Crypto-Ransomware : Your Worst Information Technology Catastrophe
Crypto-Ransomware  Remediation ExpertsCrypto-Ransomware has become a too-frequent cyber pandemic that presents an extinction-level threat for businesses unprepared for an attack. Different iterations of ransomware like the CrySIS, Fusob, Locky, Syskey and MongoLock cryptoworms have been replicating for many years and continue to cause harm. Newer variants of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Conti and Egregor, as well as daily unnamed newcomers, not only do encryption of on-line data but also infiltrate all accessible system restores and backups. Information synched to the cloud can also be encrypted. In a vulnerable environment, this can render automated restoration hopeless and basically knocks the entire system back to square one.

Getting back programs and data following a crypto-ransomware event becomes a sprint against time as the targeted business fights to stop lateral movement and remove the ransomware and to restore business-critical operations. Due to the fact that crypto-ransomware requires time to replicate, assaults are usually sprung during weekends and nights, when penetrations typically take more time to uncover. This compounds the difficulty of rapidly marshalling and organizing an experienced mitigation team.

Progent provides a variety of support services for securing Boston enterprises from ransomware attacks. Among these are team education to help identify and not fall victim to phishing scams, ProSight Active Security Monitoring (ASM) for remote monitoring and management, plus setup and configuration of the latest generation security solutions with machine learning technology to rapidly identify and extinguish day-zero threats. Progent also provides the assistance of veteran ransomware recovery professionals with the talent and perseverance to restore a breached network as soon as possible.

Progent's Crypto-Ransomware Restoration Services
Subsequent to a ransomware attack, sending the ransom demands in cryptocurrency does not ensure that cyber hackers will return the needed codes to unencrypt any or all of your data. Kaspersky Labs ascertained that 17% of ransomware victims never restored their files after having sent off the ransom, resulting in more losses. The risk is also costly. Ryuk ransoms frequently range from fifteen to forty BTC ($120,000 and $400,000). This is significantly higher than the average ransomware demands, which ZDNET estimated to be in the range of $13,000 for smaller organizations. The other path is to re-install the vital components of your IT environment. Without the availability of complete data backups, this calls for a wide complement of skill sets, professional project management, and the willingness to work 24x7 until the recovery project is complete.

For two decades, Progent has made available professional Information Technology services for companies throughout the U.S. and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes professionals who have been awarded high-level industry certifications in key technologies including Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cyber security engineers have garnered internationally-renowned industry certifications including CISA, CISSP, ISACA CRISC, and SANS GIAC. (Refer to Progent's certifications). Progent in addition has experience in financial management and ERP software solutions. This breadth of experience gives Progent the capability to quickly identify critical systems and re-organize the surviving pieces of your computer network environment following a ransomware penetration and configure them into an operational system.

Progent's recovery team of experts has best of breed project management systems to orchestrate the complicated restoration process. Progent knows the urgency of working quickly and together with a client's management and IT staff to prioritize tasks and to put the most important applications back on-line as soon as possible.

Customer Story: A Successful Crypto-Ransomware Virus Response
A customer contacted Progent after their network was attacked by the Ryuk ransomware. Ryuk is believed to have been launched by Northern Korean government sponsored hackers, possibly using technology leaked from America’s NSA organization. Ryuk targets specific organizations with limited ability to sustain operational disruption and is among the most profitable versions of ransomware viruses. Major victims include Data Resolution, a California-based data warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a small manufacturing business based in Chicago with around 500 employees. The Ryuk attack had disabled all company operations and manufacturing processes. The majority of the client's system backups had been on-line at the start of the attack and were destroyed. The client was evaluating paying the ransom demand (in excess of $200K) and praying for good luck, but in the end called Progent.


"I cannot tell you enough in regards to the help Progent gave us throughout the most critical time of (our) businesses survival. We had little choice but to pay the hackers behind this attack except for the confidence the Progent experts afforded us. That you were able to get our e-mail and essential applications back on-line quicker than seven days was amazing. Each expert I got help from or e-mailed at Progent was urgently focused on getting us back on-line and was working at all hours on our behalf."

Progent worked with the customer to quickly identify and assign priority to the essential applications that needed to be restored to make it possible to resume company operations:

  • Microsoft Active Directory
  • Exchange Server
  • Accounting and Manufacturing Software
To get going, Progent adhered to ransomware incident mitigation industry best practices by isolating and removing active viruses. Progent then began the steps of restoring Windows Active Directory, the key technology of enterprise environments built on Microsoft Windows technology. Exchange email will not work without AD, and the businesses’ accounting and MRP software utilized Microsoft SQL, which depends on Active Directory services for authentication to the databases.

Within two days, Progent was able to re-build Windows Active Directory to its pre-penetration state. Progent then initiated setup and storage recovery of critical servers. All Microsoft Exchange Server data and attributes were usable, which accelerated the rebuild of Exchange. Progent was also able to collect intact OST data files (Microsoft Outlook Offline Data Files) on team PCs and laptops in order to recover mail messages. A recent offline backup of the customer’s accounting software made it possible to return these vital programs back on-line. Although a lot of work was left to recover fully from the Ryuk virus, core services were returned to operations rapidly:


"For the most part, the production manufacturing operation survived unscathed and we did not miss any customer sales."

Over the following month key milestones in the recovery process were completed through close cooperation between Progent engineers and the client:

  • In-house web applications were returned to operation without losing any data.
  • The MailStore Server with over four million archived emails was restored to operations and accessible to users.
  • CRM/Product Ordering/Invoicing/Accounts Payable/Accounts Receivables (AR)/Inventory Control capabilities were completely functional.
  • A new Palo Alto Networks 850 security appliance was brought on-line.
  • Ninety percent of the user desktops and notebooks were fully operational.

"So much of what happened those first few days is mostly a blur for me, but my management will not forget the urgency each and every one of the team put in to give us our business back. I have entrusted Progent for the past 10 years, maybe more, and every time Progent has shined and delivered. This time was no exception but maybe more Herculean."

Conclusion
A probable business-ending catastrophe was evaded through the efforts of dedicated professionals, a wide spectrum of knowledge, and tight collaboration. Although in post mortem the crypto-ransomware virus incident described here should have been identified and stopped with modern cyber security systems and recognized best practices, team education, and properly executed incident response procedures for data protection and proper patching controls, the reality is that state-sponsored cybercriminals from Russia, North Korea and elsewhere are tireless and are not going away. If you do get hit by a ransomware incursion, remember that Progent's team of experts has substantial experience in ransomware virus defense, remediation, and information systems restoration.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Chris (along with others who were involved), thanks very much for letting me get some sleep after we made it over the initial push. Everyone did an amazing job, and if any of your guys is around the Chicago area, dinner is the least I can do!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this ransomware incident report, please click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24/7 Juniper SA2500 SSL VPN Security Company Protection Juniper SSL VPN
  • Boston Ryuk Ransomware Recovery New England
  • Active Directory Audit Consult ProSight Network Health Evaluation Professional
  • At Home Workers Boston Consultants - Endpoint Management Tools Consultants Boston Cambridge Remote Workers Boston Consulting and Support Services - Endpoint Management Solutions Consulting Services Boston Massachusetts
  • At Home Workers Boston Consultants - IP Voice Systems Assistance Boston Massachusetts Boston Telecommuters VoIP Technology Consulting Boston
  • At Home Workers Boston Consulting and Support Services - Backup/Restore Technology Expertise Boston Massachusetts Top Rated Boston Teleworkers Backup/Restore Technology Consulting Experts Boston, Suffolk County

  • Remote Short Term Staff Augmentation Specialist
    Supplemental Staffing IT Consulting

    Progent's short-term IT staffing services allow organizations to meet the need for IT support personnel without dealing with the costs and hassle associated with identifying and recruiting reliable technical help and without adding to your full-time workforce.

  • At Home Workforce Boston Consulting Experts - Security Systems Consulting Experts New England Boston, MA Immediate Boston Teleworkers Security Solutions Assistance
  • Award Winning At Home Workers Expertise near me in Boston - Voice/Video Conferencing Technology Consulting Boston, Suffolk County Boston At Home Workforce Voice/Video Conferencing Solutions Expertise Boston, Suffolk County
  • Boston Avaddon Crypto-Ransomware Forensics Boston Top Boston Ryuk Ransomware Reporting New England
  • Boston DopplePaymer Ransomware File-Recovery Boston, Suffolk County, United States New England Boston DopplePaymer Crypto-Ransomware Rollback
  • Boston Locky Ransomware Removal Boston Cambridge Boston Critical Crypto Recovery Boston, Suffolk County

  • Virtual Machine Hosting Professionals
    ProSight Private Cloud Services Specialists

    Progent's ProSight Virtual Hosting service offers comprehensive hosting of a small or mid-size company's production servers in an environment that gives the maximum level of dependability and expandability and is in addition easy to move to another host. ProSight Virtual Hosting and management services are based on proven virtualization technologies that allow small companies with mixed- platform environments to economize significantly on the expense of capital equipment, system maintenance, and network administration while achieving world-class fault tolerance and an unmatched degree of vendor flexibility.

  • Boston Lockbit Crypto-Ransomware Restoration Boston Massachusetts
  • Boston Maze Ransomware Settlement Consulting Boston 24/7 Boston Dharma Crypto-Ransomware Settlement Services Boston Massachusetts, America
  • Boston Maze Ransomware System-Restore Boston Massachusetts
  • Boston Ransomware Business Restoration New England Boston Spora Crypto-Ransomware System-Rebuild Boston Cambridge

  • Wave 2 Wi-Fi Technology Consulting Services
    Small Business Wi-Fi Consulting

    Progent's Wireless Consulting Services provide a convenient, economical option for companies of all sizes to deploy, manage and repair cutting edge wireless connectivity solutions. For 802.11n and the latest 802.11ac wireless networks, Progent can help you plan and deploy hardware such as Cisco's Aironet and Meraki wireless access points and wireless controllers. For wireless email and web-based applications, Progent supports Apple iPhones, Apple iPads, Google Android smartphones, and Windows phones and tablets.

  • Boston Supplemetary IT Staffing Support New England Temporary Network Support Staffing Help Consulting Boston Massachusetts
  • Boston Work at Home Employees Infrastructure Expertise Boston, Suffolk County Remote Workers Boston Guidance - Infrastructure Consulting Experts New England
  • Boston Work from Home Employees Help Desk Call Center Solutions Consulting and Support Services Boston, Suffolk County Boston Remote Workers Help Desk Call Center Solutions Consulting and Support Services Boston Cambridge, USA

  • Top Exchange Online and on-premises Exchange Support Outsourcing
    Hybrid Office 365 Exchange integration Remote Support Services

    Office 365 is Microsoft's extensive family of client productivity applications and cloud services available on a monthly or annual subscription basis. Office 365 programs and cloud-based services are available in a variety of subscription plans intended for customers from individuals and home offices to enterprises. Progent offers fast and easy online access to specialists with expertise in Microsoft, Mac, iOS, and Android platforms. Progent can help you to understand the many subscription options available with Office 365 and integrate your network with Office 365 so you realize top business value. Progent supports cross-platform environments that incorporate Windows, macOS, and Linux operating systems. Progent can also assist you to build and maintain hybrid ecosystems that transparently combine local and cloud-based products and services.

  • Boston Nephilim Crypto-Ransomware Rollback Boston, United States
  • Boston, Suffolk County Expertise for IT Service Companies - Boston - Short-Term Support Team Expansion Consulting Experts for Boston Network Support Providers Boston Cambridge
  • Boston, Suffolk County Network Consulting Firms Exchange 2010 Server Exchange 2016 Small Office Server Support
  • Boston-Middlesex County-Massachusetts Consulting Firms Boston-Middlesex County-Massachusetts Integration Consultant

  • After Hours Telecommuting Integration
    Telecommuter Services Support

    File summary_Work-from-Home-Support-Experts.htm.asp does not exist



  • Boston NotPetya Ransomware Recovery
  • Boston-Suffolk County Networking Group Boston-Cambridge Install
  • Career Opportunities CISM Consulting Boston Job Opportunities Cisco CCDP Consultant Boston, Suffolk County
  • Consult Windows Server 2019 Encrypted Networks Windows Server 2019 Cluster Operating System Rolling Upgrade Information Technology Consulting
  • Contact Progent Progent Phone Numbers
  • Firewall Technical Support Services Boston Massachusetts, U.S.A. New England Firewall Secure
  • Immediate Cisco Server Troubleshoot Expert Boston Cisco Management Boston, Suffolk County

  • MS SQL Server Outsourced Programming
    MS SQL Server Contract Programming

    Microsoft SQL Server 2005 delivers powerful, standardized tools to IT experts and network users, reducing the complexity of creating, deploying, administering, and using company data and analytical applications in environments ranging from mobile devices to corporate data systems. The sophistication and integration requirements of Microsoft SQL Server 2005 require an IT consultant with hands-on expertise and wide knowledge in designing and deploying data-driven, comprehensive business IT solutions. The experience of Progent's Microsoft-certified engineering staff, with an average of over 10 years of professional work involving Microsoft integration, assures you success in designing, deploying and managing Microsoft SQL Server 2005 solutions that are well integrated with the Microsoft .NET platform.

  • Internet Data Center Technical Support Organization Boston, Suffolk County Hosting Integration Specialists Boston, MA

  • Hybrid Office 365 Exchange integration Network Engineer
    Computer Engineer Office 365 and Android

    Microsoft Office 365 Exchange Online allows you to utilize cloud-based servers, mailboxes and other email infrastructure to reduce capital expense and administrative overhead. You can use Exchange Online to host all your Exchange mailboxes, or you can set up a hybrid solution that incorporates on-premises and cloud-hosted mailboxes. Progent's Microsoft-certified consulting experts can provide budget-friendly online support to help your small businesses to assess the potential advantages of Exchange Online, plan a solution that aligns with your business needs and budget, implement an efficient migration from your current Exchange system to one that includes Exchange Online, train your management staff and users, and deliver as-needed consulting and technical support.

  • Internet Security and Acceleration Server 2006 Support Outsourcing Microsoft Experts Forefront TMG Cybersecurity Contractors
  • Juniper J6350 Router Cybersecurity Organization Juniper J Series Gateway Firewall Network Install
  • Meraki CMX Online Support Services Outsourcing Meraki MR30H Access Point
  • Microsoft Azure IPsec configuration Development Firm Microsoft Azure integration Engineer
  • Microsoft Dynamics GP (Great Plains) Dealer near me in Boston - Installation Help Top Dynamics GP Gold Partner nearby Boston - Database Consulting Boston, Suffolk County
  • Microsoft Project Server Scheduling Professionals Project Server 2013 Integration Services
  • Microsoft SharePoint IT Consultant Boston Massachusetts SharePoint Consultants New England
  • Microsoft Windows Computer Services Microsoft Office Installer
  • New England Boston Ransomware Spora Vulnerability Consultation Boston Boston Crypto-Ransomware MongoLock Readiness Checkup

  • TMG 2010 Security Audit Services
    Forefront Threat Management Gateway Firewall Audit

    Microsoft ISA 2006 is a multi-functional edge gateway that provides a powerful application layer firewall, virtual private network (VPN), proxy, and Web caching solution for safeguarding the Internet-facing networks of any organization against a broad variety of attacks. Progent's certified Internet Security and Acceleration Server 2006 experts can help you plan, rationalize, pilot, implement, customize and manage the any version of ISA Server on your information system.

  • New England Redhat Linux, Solaris, UNIX Professionals Redhat Linux, Solaris, UNIX Onsite Technical Support Boston Cambridge, US

  • Largest SCCM Software Inventory Support Outsourcing
    SCCM Central Administration Site Computer Engineer

    System Center Configuration Manager automates software provisioning across multiple sites, centralizes compliance settings management, inventories network resources, guards against corporate data leakage, performs health monitoring, allows safe end-user self service, and offers a single point of control for administering multi-OS ecosystems based on on-prem, cloud-centric, or hybrid deployment architectures. Progent's Microsoft-certified SCCM consultants and Microsoft Azure cloud specialists can help businesses of any size with any facet of designing, installing, using and repairing a System Center Configuration Manager deployment for on-premises, cloud, or hybrid networks.

  • New England, United States Work at Home Employees Boston Assistance - Integration Consulting Experts Boston At Home Workers Connectivity Expertise New England
  • Boston Ryuk Crypto-Ransomware Repair Boston, Suffolk County, United States
  • Offsite Workforce Expertise near me in Boston - Collaboration Systems Guidance Boston, Suffolk County Boston Offsite Workforce Collaboration Systems Consulting Experts Boston, MA

  • Consult ransomware removal and recovery
    Ryuk ransomware cleanup Consultant Services

    Progent's seasoned ransomware recovery consultants can help you to rebuild an IT network damaged by a ransomware crypto-worm such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti or Egregor.

  • Private Cloud Integration Consulting Services Private Cloud Solutions Engineers
  • ProSight Virtual Server Private Cloud Hosting Professional ProSight VM Hosting Consultants
  • Professional Nagios for Linux Computer Engineer Linux Network Monitoring
  • RIM BlackBerry Networking Support New England BlackBerry Exchange Networking Firm Boston
  • Ryuk Ransomware Hot Line Boston Massachusetts Ransomware Cryptoworm Recovery New England
  • SQL Server 2014 On-site Technical Support Boston Microsoft SQL Server 2016 Computer Networking Boston, Suffolk County
  • Specialists Network Health Assessment ProSight Network Health Audit Engineers
  • Telecommuters Boston Consulting Experts - Cloud Integration Systems Assistance Boston Cambridge Boston Teleworkers Cloud Integration Technology Consulting Services Boston, MA, America

  • Microsoft Expert Windows Server 2016 Hybrid Solutions Support
    Consulting Services Windows Server 2016 Hybrid Integration

    Progent's Windows Server 2016 disaster recovery consultants can help you to design a disaster recovery system built around Microsoft's most advanced Failover Clustering technologies such as Cluster Operating System Rolling Upgrade for non-intrusive migration to Windows Server 2016, Storage Replica for zero-data-loss recovery, Storage Spaces Direct for enterprise-class network-attached storage using industry-standard equipment, Virtual Machine Load Balancing for improving the speed and fault-tolerance of Failover Clusters while minimizing TCO and management overhead, and Cloud Witness for easy, economical creation of a failover cluster quorum arbitration point.

  • Top Boston WannaCry Crypto-Ransomware Rollback Boston Cambridge Boston Ransomware Cleanup Services
  • Windows 10 Upgrade Consulting Microsoft Experts Windows 10 Configuration Computer Consulting
  • Windows 7 Evaluation Troubleshooting Microsoft Windows 7 Upgrade On-site Technical Support
  • Windows Server 2019 Computer Network Specialist Boston Computer Consultants Windows Server 2012 R2 New England
  • Windows Server Hyper-V 2016 Computer Consultants IT Consultants Windows Hyper-V 2016 Migration
  • wi-fi controller Technical Support Services 24-Hour WLAN controller Online Technical Support

  • On-site Technical Support Microsoft Project
    Remote Technical Support Microsoft ERP

    Progent's application experts can provide advanced support, software programming, deployment assistance, and webinar classes for leading applications that address vital areas including ERP and MRP, general accounting, management reporting, web commerce application development, and the MS Office family of business productivity solutions. As a Microsoft Partner with decades of experience delivering advanced consulting and troubleshooting services remotely, Progent can help small businesses throughout the United States to eliminate the time and fees related to travel and on-premises activity without sacrificing the effectiveness of consulting support.


    © 2002-2021 Progent Corporation. All rights reserved.