Consulting Boston Engineer SharePoint 2010
  • Microsoft Small Business Server 2008 Support and Help Consultants Small Business Server Premium Add-on
  • New England 24-Hour Microsoft MCTS Remote Consultant Job Openings Full-Time Jobs Cisco CCIE Service Provider Consultant Boston

  • Windows 11 and TPM Online Help
    Windows 11 Installation Remote Technical Support

    Progent's Microsoft-certified Windows 11 consultants can provide a variety of services for Windows 11 including cloud solutions, mobile device management, teleworker connectivity, data and identity security, automated deployment, and Call Center support services.

  • OS X Small Business Networking Services OS X Remote
  • Offsite Workforce Consulting Services nearby Boston - Integration Guidance At Home Workforce Consulting Services - Boston - Integration Solutions Consulting Services Boston, Suffolk County
  • Online Troubleshooting Catalyst Wi-Fi Access Point Catalyst 9100 Series AP Management Support Services
  • Remote Workers Guidance - Boston - Setup Guidance Boston Cambridge Boston Work from Home Employees Setup Assistance Boston
  • Remote Workforce Consultants near me in Boston - Cloud Integration Solutions Expertise Boston, MA At Home Workers Boston Guidance - Cloud Solutions Expertise

  • SharePoint IT Services
    24/7 SharePoint Server 2013 Remote Troubleshooting

    Progent's Microsoft-certified experts offer small and midsize businesses computer consulting, maintenance, and troubleshooting services for Microsoft SPS 2003. Microsoft Office SharePoint Portal Server is an advanced portal solution for intelligently connecting people, groups and information. SharePoint Portal Server provides a common location for your workers or clients to access, organize, share and manipulate relevant data, documents, and applications and to communicate with one another. It enables quicker and more intelligent decisions, more effective access across groups and more streamlined business processes. The main objective of SharePoint Server is to bring together, in a relevant way, all of the diverse sources of knowledge available within and outside a business network. Windows SharePoint Services connect employees, clients, teams and projects with the knowledge they've created in a manner that makes data convenient to locate, retrieve and apply.

  • Setup and Support SQL Server 2017 and VMWare SQL Server 2017 Management Studio Remote Consulting

  • ransomware hot line Consultants
    24-Hour Spora ransomware hot line Consultancy

    Progent's Ransomware Hot Line provides 24x7 access to a seasoned ransomware recovery expert who can help you to contain the progress of an active ransomware breach. Call 800-462-8800

  • Snatch Ransomware Hot Line New England, America Boston Massachusetts Ransomware Cleanup and Restore
  • Technical Support Organization Cisco Boston Computer Consultancy Company Cisco Boston Cambridge
  • Telecommuting Remote Support Computer Consultants Work from Home Solutions
  • Top Boston Snatch Crypto-Ransomware Cleanup Boston Cambridge Boston Massachusetts, United States Boston Ransomware Mitigation and Data Recovery
  • Top Rated MCSE MCSA MCDBA MCIPT MCA Consulting Part-Time Jobs Walnut Creek California 24-7 MCSE MCSA MCDBA MCIPT MCA Consulting Contract Job Opportunities Orinda CA
  • Work at Home Employees Boston Consulting and Support Services - Endpoint Management Systems Guidance Boston, MA Remote Workforce Expertise - Boston - Management Solutions Consulting Experts Boston Cambridge

  • 24 Hour Colocation Center Computer Consultants
    IT Consulting Data Center Colocation

    Colocation data centers make it possible for companies to share world-class facilities for housing network hardware that supports mission-critical applications and services. Progent's Microsoft and Cisco premier IT experts can help your company with all aspects of your colocation strategy including choosing and moving to a colocation site, creating system architecture, specifying required equipment, on-site and on-line troubleshooting, establishing online system administration, and education your IT staff.

  • Work at Home Employees Consulting Services in Boston - Video Conferencing Technology Assistance New England New England Boston Remote Workers Voice/Video Conferencing Technology Consulting Services
  • ransomware protection and recovery Professionals Specialists ransomware protection report

  • © 2002-2023 Progent Corporation. All rights reserved.