Ransomware Filtering and Remediation Consulting Grand Rapids
Ransomware Recovery: A Case Study
Ransomware : Your Worst IT Catastrophe
Ransomware has become an escalating cyberplague that poses an existential danger for organizations vulnerable to an assault. Different iterations of crypto-ransomware like the CryptoLocker, Fusob, Bad Rabbit, Syskey and MongoLock cryptoworms have been replicating for years and continue to inflict harm. More recent versions of ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit and Egregor, along with frequent as yet unnamed viruses, not only encrypt on-line data files but also infiltrate all accessible system protection mechanisms. Files synched to off-site disaster recovery sites can also be encrypted. In a poorly architected environment, it can make automatic recovery useless and effectively sets the network back to zero.
Retrieving services and information following a ransomware outage becomes a sprint against the clock as the targeted organization fights to contain the damage and cleanup the ransomware and to restore mission-critical operations. Because ransomware takes time to replicate, assaults are usually sprung during weekends and nights, when successful penetrations tend to take longer to uncover. This multiplies the difficulty of rapidly assembling and orchestrating a knowledgeable response team.
Progent offers an assortment of solutions for protecting Grand Rapids organizations from ransomware events. These include team member training to help recognize and avoid phishing scams, ProSight Active Security Monitoring for endpoint detection and response (EDR) utilizing SentinelOne's AI-based threat protection to detect and disable zero-day malware attacks. Progent in addition provides the assistance of experienced ransomware recovery engineers with the track record and commitment to reconstruct a compromised network as soon as possible.
Progent's Ransomware Recovery Support Services
Subsequent to a ransomware event, paying the ransom demands in Bitcoin cryptocurrency does not provide any assurance that merciless criminals will return the keys to decrypt any or all of your information. Kaspersky Labs ascertained that 17% of ransomware victims never restored their data even after having paid the ransom, resulting in more losses. The gamble is also very costly. Ryuk ransoms often range from 15-40 BTC ($120,000 and $400,000). This is greatly above the typical crypto-ransomware demands, which ZDNET estimated to be in the range of $13,000 for smaller organizations. The other path is to re-install the key elements of your Information Technology environment. Without the availability of complete data backups, this calls for a wide range of skills, professional project management, and the willingness to work 24x7 until the recovery project is done.
For two decades, Progent has made available professional Information Technology services for companies throughout the United States and has achieved Microsoft's Gold Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts (SMEs) includes professionals who have been awarded advanced certifications in important technologies like Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's security consultants have earned internationally-renowned certifications including CISA, CISSP-ISSAP, ISACA CRISC, and SANS GIAC. (See Progent's certifications). Progent also has experience with accounting and ERP software solutions. This breadth of experience gives Progent the capability to efficiently understand critical systems and re-organize the surviving components of your Information Technology system following a ransomware attack and assemble them into a functioning system.
Progent's recovery team of experts uses best of breed project management systems to coordinate the sophisticated recovery process. Progent understands the urgency of acting rapidly and together with a customer's management and IT staff to assign priority to tasks and to put the most important applications back on line as soon as possible.
Client Case Study: A Successful Crypto-Ransomware Intrusion Restoration
A customer sought out Progent after their network system was penetrated by the Ryuk crypto-ransomware. Ryuk is thought to have been launched by North Korean state sponsored hackers, suspected of adopting techniques exposed from the U.S. NSA organization. Ryuk goes after specific companies with limited room for operational disruption and is among the most lucrative instances of ransomware viruses. Well Known victims include Data Resolution, a California-based information warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a small manufacturing business located in Chicago and has about 500 workers. The Ryuk penetration had frozen all company operations and manufacturing processes. Most of the client's information backups had been on-line at the start of the intrusion and were encrypted. The client was pursuing financing for paying the ransom (exceeding $200,000) and praying for the best, but ultimately brought in Progent.
Progent worked with the customer to quickly identify and assign priority to the essential services that had to be addressed in order to resume company functions:
- Active Directory (AD)
- Microsoft Exchange
- Accounting and Manufacturing Software
In less than two days, Progent was able to restore Active Directory to its pre-attack state. Progent then assisted with setup and hard drive recovery on mission critical servers. All Microsoft Exchange Server ties and attributes were usable, which greatly helped the rebuild of Exchange. Progent was able to find intact OST files (Outlook Off-Line Data Files) on user PCs in order to recover mail information. A not too old off-line backup of the businesses accounting/MRP software made them able to recover these vital applications back online for users. Although a lot of work needed to be completed to recover fully from the Ryuk attack, critical systems were returned to operations rapidly:
Throughout the next month key milestones in the recovery process were completed in close collaboration between Progent engineers and the client:
- In-house web sites were returned to operation with no loss of data.
- The MailStore Exchange Server containing more than 4 million historical messages was brought online and accessible to users.
- CRM/Customer Orders/Invoicing/Accounts Payable/Accounts Receivables (AR)/Inventory Control modules were fully operational.
- A new Palo Alto Networks 850 security appliance was installed and configured.
- Most of the user desktops and notebooks were back into operation.
Conclusion
A likely business-ending disaster was avoided due to hard-working experts, a broad range of technical expertise, and close collaboration. Although in analyzing the event afterwards the ransomware attack detailed here would have been identified and stopped with advanced cyber security solutions and recognized best practices, user and IT administrator training, and appropriate security procedures for data backup and applying software patches, the fact remains that government-sponsored cyber criminals from China, Russia, North Korea and elsewhere are tireless and are an ongoing threat. If you do fall victim to a crypto-ransomware incident, remember that Progent's team of experts has a proven track record in ransomware virus blocking, remediation, and information systems restoration.
Download the Ransomware Removal Case Study Datasheet
To review or download a PDF version of this ransomware incident report, click:
Progent's Ryuk Incident Recovery Case Study Datasheet. (PDF - 282 KB)
Contact Progent for Ransomware System Recovery Consulting in Grand Rapids
For ransomware system restoration expertise in the Grand Rapids area, phone Progent at
An index of content::
ProSight DPS ECHO Hybrid Cloud Backup/Recovery Engineers
Specialists ProSight Data Protection Services ECHO
ProSight Data Protection Services ECHO from Progent provide small and mid-sized organizations a low cost end-to-end service for secure backup/disaster recovery (BDR). Available at a fixed monthly rate, ProSight DPS automates your backup processes and allows fast restoration of critical data, applications and virtual machines that have become lost or corrupted due to component breakdowns, software glitches, disasters, human error, or malicious attacks such as ransomware. ProSight Data Protection Services can help you back up, retrieve and restore files, folders, applications, system images, as well as Microsoft Hyper-V and VMware virtual machine images. Important data can be protected on the cloud, to a local device, or to both. Progent's BDR specialists can deliver advanced support to configure ProSight DPS to to comply with government and industry regulatory standards like HIPAA, FINRA, and PCI and, when necessary, can help you to restore your business-critical data.
Microsoft Certified Partner Windows Server 2016 Hyper-V IT Consulting
Windows Server 2016 Scale Out Clusters Help and Support
Progent's Microsoft-certified IT consultants offer Windows Server 2016 migration consulting to assist organizations of all sizes to design and carry out a smooth upgrade to Windows Server 2016 and Windows Hyper-V 2016 based on a local, cloud, or hybrid architecture. Progent can help your company to evaluate the business value of Windows Server 2016 for your environment and can help you with any aspect of planning, deploying, managing or troubleshooting your Windows Server 2016 and Windows Hyper-V 2016 ecosystem. Progent can help you to benefit from the many new high-availability and security capabilities of Windows Server 2016 and Hyper-V 2016 like Windows Containers for isolating applications, Shielded Virtual Machines, Credential Guard, JIT Privileged Access Management, VM load balancing, Storage Replica for zero-data-loss disaster recovery, plus workgroup and multi-domain clusters.
CISSP Certified Security Manager Services
CISSP Certified Cybersecurity Manager Consult
Progent's CISSP-certified network security experts can help organizations of any size with any facet of information system security. Progent can help implement efficient security solutions that guard a small business against advanced threats or Progent can design, deploy, and monitor a comprehensive security strategy for hybrid networks that accommodate onsite, remote, and mobile clients sharing IT resources spread across multiple physical datacenters and various clouds.
Microsoft Office XP Computer Installation
Microsoft Office XP Security Consulting Firm
Progent applies no service activation charge and requires no retainer for services provided during normal working hours. Progent's small granularity eliminates big invoices for quick solutions so you won't be tempted to permit less critical problems to fester.
Office Access database Coder
Emergency Database Administration Professional
Progent's expert programmers, database designers, and project managers can help large businesses to carry out development programs for Windows, Linux, or Web applications. Progent's co-sourcing services include fast access to seasoned program managers for high-level planning and program co-ordination or Progent can help clients fill in expertise gaps by providing relational database architects and programmers experienced in developing line-of-business applications powered by SQL Server, Oracle, or MySQL. Progent's SharePoint consultants can help clients to integrate SharePoint with additional applications like SQL Server and Office Excel to build data-intensive intranets and web portals. Progent also offers expertise with multiple web development tools and can help businesses to create, enhance, repair, or port web-based applications to take advantage of the most current web technology.
Mid-sized Office Server Installation
Mid-size Company Small Office Network Consulting Services
Progent offers network support for medium size companies with 100 to 250 system clients. The mid-size company or office has traditionally been an overlooked segment of the market for IT consulting services. The cost structures and support delivery models of large third-party support organizations make them excessively costly for the ordinary mid-size company or small medium business (SMB), which usually has a modest IT budget with which to support an IT system whose complexity and capability are often comparable to the networks of much larger companies. Progent's service delivery model, which takes full advantage of remote support, virtual network infrastructure and proactive server monitoring, significantly lowers the IT support costs of an SMB while offering the mid-size organization with big-company service from certified, world-class experts knowledgeable in a broad range of midsized business network solutions. If your mid-sized company or small business is searching for levels of IT help appropriate for a mid-size organization without budgeting enterprise prices, contact Progent.
Network Consulting SharePoint
24-7 SharePoint Server 2013 Computer Consultant
Progent's Microsoft-certified consultants offer small and medium sized companies computer consulting, support, and troubleshooting services for Microsoft SPS 2003. Microsoft Office SharePoint Portal Server is an advanced portal solution for efficiently connecting people, groups and data. SharePoint Portal Server offers a central location for your employees or customers to connect to, organize, distribute and interact with relevant data, files, and applications and to communicate with one another. It allows faster and more intelligent decisions, more efficient sharing across groups and more streamlined business practices. The primary objective of SharePoint Server is to gather together, in a relevant way, all of the many sources of knowledge available within and without a business network. Windows SharePoint Services connect employees, customers, teams and projects with the data they've developed in a way that makes data easy to find, retrieve and apply.
Remote Support Integration Support
24/7 Phone Support Technical Support Services
For mid-size businesses who need network support, Progent offers a variety of alternatives including on-site service, on-line support, off-site Help Desk, 24x7 support with automatic network monitoring, temporary staffing, site relocation support, application programming, and expert consultation. For midsize companies in California or other areas serviced by Progent's field engineers, Progent provides expert onsite support for fixing network issues rapidly and affordably.
Microsoft Engineer Windows Server 2012 R2 Cloud
Immediate Windows Server 2012 R2 Private Cloud Professional
Progent's certified professionals can assist you to evaluate the business value of Windows Server 2012 R2 for your organization, develop pilot systems and rollout plans, optimize your infrastructure for local, multi-site, cloud-based, and hybrid datacenters, educate your IT management team, develop an enterprise-wide security strategy, automate network administration, help with application development, and build and test a disaster recovery/business continuity plan.
After Hours Online Support Services Ekahau On-premises Wi-Fi Site Survey
Support Services Ekahau Wi-Fi Site Validation
Progent's Ekahau-certified Wi-Fi consultants can assist your business to plan, deploy, enhance, manage and debug a Wi-Fi network adapted to your building. Progent offers remote or onsite expertise for Ekahau Pro for predictive Wi-Fi design and Ekahau Sidekick for onsite RF analysis.
Open Now Microsoft Teams security Consultant Services
Microsoft Teams dial plans Consultant
Progent can assist you to design an upgrade to Microsoft Teams from Skype for Business Online or Lync Server and configure, administer, and debug a cloud-based or hybrid implementation of Microsoft Teams. Progent can assist you to integrate Teams with Office and Microsoft 365 apps, Exchange Online, SharePoint Online, and your phone system.
Windows Server 2022 Windows Admin Center Network Consulting
Windows Server 2022 and SCVMM Technical Support
Progent's certified Windows Server 2022 experts can assist your organization to design and carry out a cost-effective migration to Windows Server 2022 using a self-hosted deployment architecture or a hybrid deployment model that combines cloud-hosted Windows Server Online with an on-prem implementation of Windows Server 2022.
24/7/365 Mac Integration Consulting
Mac Online Engineers
Progent provides nationwide online phone support and troubleshooting services for businesses that operate Apple Mac OS X environments or whose information systems feature a mix of Apple macOS and OS X with Microsoft products. Progent's engineers offer Apple macOS and OS X clients a range of IT services including desktop support, migration to the latest edition of Mac OS X from earlier versions of Mac, plus help with macOS and Mac OS X applications. Progent's specialists in Apple technology can also assist you with iPhone and iPad integration and management, or migrating to Apple's iCloud services. Online technical support provides maximum leverage for your information technology budget by protecting client productivity and limiting the time charged for network analysis and repair. Advanced remote support tools and skilled technicians and engineers combine to enable Progent to handle the majority of IT problems without wasting time and money by traveling to your site. In the vast majority of cases your network issues can be remediated by telephone or via a mix of phone support and online access. Progent can offer the services of Cisco CCIE infrastructure experts and CISM certified security specialists to assist with the most challenging system problems.
Information Technology Consulting Managed IT Services Consultants
Ransomware Protection Consulting
Progent's ProSight family of managed IT services are intended to offer organizations who have minimal internal IT administration and support staffs with affordable help from world-class management tools and consulting experts. Advantages of Progent's ProSight line of managed services include fixed IT maintenance expenses, smart automation of routine management processes, ongoing adoption of the latest information technology, smooth transition from legacy technology to modern solutions, close fit between information technology with strategic goals, guidance from seasoned network experts, and allowing management to focus on business issues instead of fast-evolving computer technology.
Development Firms Microsoft Azure firewall configuration
Biggest MCSE Expert Certified Engineer Microsoft Azure hybrid cloud integration
Progent can assist small companies to move all or part of their network infrastructure to the Microsoft Azure cloud. This can streamline IT administration and lower hardware expense. Azure includes a comprehensive library of cloud services and Progent can help you to understand the advantages and limitations of various cloud computing architectures you can use with Azure. Progent can show you how to administer cloud-resident or hybrid cloud and on-premises apps and resources and make sure you avoid the common mistakes small companies make when migrating to a public cloud. Progent can help you to configure VMs on Azure Virtual Machines, utilize cloud storage with Azure Storage, manage user identity with Azure Active Directory, and automate backup-and-recovery services with Azure Backup. Progent can also assist you to prepare perimeter firewalls and IPsec VPN connections and also to integrate iPhones and iPads and Android handhelds.
SentinelOne Singularity and Vigilance Reseller Computer Engineer
SentinelOne Vigilance Respond MDR Integrator Technical Support
Progent is a dealer and consulting firm for SentinelOne's Singularity product line, a subscription-based, cloud-first threat management solution that incorporates AI software and advanced services to provide cutting-edge endpoint detection and response.
Consultant Clustered Windows Server 2012 R2
Network Consultant Windows 2012 R2 Cluster Shared Volumes
Progent's certified failover clustering consultants can help companies of all sizes to assess the advantages of adopting Microsoft Windows Server 2012 failover clustering to build a powerful high-availability/disaster recovery strategy, help you to plan and deploy a Windows Server 2012 system, provide online and on-premises consulting services and engineering support for failover clusters composed of physical servers or virtual machines, and show you how to automate the management of failover clusters.
Top Quality Supplemental Help Desk Information Technology Consulting
Supplemental Call Center Remote Support
Progent's Shared Help Desk service allows your IT organization to split the load for Help Desk support transparently between your in-house IT staff and Progent's nationwide pool of seasoned desktop support technicians and subject matter experts (SMEs). Progent's Help Desk Co-management service is an advanced support solution based on ConnectWise Manage, the leading shared professional services automation tool for handling end-user service requests, ticketing, responsibility, progress tracking, and reporting.
Microsoft 365 Gmail migration Support and Help
Hybrid Microsoft 365 Exchange integration Integration Services
Microsoft has made a strong effort to enable transparent hybrid ecosystems that combine Microsoft 365 and local Exchange deployments. This permits you to have some Exchange mailboxes located at your on-premises datacenter and other mailboxes hosted by Microsoft 365. Progent's Microsoft-certified consulting team can assist you with any facet of designing, implementing and troubleshooting your hybrid Microsoft 365 Exchange Online solution. Progent's Exchange consultants can deliver as-needed expertise to help you through stubborn technical bottlenecks and also can provide extensive project management outsourcing or co-sourcing to ensure your hybrid Microsoft 365 Exchange initiative is carried out on time and on budget.
Antivirus Consultant
Design and Installation Anti-Virus
E-Mail Guard is a complete service for defending against spam and viruses. E-Mail Guard handles the security and management of company email by offering constantly improved spam and virus filtering, policy management, content filtering, and defense against email-based DHA and DDoS attacks. E-Mail Guard also features monitoring, management and analysis tools as well as outgoing email testing to let you troubleshoot your e-mail system and define and enforce corporate email policy.
Solaris Technology Consulting Services
UNIX Evaluation
If your company has a Sun Solaris environment or a multi-OS IT environment, Progent's CISM and CISSP-premier consultants can help your whole enterprise in a broad range of security topics such as security administration practices, security design and models, connection control systems and methodology, applications development security, business processes security, hardware security, communications, network and web security, and workplace recovery preparedness. CISM, CISSP and ISSAP define the basic competencies and international standards of knowledge that information security managers are required to possess. These accreditations offer executive management the confidence that consultants who have earned their CISM or ISSAP certification have demonstrated the background and theory to offer effective security management and consulting help.
Windows Server 2022 integration IT Services
Windows Server 2022 Hyper-V IT Services
Progent's certified Windows Server 2022 consultants can assist your company to plan and carry out a cost-effective migration to Windows Server 2022 that features high availability and that uses a self-hosted network architecture or a hybrid model that combines cloud-based Windows Server Online with a self-hosted implementation of Windows Server 2022.
South Carolina Computer Network Support Companies
New Hampshire Network Support Consultant
If your organization does not require urgent remote help but expects to need assistance with your network in the near future, you can conserve time and money and guarantee that the right IT skill will be available when you want it by contacting a Progent sales agent and registering as a client. For details, call 800-993-9400 or send email to information@progent.com.
Desktop Technology Repair Installation
Microsoft Mac and Linux Desktop Repairing
Progent can deliver a broad range of cost-effective support services to assist you to install, configure, repair, and manage desktop PCs and notebooks powered by Microsoft Windows, Apple macOS and OS X, or various editions of Linux. Progent can provide on-premises or remote technical support for single machines or laptops or work with your business to design and carry out a large-scale migration to new or revised operating system software and business applications. Progent can also supply consultants and technicians to assist your company to prepare for and complete a site move or consolidation organized to cause minimal interruption to your business.
SQL Server 2017 and Power BI Outsourcing
SQL Server 2017 Always Encrypted Remote Consulting
Progent's Microsoft-certified SQL Server 2017 experts can help your organization to design and implement an efficient upgrade from your existing SQL Server deployment to SQL Server 2017.
Microsoft SQL Server Information Technology Outsource
Development SQL
Progent's Microsoft-certified SQL Server programmers and DBAs offer remote expertise to help organizations of any size to build, administer, and maintain applications powered by the Microsoft SQL Server RDBMS and .NET framework. Progent's SQL Server consultants can provide support for any facet of application development in environments that can include small business or departmental databases to N-tier VLDB applications and enterprise-class data warehousing.
24-7 VB.NET Outsourced Programming
.NET Visual Studio Contract Programming Firm
Progent's software experts have worked for two decades with .NET technologies and the Visual Studio development system and can create or modernize .NET apps quickly and affordably.
MCSE Expert Certified System Center Operations Manager Troubleshooting
Computer Consulting Monitoring and Reporting
Small to mid-sized companies can now enjoy all the benefits of Microsoft System Center Operations Manager and also have quick access to Progent's Microsoft certified IT support professionals. With Progent's affordably priced network support packages, mid-size organizations can choose a basic co-sourcing service program built around Operations Manager 2007 with server monitoring, reporting, Help Desk and remote troubleshooting or a comprehensive round-the-clock outsourcing solution. Progent supports Operations Manager 2007 to provide small and midsize business information systems enterprise-class availability, protection and productivity.
Windows Server 2022 Kubernetes Containers Online Consulting
Windows Server 2022 PowerShell Specialists
Progent's Microsoft Gold-certified Windows Server 2022 experts can assist your organization to design and carry out an efficient migration to Windows Server 2022 using an on-premises network architecture or a hybrid model that combines cloud-based Windows Server Online with an on-site installation of Windows Server 2022.
Consultant Internet Data Center
Colocation Selection Integration Support
Colocation sites allow businesses to share enterprise-class facilities for housing computer hardware that supports vital applications and services. Progent's Microsoft and Cisco premier consultants can assist your company with all aspects of your colocation program including selecting and migrating to a colocation facility, designing system architecture, defining required equipment, on-premises and on-line maintenance, setting up remote network management, and training your IT personnel.
Select Topic: