Crypto-Ransomware : Your Feared IT Catastrophe
Ransomware  Recovery ExpertsCrypto-Ransomware has become a modern cyber pandemic that presents an enterprise-level danger for organizations vulnerable to an assault. Versions of ransomware like the CryptoLocker, WannaCry, Locky, NotPetya and MongoLock cryptoworms have been out in the wild for many years and still cause havoc. More recent variants of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Egregor, as well as frequent as yet unnamed newcomers, not only encrypt on-line files but also infiltrate any configured system backups. Files synchronized to the cloud can also be encrypted. In a poorly designed data protection solution, this can make automated recovery useless and effectively sets the entire system back to square one.

Getting back programs and information after a crypto-ransomware event becomes a race against time as the victim struggles to stop lateral movement and remove the ransomware and to resume enterprise-critical operations. Since ransomware needs time to replicate, attacks are frequently launched at night, when successful attacks are likely to take more time to recognize. This multiplies the difficulty of rapidly mobilizing and organizing a capable response team.

Progent offers a range of solutions for protecting Miami Beach enterprises from ransomware attacks. These include team member training to help recognize and avoid phishing scams, ProSight Active Security Monitoring (ASM) for remote monitoring and management, along with installation of the latest generation security solutions with artificial intelligence capabilities to automatically discover and extinguish zero-day threats. Progent also offers the services of experienced ransomware recovery professionals with the talent and perseverance to reconstruct a compromised environment as urgently as possible.

Progent's Crypto-Ransomware Restoration Services
Soon after a crypto-ransomware event, even paying the ransom in cryptocurrency does not provide any assurance that cyber criminals will return the keys to decipher any of your information. Kaspersky Labs ascertained that seventeen percent of ransomware victims never recovered their data after having paid the ransom, resulting in increased losses. The risk is also very costly. Ryuk ransoms often range from 15-40 BTC ($120,000 and $400,000). This is greatly above the typical ransomware demands, which ZDNET estimated to be around $13,000 for small businesses. The alternative is to piece back together the essential parts of your IT environment. Without the availability of complete data backups, this calls for a wide complement of skills, top notch team management, and the ability to work 24x7 until the recovery project is completed.

For decades, Progent has provided professional Information Technology services for businesses throughout the US and has achieved Microsoft's Gold Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts (SMEs) includes consultants who have been awarded top certifications in leading technologies including Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cyber security specialists have garnered internationally-recognized certifications including CISM, CISSP-ISSAP, CRISC, and SANS GIAC. (See Progent's certifications). Progent in addition has expertise in financial management and ERP application software. This breadth of expertise gives Progent the ability to rapidly identify critical systems and consolidate the remaining parts of your Information Technology system following a ransomware event and assemble them into a functioning network.

Progent's recovery team of experts uses best of breed project management systems to orchestrate the sophisticated recovery process. Progent understands the urgency of working rapidly and together with a customerís management and Information Technology team members to prioritize tasks and to put the most important systems back on line as fast as humanly possible.

Client Case Study: A Successful Crypto-Ransomware Attack Restoration
A small business sought out Progent after their network was brought down by Ryuk ransomware. Ryuk is generally considered to have been launched by Northern Korean state criminal gangs, suspected of using technology exposed from the United States National Security Agency. Ryuk seeks specific organizations with little or no room for operational disruption and is one of the most lucrative versions of ransomware. Major targets include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a small manufacturer based in the Chicago metro area with around 500 workers. The Ryuk event had shut down all business operations and manufacturing processes. The majority of the client's data protection had been online at the start of the intrusion and were encrypted. The client considered paying the ransom demand (more than two hundred thousand dollars) and praying for the best, but in the end engaged Progent.


"I canít speak enough in regards to the expertise Progent provided us throughout the most fearful time of (our) companyís life. We may have had to pay the cyber criminals except for the confidence the Progent experts afforded us. The fact that you were able to get our messaging and essential servers back into operation in less than a week was amazing. Every single consultant I worked with or e-mailed at Progent was absolutely committed on getting us restored and was working 24 by 7 to bail us out."

Progent worked hand in hand the client to rapidly understand and assign priority to the key applications that had to be addressed to make it possible to restart business operations:

  • Active Directory (AD)
  • Exchange Server
  • Accounting/MRP
To start, Progent adhered to AV/Malware Processes incident mitigation best practices by isolating and performing virus removal steps. Progent then started the process of recovering Microsoft Active Directory, the foundation of enterprise systems built upon Microsoft technology. Exchange messaging will not operate without AD, and the client's accounting and MRP software used Microsoft SQL Server, which depends on Windows AD for security authorization to the database.

Within two days, Progent was able to restore Active Directory to its pre-intrusion state. Progent then helped perform rebuilding and storage recovery of the most important systems. All Exchange Server schema and attributes were intact, which accelerated the restore of Exchange. Progent was also able to locate local OST files (Outlook Offline Data Files) on various workstations in order to recover email messages. A recent offline backup of the businesses financials/ERP software made it possible to recover these vital services back online. Although a large amount of work needed to be completed to recover totally from the Ryuk event, core services were returned to operations rapidly:


"For the most part, the manufacturing operation ran fairly normal throughout and we did not miss any customer shipments."

Throughout the following month critical milestones in the restoration process were accomplished through tight collaboration between Progent engineers and the client:

  • In-house web applications were brought back up with no loss of data.
  • The MailStore Exchange Server with over 4 million archived emails was brought on-line and accessible to users.
  • CRM/Customer Orders/Invoicing/Accounts Payable/AR/Inventory Control modules were 100 percent operational.
  • A new Palo Alto Networks 850 firewall was brought on-line.
  • Most of the user PCs were operational.

"So much of what went on during the initial response is nearly entirely a fog for me, but our team will not forget the countless hours all of you accomplished to give us our company back. I have been working with Progent for the past 10 years, possibly more, and each time I needed help Progent has outperformed my expectations and delivered. This time was no exception but maybe more Herculean."

Conclusion
A possible company-ending disaster was evaded by dedicated experts, a broad spectrum of IT skills, and close collaboration. Although in hindsight the ransomware virus attack detailed here could have been identified and stopped with modern cyber security systems and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, team education, and well thought out security procedures for backup and keeping systems up to date with security patches, the fact remains that state-sponsored criminal cyber gangs from China, North Korea and elsewhere are tireless and will continue. If you do get hit by a crypto-ransomware incident, remember that Progent's roster of experts has proven experience in ransomware virus defense, cleanup, and file disaster recovery.


"So, to Darrin, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were involved), Iím grateful for allowing me to get some sleep after we made it past the first week. All of you did an impressive effort, and if anyone that helped is visiting the Chicago area, a great meal is the least I can do!"

Download the Ransomware Cleanup Case Study Datasheet
To review or download a PDF version of this ransomware incident report, please click:
Progent's Crypto-Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24 Hour Miami Beach Network Design and Configuration Miami Beach Network Providers
  • 24-7 Telecommuters Miami Beach Consulting and Support Services - Endpoint Security Solutions Consultants Miami Beach FL Remote Miami Beach At Home Workforce Cybersecurity Solutions Consultants Miami Beach, FL, USA
  • At Home Workers Miami Beach Assistance - Call Desk Augmentation Consulting Miami Beach, Florida Offsite Workforce Expertise - Miami Beach - Call Desk Augmentation Consulting Miami Beach, USA
  • Miami Beach, Florida Miami Beach Nephilim Ransomware Recovery
  • BlackBerry Desktop Manager On-site IT Support Miami Beach, America Small Business Network Consulting Companies BlackBerry Software Miami Beach Florida

  • 24-7 Network Installation Windows 8.1 Migration
    24/7/365 Computer Consultants Windows 8.1 Training

    Progent's Microsoft-certified experts can deliver a variety of consulting services to help organizations of all sizes to deploy, manage, and support IT systems that incorporate workstations, notebooks, tablets, or smartphones powered by Microsoft Windows 8.1. For enterprises, Progent's experienced project managers can assist to create test environments to assess Microsoft Windows 8.1 and develop and execute Windows 8.1 deployment plans following industry best practices.

  • Miami Beach FL Miami Beach Egregor Ransomware Removal
  • CRISC Risk Identification Consultant Services 24/7 Network Consultant Risk Monitoring
  • Cisco Small Business Onsite Technical Support Small Office Troubleshooters
  • Emergency Miami Beach Crypto-Ransomware Remediation Consultants Miami Beach Miami Beach Hermes Ransomware Detection and Restoration Miami Beach Florida
  • Exchange 2003 Server Network Consulting Organization Miami Beach Florida, America Exchange 2016 Outsourcing Technology Miami Beach
  • Gentoo Linux, Sun Solaris, UNIX Support and Setup Miami Beach Integration Services Redhat Linux, Solaris, UNIX
  • IT Staff Augmentation for IT Service Groups Miami Beach, Florida IT Staffing Temps for IT Service Organizations Miami Beach FL
  • Immediate Miami Beach Lockbit Crypto-Ransomware Operational Recovery Miami Beach Miami Beach Miami Beach Snatch Crypto-Ransomware System-Restoration
  • Immediate Miami Beach Remote Workforce Management Solutions Consulting Experts Miami Beach FL, United States Miami Beach Offsite Workforce Endpoint Management Systems Consulting and Support Services Miami Beach, FL, America
  • Mac and Windows Integration Services macOS and Windows integration IT Services
  • Miami Beach At Home Workforce Conferencing Technology Assistance Miami Beach Florida Telecommuters Miami Beach Consulting - Voice/Video Conferencing Solutions Consulting Services

  • Virtual Office network Microsoft Consultant Contract
    Jobs Available Virtual Office Microsoft Consulting

    Progent's work environment will allow you to become a more capable consulting professional by enhancing your information technology knowledge and boosting the loyalty of your customers. Progent delivers this commitment by recruiting the top professional experts for you to operate with, offering a state-of-the-art network and communications infrastructure, using specialized application tools to deliver the maximum level of service, and by streamlining our business models for finding and maintaining clients.

  • Miami Beach Conti Crypto-Ransomware Repair Miami Beach
  • Miami Beach CISSP Cybersecurity Companies Security Intrusion Detection Miami Beach
  • Miami Beach Computer Consultancy Firms Microsoft Certified Miami Beach IT Consultant
  • Miami Beach Crypto-Ransomware Documentation Miami Beach Miami Beach Netwalker Crypto-Ransomware Forensics Investigation Miami Beach, Florida

  • Top Microsoft Certified Expert SQL Server 2014 and Windows Server 2012 R2 Online Troubleshooting
    24x7 SQL Server 2014 Cardinality Estimation Engineer

    Microsoft SQL Server 2014 includes major enhancements in key areas such as performance, uptime, security, and cloud readiness. SQL Server 2014 is the first release of SQL Server that incorporates in-memory technology that works seamlessly with all types of applications including OLTP, enterprise data warehousing, and business analytics (BI). Progent's Microsoft-certified SQL Server 2014 consultants can provide cost-effective remote and onsite services that include system design, configuration, management, remediation, and application development expertise to enable organizations of all sizes to achieve fast return from their SQL Server 2014 investment.

  • Miami Beach Crypto-Ransomware Vulnerability Miami Beach, Florida Miami Beach Ransomware Snatch Preparedness Evaluation Miami Beach, FL
  • Miami Beach Dynamics GP-Great Plains Training Expert Miami Beach, FL Dynamics GP Miami Beach VAR - Setup Consultant Miami Beach FL
  • Miami Beach Florida Miami Beach Egregor Crypto-Ransomware Operational-Recovery Miami Beach, FL Miami Beach Phobos Crypto-Ransomware Mitigation
  • Miami Beach Lockbit Ransomware Recovery Miami Beach Miami Beach Ransomware Malware Cleanup Miami Beach
  • Miami Beach Remote Workers Backup/Recovery Systems Expertise Miami Beach FL Offsite Workforce Consultants near Miami Beach - Backup/Recovery Technology Consultants Miami Beach Florida
  • Miami Beach Work at Home Employees IP Voice Solutions Consulting Services Miami Beach FL Miami Beach FL Miami Beach At Home Workforce VoIP Systems Consulting Services
  • Miami Beach, FL Immediate Miami Beach Remote Workforce Connectivity Consultants Miami Beach Teleworkers Consulting and Support Services - Miami Beach - Set up Consulting
  • Microsoft SharePoint Online Help Miami Beach FL Microsoft SharePoint Consultants Miami Beach FL, U.S.A.
  • Miami Beach Miami Beach DopplePaymer Crypto-Ransomware Rollback
  • Migration Support Cisco Miami Beach Small Business Outsourcing Cisco Miami Beach FL
  • Network Consultants Job Opening Cisco Engineers Subcontractor Job

  • UNIX Security Audit Services
    Solaris Auditing

    If your company operates a Solaris network or a mixed-platform computer system, Progent's CISM and CISSP-certified security specialists can assist your entire enterprise in a wide range of security areas such as security management procedures, security architecture and strategies, access control products and techniques, applications development security, operations security, physical security, telecommunications, infrastructure and Internet security, and disaster recovery preparedness. CISM and CISSP stipulate the fundamental competencies and worldwide standards of knowledge that information security professionals are expected to master. These accreditations give IT management the assurance that consultants who have achieved their CISM, CISSP or ISSAP certification have the experience and theory to deliver world-class security management and engineering services.

  • Offsite Workforce Miami Beach Consulting Experts - Collaboration Solutions Expertise Miami Beach, Florida Work from Home Employees Miami Beach Consulting - Collaboration Technology Guidance Miami Beach FL
  • Onsite Support SQL 2014 Miami Beach Florida SQL Server 2019 Network Specialists

  • Windows 2003 Server Support
    Microsoft Windows Server 2016 Technical Support

    The sophistication and integration demands of Microsoft Windows Servers requires a network consulting team with hands-on experience and broad knowledge in designing and building seamless, end-to-end business technology systems. The experience of Progent's Microsoft-certified experts, which averages over 10 years supporting Microsoft technology, ensures you success deploying Windows Server 2008 and Windows Server 2003 to match closely with your strategic objectives. Progentís IT services can help you with designing, deploying, managing, and supporting Windows Server solutions that increase the productivity of your IT system. Progentís consultants can assist you with Windows 2008 R2 Server, Windows 2003 Server, Windows 2000 Server, or Microsoft Windows NT Server plus Windows 8, Windows 7, Windows Vista and other desktop clients.

  • Ransomware System Rebuild Miami Beach Florida Miami Beach Ransomware Cleanup and Restore
  • Remote Workers Miami Beach Consulting Services - Infrastructure Consulting Miami Beach, Florida Miami Beach At Home Workforce Miami Beach Consulting and Support Services - Setup Consulting
  • Remote Workforce Assistance near me in Miami Beach - Cloud Technology Consulting Experts Remote Workers Miami Beach Guidance - Cloud Integration Solutions Consulting Miami Beach
  • Specialists for Miami Beach IT Support Companies Miami Beach Consulting Support for Miami Beach Network Support Organizations Miami Beach, Florida
  • Urgent Miami Beach Ryuk Crypto-Ransomware Settlement Expertise Miami Beach Ryuk Crypto-Ransomware Settlement Negotiation Support Miami Beach, Florida
  • Windows Server 2012 R2 Computer Outsourcing Consultants Miami Beach Florida Windows Server 2016 On Site service Miami Beach

  • © 2002-2022 Progent Corporation. All rights reserved.