Crypto-Ransomware : Your Worst IT Nightmare
Ransomware  Recovery ConsultantsRansomware has become an escalating cyber pandemic that represents an existential threat for businesses of all sizes vulnerable to an attack. Different versions of ransomware like the Reveton, CryptoWall, Locky, NotPetya and MongoLock cryptoworms have been out in the wild for many years and still cause damage. Modern versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Nephilim, as well as additional as yet unnamed newcomers, not only do encryption of online files but also infect many configured system restores and backups. Information replicated to off-site disaster recovery sites can also be encrypted. In a poorly designed data protection solution, this can render automatic recovery hopeless and effectively sets the entire system back to square one.

Recovering applications and data after a crypto-ransomware outage becomes a race against the clock as the targeted business fights to contain and remove the ransomware and to resume business-critical operations. Due to the fact that ransomware takes time to spread, penetrations are often launched on weekends and holidays, when successful penetrations are likely to take longer to detect. This compounds the difficulty of quickly assembling and coordinating an experienced response team.

Progent offers a range of solutions for securing Boston enterprises from crypto-ransomware attacks. These include user education to help recognize and not fall victim to phishing scams, ProSight Active Security Monitoring for remote monitoring and management, along with setup and configuration of next-generation security appliances with machine learning technology to quickly identify and extinguish new threats. Progent in addition offers the assistance of seasoned crypto-ransomware recovery engineers with the track record and perseverance to re-deploy a compromised system as urgently as possible.

Progent's Ransomware Restoration Services
Soon after a ransomware attack, sending the ransom demands in cryptocurrency does not guarantee that cyber criminals will provide the codes to unencrypt all your data. Kaspersky estimated that 17% of crypto-ransomware victims never recovered their information after having paid the ransom, resulting in additional losses. The gamble is also expensive. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is well higher than the typical crypto-ransomware demands, which ZDNET estimated to be in the range of $13,000 for small organizations. The fallback is to piece back together the critical components of your IT environment. Without the availability of essential system backups, this requires a wide range of skill sets, top notch project management, and the ability to work 24x7 until the job is over.

For two decades, Progent has offered certified expert Information Technology services for businesses across the United States and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts (SMEs) includes engineers who have earned high-level industry certifications in leading technologies like Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cybersecurity consultants have earned internationally-recognized certifications including CISA, CISSP, CRISC, and SANS GIAC. (See Progent's certifications). Progent in addition has expertise with accounting and ERP application software. This breadth of experience provides Progent the capability to efficiently ascertain important systems and organize the remaining components of your computer network environment following a ransomware attack and configure them into an operational network.

Progent's security team of experts uses top notch project management systems to orchestrate the complicated recovery process. Progent knows the importance of working swiftly and together with a customerís management and Information Technology team members to prioritize tasks and to get key systems back on line as fast as possible.

Business Case Study: A Successful Crypto-Ransomware Attack Restoration
A business contacted Progent after their network was taken over by the Ryuk ransomware. Ryuk is thought to have been launched by North Korean state cybercriminals, possibly adopting algorithms exposed from Americaís NSA organization. Ryuk goes after specific businesses with little or no room for disruption and is one of the most lucrative instances of crypto-ransomware. Well Known organizations include Data Resolution, a California-based information warehousing and cloud computing firm, and the Chicago Tribune. Progent's client is a single-location manufacturing company located in Chicago with around 500 staff members. The Ryuk event had shut down all essential operations and manufacturing processes. The majority of the client's system backups had been directly accessible at the beginning of the attack and were encrypted. The client was pursuing financing for paying the ransom demand (in excess of two hundred thousand dollars) and hoping for good luck, but ultimately made the decision to use Progent.


"I cannot thank you enough about the help Progent gave us throughout the most stressful period of (our) businesses life. We had little choice but to pay the criminal gangs if it wasnít for the confidence the Progent team gave us. The fact that you were able to get our messaging and critical servers back on-line faster than one week was beyond my wildest dreams. Every single expert I worked with or e-mailed at Progent was urgently focused on getting us back online and was working 24/7 on our behalf."

Progent worked with the client to rapidly identify and prioritize the mission critical services that had to be recovered in order to restart company functions:

  • Windows Active Directory
  • Electronic Messaging
  • Accounting and Manufacturing Software
To get going, Progent adhered to AV/Malware Processes incident response industry best practices by halting lateral movement and clearing up compromised systems. Progent then initiated the work of restoring Microsoft Active Directory, the heart of enterprise environments built upon Microsoft Windows technology. Exchange email will not work without Active Directory, and the customerís accounting and MRP software utilized Microsoft SQL, which needs Active Directory for access to the databases.

Within two days, Progent was able to re-build Windows Active Directory to its pre-intrusion state. Progent then helped perform rebuilding and hard drive recovery on key systems. All Exchange Server schema and attributes were intact, which accelerated the rebuild of Exchange. Progent was able to assemble non-encrypted OST data files (Outlook Off-Line Data Files) on staff PCs and laptops in order to recover email data. A recent offline backup of the customerís financials/ERP systems made them able to restore these required programs back on-line. Although significant work still had to be done to recover completely from the Ryuk attack, the most important systems were restored quickly:


"For the most part, the production operation was never shut down and we did not miss any customer shipments."

During the next month key milestones in the recovery process were achieved through tight collaboration between Progent engineers and the customer:

  • Internal web sites were restored with no loss of data.
  • The MailStore Server exceeding four million historical emails was spun up and available for users.
  • CRM/Customer Orders/Invoices/AP/AR/Inventory Control capabilities were 100 percent recovered.
  • A new Palo Alto 850 firewall was brought on-line.
  • Most of the user PCs were fully operational.

"So much of what was accomplished in the early hours is mostly a fog for me, but our team will not soon forget the commitment each and every one of your team put in to give us our company back. Iíve trusted Progent for at least 10 years, maybe more, and each time Progent has shined and delivered. This event was a testament to your capabilities."

Conclusion
A potential business disaster was dodged through the efforts of hard-working professionals, a wide range of technical expertise, and tight teamwork. Although in analyzing the event afterwards the crypto-ransomware virus incident detailed here could have been disabled with up-to-date security systems and security best practices, user and IT administrator training, and properly executed security procedures for information backup and keeping systems up to date with security patches, the fact remains that government-sponsored cyber criminals from China, North Korea and elsewhere are relentless and are an ongoing threat. If you do fall victim to a crypto-ransomware incursion, remember that Progent's roster of professionals has a proven track record in ransomware virus blocking, mitigation, and file recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Tony (along with others that were involved), thank you for allowing me to get rested after we made it through the initial fire. Everyone did an fabulous effort, and if any of your team is around the Chicago area, dinner is the least I can do!"

Download the Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this customer story, please click:
Progent's Ryuk Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24-7 Boston WannaCry Crypto-Ransomware Cleanup Boston, America Boston Cambridge Boston Lockbit Ransomware Operational Recovery

  • Private Cloud Hosting for Virtual Data Centers Specialist
    ProSight Small Business Private Clouds Consultants

    Progent's ProSight Virtual Hosting and Management outsourcing offers comprehensive hosting of a small organization's servers in an environment that delivers the maximum degree of dependability and scalability and is also easy to move to any data center. ProSight Virtual Hosting services are built upon mature virtualization techniques that allow small companies with mixed- platform environments to save dramatically on the costs of capital equipment, infrastructure support, and IT administration while achieving world-class fault tolerance and an unprecedented degree of vendor independence.

  • 24/7 Boston Maze Ransomware System-Rebuild Boston Boston Netwalker Ransomware Remediation Boston, MA
  • 24/7/365 IT Outsourcing Group Microsoft Exchange Server 2007 Exchange 2010 Server Network Support Boston, Suffolk County
  • Aironet Outdoor Wi-Fi Access Point Computer Consultants Aironet 3700 Access Point Technical Consultant
  • Android Touchdown Engineer Android and Dynamics CRM integration Network Consultant
  • At Home Workforce Assistance in Boston - Cloud Integration Systems Expertise Boston Boston, MA Remote Workers Boston Consulting - Cloud Technology Consultants
  • At Home Workforce Consulting in Boston - Backup/Recovery Systems Expertise Boston, MA, US Boston Boston Teleworkers Backup/Recovery Solutions Consulting Services
  • BlackBerry BES Migrations Boston, Suffolk County, U.S.A. BlackBerry BES Computer Support Consultant Boston, MA

  • Cisco CCIE Online Small Office IT Consultants
    Largest Cisco Switch Consulting Services Firm

    Progent can help you to deploy Cisco's networking products to create a robust basis for your local, private cloud, or hybrid-cloud data center and streamline operations in vital areas including resource utilization, security and compliance, manageability, uptime, and recoverability.

  • BlackBerry BES Server Express Technology Professional BES Express Engineer
  • Boston After Hours Boston Egregor Crypto-Ransomware Forensics Investigation Boston Phobos Crypto-Ransomware Forensics Analysis Boston Cambridge
  • Boston Cambridge Boston Teleworkers Collaboration Technology Guidance Boston Teleworkers Collaboration Systems Consultants New England
  • Boston Massachusetts Boston Sodinokibi Ransomware Repair
  • Boston Cambridge Short-Term Staffing Support Services Consulting Boston IT Staffing Temps Help Boston Massachusetts, USA
  • Boston Career Opportunities Security Engineer Microsoft MCITP Engineer From Home Job
  • Boston Consulting Expertise for IT Support Organizations Boston Massachusetts Award Winning Expertise for Boston Computer Support Organizations Boston, Suffolk County
  • Boston Conti Ransomware System-Rebuild Boston, Suffolk County 24x7 Boston Nephilim Crypto-Ransomware System-Rebuild Boston
  • Boston Ransomware Sodinokibi Susceptibility Consultation New England Boston Ransomware Infection Readiness Boston Cambridge
  • Boston Nephilim Crypto-Ransomware Restoration Boston
  • Boston Teleworkers Management Tools Consultants Boston Offsite Workforce Consulting Experts near me in Boston - Management Solutions Assistance Boston, MA, U.S.A.

  • 24-Hour Java programming Engineers
    Microsoft and Cisco Visual Basic Contract Programming

    For assistance creating, improving, or repairing business aplications for Windows, Linux, or the Web, Progentís expert team of program developers, relational database designers, and project managers can make sure you get the project done on schedule and within your budget. Progent's experienced software developers can provide cost-effective and efficient remote consulting for projects as simple as creating Vidual Basic macros for Office Excel or as large as rolling out line-of-business database applications built on SQL Server or MySQL.

  • Boston, Massachusetts Tech Consultant Boston Internet Networking Consultants
  • Boston, US Boston Ransomware Negotiation Consultants Remote Boston Ransomware Settlement Negotiation Consulting New England
  • Boston-Cambridge Small Business Specialist 24/7/365 Boston-Cambridge Computer Expert
  • Cisco Support Company Boston Cambridge Cisco Network Specialists New England

  • Cisco Planning Network Solutions
    Cisco Access Point System Repair

    Progent's Cisco-certified CCIE network infrastructure experts can assist your business to configure, manage, update and troubleshoot Cisco products. Progent offers Cisco, Meraki and Nexus switch consulting, ASA firewall support, Meraki and Aironet Wi-Fi access point support, Cisco VoIP phone support, and CUCM/CallManager software expertise.

  • Colocation IT Consulting Boston Massachusetts Largest Internet Data Center Information Technology Outsourcing Firms Boston, MA

  • Award Winning Trend Micro Forensics Services
    After Hours Fortinet Security Consulting

    Progent provides small and medium size companies expert consulting for Intrusion Protection products and IPsec VPN technology from leading firewall and VPN security vendors including WatchGuard, Juniper Networks, and SonicWall. Progent can help you design a comprehensive security strategy and select the right technologies from multiple vendors to achieve your security objectives while staying within your budget restraints.

  • Cybersecurity Organizations Firewall Boston Boston Massachusetts Security Security Companies

  • Network Testing Lab Engineers
    Business Continuity Testing Services

    Progent's Test and Training Lab located at the QTS Data Center is available for piloting line-of-business applications, creating cost-effective migration procedures, assessing and optimizing performance, designing or validating disaster recovery solutions, mitigating compatibility problems, and building training systems for the latest products and technologies. For Progent customers who lack adequate internal resources to configure effective test environments, Progent's Test and Training Lab reduces capital costs and engineering risk and helps keep vital network initiatives on schedule.

  • Exchange 2007 Server Consulting Services Integration Services Exchange Server 2007

  • VoIP PBX Consulting Job Opening
    24/7/365 Virtual Office Technology Subcontractor Job

    Progent's work environment will make you a more capable consultant by improving your technical knowledge and boosting the loyalty of your clients. Progent delivers this commitment by attracting the best professional talent for you to work with, providing an advanced network and communications architecture, running proprietary application utilities to deliver the highest level of support, and by streamlining proven business models for attracting and keeping customers.

  • Exchange and Apple Mac Outsourcing Outlook Web App and Mac Troubleshooting
  • Gentoo Linux, Sun Solaris, UNIX Technical Support Services Boston CentOS Linux, Solaris, UNIX Online Support Boston, MA
  • IP Address Management IT Consultants 24/7 Automatic Network Topology Diagrams IT Services

  • Information Transfer Technical Consultant
    Consultant Services Information Transfer

    Progent practices information transfer from Progent's support experts to clients. By teaching customers to resolve technical issues that are within their scope, Progent can concentrate on providing high-value services where Progent faces little competition. Small companies who work with familiar independent consultants or who maintain internal IT personnel benefit when Progent transfers information about critical technology and tested methodologies to make their IT environments more reliable, protected, and efficient.

  • IT Co-sourcing White Papers IT Outsourcing and Co-sourcing White Paper
  • IT Services Juniper Junos Network and Security Manager Juniper Junos BGT Security Consulting

  • Consult Security Inventory
    Wireless Security Scan Engineers

    Progent provides small businesses a pair of ultra-affordable network security inventory packages that include, at a preset fee, remotely managed scans of your network security profile which are analyzed by certified information security specialists who interpret the data collected by the remote scan, deliver objective summaries of your existing network security, and offer suggestions for improvements. Progent has developed two non-overlapping security evaluation packages for external and internal security scanning that are priced to fit the restricted budgets of small companies while providing enterprise-quality evaluations of your IT network's vulnerability to assault.

  • Juniper J2320 Router Protect Security Tech Services Juniper J2350 Router
  • Boston DopplePaymer Ransomware Rollback Boston
  • MCSE Expert Certified ISA 2000 Server Network Consulting Microsoft Firewall Online Support Services
  • Microsoft Dynamics GP Solution Provider near me in Boston - Training Help Boston, Suffolk County Dynamics GP Dealer in Boston - Training Consultant Boston Massachusetts

  • Work from Home Configuration
    Consultant Call Desk for Remote Workforce

    File summary_Work-from-Home-Support-Experts.htm.asp does not exist



  • Microsoft Expert SCCM 2016 MDM Specialists SCCM 2016 Hybrid Integration Consultant Services
  • Microsoft SharePoint Technical Consultant Boston Massachusetts SharePoint 2010 Troubleshooting Boston
  • Microsoft and Cisco Mid-sized Office Design Company SMB Network Consulting Firms
  • New England Boston At Home Workforce Infrastructure Assistance Telecommuters Consulting near Boston - Integration Consulting New England

  • Immediate Information Technology Consulting Meraki MR18 Access Point
    Consulting Services Meraki Outdoor Wi-Fi AP

    Progent's Meraki wireless AP experts offer remote and on-premises support to help businesses of any size to plan, install, maintain, expand or debug Wi-Fi systems that include Cisco Meraki wireless access points. Progent can help you to configure and manage Cisco's Meraki-based Wi-Fi infrastructure for environments that can range from a teleworker's home or a remote office to a large campus or a multi-site enterprise. Progent can also help you to integrate other Cisco products such as switches, ASR routers and ASA firewalls to build a seamless network infrastructure that provides identical access, responsiveness, security, ease of management and availability for wired and Wi-Fi users irrespective of their mobility or computing device.

  • Boston Dharma Ransomware Restoration Boston Cambridge
  • Online Consulting BlackBerry Exchange BlackBerry Desktop Manager Consulting
  • Online Consulting Planning Phase: Design and Architecture Proposals Developing Phase: Pilots Integration Companies

  • Setup and Support Anti-Spam
    Anti-Virus Support and Help

    E-Mail Guard is Progent's economical spam filtering and virus defense solution that offers small companies enterprise-quality defense from spam, viruses, directory harvesting, and other forms of email-borne attacks on computer systems. E-Mail Guard is powered by Postini's perimeter management technology, a full suite of web-managed anti-spam and anti-virus services that ward off email attacks before they can breech the network firewall. Perimeter Manager also lets administrators monitor and control their email application, regardless of server platform, hardware type, or geographic location.

  • Boston WannaCry Crypto-Ransomware System-Restore Boston Cambridge
  • ProSight Email Spoofing Protection Consultant Email Predictive Sender Profiling Specialists
  • Ransomware Cleanup and Restore Boston, Suffolk County Egregor Ransomware Hot Line Boston Massachusetts
  • Ransomware Recovery IT Consultant Dharma ransomware protection and recovery Services
  • Remote Workforce Consultants in Boston - Video Conferencing Systems Expertise Boston Remote Workers Voice/Video Conferencing Technology Guidance Boston

  • UNIX Online Integration Consulting
    Solaris Online Outsourcing IT

    Progent offers nationwide online phone support and consulting services for companies that operate Sun Solaris networks or whose information systems include a combination of Solaris and Microsoft Windows products. Online technical support offers optimum return for your information technology budget by extending client productivity and limiting the time charged for network repair services. Advanced remote support tools and skilled service specialists and consultants combine to enable Progent to solve most network issues without squandering time and money by traveling to your site. In most of cases your IT issues can be dealt with over the phone or via a combination of telephone help and remote connectivity. Progent can offer the services of Cisco CCIE network engineers and CISA and CISM premier security professionals to help you with the most difficult system issues.

  • Remote Workforce Consultants near Boston - VoIP Solutions Consultants Remote Workers Consultants near me in Boston - IP Voice Solutions Consulting and Support Services Boston Cambridge

  • Microsoft Certified Expert Consulting Services Azure enterprise hybrid cloud solutions
    Azure enterprise hybrid cloud solutions Consultant Services

    Progent can help businesses of any size to migrate any part of their network infrastructure to Microsoft Azure. This can streamline IT management and lower equipment investments. Azure offers a wealth of cloud services and Progent can assist you to evaluate the advantages and restrictions of different cloud networking architectures supported by Azure. Progent can help you administer cloud-based or hybrid cloud and local applications and resources and ensure that you avoid the common errors small companies make when moving to a public cloud. Progent can show you how to configure cloud servers on Azure Virtual Machines, utilize VHD storage with Azure Storage, handle user identity with Azure Active Directory, and create backup-and-recovery services with Azure Backup. Progent can also assist you to prepare perimeter firewalls and IPsec VPN connections and to integrate iPhones and iPads and Google Android handhelds.

  • SQL 2014 Troubleshooting New England, U.S.A. SQL Server 2012 Consulting Organization Boston, Suffolk County
  • SQL Server 2012 AlwaysOn Professionals SQL Server Management Studio Online Consulting
  • SQL Server Management Studio Remote Troubleshooting SQL Server 2012 Network Consultant
  • Telecommuters Boston Consulting and Support Services - Connectivity Solutions Consulting Services Boston At Home Workforce Consulting near Boston - Solutions Consulting Services

  • Top Online Support Services Threat Management Gateway
    Threat Management Gateway 2010 Consulting

    Microsoft Forefront Threat Management Gateway builds on the powerful security technologies of Internet Security and Acceleration Server and offers a centrally managed web gateway that acts as a single-server platform for a variety of security features such as an application layer and network layer firewall, URL monitoring and filtering, malware inspection, IPS, application proxy, Virtual Private Network control, and HTTP/HTTPS inspection. Forefront Threat Management Gateway provides comprehensive web security logging and reporting features, allows customized reporting generated by SQL Server, works with Active Directory to simplify authentication and policy enforcement, and can be operated as a virtual machine to cut expenses and improve availability. Progent's Microsoft-certified engineers can assist your company to design and carry out pilot and production deployments; interface Forefront Threat Management Gateway 2010 with Windows 2008 R2, AD, Microsoft SQL Server, Exchange Server, and SharePoint; install Microsoft Forefront Threat Management Gateway 2010 to run on a virtual server with Windows Hyper-V; and deliver continuing support and repair services. Progent can also assist your organization to migrate smoothly to Microsoft Forefront Threat Management Gateway from Microsoft ISA Server 2006 or 2004.

  • Top Ranked Small Business Network Management Services Consultants Network Management Outsourcing for Small Businesses Specialist

  • Immediate Apple iPhone On-site Support
    Apple OS X and macOS Network Consulting

    Progent's consultants offer Apple macOS and Mac OS X users a range of services including workstation support, Apple macOS and OS X expertise, Mac integration with Windows networks, Entourage and email help, security services, and custom education. Progent can assist businesses to migrate to macOS from OS X or other earlier editions of OS X and Progent can provide help with Apple Mac application software. Progent's specialists in Apple technology can also assist you with Apple iPhone support and iPad management, or migrating to Apple's iCloud services. For computer environments built solely on Mac OS X or for networks with a mix of Mac, Linux and Windows based servers and desktops, Progent's Apple, Cisco, and Microsoft consultants have the background and depth to deal with the complexity of planning, integrating and supporting a network infrastructure that is available, safe, fast and able to achieve your company's objectives.

  • Top Ranked Boston Ransomware Operational-Recovery
  • Urgent Boston Crypto Remediation Consultants Boston, Suffolk County Boston, Suffolk County 24/7 Boston Crypto Repair Support Services
  • Windows 2008 Server Problem Resolution Boston, MA After Hours Windows 2008 Server Network Setup

  • Services Fault Tolerant Collocation
    High-Availability Data Center Technical Consultant

    Progent's Data Center professionals can help you find high availability data centers that meet the particular needs of your business. High availability co-location sites are especially attractive to small organizations due to of their low cost and convenience in comparison to pursuing a do-it-yourself approach. Trying to build an on-site data center that offers even a basic level of fault tolerance is too expensive for most small organizations. Progent can help you get all the benefits of non-stop data centers and fault tolerant colo sites by providing a full array of engineering and support services.

  • Work at Home Employees Consulting nearby Boston - Security Systems Consultants Boston Cambridge Boston Teleworkers Endpoint Security Systems Consulting Experts Boston Massachusetts
  • Work at Home Employees Guidance - Boston - Help Desk Call Center Augmentation Expertise Boston Cambridge At Home Workers Guidance nearby Boston - Help Desk Solutions Consulting Services Boston, Suffolk County
  • macOS VPN Consulting Macintosh Virus Protection Engineers
  • Award Winning Boston Sodinokibi Ransomware Recovery Boston Massachusetts
  • ransomware cleanup and recovery Services ransomware data recovery Professionals
  • ransomware recovery planning Professional Egregor ransomware protection and recovery Professionals

  • Technical Support Cisco Virtual Private Network
    Cisco Virtual Private Network Network Consulting

    Cisco's network security and remote connection technology for small businesses offer a comprehensive line of manageable security solutions to help safeguard your local and remote information system. Cisco's Virtual Private Network line features switches, firewalls, intrusion detection systems and Virtual Private Network appliances. Progent's professional consulting staff includes experienced engineers with Cisco CCIE and Cisco Certified Network Professional certifications who are able to help your business to select Cisco VPN, Cisco RADIUS Security, Cisco Aironet and Meraki Wi-Fi access points, and other Cisco security technologies that fit best with your business objectives.


    © 2002-2021 Progent Corporation. All rights reserved.