Ransomware : Your Crippling IT Nightmare
Ransomware  Recovery ConsultantsRansomware has become a modern cyber pandemic that poses an enterprise-level threat for organizations unprepared for an assault. Different versions of crypto-ransomware such as Reveton, WannaCry, Locky, SamSam and MongoLock cryptoworms have been running rampant for years and continue to cause harm. More recent strains of ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, Snatch and Nephilim, as well as more as yet unnamed newcomers, not only encrypt on-line data but also infiltrate most configured system protection mechanisms. Information synched to the cloud can also be encrypted. In a poorly architected system, it can render automated recovery impossible and effectively knocks the entire system back to square one.

Restoring applications and data after a ransomware outage becomes a race against the clock as the targeted organization fights to contain and cleanup the crypto-ransomware and to restore mission-critical activity. Due to the fact that ransomware requires time to spread, assaults are often launched on weekends, when attacks typically take longer to recognize. This compounds the difficulty of quickly assembling and orchestrating a qualified mitigation team.

Progent provides an assortment of services for protecting Lower Manhattan enterprises from crypto-ransomware events. Among these are staff education to help recognize and avoid phishing attempts, ProSight Active Security Monitoring (ASM) for endpoint detection and response (EDR) using SentinelOne's AI-based cyberthreat protection to discover and suppress zero-day modern malware assaults. Progent also offers the services of experienced crypto-ransomware recovery engineers with the track record and commitment to re-deploy a breached environment as quickly as possible.

Progent's Ransomware Recovery Support Services
Subsequent to a crypto-ransomware attack, even paying the ransom in cryptocurrency does not guarantee that criminal gangs will provide the needed keys to decrypt all your information. Kaspersky estimated that seventeen percent of ransomware victims never restored their files after having sent off the ransom, resulting in more losses. The risk is also expensive. Ryuk ransoms frequently range from fifteen to forty BTC ($120,000 and $400,000). This is significantly above the typical ransomware demands, which ZDNET estimated to be in the range of $13,000 for small organizations. The other path is to setup from scratch the key elements of your Information Technology environment. Absent access to full data backups, this calls for a broad complement of IT skills, top notch project management, and the ability to work continuously until the recovery project is finished.

For twenty years, Progent has provided certified expert IT services for companies throughout the US and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes consultants who have attained top industry certifications in important technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity specialists have earned internationally-renowned industry certifications including CISM, CISSP-ISSAP, ISACA CRISC, and GIAC. (Visit Progent's certifications). Progent also has expertise in accounting and ERP application software. This breadth of experience gives Progent the skills to efficiently identify critical systems and organize the remaining components of your Information Technology system following a ransomware penetration and rebuild them into a functioning network.

Progent's ransomware group deploys state-of-the-art project management applications to coordinate the complex recovery process. Progent knows the urgency of working quickly and in concert with a client's management and IT resources to prioritize tasks and to get the most important systems back on-line as fast as humanly possible.

Business Case Study: A Successful Crypto-Ransomware Attack Response
A client engaged Progent after their organization was penetrated by Ryuk ransomware virus. Ryuk is believed to have been deployed by North Korean government sponsored hackers, possibly adopting approaches exposed from America's NSA organization. Ryuk attacks specific businesses with little or no tolerance for operational disruption and is one of the most lucrative incarnations of ransomware. Well Known victims include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a regional manufacturer located in Chicago with about 500 workers. The Ryuk penetration had paralyzed all essential operations and manufacturing processes. The majority of the client's data protection had been online at the time of the intrusion and were encrypted. The client was pursuing financing for paying the ransom demand (in excess of $200,000) and wishfully thinking for the best, but ultimately engaged Progent.

"I cannot thank you enough in regards to the expertise Progent provided us throughout the most stressful period of (our) company's existence. We had little choice but to pay the hackers behind this attack except for the confidence the Progent group provided us. That you were able to get our e-mail and essential servers back into operation quicker than 1 week was something I thought impossible. Every single staff member I interacted with or messaged at Progent was urgently focused on getting us restored and was working all day and night on our behalf."

Progent worked with the client to rapidly determine and prioritize the key systems that needed to be addressed in order to continue company functions:

  • Active Directory (AD)
  • E-Mail
  • Accounting and Manufacturing Software
To begin, Progent followed ransomware penetration response best practices by stopping lateral movement and removing active viruses. Progent then began the steps of restoring Windows Active Directory, the core of enterprise environments built upon Microsoft technology. Microsoft Exchange messaging will not work without Active Directory, and the customer's financials and MRP system used Microsoft SQL Server, which needs Active Directory for authentication to the data.

In less than 48 hours, Progent was able to restore Windows Active Directory to its pre-attack state. Progent then accomplished rebuilding and hard drive recovery on the most important servers. All Exchange Server schema and configuration information were intact, which accelerated the restore of Exchange. Progent was able to collect intact OST data files (Microsoft Outlook Off-Line Data Files) on user PCs and laptops to recover email messages. A recent offline backup of the client's manufacturing systems made it possible to restore these essential programs back servicing users. Although significant work needed to be completed to recover completely from the Ryuk damage, the most important services were recovered rapidly:

"For the most part, the production operation never missed a beat and we did not miss any customer deliverables."

Throughout the following few weeks important milestones in the recovery process were made in tight cooperation between Progent consultants and the client:

  • In-house web sites were restored without losing any information.
  • The MailStore Server with over 4 million archived messages was restored to operations and available for users.
  • CRM/Product Ordering/Invoicing/AP/Accounts Receivables (AR)/Inventory functions were 100% functional.
  • A new Palo Alto 850 firewall was set up and programmed.
  • Most of the user desktops were back into operation.

"A huge amount of what was accomplished in the initial days is mostly a blur for me, but our team will not soon forget the commitment all of you accomplished to give us our company back. I've been working together with Progent for the past 10 years, maybe more, and every time I needed help Progent has outperformed my expectations and delivered as promised. This event was a life saver."

A possible business catastrophe was avoided due to dedicated experts, a broad array of technical expertise, and close collaboration. Although in retrospect the crypto-ransomware virus penetration described here could have been prevented with current security solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, team education, and well designed security procedures for data protection and applying software patches, the fact remains that state-sponsored cybercriminals from China, Russia, North Korea and elsewhere are tireless and will continue. If you do get hit by a ransomware virus, remember that Progent's team of professionals has proven experience in ransomware virus blocking, cleanup, and data restoration.

"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were helping), I'm grateful for letting me get rested after we made it over the first week. All of you did an incredible effort, and if any of your team is visiting the Chicago area, a great meal is the least I can do!"

Download the Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this customer story, click:
Progent's Ryuk Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Restoration Expertise in Lower Manhattan
For ransomware recovery services in the Lower Manhattan metro area, call Progent at 800-462-8800 or see Contact Progent.

An index of content::

  • 24-7 Technical Consultant Gentoo Linux, Sun Solaris, UNIX Downtown Manhattan-East Village, NY Downtown Manhattan, NY Fedora Linux, Sun Solaris, UNIX Consultant
  • At Home Workforce Consulting nearby Lower Manhattan - Connectivity Solutions Consultants NYC-Downtown, New York Work at Home Employees Lower Manhattan Consultants - Set up Consulting Services
  • BlackBerry BES Server Network Admin Companies New York City-SoHo, America Urgent Computer Support Consultant BlackBerry Smartphone Manhattan-East Village, New York
  • CISA Certified Security Expert 64-bit Migration Consultant Services 24x7 Consulting 64-bit Migration
  • CISM Security Security Microsoft Windows 7 Evaluation Support and Help Support and Integration Windows 7 Training

  • ISSAP Certified Security Services
    ISSAP Information systems Security Outsourcing

    Progent's ISSAP Premier security consultants, or Information Systems Security Architecture Professionals, are consultants who have earned ISSAP status as a result of rigorous examination and extensive experience with network security architecture. ISSAP security experts possess in-depth understanding of access management mechanisms and methodologies, telecommunications and network security, cryptography, requirements analysis, BCP and disaster recovery, and physical security. Progent's ISSAP-certified security consultants can help your company with all aspects of architecture security.

  • Downtown Manhattan Ransomware Cryptoworm Recovery Ransomware Cleanup and Restore Manhattan-Lower Manhattan
  • Downtown Manhattan-Tribeca, America Cisco Server Setup Lower Manhattan-Downtown, New York Cisco Computer Consultancy Firms
  • Downtown Manhattan-Wall Street At Home Workforce Lower Manhattan Consulting - Management Tools Guidance New York City-Wall Street, New York Work from Home Employees Lower Manhattan Assistance - Management Tools Expertise
  • Emergency Technical Support Firm Microsoft SQL Server 2017 SQL Server Computer Network Support Companies New York City-Lower Manhattan, US
  • Engineer ransomware protection review ransomware incident response Services

  • Hybrid cloud solutions Services
    Enterprise hybrid cloud Professional

    Progent can help your IT team to plan and manage hybrid ecosystems that support Windows and Linux systems and applications in either cloud-based solutions or in hybrid topologies that combine on-premises IT assets as well as one or more public clouds. To assist you to integrate cloud services with physical datacenters, Progent offers a variety of cloud integration support services that include Microsoft Azure enterprise hybrid cloud planning and integration services, Amazon Web Services (AWS) cloud migration, and Amazon Web Marketing Service (WMS) programming and debugging. Progent has 20 years of background providing advanced consulting expertise remotely, and Progent can make sure you complete your cloud migration initiatives quickly and affordably.

  • Firepower Network Consultant ASA 5500-X Firewall with Firepower Integration Services
  • Infor SyteLine CloudSuite Implementation Consult Infor SyteLine CloudSuite Account Receivable Engineer
  • Intrusion Detection Penetration Testing Stealth Penetration Testing Computer Security Specialist
  • Live Communications Server Technical Support Consulting Services Live Communications Server
  • Lower Manhattan Crypto-Ransomware Recovery Services Lower Manhattan, New York Lower Manhattan CryptoLocker Removal Lower Manhattan, NY
  • Lower Manhattan DopplePaymer Crypto-Ransomware Settlement Consultants Lower Manhattan Ryuk Ransomware Settlement Negotiation Help New York City NY

  • VMware Cross vCenter NSX Consulting
    VMware NSX Topology Professionals

    VMware's NSX network virtualization platform enables you to create entire networks in software. NSX allows virtual networks to be provisioned instantly and administered with a high degree of automation regardless of the hardware making up the basic network infrastructure. VMware Site Recovery Manager supports automated recovery, application mobility, and non-intrusive site migration, failback and site re-protect. SRM also permits non-disruptive testing for site recovery, upgrades and patches and can generate audit reports to confirm complete service restoration, validate SLAs and prove DR compliance. When used with VMware's NSX virtual network technology, VMware SRM can quickly recover the entire logical network topology at the secondary datacenter. Progent offers the support of a VCDX certified VMware NSX consulting expert and VMware Site Recovery Manager system architect to help your organization to design, configure, test and administer a DR system based on VMware Site Recovery Manager and VMware NSX.

  • Lower Manhattan Egregor Crypto-Ransomware Forensics Investigation Downtown Manhattan-SoHo, New York Lower Manhattan Dharma Crypto-Ransomware Forensics Investigation

  • SCCMM 2016 Remote Support
    Microsoft Certified Expert System Center 2016 Orchestrator Technology Consulting Services

    System Center 2016 provides major enhancements for managing hybrid cloud networks through comprehensive integration with Windows Server 2016, Windows 10; unified management of multi-OS environments that incorporate various Linux distributions, Hyper-V and VMware; and better cloud support such as closer integration with Microsoft Intune for iPhone and Android smartphone administration plus built-in integration with Microsoft Operations Management Suite (OSM) for cloud-enhanced analytics. Progent's Microsoft-certified consulting team offers world-class online and on-premises expertise for all components of System Center 2016 including Operations Manager (SCOM), Configuration Manager, Virtual Machine Manager, Data Protection Manager, Orchestrator, and Service Manager (SCSM). Progent can help organizations of any size to plan and install a new implementation of System Center 2016, expand or tune your current one, upgrade smoothly from an earlier release of System Center, or debug your System Center environment.

  • 24/7 Lower Manhattan WannaCry Ransomware Restoration Manhattan-SoHo
  • Lower Manhattan MongoLock Ransomware System-Rebuild NYC-East Village, New York New York City-SoHo, NY Lower Manhattan Dharma Crypto-Ransomware Remediation
  • Lower Manhattan Remote Workers Conferencing Systems Consulting and Support Services Manhattan New York Teleworkers Expertise in Lower Manhattan - Conferencing Systems Expertise NYC-SoHo, New York
  • Lower Manhattan Remote Workforce Setup Consulting NYC-Lower Manhattan, NY At Home Workforce Lower Manhattan Assistance - Setup Consultants
  • Lower Manhattan Ryuk Remote Ransomware Cleanup Services Manhattan-Downtown, NY Lower Manhattan WannaCry Ransomware System-Restoration New York City, New York
  • Lower Manhattan Conti Ransomware System-Rebuild Downtown Manhattan-Tribeca
  • Lower Manhattan Spora Ransomware Business Recovery Lower Manhattan-Downtown Lower Manhattan Maze Crypto-Ransomware Data-Recovery New York City-Downtown
  • Lower Manhattan Staffing Services Downtown Manhattan-Tribeca, United States IT Staff Temps for Network Service Organizations Lower Manhattan-SoHo, New York
  • Lower Manhattan Teleworkers Cloud Systems Consulting Services New York City-Tribeca At Home Workforce Consulting Services near me in Lower Manhattan - Cloud Integration Technology Consultants NYC-SoHo
  • Open Now Lower Manhattan WannaCry Ransomware Remediation Manhattan-East Village, New York
  • Lower Manhattan, New York Software Support NYC Integration Specialists

  • Microsoft Software Update Services On-site Support
    Microsoft SUS Consultant

    Microsoft Windows SUS enables network managers to install and track the latest Microsoft patches and security updates to Windows Server 2000, Microsoft Windows Server 2003, and Windows XP platforms. By using Microsoft Windows Server Update Services, IT staff can completely and easily manage the distribution of patches that are published through Microsoft Update to servers and workstations in an organization. Progent can assist you with complex details of the initial setup of Microsoft Software Update Services such as designing the Microsoft Software Update Services deployment, configuring user's computers, establishing the Group Policy parameters, and making sure your Microsoft WSUS GPO is linked to an Active Directory container appropriate for your system environment.

  • Lower Manhattan, United States Technical Support Services Firewall Lower Manhattan-Tribeca, New York, America Firewall Security Organization
  • Manhattan-Lower Manhattan Biggest Microsoft Exchange Network Security Consultant Microsoft Exchange 2010 Computer Installation New York City-Downtown

  • Check Point Software Blade Cybersecurity Firm
    Check Point Power-1 Firewall Firewall Audit

    Progent's Check Point consultants can show you how to select and deploy Check Point Software Firewall and VPN utilities and hardware powered by Check Point Software's technology to provide an affordable and effective security solution for your corporate network. Progent can also show you how to configure other Check Point technologies such as ZoneAlarm and Check Point UTM-1 appliances with security products from other suppliers and provide a single stop for continuing technical support, administration, training, and consulting expertise.

  • Microsoft Certified Partner NYC-Lower Manhattan Network Companies After Hours Cisco and Microsoft Information Technology Outsourcing Firm Lower Manhattan
  • Microsoft Dynamics GP (Great Plains) Supplier nearby Lower Manhattan - Training Expert Lower Manhattan-SoHo Lower Manhattan Microsoft Dynamics GP (Great Plains) Customization Help Manhattan-Downtown, New York
  • NYC-Wall Street, New York Specialists for Network Support Companies near me in Lower Manhattan - Seamless Temporary Support Staff Assistance Lower Manhattan Expertise for IT Support Organizations New York City-Lower Manhattan, New York

  • SQL Server 2012 xVelocity Remote Consulting
    PowerPivot for SharePoint Specialists

    Progent can provide the expertise of certified engineers and experienced database application developers, database administrators, project managers, network infrastructure engineers, disaster recovery/business continuity specialists, and certified data security consultants to assist your business to evaluate the potential benefits of Microsoft SQL Server 2012 for your business, install pilot environments at your site or at Progent's test lab, plan and execute out an efficient transition to SQL Server 2012 from previous versions of SQL Server or from legacy RDBMS solutions, and define an efficient and secure network infrastructure that helps you maximize the strategic benefit of SQL Server 2012.

  • Offsite Workforce Assistance - Lower Manhattan - IP Voice Systems Consulting Work at Home Employees Lower Manhattan Guidance - VoIP Technology Guidance Lower Manhattan-East Village, New York
  • Offsite Workforce Consulting Experts - Lower Manhattan - Endpoint Security Systems Consulting and Support Services Manhattan New York At Home Workers Lower Manhattan Consulting - Security Systems Consulting Experts
  • Progent Small Companies Technology Support Progent Start-Up Business Small Business IT Outsourcing Firm
  • Remote Workers Consulting near me in Lower Manhattan - Collaboration Technology Consulting Experts Manhattan NYC-Wall Street, NY, United States Lower Manhattan Teleworkers Collaboration Solutions Expertise

  • 24-Hour Windows Server 2022 Security and Compliance Online Troubleshooting
    Remote Microsoft Experts Online Consulting Windows Server 2022 Cybersecurity

    Progent's Microsoft Gold-certified Windows Server 2022 consultants can assist your organization to plan and carry out an efficient upgrade to Windows Server 2022 using an on-premises network architecture or a hybrid deployment model that combines cloud-based Windows Server Online with a datacenter-based installation of Windows Server 2022.

  • Lower Manhattan Locky Crypto-Ransomware Removal Lower Manhattan-Wall Street, NY
  • Senior Network Engineer Contract Microsoft Certified Subcontractor Job
  • SharePoint Server 2013 Outsourcing NYC-Tribeca, New York, America Microsoft SharePoint Server On-site Support Downtown Manhattan-SoHo, New York
  • Small Business IT Outsourcing Article IT Outsourcing Examples White Papers

  • virtual application delivery Consulting Services
    virtual application delivery Technology Professional

    Citrix offers a comprehensive family of products that deliver enterprise-class manageability, expandability, and responsiveness for server virtualization and for centralized distribution of virtual Windows desktops and Windows applications. For distributing virtualized desktops and applications, Citrix offers Citrix XenDesktop and XenApp. For making and managing virtual servers, Citrix offers Citrix XenServer and Citrix Essentials for Hyper-V. Progent's Citrix-certified consultants can help your company to assess the strategic benefits of Citrix technology and show you how to plan, test, implement, optimize, and maintain Citrix virtualization platforms.

  • Teleworkers Consulting nearby Lower Manhattan - Backup/Recovery Systems Consulting Services Downtown Manhattan, New York Work from Home Employees Assistance nearby Lower Manhattan - Backup Systems Expertise Lower Manhattan-East Village, New York
  • Teleworkers Lower Manhattan Consulting Experts - Help Desk Augmentation Consulting Downtown Manhattan, NY Offsite Workforce Lower Manhattan Guidance - Help Desk Call Center Outsourcing Consulting and Support Services Manhattan, NY
  • Urgent Lower Manhattan Crypto-Ransomware Dharma Preparedness Testing Lower Manhattan Crypto-Ransomware Infection Preparedness Assessment NYC-SoHo, NY
  • Windows 7 IT Services Windows 7 Integration Technical Consultant
  • Windows Computer Network Firms Windows Server 2016 Computer Consultancy Services Lower Manhattan NY
  • Windows Small Business Server 2008 Consultant Services Largest MS Windows Essential Business Server Computer Consultants

  • Professionals WSUS
    SUS Consultancy

    Microsoft WSUS enables network managers to deploy and monitor the latest Microsoft patches and security releases to Windows Server 2000, Microsoft Windows Server 2003, and Microsoft Windows XP platforms. By using Microsoft SUS, IT staff can fully and easily manage the distribution of patches that are published via Microsoft Update to servers and workstations in a company. Progent can assist you with complex details of the initial configuration of Microsoft Software Update Services such as designing the Microsoft Windows Server Update Services deployment, setting up user's workstations, defining the Group Policy parameters, and ensuring your Microsoft SUS GPO is linked to an Active Directory container that makes sense for your system environment.

  • wireless VoIP phones and Meraki APs Specialist wireless IP phones and Meraki APs Online Technical Support

  • © 2002-2024 Progent Corporation. All rights reserved.