Ransomware Protection and Recovery Expertise Salt Lake City
Crypto-Ransomware Removal: A Case Study
Ransomware : Your Feared IT Nightmare
Crypto-Ransomware has become an escalating cyberplague that represents an enterprise-level danger for businesses vulnerable to an attack. Different iterations of ransomware such as Dharma, WannaCry, Locky, NotPetya and MongoLock cryptoworms have been out in the wild for years and still inflict havoc. Modern strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Snatch and Egregor, as well as additional as yet unnamed newcomers, not only encrypt online data files but also infiltrate most configured system backups. Files replicated to cloud environments can also be encrypted. In a poorly designed data protection solution, this can make automated restore operations hopeless and effectively knocks the datacenter back to square one.
Retrieving programs and information following a ransomware event becomes a sprint against time as the victim fights to stop the spread and cleanup the ransomware and to restore mission-critical activity. Due to the fact that crypto-ransomware requires time to replicate, attacks are usually launched during weekends and nights, when penetrations may take longer to detect. This multiplies the difficulty of quickly assembling and coordinating an experienced mitigation team.
Progent has a variety of solutions for securing Salt Lake City organizations from ransomware attacks. Among these are team member education to help recognize and avoid phishing attempts, ProSight Active Security Monitoring for endpoint detection and response using SentinelOne's behavior-based threat protection to identify and disable zero-day modern malware attacks. Progent also can provide the assistance of expert crypto-ransomware recovery consultants with the track record and commitment to re-deploy a compromised network as soon as possible.
Progent's Ransomware Recovery Help
After a crypto-ransomware penetration, sending the ransom demands in cryptocurrency does not provide any assurance that merciless criminals will respond with the needed keys to decipher all your files. Kaspersky determined that 17% of ransomware victims never restored their information even after having sent off the ransom, resulting in increased losses. The gamble is also very costly. Ryuk ransoms frequently range from 15-40 BTC ($120,000 and $400,000). This is significantly higher than the usual ransomware demands, which ZDNET determined to be approximately $13,000 for small organizations. The other path is to piece back together the vital parts of your IT environment. Without the availability of complete system backups, this calls for a wide range of skill sets, top notch project management, and the capability to work non-stop until the job is completed.
For two decades, Progent has offered professional Information Technology services for companies throughout the United States and has earned Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes professionals who have earned top industry certifications in important technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's security experts have garnered internationally-renowned certifications including CISM, CISSP, CRISC, and GIAC. (Visit Progent's certifications). Progent also has expertise with financial management and ERP software solutions. This breadth of expertise provides Progent the capability to quickly ascertain critical systems and consolidate the remaining parts of your IT environment after a crypto-ransomware attack and assemble them into an operational system.
Progent's ransomware team uses top notch project management systems to coordinate the complex restoration process. Progent knows the importance of acting rapidly and in unison with a customer's management and IT resources to prioritize tasks and to put critical systems back online as fast as humanly possible.
Client Story: A Successful Ransomware Incident Response
A client engaged Progent after their company was attacked by the Ryuk ransomware virus. Ryuk is thought to have been deployed by Northern Korean state sponsored criminal gangs, suspected of adopting techniques leaked from the U.S. National Security Agency. Ryuk attacks specific organizations with little or no room for operational disruption and is one of the most profitable examples of crypto-ransomware. Well Known targets include Data Resolution, a California-based info warehousing and cloud computing company, and the Chicago Tribune. Progent's client is a single-location manufacturer based in Chicago and has around 500 employees. The Ryuk event had paralyzed all company operations and manufacturing capabilities. Most of the client's system backups had been on-line at the beginning of the intrusion and were encrypted. The client considered paying the ransom demand (in excess of two hundred thousand dollars) and praying for the best, but in the end utilized Progent.
Progent worked together with the client to quickly assess and assign priority to the critical applications that needed to be restored in order to resume company operations:
- Active Directory
- Accounting/MRP
In less than 48 hours, Progent was able to rebuild Active Directory to its pre-attack state. Progent then charged ahead with rebuilding and storage recovery on the most important servers. All Microsoft Exchange Server data and attributes were usable, which greatly helped the restore of Exchange. Progent was able to locate local OST data files (Outlook Offline Data Files) on various PCs and laptops to recover mail messages. A not too old off-line backup of the customer's accounting systems made them able to restore these essential applications back available to users. Although significant work was left to recover totally from the Ryuk damage, essential systems were recovered rapidly:
Over the next month key milestones in the recovery project were accomplished in tight collaboration between Progent team members and the client:
- Self-hosted web sites were brought back up without losing any information.
- The MailStore Server with over 4 million historical emails was brought online and accessible to users.
- CRM/Customer Orders/Invoicing/Accounts Payable (AP)/AR/Inventory functions were 100 percent restored.
- A new Palo Alto Networks 850 firewall was deployed.
- Most of the user PCs were back into operation.
Conclusion
A potential business extinction disaster was averted by results-oriented professionals, a wide spectrum of IT skills, and close collaboration. Although in hindsight the ransomware incident described here should have been stopped with modern cyber security technology and NIST Cybersecurity Framework best practices, user and IT administrator education, and well designed incident response procedures for data protection and applying software patches, the fact is that government-sponsored cybercriminals from China, North Korea and elsewhere are tireless and are an ongoing threat. If you do fall victim to a ransomware virus, feel confident that Progent's roster of experts has proven experience in crypto-ransomware virus defense, mitigation, and information systems recovery.
Download the Ransomware Remediation Case Study Datasheet
To read or download a PDF version of this customer story, click:
Progent's Ransomware Recovery Case Study Datasheet. (PDF - 282 KB)
Contact Progent for Ransomware System Restoration Consulting in Salt Lake City
For ransomware recovery consulting in the Salt Lake City area, phone Progent at
An index of content::
Online Support Services SCCM 2016 MDM
SCCM 2016 Planning Online Technical Support
Configuration Manager 2016 automates application and device provisioning at scale, simplifies compliance settings control, keeps track of network resources, protects against corporate data leakage, performs health reporting, enables safe end-user self service, and offers a common point of control for administering mixed-operating system ecosystems running on-premises, cloud-centric, or hybrid deployment topologies. Progent's Microsoft-certified Configuration Manager 2016 consultants and Microsoft Azure cloud specialists can help your organization with any facet of planning, installing, operating and repairing a SCCM 2016 solution for local, cloud, or hybrid networks.
Small Business Managed IT services Specialist
ProSight IT Management Outsourcing Consultancy
Progent's ProSight portfolio of managed services are intended to offer organizations who have minimal internal network support staffs with low-cost access to world-class management platforms and technical expertise. Advantages of the ProSight line of managed services include flat-rate network management expenses, automation of common administrative processes, ongoing absorption of new information technology, smooth transition from older technology to modern solutions, close fit between computer technology with strategic goals, access to seasoned network experts, and freeing up management to focus on business rather than ever-changing network technology.
Email Black Lists Engineers
Email Guard Data Loss Prevention Professional
Progent's ProSight Email Guard solution uses the technology of top information security vendors to deliver centralized management and world-class security for all your inbound and outbound email. The hybrid structure of Email Guard combines a Cloud Protection Layer with an on-premises gateway appliance to offer advanced defense against spam, viruses, Dos Attacks, Directory Harvest Attacks, and other email-based threats. ProSight Email Guard's cloud filter acts as a preliminary barricade and keeps most unwanted email from reaching your network firewall. This reduces your exposure to external attacks and conserves network bandwidth and storage. ProSight Email Guard's on-premises gateway device adds a deeper level of analysis for incoming email. For outgoing email, the local security gateway provides AV and anti-spam filtering, protection against data leaks, and email encryption. The on-premises gateway can also assist Microsoft Exchange Server to monitor and protect internal email traffic that originates and ends inside your security perimeter.
Technology Consulting Barracuda Backup Encrypted Appliance
IT Consultants Barracuda Backup Deduplication
Barracuda Backup is a low-cost, subscription-based backup and disaster recovery service for small and medium-size organizations. A Barracuda Backup deployment can include a purpose-built physical storage device built by Barracuda or a virtual appliance with similar features but which utilizes your existing storage hardware. Barracuda Backup protects vital company data produced on-premises, at one or more remote locations, or in the cloud. For disaster recovery, you can replicate data to the Barracuda Cloud, to Amazon Web Services (AWS), or to any location with a physical or virtual Barracuda appliance. Progent is a Barracuda partner and Progent's Barracuda Backup consulting experts can provide a broad range of consulting services to assist your business to plan, integrate, manage and repair a BDR solution based on Barracuda technology.
Urgent Information Technology Installation Service Company-wide Standards for Best Practices
Best Practices Technology Consultancy Firm
Progent's team of Microsoft and Cisco Premier Certified experts average more than a decade of hands-on professional experience, at the front lines of IT support, executing a broad variety of technical projects for an extensive mix of businesses. Every Progent consultant shares a proven collection of personal best practices which are combined into shared leading practices training that Progent teaches its support personnel. This means that you get not only expert technical capability, but also a support engineer with proven approaches for applying technical knowledge to repair actual IT problems rapidly.
Best Technology Consulting Services System Center 2016 Data Protection Manager
Data Protection Manager 2016 Rolling Upgrade Computer Consulting
System Center 2016 Data Protection Manager offers near-continuous backup and easy recovery capabilities for Microsoft-based environment. Data Protection Manager 2016 offers application-aware backup for key platforms such as Microsoft SQL, Exchange Server and SharePoint Server, backs up Windows and Linux VMs, works with virtual machines hosted by Windows Hyper-V as well as VMware, and integrates seamlessly with Microsoft Azure for cloud backup and recovery. Progent's Microsoft-certified consultants can help businesses of all sizes to plan, implement, manage, and repair a multi-site backup/restore solution built around System Center 2016 Data Protection Manager. Progent can help you to migrate from an older release of Data Protection Manager or from an outdated solution, and Progent can optimize your SCDPM 2016 environment for on premises, colocated, cloud-based or hybrid deployment models. Progent offers remote or onsite consulting expertise and can provide as-needed guidance to help you through technical bottlenecks or deliver end-to-end project management support to make sure you complete your Data Protection Manager 2016 initiative on schedule and within your budget.
Microsoft 365 Yammer Integration Technical Support Services
Microsoft 365 Management Support and Integration
Progent can assist your business to evaluate the many subscription plans available with Microsoft 365, formerly called Office 365, and integrate your network with Microsoft 365 in a way that delivers maximum business value. Progent offers expertise with multi-vendor environments that include Windows, macOS or OS X, and Linux technology. Progent can also assist you to build and manage hybrid solutions that seamlessly integrate local and cloud-based products and services.
.NET Framework Design
Programming Companies .NET Application
Progent's application experts have worked for 20 years with .NET technologies and the Visual Studio development system and are able to build or modernize .NET applications quickly and affordably.
ASR 1000 Router Computer Consulting
Remote Technical Support ISR 1100 Router
Cisco offers a full array of routers including appliances designed to provide the protection, bandwidth, and reliability demanded by customers ranging from small businesses to global enterprises and ISPs. Cisco routers feature support for redundancy, transparent failover, and backup power for improved fault tolerance and system availability. Progent can show you how to choose and configure Cisco routers to establish a reliable foundation for your IT system and to make it economical to grow as you add new users, start new offices, install new services, extend your network to clients and partners, and support a more mobile workforce. Progent offers expertise in a range of routers powered by Cisco's IOS platform, such as Cisco's 800 family of small office VPN routers, Cisco 1800 and 2800 ISR routers, Cisco 2900 and 3900 Generation 2 ISR routers, Cisco ASR 1000 and 9000 Aggregation Services Routers for WAN edge applications, Cisco CRS Carrier Routing System for core Networks, plus legacy 3600 and 3700 Series Routers.
Microsoft Web Application Security Network Security Test
Consultancy Security Information and Event Management
Global Information Assurance Certification was established in 1999 to validate the knowledge of IT security professionals. GIAC certifications are recognized by businesses and government organizations around the world including and the United States National Security Agency. Progent's GIAC-certified information assurance specialists can provide expertise with any of the network security disciplines covered within GIAC certification including evaluating infrastructure security mechanisms, event handling, intrusion detection, web services security and security information and event management (SIEM) solutions.
Anti-Virus Technology Consulting Services
24x7 Antispam Help and Support
E-Mail Guard by Postini provides constantly updated spam and virus blocking, content filtering, and security from e-mail-borne DHA attacks and denial of service attacks. Progent is a Postini partner and support firm. If your organization is too small to purchase for a regular Postini license, you can still get access to Postini's Perimeter Manager technology through Progent's E-Mail Guard antispam and anti-virus service offering. Progent's expert e-mail protection consultants can show you how to create an email defense strategy that includes anti-spam and virus protection services and policies.
Computer Consulting Microsoft Windows 2003
Microsoft Windows 2003 Server Network Consultant
The knowledge and experience of Progent's certified Windows Server consultants, with an average of more than 11 years of work in Microsoft technology, assures you success in identifying the edition and configuration of Windows 2003 Server that matches most closely with your business goals. Progent can also help you with designing, installing, administering and supporting powerful IT solutions powered by Windows Server, and can streamline your migration from Windows 2000 or Microsoft Windows NT.
Linux Online Consultancy Services Company
Linux RedHat Remote Consulting
Progent offers national online technical support and consulting services for companies that operate networks based on variants of the Linux OS or whose IT systems feature a combination of Linux platforms/Linux and Microsoft Windows products. Remote technical support provides optimum leverage for your information technology dollar by extending user efficiency and shortening the hours billed for network analysis and repair. Sophisticated online support tools and skilled service specialists and engineers combine to enable Progent to solve most network issues without squandering time and money by going to your location. In the vast majority of situations your IT problems can be remediated by telephone or via a combination of telephone help and remote access. Progent can make available Cisco CCIE infrastructure experts and CISA and CISM premier security professionals to help with the most difficult system issues.
Wi-Fi controllers patch management Specialist
Smartphone patch management Consulting
Progent's managed services for software and firmware patch management offer businesses of all sizes a flexible and affordable solution for assessing, testing, scheduling, applying, and documenting software and firmware updates to your servers, endpoints printers and scanners, network infrastructure appliances such as switches and wireless access points, and IoT devices like alarms and health monitors.
IT Consultants Meraki 802.11ac Access Point Upgrade
Top Quality Remote Support Meraki Outdoor Wi-Fi Access Point
Progent's Cisco-Meraki Wi-Fi access point experts can help you to plan, configure, administer and debug Cisco's Meraki-based Wi-Fi networks for environments ranging from a branch office to a campus or a nationwide enterprise. Progent can also help you to integrate other Cisco devices for unified management.
OS X Penetration Testing Online Troubleshooting
Mac Snow Leopard Security Configuration
Progent's certified security staff can show you how to protect your Mac environment through expert services including performing security tests, recovery from virus and denial of service penetrations, setting up firewalls, implementing secure remote and mobile access, deploying monitoring software for protection against viruses, spam, and directory harvest attacks, and developing a comprehensive security plan appropriate for the specific objectives of your corporate information system.
Award Winning SQL Server 2017 Migration Network Engineer
Microsoft SQL Server 2017 Information Technology Consulting
Progent's Microsoft-certified SQL Server 2017 consultants can assist you to assess the business advantages of migrating to SQL Server 2017 and can help you to design and implement an efficient migration of your current SQL Server environment to any deployment model including on-premises, cloud-based, or hybrid. Progent's consultants can provide online or onsite support ranging from on-demand architecture review or troubleshooting to comprehensive project management and co-management to ensure your SQL Server 2017 project is successfully completed on time and within budget.
Windows Server 2008 Active Directory Support and Help
Windows Server 2008 Hyper-VI Consultants
Microsoft Windows Server 2008 is an important advance in making information systems more protected and fault tolerant, simpler to virtualize and administer, faster, and able to provide an improved platform for web hosting and development. Progent can assist your business get the most from the improvements built into Windows Server 2008 by delivering Microsoft-certified consulting, support, training, temporary staffing, monitoring, and security expertise.
Award Winning Ubiquiti UniFi AP Consultant Services
Professional Ubiquiti UniFi Wave 2 WiFi access point
Progent offers quick access to the skills of veteran wireless consultants who can help you to determine the value of Ubiquiti UniFi wireless access points for your business and help you to design, deploy, maintain, and debug your UniFi wireless network. Progent can also conduct a wireless site survey to assist you to select, provision, and place Ubiquiti UniFi wireless APs for your required coverage and performance.
Education Macintosh
Mac Office Entourage Learn
Progent offers one-on-one training designed for individuals who want to expand their understanding of the Apple macOS and OS X operating system, Mac computers, or Mac office productivity applications including Word, Excel, and Outlook for Mac. Progent also offers specialized group or one-on-one webinar training for macOS and Mac OS X applications.
Technology Consulting iPad Connectivity
macOS Connectivity Remote Support Services
Progent's Mac networking engineers can assist you with a broad array of network foundation issues including system architecture, remote and mobile connectivity, internetwork communication, protection, and emerging technologies such as Voice over IP and high-speed wireless networking. For business networks based solely on Apple Mac OS X or for systems that use a mix of Mac, Linux/UNIX and Windows based servers and desktops, Progent has the knowledge and depth to handle the complexity of planning, configuring, and supporting a system infrastructure that is robust, secure, productive and aligned with your corporate goals. Progent can show you how to deploy Apple's Xserve enterprise servers, Xserve RAID zero-downtime storage systems, and Apple's Xsan storage area network solution. Progent can also give you access to skilled experts to support Cisco routers and switches.
Cisco Telepresence Consult
Radvision XT5000 Specialist
Progent offers the support of a veteran specialist with extensive experience installing, managing, and enhancing video conferencing platforms from leading suppliers including Cisco/TANDBERG, Polycom, LifeSize, and Radvision. Progent can work with your in-house network support team, your Internet Service Provider, and your video conferencing platform supplier to assist your organization maximize the strategic value of your video conferencing solution.
CCIE Expert Certified On-site Support Computer Consulting
Remote Computer Support Specialist
For mid-size companies who need IT support, Progent can deliver an array of options such as on-site service, on-line assistance, phone-based Help Desk, round-the-clock support with automatic network monitoring, temporary staff augmentation, site relocation services, application programming, and professional consultation. For midsize companies in California or other regions covered by Progent's field engineers, Progent offers professional on-premises help for fixing technical issues quickly and affordably.
ransomware cleanup and recovery Consulting
Consultant Services Netwalker ransomware recovery
Progent's proven ransomware recovery experts can help your business to reconstruct an IT network damaged by a ransomware crypto-worm such as Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit or Nephilim.
Emergency Cisco Architecture System Support
Cisco VoIP Network Help
Progent's Cisco-certified CCIE network infrastructure consultants can help your business to configure, manage, upgrade and debug Cisco products. Progent offers Cisco, Meraki and Nexus switch support, ASA firewall consulting, Meraki and Aironet Wi-Fi access point consulting, Cisco VoIP phone expertise, and CUCM/CallManager software expertise.
Consulting Microsoft Dynamics AX
Solomon Application Consultants
In addition to offering the expertise of Microsoft Dynamics GP specialists, Progent has consultants experienced in Microsoft Dynamics AX ERP Software, Microsoft Dynamics NAV Business Management Software, Dynamics SL (Solomon), Dynamics RMS, Macola ERP by Exact, MAS 90 ERP, and QuickBooks Pro. Progent can provide software development, troubleshooting, management help, migration support, and one-on-one or group webinar training tailored to address your particular needs. Progent's experts also can help you integrate and maintain a protected, reliable server and communications infrastructure to support your ERP, MRP and accounting solutions.
Microsoft Azure hybrid cloud integration Consultant Services
Microsoft Azure hybrid cloud solutions Consultant Services
Progent can help you to design and administer hybrid ecosystems that support Windows and Linux operating systems and applications in either cloud-based solutions or in hybrid topologies that combine physical IT assets as well as public clouds. To help you to incorporate cloud services with physical datacenters, Progent can provide a range of public cloud integration support services that include Microsoft Azure enterprise hybrid cloud design and deployment consulting, Amazon AWS cloud integration support, and Amazon Web Marketing Service (WMS) programming and troubleshooting. Progent has 20 years of experience providing high-level consulting services remotely, and Progent can make sure you successfully carry out your cloud integration projects on schedule and within your budget.
Consultancy ransomware cryptoworm recovery
Ryuk ransomware protection Consulting
Progent's proven ransomware recovery experts can help you to restore a network damaged by a ransomware crypto-worm like Ryuk, Maze, Sodinokibi, DopplePaymer, Conti or Nephilim.
Knowledge Transfer Online Support
Emergency Cisco and Microsoft Certified Knowledge Transfer IT Consultant
Progent is committed to knowledge transfer from Progent's support experts to clients. By teaching clients to handle technical issues that are within their comfort zone, Progent is able to concentrate on delivering high-value services where Progent faces little competition. Small businesses who utilize familiar freelance service providers or who employ internal support personnel benefit when Progent transfers information about new technology and tested processes to make their networks more reliable, protected, and efficient.
Consultants Mac Remote
macOS Remote Technology Professional
Progent provides nationwide online help and troubleshooting services for businesses who run Apple Mac OS X environments or whose information systems include a combination of Apple macOS and Mac OS X with Microsoft Windows technology. Progent's consultants can provide Apple macOS and OS X clients a range of services including desktop assistance, migration to the latest edition of Mac OS X from other earlier versions of Mac, plus help with Apple macOS and Mac OS X application software. Progent can also assist you with iPhone and iPad integration and management, or migrating to iCloud services. Remote IT help provides optimum leverage for your information technology budget by preserving client productivity and shortening the hours charged for computer analysis and repair. Advanced online support technology and skilled service specialists and engineers allow Progent to handle most network issues without wasting time and expense by going to your site. In the vast majority of situations your IT problems can be dealt with over the phone or via a combination of telephone support and online network analysis. Progent can put you in touch with Cisco CCIE infrastructure engineers and CISSP certified security professionals to help you with the toughest system issues.
Select Topic: