Ransomware : Your Crippling Information Technology Catastrophe
Ransomware  Remediation ExpertsRansomware has become a modern cyber pandemic that presents an extinction-level danger for businesses of all sizes vulnerable to an attack. Different iterations of ransomware such as Reveton, CryptoWall, Bad Rabbit, Syskey and MongoLock cryptoworms have been circulating for many years and continue to cause destruction. Newer variants of crypto-ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Nephilim, as well as additional as yet unnamed malware, not only do encryption of on-line information but also infect all available system protection. Information replicated to off-site disaster recovery sites can also be rendered useless. In a poorly architected environment, this can make any restore operations hopeless and basically knocks the network back to zero.

Restoring services and information following a ransomware event becomes a race against time as the victim struggles to contain and eradicate the virus and to resume business-critical operations. Because ransomware requires time to replicate, penetrations are usually launched during nights and weekends, when successful attacks may take longer to notice. This multiplies the difficulty of promptly marshalling and coordinating a qualified response team.

Progent makes available a variety of help services for securing Lower Manhattan enterprises from ransomware attacks. These include staff education to help identify and not fall victim to phishing exploits, ProSight Active Security Monitoring for endpoint detection and response utilizing SentinelOne's AI-based cyberthreat defense to discover and suppress zero-day malware assaults. Progent also offers the services of seasoned ransomware recovery consultants with the track record and commitment to re-deploy a compromised network as soon as possible.

Progent's Crypto-Ransomware Recovery Help
Subsequent to a crypto-ransomware penetration, even paying the ransom demands in Bitcoin cryptocurrency does not provide any assurance that distant criminals will return the keys to decipher all your data. Kaspersky Labs determined that 17% of ransomware victims never restored their data after having sent off the ransom, resulting in increased losses. The gamble is also expensive. Ryuk ransoms commonly range from 15-40 BTC ($120,000 and $400,000). This is significantly above the usual crypto-ransomware demands, which ZDNET determined to be in the range of $13,000 for small businesses. The fallback is to setup from scratch the mission-critical parts of your IT environment. Absent access to essential information backups, this requires a wide complement of skills, top notch project management, and the willingness to work continuously until the task is over.

For decades, Progent has offered certified expert IT services for businesses throughout the United States and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's pool of subject matter experts includes consultants who have earned advanced certifications in leading technologies including Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cyber security engineers have earned internationally-recognized certifications including CISA, CISSP-ISSAP, CRISC, and SANS GIAC. (Visit Progent's certifications). Progent also has expertise in financial management and ERP applications. This breadth of expertise provides Progent the capability to knowledgably identify critical systems and organize the remaining parts of your IT environment following a ransomware attack and assemble them into a functioning system.

Progent's security team deploys state-of-the-art project management applications to coordinate the sophisticated restoration process. Progent appreciates the importance of acting swiftly and together with a customer's management and Information Technology staff to assign priority to tasks and to put essential systems back on-line as fast as possible.

Client Case Study: A Successful Crypto-Ransomware Intrusion Recovery
A small business sought out Progent after their organization was crashed by the Ryuk crypto-ransomware. Ryuk is generally considered to have been launched by Northern Korean state criminal gangs, suspected of using approaches exposed from the U.S. NSA organization. Ryuk attacks specific companies with limited room for disruption and is among the most lucrative examples of ransomware. Well Known victims include Data Resolution, a California-based info warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a single-location manufacturing business headquartered in Chicago and has around 500 employees. The Ryuk attack had frozen all essential operations and manufacturing capabilities. The majority of the client's system backups had been directly accessible at the beginning of the attack and were encrypted. The client was actively seeking loans for paying the ransom (in excess of $200,000) and praying for good luck, but ultimately engaged Progent.


"I can't say enough about the support Progent gave us throughout the most stressful period of (our) company's survival. We had little choice but to pay the Hackers if not for the confidence the Progent team provided us. That you could get our e-mail and essential servers back into operation faster than five days was something I thought impossible. Every single consultant I spoke to or communicated with at Progent was amazingly focused on getting our company operational and was working 24 by 7 to bail us out."

Progent worked with the customer to rapidly determine and prioritize the mission critical systems that needed to be recovered to make it possible to resume business functions:

  • Microsoft Active Directory
  • Electronic Mail
  • Financials/MRP
To get going, Progent adhered to Anti-virus penetration response industry best practices by halting lateral movement and cleaning systems of viruses. Progent then began the steps of bringing back online Windows Active Directory, the foundation of enterprise systems built upon Microsoft Windows Server technology. Exchange email will not function without Active Directory, and the businesses' financials and MRP system leveraged Microsoft SQL, which depends on Active Directory for access to the database.

Within two days, Progent was able to rebuild Active Directory services to its pre-penetration state. Progent then assisted with setup and hard drive recovery of mission critical systems. All Microsoft Exchange Server data and configuration information were intact, which greatly helped the rebuild of Exchange. Progent was also able to locate intact OST data files (Microsoft Outlook Offline Data Files) on team desktop computers to recover email data. A recent offline backup of the businesses accounting systems made them able to restore these required applications back on-line. Although a lot of work remained to recover fully from the Ryuk event, core services were returned to operations rapidly:


"For the most part, the production manufacturing operation never missed a beat and we delivered all customer sales."

Throughout the next couple of weeks key milestones in the recovery project were completed in close cooperation between Progent engineers and the client:

  • Internal web applications were returned to operation without losing any information.
  • The MailStore Microsoft Exchange Server containing more than four million historical messages was restored to operations and available for users.
  • CRM/Product Ordering/Invoices/Accounts Payable/Accounts Receivables/Inventory Control functions were completely recovered.
  • A new Palo Alto 850 firewall was brought online.
  • Ninety percent of the user PCs were fully operational.

"A lot of what transpired those first few days is mostly a blur for me, but I will not soon forget the urgency each and every one of you accomplished to help get our company back. I've utilized Progent for the past 10 years, maybe more, and each time Progent has come through and delivered as promised. This situation was the most impressive ever."

Conclusion
A likely business disaster was dodged by top-tier professionals, a wide range of IT skills, and close teamwork. Although in retrospect the ransomware virus penetration described here should have been shut down with current security systems and security best practices, user and IT administrator education, and well thought out security procedures for data backup and applying software patches, the reality remains that state-sponsored hackers from Russia, China and elsewhere are tireless and are an ongoing threat. If you do get hit by a crypto-ransomware attack, remember that Progent's team of experts has a proven track record in crypto-ransomware virus blocking, remediation, and information systems restoration.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Chris (and any others that were helping), I'm grateful for allowing me to get rested after we made it past the first week. All of you did an amazing job, and if anyone is in the Chicago area, a great meal is on me!"

Download the Crypto-Ransomware Cleanup Case Study Datasheet
To read or download a PDF version of this ransomware incident report, click:
Progent's Ryuk Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Cleanup Consulting Services in Lower Manhattan
For ransomware recovery consulting services in the Lower Manhattan area, phone Progent at 800-462-8800 or visit Contact Progent.



An index of content::

  • 24/7 Lower Manhattan Lockbit Crypto-Ransomware Forensics Investigation Lower Manhattan-SoHo, New York Lower Manhattan Ryuk Ransomware Documentation New York City-Tribeca, New York
  • Lower Manhattan Ryuk Crypto-Ransomware Malware File-Recovery Case Study
  • 64-bit Migration Consultant Online Support 64-bit Upgrade
  • Lower Manhattan Snatch Crypto-Ransomware Mitigation NYC-Downtown, U.S.A.
  • At Home Employees Endpoint Management Remote Troubleshooting 24 Hour At Home Employees Endpoint Management Professional

  • Integration Services Offsite Employees Infrastructure
    Help and Support Remote Workers Infrastructure

    Progent can help small and medium-size companies to plan, deploy and troubleshoot the infrastructure needed to support telecommuters.

  • Lower Manhattan Ryuk Crypto-Ransomware Cleanup Downtown Manhattan-Downtown Manhattan, New York
  • At Home Workers Lower Manhattan Assistance - Collaboration Systems Expertise Lower Manhattan Work from Home Employees Collaboration Systems Consultants New York City-Tribeca, NY

  • Altaro 365 Total Backup Professionals
    Hornetsecurity 365 Total Backup Setup and Support

    Progent is a certified Hornetsecurity/Altaro partner and can design, configure, and manage a deployment of 365 Total Backup to back up and restore your Microsoft 365 mailboxes, files residing on your company's OneDrive Accounts and SharePoint sites, user and group Teams Chats, plus files on Windows endpoints.

  • At Home Workforce Lower Manhattan Consulting Experts - Cloud Integration Systems Consulting Experts New York City-Downtown New York City-Lower Manhattan, NY At Home Workforce Lower Manhattan Consulting Services - Cloud Solutions Guidance
  • Best Lower Manhattan Network Installation Lower Manhattan New York IT Outsourcing Company

  • Microsoft Server Consolidation Integration
    24 Hour Microsoft Virtual Server 2005 Consulting

    Microsoft Virtual Server, run on the Microsoft Windows Server 2003 operating system and powered by technology originally produced by Connectix, delivers the performance necessary to carry out server consolidation, application upgrade, and server quarantine projects through virtualization technology in an enterprise-ready IT environment with advanced scalability, manageability, and availability. Microsoft has aimed Virtual Server at companies who want to enhance operational efficiency in software development and piloting, upgrading from outdated line-of-business applications, and hardware consolidation. Progent's professional Virtual Server consultants can help your business to evaluate and integrate MS Virtual Server.

  • Cisco Outsourcing IT 24/7/365 Cisco IT Consulting Company
  • Consulting Experts for Computer Support Organizations near Lower Manhattan - Seamless Short-Term IT Support Help Manhattan 24x7x365 Specialists for IT Support Firms near me in Lower Manhattan - Transparent Short-Term Support Staff Help Downtown Manhattan-Downtown Manhattan, New York
  • Consulting Services Infor SyteLine CloudSuite Upgrade SyteLine ERP Specialists
  • Exchange 2003 Support and Integration Computer Consulting Exchange Server 2003
  • Firewall Technical Support New York City-East Village, NY Security Cybersecurity Firms NYC-Wall Street, New York

  • Cisco Content Distribution Manager Remote Troubleshooting
    Cisco ACNS, Cisco CDN Software Professional

    Progent offers high availability load balancing support covering network load balancing, load balanced applications, network backbone routing, and content dispatching products such as Cisco Content Engine. High availability load balancing providers for which Progent offers consulting expertise include Windows Server 2003 Network Load Balancing Manager, Citrix Access Suite and Presentation Server, Cisco CSS, Cisco Content Distribution Manager and ACNS, and F5 Networks 3-DNS.

  • IT Outsourcing Firms BlackBerry Lower Manhattan Top BlackBerry Redirector Small Office Network Consulting Services New York City-Downtown, New York
  • Immediate Lower Manhattan Crypto Removal Lower Manhattan-Lower Manhattan NYC-Wall Street, New York Lower Manhattan 24/7/365 CryptoLocker Recovery Consultants

  • Remote Troubleshooting XenServer
    Support Services XenServer

    Progent's Citrix-accredited consultants can assist you to understand the business advantages of XenServer as well as additional Citrix products, and can help your IT organization to design, validate, execute, troubleshoot, and support a XenServer solution. Progent can also assess your current XenServer deployment and help you to enhance consolidation, performance, security and compliance, availability, and recoverability.

  • Information Technology Consulting Companies Microsoft SQL 2014 Lower Manhattan-East Village SQL Server 2019 Computer Tech NYC-SoHo
  • Lower Manhattan Crypto-Ransomware NotPetya Susceptibility Assessment Lower Manhattan-Downtown, New York, United States Lower Manhattan Crypto-Ransomware Snatch Preparedness Consultation Manhattan
  • Lower Manhattan Crypto-Ransomware Remediation and Data Recovery Lower Manhattan-Tribeca, NY Lower Manhattan Avaddon Ransomware Operational Recovery New York City-Downtown
  • Lower Manhattan Dharma Crypto-Ransomware Settlement Consultants Lower Manhattan Lower Manhattan Hermes Ransomware Negotiation Help
  • Lower Manhattan Lockbit Crypto-Ransomware Recovery New York City-SoHo, NY 24 Hour Lower Manhattan Dharma Crypto-Ransomware Remediation NYC-SoHo
  • Lower Manhattan Netwalker Ransomware Rollback Manhattan-SoHo, New York Lower Manhattan MongoLock Crypto-Ransomware System-Rebuild Manhattan-SoHo, NY, United States
  • Lower Manhattan Teleworkers Call Desk Outsourcing Consulting and Support Services Manhattan, NY Lower Manhattan At Home Workforce Call Desk Augmentation Guidance New York City, New York, United States
  • Lower Manhattan Teleworkers Setup Expertise NYC-Tribeca, New York Lower Manhattan Work at Home Employees Consulting Services near Lower Manhattan - Infrastructure Consultants
  • MS Dynamics GP Solution Provider near Lower Manhattan - Reporting Experts Lower Manhattan-SoHo, New York Dynamics GP-Software Reseller near Lower Manhattan - Business Intelligence Experts Manhattan-Wall Street, US
  • Maintenance Spam filter Email Security and Virus Protection Consultant Services
  • Microsoft Exchange Server 2007 Small Office IT Outsourcing Manhattan NY, USA 24-Hour Exchange Server 2013 Design Consultants Downtown Manhattan New York

  • 24-7 Network Management Outsourcing for Small Businesses Consultancy
    Immediate Small Business Network Management Services Professionals

    Progent's ProSight portfolio of managed services are designed to provide organizations who maintain small in-house network administration and support staffs with affordable access to enterprise-class management tools and consulting expertise. Benefits of the ProSight catalog of managed IT services include fixed IT management costs, automation of routine management processes, continual absorption of new technology, smooth transition from legacy systems to up-to-date solutions, improved alignment of information technology with business objectives, guidance from veteran network experts, and freeing up management to concentrate on business issues rather than fast-evolving computer technology.

  • Microsoft SharePoint Server 2013 IT Services Downtown Manhattan SharePoint 2013 Remote Support Services
  • New York City Computer Systems Consulting Lower Manhattan, New York Computer Network Companies
  • Lower Manhattan WannaCry Ransomware Repair Downtown Manhattan-Tribeca
  • New York City-SoHo, NY Telecommuters Consultants near me in Lower Manhattan - Backup/Restore Systems Consultants Lower Manhattan At Home Workers Backup/Recovery Solutions Consultants
  • Lower Manhattan DopplePaymer Crypto-Ransomware Remediation NYC-East Village
  • New York City-Tribeca, New York Temporary IT Support Staffing Support Services Consulting Experts Immediate Staffing for IT Support Organizations NYC-East Village, NY
  • New York City-Wall Street, New York Lower Manhattan Remote Workforce IP Voice Solutions Expertise Lower Manhattan At Home Workers IP Voice Solutions Assistance NYC-East Village, NY
  • Offsite Workforce Assistance - Lower Manhattan - Connectivity Solutions Consultants NYC Work at Home Employees Lower Manhattan Consultants - Connectivity Solutions Guidance Lower Manhattan-East Village, New York, America
  • Offsite Workforce Lower Manhattan Consulting Services - Endpoint Security Systems Guidance Lower Manhattan-Lower Manhattan Manhattan-Downtown, NY Lower Manhattan Telecommuters Network Security Systems Consulting Experts
  • Peppercon eRIC Consulting Services Peppercon eRIC Consultant Services
  • ProSight Reporting SentinelOne Remote Network Monitoring Integration ProSight Reporting SentinelOne Remote Network Monitoring Support and Help
  • Ransomware Cleanup and Recovery NYC-Tribeca Ryuk Ransomware Hot Line Manhattan-Lower Manhattan, NY, US
  • Remote Workforce Expertise in Lower Manhattan - Voice/Video Conferencing Solutions Assistance Lower Manhattan Lower Manhattan Remote Workers Conferencing Solutions Consultants
  • Ryuk ransomware hot line Professionals Ryuk ransomware hot line Consultant

  • Freelancing Jobs Automated Call Management Consultants
    Job Opportunity Multi-site Data Centers Consultant

    Progent's business climate will make you a more capable consulting professional by improving your technical skills and increasing the satisfaction of your clients. Progent makes good on this promise by attracting the top consulting talent for you to work with, providing an advanced system architecture, using specialized software utilities to enable the highest quality of support, and by optimizing our operational models for finding and keeping customers.

  • Support Mandrake Linux, Solaris, UNIX Lower Manhattan-East Village, NY Manhattan, NY Top Ranked Network Engineer Suse Linux, Sun Solaris, UNIX
  • Top Quality Lower Manhattan Telecommuters Management Solutions Assistance Manhattan-Wall Street, New York At Home Workers Consulting near me in Lower Manhattan - Management Solutions Guidance Downtown Manhattan-Tribeca
  • Web Parts Programming Data Mart Integration

  • 24 Hour Integration Support Hornetsecurity Altaro M365 SharePoint Backup
    Hornetsecurity Altaro 365 Total OneDrive Backup Help and Support

    Progent is a certified Hornetsecurity/Altaro partner and can design, install, and manage an implementation of 365 Total Backup to safeguard your Microsoft 365 mailboxes, files stored on your company's OneDrive Accounts and SharePoint sites, user and group Teams Chats, plus files on Windows-powered endpoints.

  • Lower Manhattan Dharma Ransomware Repair New York City
  • Windows IT Outsource Manhattan-Downtown Windows Server 2012 R2 Computer Systems Consulting Lower Manhattan, New York
  • Lower Manhattan Spora Ransomware Rollback
  • XenServer Remote Support Services XenServer Computer Consultants

  • © 2002-2023 Progent Corporation. All rights reserved.