What We Do

Small Office Consultant Medium Size Business Network Specialists Network Co-sourcing White Paper Transit District Network Integration Experts IT Help for VAR Supplemental Desktop Staffing

Local Office

646-969-5696
30 Broad St
23rd Floor
New York City, NY 10004

Solution Areas

Microsoft Hyper-V Server 2008 Repair Exploit Identification Experts Employee Helpdesk Outsourcing Cisco Wireless IP Phone Consultant Monitoring and Reporting Consultancies Unified Messaging Migration Consultant vRealize Orchestrator Support Consultant MS Office Excel 2016 Architect Smartphone Upgrade Companies

Work At-Home Zoom IT Service Companies Windows 2019 Troublshooting Specialists Wireless WAP Reporting Dynamics 365 Business Central Troublshooting CCIE Architect VMWare VCP5-DCV Certified Experts

Certified Experts

Configuration Supplier Cisco ASR Maintenance Consulting Cisco Meraki Expert Cisco IP Voice Unified CCX Integration Cisco OSPF IT Service Firm Cisco Firewalls Management Contractor

Certified Experts

Windows 2008 OS Services Organization Exchange Server Version Consulting SQL Server 2008 Repair Skype Server Consultants SCCM Integration SCCM 2016 Management Consultant Microsoft SharePoint Great Plains Software SSAS Management

24-7 Lower Manhattan Emergency Crypto Malware Damage Assessment and Repair Support

For Essential Computer Networks Case Study: Crypto-Ransomware Virus Repair and Business Restoration

Crypto-Ransomware : Your Feared Information Technology Catastrophe
Ransomware Recovery Experts Ransomware has become a modern cyberplague that presents an enterprise-level threat for businesses of all sizes poorly prepared for an assault. Versions of crypto-ransomware like the Reveton, CryptoWall, Locky, SamSam and MongoLock cryptoworms have been replicating for a long time and still cause harm. Modern strains of ransomware such as Ryuk and Hermes, along with frequent as yet unnamed malware, not only do encryption of on-line data files but also infiltrate any configured system backup. Data synched to off-site disaster recovery sites can also be encrypted. In a poorly architected environment, this can render any recovery hopeless and effectively sets the datacenter back to square one.

Recovering services and data after a ransomware outage becomes a race against the clock as the targeted organization struggles to contain the damage and clear the crypto-ransomware and to resume enterprise-critical activity. Since ransomware requires time to move laterally, penetrations are frequently sprung at night, when penetrations may take longer to discover. This compounds the difficulty of rapidly mobilizing and coordinating a capable mitigation team.

Progent has an assortment of support services for protecting enterprises from ransomware penetrations. These include team member education to help identify and not fall victim to phishing attempts, ProSight Active Security Monitoring for remote monitoring and management, plus setup and configuration of next-generation security appliances with artificial intelligence capabilities to quickly detect and quarantine day-zero cyber threats. Progent also offers the services of experienced crypto-ransomware recovery consultants with the skills and commitment to re-deploy a breached environment as quickly as possible.

Progent's Crypto-Ransomware Restoration Help
Following a crypto-ransomware event, sending the ransom demands in cryptocurrency does not ensure that criminal gangs will return the needed keys to decipher any of your information. Kaspersky Labs determined that 17% of ransomware victims never restored their files even after having sent off the ransom, resulting in additional losses. The gamble is also expensive. Ryuk ransoms often range from fifteen to forty BTC ($120,000 and $400,000). This is greatly higher than the usual ransomware demands, which ZDNET averages to be around $13,000. The fallback is to re-install the essential components of your Information Technology environment. Without the availability of full information backups, this calls for a broad complement of skill sets, professional project management, and the willingness to work continuously until the task is completed.

For decades, Progent has made available expert Information Technology services for businesses in Lower Manhattan and throughout the United States and has earned Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have earned top industry certifications in important technologies such as Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security experts have earned internationally-renowned industry certifications including CISA, CISSP-ISSAP, CRISC, and GIAC. (Refer to Progent's certifications). Progent in addition has expertise in financial systems and ERP applications. This breadth of expertise gives Progent the skills to quickly determine necessary systems and integrate the remaining pieces of your Information Technology system following a crypto-ransomware event and rebuild them into an operational system.

Progent's recovery group uses state-of-the-art project management tools to orchestrate the complicated recovery process. Progent knows the urgency of working swiftly and in unison with a customer’s management and IT staff to prioritize tasks and to put the most important services back on line as soon as possible.

Case Study: A Successful Ransomware Incident Restoration
A business sought out Progent after their network was crashed by Ryuk ransomware virus. Ryuk is generally considered to have been developed by North Korean government sponsored hackers, suspected of using technology leaked from the U.S. NSA organization. Ryuk goes after specific businesses with little or no ability to sustain disruption and is among the most profitable examples of ransomware malware. Headline victims include Data Resolution, a California-based info warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a small manufacturer located in the Chicago metro area and has around 500 staff members. The Ryuk attack had shut down all business operations and manufacturing capabilities. The majority of the client's data protection had been online at the beginning of the attack and were eventually encrypted. The client was taking steps for paying the ransom (in excess of $200K) and wishfully thinking for the best, but ultimately made the decision to use Progent.

"I cannot thank you enough about the expertise Progent gave us during the most fearful time of (our) company’s life. We most likely would have paid the cyber criminals behind the attack if not for the confidence the Progent group provided us. The fact that you were able to get our messaging and production servers back into operation quicker than one week was incredible. Each staff member I worked with or e-mailed at Progent was urgently focused on getting our system up and was working at all hours to bail us out."

Progent worked with the client to rapidly get our arms around and prioritize the most important elements that needed to be addressed to make it possible to resume business operations:

Microsoft Active Directory
E-Mail
MRP System

To start, Progent adhered to Anti-virus incident response best practices by isolating and clearing infected systems. Progent then began the work of rebuilding Active Directory, the key technology of enterprise networks built upon Microsoft technology. Microsoft Exchange Server messaging will not operate without AD, and the businesses’ financials and MRP software leveraged Microsoft SQL Server, which needs Windows AD for access to the data.

In less than 2 days, Progent was able to rebuild Active Directory to its pre-attack state. Progent then initiated rebuilding and storage recovery on needed applications. All Exchange Server schema and attributes were usable, which greatly helped the restore of Exchange. Progent was able to collect intact OST data files (Outlook Email Offline Data Files) on team workstations and laptops in order to recover email data. A not too old off-line backup of the client's financials/MRP software made them able to return these required applications back available to users. Although major work was left to recover completely from the Ryuk virus, core services were restored rapidly:

"For the most part, the production operation did not miss a beat and we delivered all customer sales."

During the next few weeks important milestones in the restoration process were accomplished through tight cooperation between Progent engineers and the client:

Internal web applications were restored without losing any information.
The MailStore Microsoft Exchange Server containing more than four million historical emails was brought online and accessible to users.
CRM/Product Ordering/Invoicing/Accounts Payable/Accounts Receivables (AR)/Inventory Control functions were fully recovered.
A new Palo Alto Networks 850 firewall was set up.
90% of the user desktops and notebooks were back into operation.

"A lot of what happened during the initial response is nearly entirely a haze for me, but I will not forget the dedication all of your team put in to give us our business back. I have been working together with Progent for the past 10 years, maybe more, and each time I needed help Progent has outperformed my expectations and delivered. This time was a Herculean accomplishment."

Conclusion
A probable business-killing disaster was dodged due to dedicated experts, a broad array of IT skills, and close collaboration. Although in hindsight the ransomware virus penetration detailed here could have been blocked with current cyber security systems and best practices, staff education, and well designed security procedures for information backup and applying software patches, the fact remains that government-sponsored cyber criminals from Russia, China and elsewhere are relentless and will continue. If you do get hit by a ransomware attack, remember that Progent's roster of experts has a proven track record in ransomware virus defense, removal, and information systems disaster recovery.

"So, to Darrin, Matt, Aaron, Dan, Jesse, Arnaud, Allen, Tony and Chris (along with others that were contributing), thank you for letting me get some sleep after we made it past the initial push. All of you did an fabulous effort, and if anyone that helped is visiting the Chicago area, dinner is my treat!"

To read or download a PDF version of this customer story, click:
Progent's Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

Additional Ransomware Protection Services Available from Progent
Progent offers companies in Lower Manhattan a range of remote monitoring and security evaluation services to help you to reduce the threat from crypto-ransomware. These services incorporate next-generation machine learning capability to detect new variants of ransomware that are able to evade traditional signature-based security products.

ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
ProSight Active Security Monitoring is an endpoint protection (EPP) service that utilizes next generation behavior-based machine learning tools to guard physical and virtual endpoints against modern malware assaults like ransomware and email phishing, which routinely get by traditional signature-based anti-virus products. ProSight Active Security Monitoring protects on-premises and cloud resources and provides a single platform to automate the entire malware attack lifecycle including blocking, detection, mitigation, remediation, and forensics. Key capabilities include one-click rollback using Windows Volume Shadow Copy Service (VSS) and real-time network-wide immunization against newly discovered attacks. Read more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware recovery.
ProSight Enhanced Security Protection (ESP): Endpoint Protection and Microsoft Exchange Email Filtering
Progent's ProSight Enhanced Security Protection (ESP) services deliver economical multi-layer security for physical and virtual servers, desktops, smartphones, and Exchange Server. ProSight ESP utilizes contextual security and advanced machine learning for continuously monitoring and responding to cyber threats from all attack vectors. ProSight ESP offers two-way firewall protection, penetration alerts, endpoint control, and web filtering through cutting-edge tools incorporated within one agent accessible from a single control. Progent's security and virtualization consultants can assist you to plan and implement a ProSight ESP deployment that meets your company's unique requirements and that helps you prove compliance with legal and industry data protection regulations. Progent will assist you specify and implement policies that ProSight ESP will enforce, and Progent will monitor your IT environment and react to alerts that call for immediate attention. Progent's consultants can also help your company to set up and verify a backup and restore solution like ProSight Data Protection Services (DPS) so you can get back in business quickly from a potentially disastrous security attack such as ransomware. Learn more about Progent's ProSight Enhanced Security Protection (ESP) unified endpoint security and Microsoft Exchange filtering.
ProSight Data Protection Services: Managed Backup and Recovery
ProSight Data Protection Services from Progent provide small and medium-sized businesses a low cost and fully managed solution for secure backup/disaster recovery. For a fixed monthly rate, ProSight Data Protection Services automates and monitors your backup processes and enables fast restoration of critical files, applications and virtual machines that have become unavailable or damaged due to component failures, software glitches, natural disasters, human error, or malicious attacks such as ransomware. ProSight Data Protection Services can help you back up, retrieve and restore files, folders, applications, system images, plus Hyper-V and VMware virtual machine images. Critical data can be backed up on the cloud, to an on-promises storage device, or mirrored to both. Progent's cloud backup specialists can deliver advanced support to set up ProSight DPS to to comply with regulatory standards such as HIPPA, FIRPA, and PCI and, whenever needed, can help you to restore your critical data. Find out more about ProSight Data Protection Services Managed Backup and Recovery.
ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that uses the technology of leading information security vendors to deliver centralized control and comprehensive security for all your email traffic. The powerful architecture of Progent's Email Guard managed service combines a Cloud Protection Layer with a local gateway device to provide complete defense against spam, viruses, Denial of Service (DoS) Attacks, DHAs, and other email-borne threats. Email Guard's Cloud Protection Layer serves as a preliminary barricade and blocks most unwanted email from making it to your network firewall. This reduces your vulnerability to inbound attacks and conserves network bandwidth and storage space. Email Guard's on-premises security gateway appliance adds a deeper layer of inspection for inbound email. For outbound email, the onsite gateway offers AV and anti-spam protection, policy-based Data Loss Prevention, and email encryption. The onsite gateway can also assist Microsoft Exchange Server to monitor and safeguard internal email that stays inside your corporate firewall. For more information, see Email Guard spam filtering and data leakage protection.
ProSight WAN Watch: Infrastructure Management
Progent’s ProSight WAN Watch is an infrastructure management service that makes it simple and inexpensive for smaller businesses to map, monitor, enhance and troubleshoot their networking appliances such as switches, firewalls, and wireless controllers plus servers, printers, client computers and other devices. Incorporating state-of-the-art Remote Monitoring and Management (RMM) technology, ProSight WAN Watch ensures that network diagrams are kept current, captures and manages the configuration information of virtually all devices on your network, tracks performance, and generates notices when problems are detected. By automating complex network management processes, ProSight WAN Watch can cut hours off common tasks like making network diagrams, reconfiguring your network, finding appliances that need critical updates, or isolating performance problems. Learn more about ProSight WAN Watch network infrastructure management consulting.
ProSight LAN Watch: Server and Desktop Monitoring
ProSight LAN Watch is Progent’s server and desktop remote monitoring managed service that incorporates advanced remote monitoring and management technology to help keep your IT system running at peak levels by checking the state of critical computers that power your business network. When ProSight LAN Watch detects an issue, an alert is transmitted automatically to your designated IT personnel and your assigned Progent consultant so any potential problems can be resolved before they have a chance to disrupt your network. Learn more details about ProSight LAN Watch server and desktop remote monitoring services.
ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
With Progent's ProSight Virtual Hosting service, a small or mid-size business can have its key servers and apps hosted in a protected Tier III data center on a fast virtual host configured and managed by Progent's network support professionals. Under the ProSight Virtual Hosting service model, the client owns the data, the OS software, and the apps. Because the system is virtualized, it can be moved immediately to an alternate hosting environment without requiring a lengthy and technically risky configuration process. With ProSight Virtual Hosting, you are not tied one hosting service. Find out more details about ProSight Virtual Hosting services.
ProSight IT Asset Management: Network Documentation Management
Progent's ProSight IT Asset Management service is an IT infrastructure documentation management service that allows you to create, maintain, retrieve and protect information related to your network infrastructure, procedures, business apps, and services. You can quickly locate passwords or serial numbers and be alerted automatically about impending expirations of SSL certificates ,domains or warranties. By cleaning up and organizing your IT documentation, you can eliminate as much as 50% of time spent searching for critical information about your network. ProSight IT Asset Management includes a centralized repository for holding and collaborating on all documents related to managing your network infrastructure like recommended procedures and How-To's. ProSight IT Asset Management also offers a high level of automation for collecting and associating IT information. Whether you’re planning improvements, performing maintenance, or reacting to an emergency, ProSight IT Asset Management delivers the information you need the instant you need it. Learn more about Progent's ProSight IT Asset Management service.

For Lower Manhattan 24/7/365 Crypto-Ransomware Remediation Help, contact Progent at 800-993-9400 or go to Contact Progent.

An index of content::

24 Hour Juniper SSG Series Router Compliance Audit Protecting Juniper SSG20 Router

At Home Workers Consulting Experts in Lower Manhattan - Help Desk Call Center Augmentation Consulting and Support Services Manhattan-East Village Lower Manhattan-Tribeca, NY Remote Workers Guidance - Lower Manhattan - Help Desk Call Center Augmentation Consulting Experts

Extended Helpdesk Online Consulting
Shared Help Desk IT Consultants

Progent’s Co-managed Help Desk service makes it possible for your business to share the load for Help Desk services transparently between your IT staff and Progent's nationwide pool of seasoned technical support engineers and matter experts (SMEs). Progent’s Help Desk Co-management service is a collaborative support solution based on the top shared professional services automation (PSA) tool for handling end-user service requests, ticket lifecycle, responsibility, status tracking, and reporting.

At Home Workforce Lower Manhattan Consulting Services - Support Consulting Experts Downtown Manhattan-Tribeca, New York Lower Manhattan Teleworkers Integration Solutions Assistance Manhattan-East Village, NY

Award Winning BlackBerry Exchange Upgrade New York City-Wall Street, NY BlackBerry Enterprise Server Computer Network Consultants Downtown Manhattan-East Village, NY

Biggest IT Staff Temps for IT Support Groups Manhattan, NY Lower Manhattan Staffing Help Lower Manhattan-East Village

Cisco and Microsoft Certified Lower Manhattan New York Server Consultants New York, New York Small Business Network Support

Remote Monitoring and Reporting Technology Consulting Services
Monitoring and Reporting Troubleshooting

Progent's Microsoft-certified consulting experts have more than 10 years of experience planning, implementing, enhancing and troubleshooting SCOM environments and offer organizations of all sizes expert online or onsite consulting support for SCOM 2012. Progent can assist your company to design a topology for SCOM 2012 servers that provides the responsiveness and availability required to watch over your datacenter effectively, whether your infrastructure are onsite, in the cloud, or a hybrid solution. Progent's SCOM consultants can also assist you to install and set up System Center 2012 Operations Manager management packs based on industry best practices for monitoring network infrastructure as well as both Microsoft and third-party applications and services. Also, Progent can provide fast remote or onsite troubleshooting to help you to fix critical problems uncovered by SCOM 2012.

Exchange Implementation Support Manhattan-Lower Manhattan, NY 24 Hour Exchange Server 2010 System Engineers Manhattan-Wall Street

Firewall Firewall Configure Lower Manhattan-Wall Street, NY Security Security Consultants New York City-Wall Street, New York

Lower Manhattan Ransomware Cleanup Experts Downtown Manhattan, NY

Hybrid Exchange Online and Exchange on-premises On-site Support Expert Microsoft Certified Remote Technical Support Exchange Online Archiving

CRS Core Router Integration
1800 ISR Router Remote Consulting

Cisco has designed a full product line of routers that includes routers built to provide the security, bandwidth, and availability required by organizations ranging from small businesses to worldwide enterprises and service providers. Cisco routers feature support for redundancy, transparent failover, and redundant power for improved fault tolerance and network uptime. Progent can show you how to select and integrate Cisco routers to build a reliable infrastructure for your IT system and to make it economical to expand as you support new users, open new offices, deploy new services, extend your network to clients and partners, and support an increasingly mobile workforce. Progent can provide expertise in a range of routers powered by the Cisco IOS operating system, including the Cisco 800 series of small office routers, Cisco 1800 and 2800 ISR routers, Cisco 2900 and 3900 Generation 2 Integrated Services Routers, Cisco ASR 1000 and 9000 routers for WAN edge applications, CRS Carrier Routing System for core Networks, plus older 2500 and 2700 Series Routers.

IT Manager Microsoft SQL 2008 NYC-Tribeca, New York Downtown Manhattan, New York Microsoft SQL Server 2016 Computer Consultancy Company

Immediate Work at Home Employees Consultants in Lower Manhattan - IP Voice Systems Consulting Services Manhattan, New York Work from Home Employees Lower Manhattan Expertise - IP Voice Technology Consultants New York City-Downtown

MRTG Online Support Services Nagios for Linux Consultancy

New York City IT Consulting Group NYC System Recovery

Remote Workers Infrastructure On-site Technical Support
Technical Support Services At Home Employees Infrastructure

Progent can help small and medium-size businesses to plan, deploy and debug the network infrastructure to support remote workers.

New York City Top Lower Manhattan Teleworkers Infrastructure Consulting Experts Lower Manhattan Remote Workers Integration Consulting Manhattan-SoHo, NY

Red Hat Linux, Sun Solaris, UNIX Support Services Downtown Manhattan-Tribeca, New York NYC Suse Linux, Solaris, UNIX IT Consulting

Remote Meraki MR52 Access Point IT Services Support Outsourcing Meraki MR72 Access Point

Sales Office Troubleshooting Branch Office Technical Support

Lower Manhattan Crypto Cleanup Lower Manhattan-Downtown, New York

Service Desk Sharing Technology Consulting Services Supplemental Help Desk Specialists

System Recovery Cisco Lower Manhattan-Lower Manhattan, NY Cisco Integration Group

MCSE Expert Certified Threat Management Gateway 2010 Help and Support
Forefront Threat Management Gateway 2010 Online Help

Microsoft Forefront Threat Management Gateway 2010 is based on the powerful security capabilities of ISA Server and provides a easily managed Internet gateway that acts as a one-server solution for a variety of security functions such as an multi-layer firewall, URL monitoring and filtering, malware inspection, IPS, application proxy, VPN control, plus HTTP and HTTPS inspection. Forefront Threat Management Gateway includes comprehensive web security logging and reporting features, permits customized reporting powered by SQL Server, works with Active Directory to simplify authentication, and can be operated as a virtual machine to lower costs and improve availability. Progent's Microsoft engineers can help you to design and carry out pilot and production implementations; interface Microsoft Forefront Threat Management Gateway 2010 with Windows Server 2008, AD, Microsoft SQL Server, Exchange Server, and Microsoft SharePoint 2010; set up Microsoft Forefront TMG 2010 to run on a virtual machine with Microsoft Windows Hyper-V; and provide continuing support and repair services. Progent's consultants can also help you to migrate smoothly to Forefront Threat Management Gateway from Microsoft ISA Server 2006 or 2004.

Crypto-Ransomware Cleanup Help New York City-Lower Manhattan, NY

Technology Consulting Services Microsoft SharePoint Server 2010 SharePoint 2013 Onsite Technical Support Manhattan-Wall Street, NY

Top Ranked Remote Workers Consultants in Lower Manhattan - Backup/Recovery Solutions Consulting Services New York City NY Offsite Workforce Consulting Services near Lower Manhattan - Backup Technology Consulting Experts Manhattan-Lower Manhattan, New York

24/7 Emergency Lower Manhattan Crypto-Ransomware Cleanup

Walnut Creek Contra Costa County Remote Microsoft Consulting Part-Time Job Top Ranked Microsoft MCTS Consultant Employment Pittsburgh California

Windows Server 2016 IT Outsourcing Group NYC-Tribeca Manhattan-East Village Microsoft Windows Server 2019 IT Outsourcing Firms

Work at Home Employees Lower Manhattan Consulting Services - Management Tools Consulting and Support Services Remote Workers Lower Manhattan Expertise - Endpoint Management Tools Consulting NYC-Lower Manhattan, NY

Work from Home Employees Lower Manhattan Consulting Services - Collaboration Systems Assistance Manhattan-Wall Street, New York Lower Manhattan, NY Offsite Workforce Lower Manhattan Guidance - Collaboration Systems Consulting Experts