Ransomware : Your Worst Information Technology Disaster
Crypto-Ransomware  Recovery ExpertsCrypto-Ransomware has become a modern cyberplague that represents an existential threat for organizations poorly prepared for an attack. Versions of crypto-ransomware such as CrySIS, CryptoWall, Bad Rabbit, Syskey and MongoLock cryptoworms have been out in the wild for many years and still cause damage. Newer variants of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Conti and Egregor, as well as additional as yet unnamed newcomers, not only encrypt online data but also infiltrate all configured system backups. Data replicated to the cloud can also be ransomed. In a vulnerable system, it can render automated recovery impossible and basically sets the network back to square one.

Recovering applications and information following a crypto-ransomware outage becomes a race against the clock as the targeted business struggles to contain and remove the crypto-ransomware and to restore mission-critical operations. Since crypto-ransomware requires time to move laterally, penetrations are usually launched on weekends and holidays, when penetrations are likely to take more time to uncover. This multiplies the difficulty of promptly marshalling and coordinating a knowledgeable response team.

Progent provides a range of support services for protecting Miami Beach enterprises from ransomware events. Among these are team training to help recognize and avoid phishing attempts, ProSight Active Security Monitoring for endpoint detection and response using SentinelOne's AI-based cyberthreat defense to identify and suppress zero-day modern malware assaults. Progent in addition provides the assistance of experienced ransomware recovery professionals with the track record and commitment to reconstruct a breached system as urgently as possible.

Progent's Crypto-Ransomware Recovery Support Services
Soon after a ransomware penetration, even paying the ransom demands in Bitcoin cryptocurrency does not ensure that criminal gangs will respond with the codes to decipher any of your files. Kaspersky determined that 17% of ransomware victims never recovered their information after having paid the ransom, resulting in increased losses. The risk is also costly. Ryuk ransoms commonly range from fifteen to forty BTC ($120,000 and $400,000). This is significantly higher than the average ransomware demands, which ZDNET determined to be around $13,000 for smaller organizations. The alternative is to re-install the mission-critical elements of your Information Technology environment. Without access to full system backups, this requires a broad complement of skills, top notch project management, and the capability to work continuously until the task is completed.

For twenty years, Progent has provided expert IT services for businesses across the U.S. and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts (SMEs) includes professionals who have earned advanced industry certifications in leading technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security consultants have earned internationally-recognized industry certifications including CISM, CISSP-ISSAP, CRISC, and GIAC. (Refer to Progent's certifications). Progent also has experience with financial management and ERP software solutions. This breadth of expertise provides Progent the capability to quickly identify necessary systems and re-organize the remaining components of your network system after a ransomware event and configure them into a functioning system.

Progent's security group utilizes state-of-the-art project management systems to orchestrate the complex recovery process. Progent knows the importance of acting swiftly and in concert with a client's management and IT staff to prioritize tasks and to put critical applications back on-line as fast as possible.

Client Case Study: A Successful Ransomware Intrusion Restoration
A customer escalated to Progent after their network was crashed by Ryuk ransomware. Ryuk is believed to have been developed by North Korean state cybercriminals, possibly using technology leaked from the United States National Security Agency. Ryuk seeks specific businesses with little or no tolerance for disruption and is one of the most profitable iterations of ransomware viruses. Headline targets include Data Resolution, a California-based data warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a regional manufacturing company located in Chicago with around 500 staff members. The Ryuk event had frozen all essential operations and manufacturing capabilities. Most of the client's data protection had been directly accessible at the beginning of the intrusion and were destroyed. The client was pursuing financing for paying the ransom (exceeding $200,000) and praying for the best, but in the end made the decision to use Progent.


"I cannot thank you enough about the support Progent gave us throughout the most critical time of (our) company's life. We would have paid the cyber criminals if it wasn't for the confidence the Progent group provided us. That you could get our messaging and key applications back sooner than five days was beyond my wildest dreams. Every single expert I interacted with or e-mailed at Progent was urgently focused on getting my company operational and was working all day and night to bail us out."

Progent worked together with the client to quickly assess and prioritize the critical services that had to be addressed to make it possible to continue business functions:

  • Microsoft Active Directory
  • Exchange Server
  • Accounting/MRP
To begin, Progent followed ransomware event mitigation industry best practices by halting the spread and cleaning systems of viruses. Progent then initiated the work of rebuilding Microsoft Active Directory, the core of enterprise networks built upon Microsoft Windows technology. Microsoft Exchange Server email will not function without Windows AD, and the client's MRP software used SQL Server, which requires Active Directory for authentication to the information.

Within 48 hours, Progent was able to recover Active Directory services to its pre-attack state. Progent then initiated reinstallations and storage recovery on needed systems. All Microsoft Exchange Server data and attributes were intact, which greatly helped the rebuild of Exchange. Progent was able to collect local OST files (Outlook Off-Line Folder Files) on staff workstations and laptops in order to recover email messages. A not too old offline backup of the customer's accounting systems made it possible to recover these required programs back available to users. Although a large amount of work needed to be completed to recover fully from the Ryuk event, essential services were recovered rapidly:


"For the most part, the assembly line operation did not miss a beat and we produced all customer sales."

Throughout the next month critical milestones in the recovery project were achieved through tight collaboration between Progent team members and the customer:

  • In-house web applications were restored without losing any data.
  • The MailStore Exchange Server with over four million historical messages was restored to operations and available for users.
  • CRM/Product Ordering/Invoicing/AP/AR/Inventory functions were 100 percent operational.
  • A new Palo Alto Networks 850 security appliance was installed and configured.
  • 90% of the user desktops were being used by staff.

"So much of what occurred in the initial days is nearly entirely a blur for me, but I will not soon forget the countless hours all of the team put in to help get our business back. I've utilized Progent for the past ten years, maybe more, and every time I needed help Progent has impressed me and delivered as promised. This event was a stunning achievement."

Conclusion
A probable business-ending disaster was averted through the efforts of hard-working professionals, a wide spectrum of knowledge, and close collaboration. Although in hindsight the ransomware penetration described here should have been identified and disabled with modern cyber security technology solutions and security best practices, user and IT administrator education, and properly executed incident response procedures for information backup and proper patching controls, the fact remains that government-sponsored hackers from China, North Korea and elsewhere are tireless and are an ongoing threat. If you do fall victim to a crypto-ransomware penetration, feel confident that Progent's team of professionals has extensive experience in crypto-ransomware virus blocking, mitigation, and file recovery.


"So, to Darrin, Matt, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (along with others that were helping), I'm grateful for allowing me to get rested after we made it past the first week. All of you did an amazing job, and if anyone is around the Chicago area, a great meal is the least I can do!"

Download the Ransomware Removal Case Study Datasheet
To review or download a PDF version of this customer story, please click:
Progent's Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Recovery Services in Miami Beach
For ransomware system restoration consulting services in the Miami Beach area, phone Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24/7 Miami Beach, Florida Network Providers Outsource Miami Beach
  • 24x7 Cisco Outsource IT Miami Beach, Florida Best Specialists Cisco Miami Beach FL
  • At Home Workers Miami Beach Consulting and Support Services - Backup/Restore Solutions Expertise Miami Beach Telecommuters Miami Beach Consultants - Data Protection Systems Consultants Miami Beach, FL

  • Technology Professional Remote Server Management
    After Hours Aten IP9001 Consultancy

    Remote server management cards give IT managers full control over a server without the need for an on-site visit. Through remote server management cards, all console screen data plus keyboard and mouse operations are exported to a remote session to a support expert who can be located anywhere in the world. Progent's Microsoft and Cisco authorized consultants can assist you to plan, implement, and manage a fault-tolerant business network that includes remote server management cards and Progent can utilize these remote management cards to deliver efficient remote technical support. Progent is familiar with a number of remote server management cards including Aten IP9001 remote server management cards, American Megatrends remote server management cards, Dell remote server management cards, HP Lights-Out 100c remote management cards, and Peppercon remote server management cards.

  • At Home Workforce Guidance nearby Miami Beach - Support Guidance Miami Beach Work at Home Employees Consulting Services - Miami Beach - Support Assistance Miami Beach, FL
  • Biggest Security Security Auditing Miami Beach Florida CISSP Network Consultant
  • Miami Beach Sodinokibi Crypto-Ransomware Operational-Recovery Miami Beach
  • BlackBerry BPS Onsite Technical Support Miami Beach, FL BlackBerry Email Small Office Computer Consultants Miami Beach Florida, United States

  • Spora ransomware hot line Consultancy
    LockBit ransomware hot line Consulting

    Progent's Ransomware Hot Line provides 24x7 access to a proven ransomware recovery consultant who can assist you to halt the spread of an ongoing ransomware attack. Call 800-462-8800

  • Cisco Virtual Private Network Network Consultant Cisco Virtual Private Network Technical Support
  • Consulting BlackBerry Desktop Manager Consulting Services BlackBerry Redirector
  • Conti Ransomware Hot Line Miami Beach Ransomware Removal and Data Restore Miami Beach
  • Top Rated Miami Beach Locky Ransomware Repair Miami Beach Florida
  • CryptoLocker Removal Services Miami Beach, USA Miami Beach CryptoLocker Recovery Support Services Miami Beach
  • Miami Beach Florida, United States Award Winning Miami Beach Snatch Ransomware Operational-Recovery
  • Desktop Help Center Expert Microsoft Certified Desktop Software Consulting
  • Immediate Miami Beach Small Office IT Outsourcing Miami Beach, Florida Technical Consulting

  • Help Desk Sharing Cost Savings Consultant Services
    24/7 Computer Consulting Help Desk Sharing Cost Savings

    Progent's Help Desk Call Center management and co-management services help businesses to save money and increase productivity.

  • Implementation EMail Virus Microsoft Exchange 2019 Server Tech Support For Small Business
  • Meraki 802.11ac AP Migration Integration Services Top Ranked Support and Setup Meraki Traffic Shaping
  • Miami Beach At Home Workers Cloud Systems Expertise Miami Beach FL Teleworkers Consulting Services in Miami Beach - Cloud Systems Consulting Miami Beach, FL
  • Miami Beach Avaddon Crypto-Ransomware Operational Recovery Miami Beach, FL, America Miami Beach Miami Beach Conti Ransomware Data-Recovery
  • Miami Beach Crypto-Ransomware Egregor Preparedness Audit Miami Beach Miami Beach 24x7x365 Miami Beach Ransomware Virus Preparedness Audit
  • Miami Beach Dharma Crypto-Ransomware Settlement Consulting Miami Beach, Florida Miami Beach Florida 24/7/365 Miami Beach Netwalker Crypto-Ransomware Settlement Negotiation Guidance
  • Miami Beach Egregor Ransomware Forensics Investigation Miami Beach Miami Beach NotPetya Ransomware Forensics Investigation
  • Miami Beach FL, United States Open Now Debian Linux, Sun Solaris, UNIX Remote Troubleshooting Debian Linux, Sun Solaris, UNIX Consulting Miami Beach, Florida

  • High Availability Data Centers Consult
    Cisco and Microsoft Internet Data Center Technology Professional

    Progent's Data Center engineers can help you select high availability data centers that match the specific requirements of your company. High availability co-location sites are especially appealing to small businesses due to of their affordability and convenience in comparison to pursuing a do-it-yourself approach. Trying to create an on-site data center that offers even a basic degree of fault tolerance is financially prohibitive for typical small businesses. Progent is ready to help you get all the benefits of high availability data centers and fault tolerant colo sites by providing a complete array of consulting and support services.

  • Top Miami Beach Lockbit Crypto-Ransomware Data-Recovery Miami Beach
  • Miami Beach Miami Beach Ransomware Cleanup Miami Beach Egregor Ransomware Operational-Recovery
  • Miami Beach Microsoft Dynamics GP Customization Help Miami Beach, FL After Hours MS Dynamics GP Premier Partner - Miami Beach - Implementation Help
  • Biggest Miami Beach Nephilim Ransomware Mitigation Miami Beach
  • Miami Beach NotPetya Crypto-Ransomware Repair Miami Beach Locky Ransomware System-Restoration Miami Beach
  • Miami Beach Remote Workers Management Tools Expertise Offsite Workforce Miami Beach Guidance - Endpoint Management Systems Consulting Experts Miami Beach Florida
  • Miami Beach SharePoint 2013 Troubleshooting SharePoint Troubleshooting Miami Beach FL
  • Miami Beach, USA Miami Beach Teleworkers VoIP Technology Consulting Experts Remote Workforce Assistance near me in Miami Beach - VoIP Technology Expertise Miami Beach, Florida
  • Microsoft Exchange Server 2007 Tech Consultant Miami Beach Install Exchange 2010 Server Miami Beach FL
  • Microsoft Exchange Server 2010 Migration IT Services Exchange 2010 Configuration Online Help
  • 24-Hour Miami Beach Dharma Crypto-Ransomware System-Restore Miami Beach, FL
  • Offsite Workforce Miami Beach Assistance - Voice/Video Conferencing Solutions Expertise Miami Beach Miami Beach Remote Workforce Conferencing Solutions Assistance Miami Beach
  • Open Now Miami Beach Consultants for Network Service Organizations Miami Beach Miami Beach Consultants for Computer Support Providers Miami Beach
  • Remote Workforce Miami Beach Consulting - Network Security Solutions Consultants Miami Beach, Florida Work at Home Employees Miami Beach Consulting - Endpoint Security Solutions Consulting Experts Miami Beach FL
  • SQL 2014 Tech Support Outsource Miami Beach, FL Microsoft SQL Server 2017 Security Consulting Company Miami Beach, Florida
  • Small Business IT Outsourcing Services Cisco Planning Cisco Remote Access Small Business IT Consulting Firm
  • Telecommuters Consulting Experts nearby Miami Beach - Help Desk Outsourcing Consultants Miami Beach Work at Home Employees Consulting near me in Miami Beach - Call Desk Outsourcing Consulting and Support Services Miami Beach
  • Teleworkers Consulting and Support Services near Miami Beach - Collaboration Systems Consulting Miami Beach Remote Workforce Miami Beach Assistance - Collaboration Systems Guidance Miami Beach
  • Teleworkers Consulting nearby Miami Beach - Setup Consulting Miami Beach At Home Workers Consultants nearby Miami Beach - Setup Assistance Miami Beach, United States
  • Temporary Network Support Staffing Support Consulting Support Miami Beach IT Staffing for IT Service Teams Miami Beach
  • Urgent On-site Support Exchange 2016 Mailbox migration Exchange Server 2016 Upgrade Technology Consulting
  • Windows 2019 Server Data Recovery Miami Beach Computer Consultancy Firm Windows Server 2016 Miami Beach, Florida

  • © 2002-2022 Progent Corporation. All rights reserved.