Crypto-Ransomware : Your Worst Information Technology Nightmare
Ransomware  Remediation ConsultantsCrypto-Ransomware has become a modern cyber pandemic that poses an existential danger for businesses poorly prepared for an assault. Versions of ransomware such as Dharma, Fusob, Bad Rabbit, Syskey and MongoLock cryptoworms have been around for years and still inflict harm. Newer versions of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Snatch and Egregor, plus more as yet unnamed viruses, not only encrypt on-line data files but also infiltrate all configured system protection mechanisms. Files synched to off-premises disaster recovery sites can also be rendered useless. In a poorly designed data protection solution, it can make automated restoration impossible and effectively sets the datacenter back to zero.

Getting back services and information after a crypto-ransomware intrusion becomes a sprint against the clock as the victim struggles to stop lateral movement, cleanup the virus, and resume mission-critical operations. Since crypto-ransomware takes time to spread throughout a targeted network, penetrations are frequently launched on weekends, when successful attacks typically take more time to recognize. This compounds the difficulty of quickly mobilizing and coordinating an experienced response team.

Progent makes available a variety of solutions for securing Miami Beach organizations from crypto-ransomware events. Among these are staff training to help identify and not fall victim to phishing exploits, ProSight Active Security Monitoring (ASM) for endpoint detection and response using SentinelOne's behavior-based threat defense to discover and suppress zero-day malware attacks. Progent also provides the services of experienced ransomware recovery engineers with the track record and commitment to re-deploy a compromised network as quickly as possible.

Progent's Ransomware Restoration Help
Following a crypto-ransomware invasion, sending the ransom in cryptocurrency does not ensure that criminal gangs will provide the needed keys to unencrypt any of your files. Kaspersky Labs estimated that seventeen percent of crypto-ransomware victims never recovered their data after having paid the ransom, resulting in increased losses. The gamble is also costly. Ryuk ransoms are often several hundred thousand dollars. For larger organizations, the ransom can reach millions of dollars. The alternative is to setup from scratch the critical components of your Information Technology environment. Without the availability of essential system backups, this requires a broad complement of skill sets, professional team management, and the capability to work non-stop until the task is finished.

For twenty years, Progent has provided professional IT services for companies across the U.S. and has achieved Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts (SMEs) includes consultants who have been awarded top industry certifications in leading technologies such as Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security specialists have earned internationally-renowned industry certifications including CISM, CISSP-ISSAP, ISACA CRISC, SANS GIAC, and CMMC 2.0. (See Progent's certifications). Progent also has expertise with accounting and ERP applications. This breadth of expertise gives Progent the capability to knowledgably identify critical systems and organize the surviving pieces of your computer network environment after a ransomware attack and assemble them into a functioning network.

Progent's security group uses state-of-the-art project management systems to orchestrate the complex restoration process. Progent knows the importance of working rapidly and in unison with a customer's management and IT staff to prioritize tasks and to put key systems back on-line as fast as humanly possible.

Customer Story: A Successful Crypto-Ransomware Penetration Response
A client contacted Progent after their network system was penetrated by Ryuk crypto-ransomware. Ryuk is generally considered to have been launched by North Korean state sponsored criminal gangs, possibly adopting techniques leaked from the U.S. NSA organization. Ryuk seeks specific companies with little or no tolerance for disruption and is one of the most lucrative instances of ransomware malware. High publicized organizations include Data Resolution, a California-based info warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a regional manufacturing company based in the Chicago metro area with about 500 staff members. The Ryuk intrusion had disabled all business operations and manufacturing processes. Most of the client's backups had been online at the beginning of the intrusion and were damaged. The client was pursuing financing for paying the ransom demand (exceeding $200,000) and wishfully thinking for the best, but ultimately brought in Progent.


"I can't speak enough in regards to the care Progent gave us during the most fearful period of (our) company's survival. We may have had to pay the Hackers except for the confidence the Progent group afforded us. The fact that you were able to get our messaging and production servers back into operation sooner than one week was something I thought impossible. Every single consultant I interacted with or communicated with at Progent was urgently focused on getting us working again and was working 24 by 7 on our behalf."

Progent worked hand in hand the client to rapidly understand and assign priority to the key systems that had to be addressed to make it possible to continue company operations:

  • Active Directory (AD)
  • Email
  • MRP System
To get going, Progent adhered to ransomware event response best practices by halting lateral movement and clearing infected systems. Progent then began the steps of rebuilding Microsoft Active Directory, the key technology of enterprise environments built on Microsoft technology. Exchange messaging will not operate without Windows AD, and the businesses' MRP software leveraged Microsoft SQL Server, which requires Active Directory services for access to the databases.

Within 48 hours, Progent was able to recover Windows Active Directory to its pre-virus state. Progent then accomplished reinstallations and storage recovery on critical systems. All Exchange schema and configuration information were intact, which facilitated the rebuild of Exchange. Progent was able to locate non-encrypted OST data files (Outlook Off-Line Folder Files) on staff desktop computers in order to recover email information. A not too old off-line backup of the customer's financials/MRP systems made it possible to restore these required applications back online. Although a large amount of work was left to recover completely from the Ryuk virus, essential systems were recovered quickly:


"For the most part, the production line operation ran fairly normal throughout and we delivered all customer sales."

Throughout the following month critical milestones in the restoration process were completed in tight cooperation between Progent team members and the client:

  • Self-hosted web applications were brought back up without losing any information.
  • The MailStore Microsoft Exchange Server with over four million archived emails was spun up and available for users.
  • CRM/Customer Orders/Invoicing/Accounts Payable (AP)/AR/Inventory Control capabilities were 100 percent recovered.
  • A new Palo Alto Networks 850 security appliance was set up.
  • Nearly all of the user desktops were being used by staff.

"A huge amount of what occurred in the early hours is nearly entirely a blur for me, but my team will not soon forget the dedication all of your team accomplished to give us our business back. I have been working with Progent for the past ten years, maybe more, and every time Progent has impressed me and delivered. This time was no exception but maybe more Herculean."

Conclusion
A potential business-killing catastrophe was dodged through the efforts of hard-working experts, a wide array of knowledge, and close collaboration. Although in hindsight the crypto-ransomware virus attack described here could have been identified and prevented with up-to-date security technology solutions and security best practices, user education, and appropriate incident response procedures for information protection and keeping systems up to date with security patches, the fact remains that state-sponsored cyber criminals from Russia, China and elsewhere are tireless and will continue. If you do fall victim to a ransomware incident, feel confident that Progent's team of professionals has proven experience in ransomware virus blocking, cleanup, and information systems disaster recovery.


"So, to Darrin, Matt, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others that were involved), I'm grateful for letting me get some sleep after we made it through the first week. Everyone did an fabulous job, and if any of your guys is in the Chicago area, dinner is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this ransomware incident report, click:
Progent's Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Services in Miami Beach
For ransomware system recovery services in the Miami Beach metro area, phone Progent at 800-462-8800 or see Contact Progent.



An index of content::

  • 24 Hour Miami Beach, FL Network Management Miami Beach Network Support Consultants

  • Remote Workers Collaboration Online Support Services
    Support Outsourcing Remote Employees Collaboration

    Progent can assist small and medium-size businesses to implement collaboration applications to make it easy for their at-home employees to engage in productive interaction with fellow workers and clients.

  • Miami Beach FL Miami Beach Phobos Crypto-Ransomware Mitigation
  • 24/7 24/7 Miami Beach Crypto Cleanup Miami Beach Miami Beach NotPetya Crypto-Ransomware Repair Miami Beach Florida, USA

  • SentinelOne Ransomware Rollback Consultants
    SentinelOne Endpoint Protection Specialist

    Progent is a dealer and integrator for SentinelOne's Singularity product family, a subscription-based, cloud-centric threat management platform that incorporates machine learning technology and advanced services to provide cutting-edge endpoint detection and response (EDR).

  • Top Miami Beach Locky Ransomware Remediation Miami Beach FL
  • At Home Workers Consultants nearby Miami Beach - Integration Expertise Miami Beach, FL Miami Beach Work at Home Employees Infrastructure Guidance Miami Beach Florida
  • At Home Workforce Miami Beach Guidance - Help Desk Call Center Augmentation Consulting and Support Services Miami Beach Remote Workforce Miami Beach Assistance - Help Desk Call Center Outsourcing Assistance Miami Beach FL

  • Microsoft 365 Excel and SQL Server Technology Professional
    Training Professional Microsoft Excel

    Progent's Microsoft-certified Excel and Office 365 Excel consultants offer a broad variety of online services to assist your organization to plan, develop, test, install, administer, and debug applications powered by any release of Excel, including Excel Online and Office 365 Excel. Progent can help you to migrate your existing Excel applications to the latest versions of Excel, integrate Excel with iOS-based iPhones and iPads and Android smartphones and tablets, and identify and fix compatibility problems between different releases of Excel. Progent can provide as-needed help to clients looking for a quick solution to a stubborn problem associated with Excel and Progent can also provide full project management services for migrating or creating mission-critical application software based on Excel. Progent's affordable online training for Excel can be customized to address the needs of individual users or groups.

  • Best Windows 8.1 Training Help and Support Consultants Microsoft Windows 8.1

  • Urgent Enterprise hybrid cloud solutions Professional
    Top Multiple cloud management Consultant

    Progent can assist you to design and administer hybrid ecosystems that can include Windows and Linux systems and applications in both cloud-only solutions or in hybrid architectures that seamlessly combine physical resources as well as one or more cloud services. To assist you to integrate public clouds with networks, Progent can provide a variety of cloud migration support services such as Azure hybrid cloud planning and integration consulting, Amazon Web Services (AWS) cloud integration, and Amazon Web Marketing Service development and debugging. Progent has 20 years of background delivering high-level consulting services online, and Progent can make sure you successfully carry out your cloud integration initiatives on schedule and affordably.

  • Computer Consultation Cisco Miami Beach Florida Miami Beach FL Installer Cisco
  • Computer Support For Small Offices FreeBSD Solaris Computer Network Providers
  • Consultancy Ubiquiti UniFi access point Consultant Services Ubiquiti UniFi Controller management
  • Consulting Support for Miami Beach IT Support Providers Miami Beach, FL 24x7 Specialists for Network Service Organizations near Miami Beach - Short-Term IT Support Help Miami Beach
  • IT Staffing Temps for Computer Support Teams Miami Beach Temporary Staffing Support Services Consulting Miami Beach, Florida
  • Immediate Miami Beach Lockbit Crypto-Ransomware System-Rebuild Miami Beach Miami Beach Miami Beach Egregor Crypto-Ransomware Business Recovery
  • Immediate Offsite Workforce Consulting Experts nearby Miami Beach - Security Systems Consulting and Support Services Miami Beach, Florida Best Miami Beach At Home Workforce Security Solutions Consulting and Support Services Miami Beach, Florida
  • Miami Beach At Home Workers Video Conferencing Systems Expertise Miami Beach, FL Miami Beach, FL Miami Beach Work from Home Employees Voice/Video Conferencing Systems Assistance
  • Miami Beach Nephilim Ransomware Restoration Miami Beach, Florida
  • Miami Beach Conti Ransomware Data-Recovery Miami Beach Miami Beach, Florida Miami Beach Lockbit Ransomware File-Recovery
  • Miami Beach Dharma Ransomware Forensics Miami Beach, Florida, USA Miami Beach DopplePaymer Crypto-Ransomware Forensics Investigation Miami Beach FL
  • Miami Beach FL BlackBerry Redirector Problem Resolution BlackBerry Desktop Manager Service Provider Miami Beach
  • Miami Beach Florida Microsoft SharePoint Server 2010 On-site Technical Support Microsoft SharePoint Server Configuration Miami Beach, FL
  • Miami Beach Locky Ransomware Cleanup Miami Beach Miami Beach Crypto-Ransomware Assault Remediation Miami Beach, Florida
  • Miami Beach Miami Beach MS Dynamics GP (Great Plains) Upgrade Consultants Top Quality Miami Beach Microsoft Dynamics GP (Great Plains) Migration Expert Miami Beach

  • 24-7 NetDocuments ndOffice Specialists
    NetDocuments ndOffice Engineer

    NetDocuments (NetDocs) is a cloud-based document management system (DMS) designed specifically for law practices. Progent offers remote access to NetDocuments consultants to help your law firm to design, deploy, administer, tune, or debug a document management system solution based on NetDocs.

  • Miami Beach Ransomware Ryuk Preparedness Review Miami Beach Crypto-Ransomware Spora Susceptibility Consultation Miami Beach
  • Miami Beach Remote Workforce VoIP Systems Consulting Miami Beach, Florida, America At Home Workforce Consulting and Support Services nearby Miami Beach - IP Voice Solutions Assistance Miami Beach, Florida

  • Windows Server 2022 Hybrid Configuration Computer Consultants
    Computer Consulting Windows Server 2022 and SCOM

    Progent's certified Windows Server 2022 consultants can help your organization to design and carry out an efficient upgrade to Windows Server 2022 using a self-hosted deployment architecture or a hybrid model that integrates cloud-hosted Windows Server Online with a datacenter-based implementation of Windows Server 2022.

  • Miami Beach Ryuk Ransomware Settlement Support Miami Beach Florida Miami Beach Hermes Ransomware Settlement Negotiation Help Miami Beach FL
  • Miami Beach Telecommuters Cloud Integration Technology Consulting and Support Services Miami Beach Florida Miami Beach, Florida Miami Beach At Home Workforce Cloud Technology Consulting Experts
  • Miami Beach, Florida At Home Workforce Miami Beach Consulting Services - Management Tools Expertise Top Miami Beach Telecommuters Endpoint Management Solutions Assistance Miami Beach Florida

  • Colocation Center Engineer
    IT Consulting Internet Data Center

    Colocation data centers make it possible for companies to share enterprise-class facilities for hosting network equipment that runs critical applications and services. Progent's Microsoft and Cisco premier IT experts can assist your company with all aspects of your colocation strategy such as selecting and migrating to a colo facility, creating network topology, specifying required equipment, on-site and on-line maintenance, establishing remote system administration, and education your IT personnel.

  • Miami Beach, Florida Networking Organization Miami Beach, FL Network Help
  • Miami Beach, Florida SQL Server 2019 Networking Services Miami Beach FL 24-Hour Microsoft SQL Server 2016 Software Consulting Firm
  • Microsoft Exchange 2010 Security Consulting Firm Miami Beach Exchange Consulting Companies Miami Beach Florida
  • Network Consulting Mandrake Linux, Solaris, UNIX Miami Beach FL Network Engineer Suse Linux, Sun Solaris, UNIX Miami Beach, FL
  • On-Call Services Windows 2008 Server Miami Beach Windows Consulting Company Miami Beach, Florida
  • Ryuk Ransomware Hot Line Miami Beach FL Dharma Ransomware Hot Line Miami Beach
  • Miami Beach Ransomware Recovery Miami Beach
  • Security Forensics Services Miami Beach Security Network Consultants Miami Beach FL
  • Urgent Miami Beach Remote Workers Backup/Restore Solutions Expertise Miami Beach FL After Hours Miami Beach Remote Workforce Data Protection Technology Guidance Miami Beach Florida
  • Urgent Miami Beach Telecommuters Connectivity Guidance Miami Beach, FL At Home Workforce Expertise - Miami Beach - Integration Consulting Services Miami Beach, United States
  • Miami Beach NotPetya Ransomware File-Recovery Miami Beach, Florida
  • Work at Home Employees Miami Beach Assistance - Collaboration Technology Consulting Experts Offsite Workforce Consulting Experts near me in Miami Beach - Collaboration Solutions Consulting Miami Beach FL, United States

  • © 2002-2025 Progent Corporation. All rights reserved.