Ransomware : Your Feared Information Technology Catastrophe
Crypto-Ransomware  Recovery ProfessionalsCrypto-Ransomware has become a too-frequent cyberplague that poses an extinction-level danger for businesses poorly prepared for an assault. Multiple generations of crypto-ransomware like the Reveton, WannaCry, Bad Rabbit, SamSam and MongoLock cryptoworms have been replicating for a long time and still inflict damage. More recent strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Conti and Nephilim, along with frequent unnamed malware, not only do encryption of on-line data files but also infect most available system protection. Files replicated to cloud environments can also be corrupted. In a poorly architected data protection solution, it can render automatic restoration useless and basically knocks the entire system back to square one.

Retrieving applications and information following a crypto-ransomware event becomes a race against the clock as the targeted business tries its best to stop the spread and clear the ransomware and to resume business-critical operations. Since crypto-ransomware requires time to replicate, penetrations are usually sprung during nights and weekends, when penetrations may take longer to detect. This multiplies the difficulty of promptly marshalling and coordinating an experienced response team.

Progent has a range of solutions for securing Dallas enterprises from ransomware attacks. These include team education to help recognize and avoid phishing exploits, ProSight Active Security Monitoring for endpoint detection and response (EDR) utilizing SentinelOne's behavior-based threat protection to discover and suppress day-zero modern malware attacks. Progent in addition offers the assistance of seasoned ransomware recovery professionals with the track record and commitment to restore a compromised network as urgently as possible.

Progent's Ransomware Restoration Services
Soon after a crypto-ransomware penetration, sending the ransom demands in cryptocurrency does not guarantee that cyber criminals will return the codes to decrypt any of your files. Kaspersky determined that 17% of ransomware victims never restored their data after having sent off the ransom, resulting in more losses. The risk is also expensive. Ryuk ransoms often range from fifteen to forty BTC ($120,000 and $400,000). This is significantly higher than the average ransomware demands, which ZDNET determined to be approximately $13,000 for smaller organizations. The alternative is to re-install the key parts of your Information Technology environment. Absent access to full system backups, this requires a wide range of skill sets, top notch project management, and the capability to work continuously until the recovery project is done.

For twenty years, Progent has offered professional IT services for companies throughout the US and has achieved Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes engineers who have been awarded advanced industry certifications in important technologies such as Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's security experts have earned internationally-renowned industry certifications including CISM, CISSP, CRISC, and SANS GIAC. (Refer to Progent's certifications). Progent also has expertise with financial systems and ERP applications. This breadth of expertise gives Progent the capability to efficiently identify critical systems and consolidate the surviving components of your IT environment after a ransomware penetration and rebuild them into a functioning network.

Progent's ransomware team of experts utilizes powerful project management tools to coordinate the complex recovery process. Progent knows the importance of acting rapidly and in unison with a customer's management and Information Technology staff to assign priority to tasks and to get the most important services back on line as soon as humanly possible.

Client Story: A Successful Ransomware Incident Restoration
A client sought out Progent after their company was taken over by the Ryuk ransomware virus. Ryuk is generally considered to have been launched by North Korean government sponsored cybercriminals, possibly using strategies exposed from the U.S. NSA organization. Ryuk goes after specific businesses with limited tolerance for disruption and is one of the most profitable examples of ransomware. High publicized targets include Data Resolution, a California-based data warehousing and cloud computing business, and the Chicago Tribune. Progent's customer is a single-location manufacturer located in Chicago with about 500 workers. The Ryuk event had shut down all company operations and manufacturing processes. The majority of the client's system backups had been online at the beginning of the attack and were damaged. The client was taking steps for paying the ransom demand (in excess of $200K) and hoping for good luck, but in the end utilized Progent.


"I cannot tell you enough about the support Progent gave us throughout the most stressful time of (our) businesses survival. We would have paid the criminal gangs except for the confidence the Progent team afforded us. That you were able to get our e-mail and production servers back on-line in less than 1 week was something I thought impossible. Every single expert I spoke to or texted at Progent was hell bent on getting us working again and was working 24/7 to bail us out."

Progent worked hand in hand the client to rapidly determine and assign priority to the mission critical elements that had to be restored in order to resume business functions:

  • Active Directory
  • Electronic Messaging
  • MRP System
To start, Progent adhered to Anti-virus incident mitigation best practices by halting lateral movement and cleaning systems of viruses. Progent then initiated the task of restoring Microsoft AD, the core of enterprise environments built on Microsoft technology. Microsoft Exchange email will not function without Windows AD, and the businesses' accounting and MRP system used SQL Server, which requires Active Directory for security authorization to the databases.

In less than two days, Progent was able to rebuild Active Directory to its pre-virus state. Progent then performed reinstallations and storage recovery on the most important applications. All Microsoft Exchange Server ties and configuration information were usable, which facilitated the restore of Exchange. Progent was also able to collect local OST data files (Outlook Offline Folder Files) on various PCs to recover email data. A recent off-line backup of the customer's accounting/MRP systems made them able to return these vital programs back servicing users. Although a large amount of work was left to recover totally from the Ryuk virus, critical services were recovered quickly:


"For the most part, the manufacturing operation survived unscathed and we delivered all customer sales."

Over the next month key milestones in the recovery project were made through tight cooperation between Progent consultants and the client:

  • In-house web applications were returned to operation with no loss of information.
  • The MailStore Server containing more than 4 million archived emails was spun up and available for users.
  • CRM/Orders/Invoices/Accounts Payable/Accounts Receivables (AR)/Inventory Control modules were fully recovered.
  • A new Palo Alto Networks 850 security appliance was installed.
  • 90% of the user desktops were back into operation.

"A huge amount of what occurred during the initial response is mostly a fog for me, but our team will not forget the urgency each of you put in to help get our business back. I have trusted Progent for the past ten years, maybe more, and each time Progent has outperformed my expectations and delivered. This situation was a testament to your capabilities."

Conclusion
A probable enterprise-killing disaster was dodged by hard-working professionals, a wide spectrum of subject matter expertise, and close collaboration. Although in analyzing the event afterwards the ransomware virus penetration detailed here could have been shut down with modern security solutions and NIST Cybersecurity Framework best practices, staff training, and appropriate security procedures for data backup and applying software patches, the reality remains that state-sponsored criminal cyber gangs from China, North Korea and elsewhere are relentless and represent an ongoing threat. If you do get hit by a ransomware incursion, feel confident that Progent's roster of professionals has a proven track record in crypto-ransomware virus defense, removal, and file disaster recovery.


"So, to Darrin, Matt, Aaron, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were contributing), I'm grateful for letting me get some sleep after we got over the most critical parts. All of you did an amazing effort, and if anyone is visiting the Chicago area, a great meal is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To review or download a PDF version of this customer story, click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Restoration Consulting Services in Dallas
For ransomware cleanup consulting in the Dallas area, call Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24-7 Work from Home Employees Consulting near me in Dallas - Help Desk Call Center Outsourcing Consulting Dallas County Dallas - Irving Texas 24-Hour Dallas Teleworkers Call Desk Solutions Consulting Services
  • 24/7 Dallas Dharma Crypto-Ransomware System-Restoration Downtown Dallas, USA Dallas Ransomware Remediation Experts Dallas, TX
  • 24/7 Dallas Offsite Workforce IP Voice Technology Consulting and Support Services Dallas Dallas Remote Workers IP Voice Systems Consulting Services Dallas County
  • Aironet Ruggedized APs Outsourcing Aironet 3700 Access Point IT Consultant
  • Biggest Telecommuters Dallas Consulting Experts - Security Solutions Assistance Dallas Fort Worth At Home Workers Dallas Consultants - Cybersecurity Systems Assistance Dallas Texas
  • BlackBerry Exchange Consulting Companies Dallas - Irving Texas BlackBerry Smartphone Network Assessment
  • Computer Consulting Automated Desktop Inventory Network Consultant ProSight Server and Desktop Management
  • Consultancy Services Consultant Cost Value Pricing Online Troubleshooting
  • Consultant Services ransomware removal and data restore Consultant Services DopplePaymer ransomware hot line
  • Dallas Consulting Expertise for IT Support Companies Dallas Consulting Support for IT Support Companies
  • Dallas County Small Business Specialist Internet Networking Consultants Dallas, Texas
  • Dallas Crypto-Ransomware Attack Business Recovery Dallas - Irving Texas Dallas Egregor Ransomware Operational Recovery Dallas - Irving Texas
  • Dallas DopplePaymer Ransomware Forensics Analysis Dallas County Dallas Ryuk Crypto-Ransomware Documentation Dallas, TX

  • Microsoft Expert Windows Server 2019 Kubernetes Containers Support and Setup
    Microsoft Windows Server 2019 Technical Support Services

    Progent's Microsoft-certified Windows Server 2019 consultants can assist your company to design and carry out a cost-effective migration to Windows Server 2019 using your current deployment architecture or a new cloud-based or hybrid deployment model. Windows Server 2019 delivers major improvements in scale, performance, ease of management, Hyper-V virtualization, cybersecurity, hybrid local/cloud deployments, resilience, and Linux support.

  • Dallas Locky Ransomware Settlement Consultants Dallas County, U.S.A. Dallas Dharma Crypto-Ransomware Settlement Services Dallas Texas
  • Dallas Migration Dallas, Texas Consultancy Services Company
  • Dallas Phobos Crypto-Ransomware Operational-Recovery Dallas DFW Dallas Hermes Ransomware Recovery Downtown Dallas
  • Dallas Ransomware Virus Testing Dallas County Dallas Crypto-Ransomware Snatch Susceptibility Evaluation Dallas - Irving Texas
  • Dallas Remote Workers Management Systems Consulting Dallas Texas 24-7 Dallas At Home Workforce Endpoint Management Solutions Consulting Dallas Texas
  • Dallas Texas Cisco Small Business Computer Consulting Companies Dallas, TX Cisco Migrations
  • Dallas Texas, United States Telecommuter Job Cisco CCIE Security Network Consulting Microsoft Remote Consulting Part-Time Job Dallas DFW, United States
  • Downtown Dallas At Home Workers Assistance - Dallas - Set up Guidance 24-7 Dallas Teleworkers Set up Expertise Dallas
  • Downtown Dallas, United States At Home Workforce Dallas Assistance - Backup/Recovery Systems Consulting At Home Workforce Dallas Consulting Experts - Data Protection Technology Consulting Experts Dallas Fort Worth
  • Exchange 2010 Server Networking Firm Downtown Dallas Help Microsoft Exchange 2016 Dallas - Irving Texas
  • Firewall Security Team Downtown Dallas Dallas, TX Security Consulting Firewall
  • Linux Online Engineer Sun Solaris Remote Specialists
  • Locky Ransomware Hot Line Dallas DFW Ransomware Removal and Data Restore
  • MS Dynamics GP-Great Plains Supplier near me in Dallas - Reporting Consultant Dallas, US Microsoft Dynamics GP (Great Plains) Partner near Dallas - Setup Experts Downtown Dallas, U.S.A.
  • Microsoft Office Small Business Computer Consultant Technical Support Firms Microsoft Office XP
  • Microsoft SQL Server Support and Integration MS SQL Server Development Companies
  • Microsoft SharePoint Server 2010 Online Help Dallas Fort Worth, United States SharePoint Server 2007 Online Help Dallas, TX

  • Oracle database administration Engineer
    MySQL migration Consultant

    Progent can provide cost-effective online access to an Oracle-certified MySQL RDBMS administrator or software developer and can assist organizations of any size to integrate and support MySQL in a dependable network infrastructure that provides high levels of speed, scalability, and protection. Progent also has experience helping companies migrate applications from an Oracle environment to MySQL.

  • Microsoft Windows Server 2019 Security Consulting Dallas, United States Windows Server 2016 Information Technology Outsource
  • Network Security Auditing Juniper Junos Management Security Contractors Juniper Junos BGT
  • Network Security Test SonicWall NSA 5650 Firewall Top Technology Consulting SonicWall PRO

  • Engineers CISSP Certified Cybersecurity Architect
    CISSP Certified Information Security Officer Consultants

    Progent's CISSP-certified cybersecurity consultants can assist organizations of any size with any aspect of information system security. Progent can help implement cost-effective security solutions that protect a small business against advanced threats or Progent can design, deploy, and monitor an end-to-end security strategy for hybrid networks that accommodate local, remote, and mobile users accessing network resources distributed across multiple physical sites and various clouds.

  • Dallas Lockbit Crypto-Ransomware File-Recovery Downtown Dallas
  • Offsite Employees Network Infrastructure Configuration Remote Workforce Infrastructure Support
  • Offsite Workforce Consulting Experts nearby Dallas - Video Conferencing Solutions Consultants Dallas Dallas County Dallas Offsite Workforce Video Conferencing Technology Consulting Services

  • PCLinuxOS Linux Specialists
    Consultant Slackware Linux

    Progent's Linux support experts provide small and mid-size businesses and developers help with managing and maintaining Linux computers that coexist with Microsoft-based technology. Progent can give your organization access to Linux consultants, support professionals premier by Microsoft and Cisco, and security experts with CISM and CISA credentials. This wide array of experience provides you with an easy single consulting firm to show you how to build and manage a protected and robust cross-platform network and communications infrastructure that supports Linux and Microsoft interoperability by combining MS Windows with leading Linux platforms such as RedHat, SUSE Linux, CentOS Linux, Ubuntu, PCLinuxOS, fedora, Gentoo Linux, Mandrake, Debian-GNU, and Slackware.

  • OpenBSD IT Consulting Company Emergency Linux Professional

  • After Hours Telecommuting Jobs Questions about Telecommuting Network Consultants
    FAQ about Moonlight Network Consultant Positions

    For answers to common questions concerning being a consultant at Progent, go to Working with Progent Q&A.

  • Polycom OTX Telepresence Consultancy Biggest Polycom OTX Telepresence Consultants
  • Ransomware Cleanup Consultants Dallas DFW Dallas CryptoLocker Removal Consultants
  • Remote Support Services Redhat Linux, Solaris, UNIX Dallas County, America Technology Consulting Services Gentoo Linux, Solaris, UNIX Downtown Dallas

  • CISA Certified Security Audit Professional
    CISA Certified Security Audit Specialist

    The CISA accreditation is a prestigious qualification that signifies expertise in network security audit and control. Accredited by the American National Standards Institute, the CISA credential has consultants pass an extensive test administered by the ISACA international professional association. Progent offers the services of a CISA-Certified Cybersecurity audit professional able to assist businesses in the fields of information systems audit process, IT administration, systems and architecture ROI, IT support, safeguarding of information assets, and business continuity preparedness.

  • Services UNIX Remote UNIX Services
  • Services WannaCry ransomware recovery Consulting Locky ransomware recovery
  • Small Business Network Consulting Company SQL Server 2019 Dallas Information Technology Outsource SQL Server 2012 Dallas County, United States

  • Remote WatchGuard Firebox T-Series Firewall Security Audit Services
    WatchGuard Firebox T70 Firewall Firewall Support

    Progent provides consulting expertise for WatchGuard Firewall security gateways including the WatchGuard Firebox and XTM series of Firewalls and the Firebox SSL Core VPN Gateway. Progent's WatchGuard consultants can show you how to choose, configure, and manage a WatchGuard Firewall/VPN product that aligns with your security needs and budget. Progent can assist you to manage legacy WatchGuard firewalls or upgrade smoothly to current WatchGuard firewall solutions.

  • Supplemetary IT Staffing for Network Service Organizations Downtown Dallas, United States 24 Hour Short Term IT Staffing for Network Support Teams Dallas County
  • Technical Support Services MRTG Immediate Specialists MRTG for Linux
  • Telecommuters Dallas Assistance - Infrastructure Consulting Dallas Fort Worth 24/7/365 Dallas Remote Workers Integration Consulting Experts Dallas DFW
  • Windows Server 2022 Azure Arc IT Consultants Windows 2022 Hyper-V Computer Engineer
  • Work at Home Employees Dallas Consultants - Collaboration Solutions Guidance Dallas DFW Offsite Workforce Dallas Consulting - Collaboration Solutions Consulting Experts Downtown Dallas

  • Exchange admin center Remote Troubleshooting
    Help and Support Microsoft 365 and iOS

    Microsoft allows you to create transparent hybrid ecosystems that combine Microsoft 365 Exchange Online and local Exchange systems. This allows you to have certain mailboxes located at your physical datacenter and other mailboxes resident on Microsoft 365. Progent's certified Exchange consulting team can help you with any phase of planning, integrating and debugging your hybrid Exchange Online deployment. Progent's Exchange specialists can provide as-needed expertise to help you resolve challenging technical bottlenecks and also can provide extensive project management outsourcing to ensure your hybrid Microsoft 365 Exchange initiative is successfully completed on schedule and on budget.

  • Dallas Locky Ransomware Operational-Recovery Downtown Dallas
  • Work from Home Employees Consultants in Dallas - Cloud Integration Technology Consulting Dallas Fort Worth After Hours Remote Workforce Dallas Expertise - Cloud Integration Systems Consulting Experts Dallas, TX

  • © 2002-2024 Progent Corporation. All rights reserved.