Ransomware : Your Crippling Information Technology Disaster
Ransomware  Remediation ConsultantsCrypto-Ransomware has become an escalating cyberplague that poses an extinction-level danger for businesses of all sizes vulnerable to an attack. Different iterations of ransomware such as Dharma, CryptoWall, Locky, SamSam and MongoLock cryptoworms have been replicating for years and continue to cause harm. Newer strains of ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Egregor, along with additional as yet unnamed newcomers, not only encrypt online files but also infiltrate most accessible system backup. Data synchronized to cloud environments can also be encrypted. In a poorly architected system, it can make automated recovery impossible and effectively sets the datacenter back to square one.

Getting back online services and data after a crypto-ransomware attack becomes a sprint against the clock as the victim tries its best to contain the damage and remove the crypto-ransomware and to restore mission-critical operations. Since ransomware requires time to spread, penetrations are usually sprung on weekends and holidays, when successful attacks are likely to take more time to identify. This multiplies the difficulty of quickly assembling and orchestrating an experienced response team.

Progent makes available a variety of services for securing Dallas businesses from crypto-ransomware events. These include user education to become familiar with and not fall victim to phishing scams, ProSight Active Security Monitoring for remote monitoring and management, in addition to installation of modern security solutions with machine learning capabilities to automatically detect and suppress zero-day cyber threats. Progent also offers the assistance of seasoned ransomware recovery consultants with the track record and commitment to reconstruct a breached system as quickly as possible.

Progent's Ransomware Recovery Support Services
After a ransomware event, sending the ransom in Bitcoin cryptocurrency does not provide any assurance that distant criminals will return the keys to decrypt any or all of your data. Kaspersky Labs determined that 17% of crypto-ransomware victims never restored their data even after having paid the ransom, resulting in additional losses. The risk is also costly. Ryuk ransoms frequently range from fifteen to forty BTC ($120,000 and $400,000). This is greatly above the average crypto-ransomware demands, which ZDNET estimated to be in the range of $13,000 for small businesses. The other path is to piece back together the mission-critical components of your IT environment. Absent access to complete data backups, this calls for a broad range of skills, well-coordinated project management, and the ability to work continuously until the task is over.

For twenty years, Progent has offered certified expert IT services for businesses across the United States and has earned Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts (SMEs) includes consultants who have been awarded high-level certifications in key technologies such as Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cybersecurity specialists have earned internationally-recognized industry certifications including CISA, CISSP, CRISC, and SANS GIAC. (See Progent's certifications). Progent also has experience with accounting and ERP application software. This breadth of expertise gives Progent the skills to efficiently determine necessary systems and integrate the surviving parts of your computer network system following a ransomware event and assemble them into an operational network.

Progent's recovery team of experts has best of breed project management tools to orchestrate the complex recovery process. Progent knows the urgency of acting swiftly and in unison with a customerís management and IT staff to prioritize tasks and to put key systems back on-line as fast as humanly possible.

Customer Story: A Successful Ransomware Penetration Restoration
A business contacted Progent after their company was crashed by the Ryuk crypto-ransomware. Ryuk is believed to have been launched by North Korean state criminal gangs, suspected of adopting algorithms leaked from the U.S. National Security Agency. Ryuk attacks specific organizations with little room for operational disruption and is one of the most lucrative incarnations of ransomware. High publicized organizations include Data Resolution, a California-based information warehousing and cloud computing business, and the Chicago Tribune. Progent's customer is a small manufacturing business headquartered in Chicago with around 500 workers. The Ryuk penetration had frozen all business operations and manufacturing processes. The majority of the client's data backups had been on-line at the time of the intrusion and were encrypted. The client was pursuing financing for paying the ransom (in excess of $200K) and wishfully thinking for the best, but in the end brought in Progent.


"I cannot tell you enough about the expertise Progent gave us during the most fearful time of (our) companyís existence. We may have had to pay the cybercriminals if not for the confidence the Progent group provided us. That you were able to get our messaging and critical servers back on-line faster than seven days was incredible. Every single expert I interacted with or messaged at Progent was totally committed on getting us back on-line and was working day and night on our behalf."

Progent worked hand in hand the client to rapidly identify and assign priority to the mission critical services that needed to be recovered in order to continue company operations:

  • Windows Active Directory
  • Electronic Mail
  • Accounting/MRP
To start, Progent adhered to AV/Malware Processes incident mitigation industry best practices by isolating and disinfecting systems. Progent then initiated the steps of bringing back online Active Directory, the core of enterprise networks built on Microsoft technology. Microsoft Exchange Server email will not operate without Active Directory, and the businessesí MRP system used Microsoft SQL Server, which needs Active Directory services for authentication to the database.

In less than 48 hours, Progent was able to re-build Active Directory to its pre-intrusion state. Progent then assisted with setup and storage recovery of essential servers. All Exchange Server data and configuration information were usable, which accelerated the restore of Exchange. Progent was able to find local OST files (Outlook Email Off-Line Folder Files) on user workstations and laptops in order to recover mail data. A recent offline backup of the client's financials/ERP systems made it possible to recover these vital applications back available to users. Although a lot of work remained to recover totally from the Ryuk event, the most important services were returned to operations rapidly:


"For the most part, the production operation survived unscathed and we delivered all customer deliverables."

Throughout the following few weeks critical milestones in the recovery project were accomplished through tight collaboration between Progent consultants and the client:

  • Internal web sites were restored with no loss of data.
  • The MailStore Exchange Server containing more than 4 million archived messages was restored to operations and available for users.
  • CRM/Product Ordering/Invoices/Accounts Payable/AR/Inventory functions were 100 percent functional.
  • A new Palo Alto Networks 850 security appliance was deployed.
  • 90% of the user workstations were operational.

"So much of what went on in the initial days is mostly a blur for me, but we will not forget the countless hours all of the team accomplished to help get our business back. Iíve been working together with Progent for the past 10 years, maybe more, and every time I needed help Progent has come through and delivered. This situation was a testament to your capabilities."

Conclusion
A potential business catastrophe was avoided through the efforts of hard-working experts, a wide spectrum of subject matter expertise, and close teamwork. Although in hindsight the ransomware virus penetration described here could have been identified and stopped with up-to-date cyber security systems and recognized best practices, user and IT administrator training, and well thought out security procedures for data backup and keeping systems up to date with security patches, the reality is that state-sponsored criminal cyber gangs from Russia, China and elsewhere are relentless and are not going away. If you do fall victim to a ransomware incursion, remember that Progent's team of professionals has substantial experience in crypto-ransomware virus defense, cleanup, and file recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Tony and Chris (along with others that were contributing), thanks very much for letting me get rested after we made it over the first week. Everyone did an amazing job, and if anyone is in the Chicago area, a great meal is the least I can do!"

Download the Crypto-Ransomware Removal Case Study Datasheet
To review or download a PDF version of this customer story, please click:
Progent's Crypto-Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

File body_ransomware_recovery_contact_city.asp does not exist



An index of content::

  • 24x7x365 SQL Server 2014 Repair Downtown Dallas Outsourcing IT Microsoft SQL 2014

  • ProSight IT asset management Consulting Services
    network asset documentation management Consult

    Progent's ProSight IT Asset Management is an IT infrastructure documentation management service that makes it easy to capture, maintain, find and protect data related to your network infrastructure, processes, applications, and services. You can instantly find passwords or IP addresses and be alerted about impending expirations of SSL certificates or domains. By cleaning up and organizing your IT infrastructure documentation, you can eliminate up to 50% of the time spent searching for critical information about your IT network. ProSight IT Asset Management features a common location for storing and sharing all documents required for managing your business network such as standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also offers advanced automation for collecting and relating IT information. Whether youíre making enhancements, performing maintenance, or responding to a crisis, ProSight IT Asset Management gets you the knowledge you need the instant you need it.

  • Aironet 2800 Access Point Setup and Support Aironet 802.11ac AP Remote Support Services
  • Biggest Windows 2008 Cluster Server Technology Consulting Services Failover Clusters Windows Server 2008 Troubleshooting
  • CISSP Security Firms Dallas - Irving Texas CISSP Information systems Security Outsourcing Dallas County
  • Computer Consultant Employment Dallas Dallas Texas Microsoft MCITP Remote Support Remote Support Jobs
  • Consultant NetApp MetroCluster Synchronous Replication NetApp Disaster Recovery Consultant
  • Consultants for Dallas IT Support Organizations Dallas Fort Worth Consulting Services for Dallas IT Service Firms Downtown Dallas
  • Consulting Network Infrastructure Monitoring Emergency Troubleshooting Managed IT Services Consulting

  • Office 365 hybrid solutions for Exchange Professional
    Hybrid Configuration Wizard Technology Consulting Services

    Microsoft has made a strong effort to enable transparent hybrid environments that combine Office 365 and local Exchange systems. This permits you to have some mailboxes hosted at your on-premises datacenter and other mailboxes resident on Office 365. Progent's Microsoft-certified Exchange consultants can help your organization with any phase of designing, implementing and troubleshooting your hybrid Office 365 Exchange Online deployment. Progent's Exchange consultants can deliver occasional expertise to help you through challenging technical bottlenecks and also offer comprehensive project management outsourcing or co-sourcing to make sure your hybrid Office 365 solution is carried out on schedule and on budget.

  • Dallas At Home Workforce Data Protection Systems Consulting and Support Services Dallas Teleworkers Dallas Consulting and Support Services - Backup/Restore Technology Consulting Dallas Fort Worth
  • Dallas County, America 24/7/365 Debian Linux, Solaris, UNIX Specialist CentOS Linux, Sun Solaris, UNIX Integration Services Dallas Texas
  • Dallas Hermes Ransomware Settlement Negotiation Services Dallas Dallas Ransomware Negotiation Support Dallas County
  • Dallas Microsoft Dynamics GP-Software Customization Expert Dallas Dynamics GP Solution Provider - Dallas - SQL Server Support Services Dallas County
  • Dallas MongoLock Ransomware Identification and Restoration Downtown Dallas Urgent Dallas CryptoLocker Repair Dallas, TX
  • Dallas Netwalker Ransomware Removal Dallas County, U.S.A. Dallas Egregor Ransomware Remediation Dallas
  • Dallas Ransomware Netwalker Readiness Audit Dallas County Dallas Crypto-Ransomware Sodinokibi Susceptibility Audit Dallas, TX
  • Dallas Remote Workers Video Conferencing Technology Expertise Downtown Dallas Work from Home Employees Dallas Consulting Experts - Voice/Video Conferencing Solutions Consulting Experts Dallas, TX
  • Dallas Snatch Ransomware Forensics Analysis Dallas WannaCry Crypto-Ransomware Forensics Analysis Dallas County, America
  • Dallas Support Company Configure Dallas, TX
  • Dallas Telecommuters Cloud Systems Assistance Dallas County Teleworkers Expertise in Dallas - Cloud Integration Technology Consultants
  • Dallas Teleworkers Endpoint Management Solutions Consulting Dallas Texas Dallas At Home Workers Management Solutions Consulting Experts Dallas DFW
  • Dallas, Texas Small Business Computer Consulting Firms Top Ranked Microsoft, Cisco and Security Certified Experts Dallas Tech Support For Small Business
  • Downtown Dallas Supplemental Staffing Services Consulting Support Dallas Dallas Staffing Help

  • Independent Cisco Consultant Telecommute Jobs
    Remote Contract Linux Consultants Telecommuting Jobs

    Progent's Experts Team offers consulting in key technologies including Apple OS networking and programs; Expertise for Linux-based, UNIX-powered, and Sun Solaris environments; Manufacturing Resource Planning, Enterprise Resource Planning, or Customer Relationship Management expertise; Line-of-business and specialized program support; CIO, business analyst, and project management services; Custom applications development and integration; Web, eCommerce, EDI, and customer information portal design and deployment; DBM management and performance consulting; Business information expertise; and Telecom systems consulting.

  • Exchange 2003 Server Consolidate Dallas DFW Exchange 2010 Server Consulting Dallas Texas
  • Microsoft MCSA Engineer Remote Support Jobs Queensland Top Job Openings Microsoft MCITP Remote Support Adelaide
  • Microsoft Windows Server 2016 Experts Dallas Fort Worth Computer Consultancy Group Windows 2008 Server Dallas, TX, U.S.A.
  • Networking Consultant Cisco Dallas Cisco Tech Outsourcing Dallas, TX
  • Offsite Workforce Dallas Consultants - Collaboration Systems Consulting and Support Services Dallas Dallas At Home Workforce Collaboration Solutions Consulting Experts Dallas Fort Worth
  • RIM BlackBerry Support Firms Dallas DFW, U.S.A. BlackBerry Desktop Manager Administration Dallas Fort Worth, United States
  • Dallas MongoLock Ransomware System-Rebuild Dallas
  • Remote Workers Consultants near Dallas - Help Desk Call Center Augmentation Consulting and Support Services Dallas Fort Worth Dallas Teleworkers Help Desk Outsourcing Consulting Services Dallas Texas, United States
  • Dallas NotPetya Crypto-Ransomware Operational-Recovery Dallas Fort Worth, United States
  • Remote Workers Consulting Experts near me in Dallas - Infrastructure Guidance Dallas, TX, United States Dallas - Irving Texas, US Offsite Workforce Assistance near Dallas - Integration Expertise
  • Ryuk Ransomware Hot Line Dallas, TX Dallas Fort Worth Locky Ransomware Hot Line
  • Ryuk Remote Crypto-Ransomware Removal Experts Dallas Dallas DFW Dallas Spora Crypto-Ransomware Remediation Dallas Fort Worth
  • SharePoint Server 2013 Integration Support Dallas Texas, America Dallas DFW Consultant Microsoft SharePoint Server

  • Microsoft Exchange Server 2010 Upgrade Consulting Services
    Exchange Migration Consultants

    Progent's Microsoft-certified engineers can deliver affordable online and on-premises support to implement your upgrade to Exchange Server 2010, generate comprehensive documentation of your new email environment, educate your IT staff and users to get them up to speed quickly on Microsoft Exchange Server 2010, and provide continuing management services and technical support. Progent's consultants can also assist you to migrate from Exchange Server 2010 to Exchange Server 2013 or Exchange 2016.

  • Dallas DFW Dallas Phobos Crypto-Ransomware Rollback
  • System Center 2016 and Office 365 Integration Computer Consulting System Center 2016 Cloud Integration Specialist
  • Technical Support Services Microsoft MRP Online Technical Support Microsoft ERP
  • Telecommuters Consultants near Dallas - Solutions Assistance Dallas Remote Workers Dallas Assistance - Connectivity Solutions Assistance Dallas, TX

  • Web Application Security Assessment Consultancy
    Internal Cybersecurity Inventory Professional

    Progent offers several network security packages intended to provide larger institutions a professional and thorough security evaluation from a team of certified security consultants. All Progent's security evaluation bundles incorporate a collection of procedures including automated scans from within and from outside your corporate security perimeter, expert analysis of scan results by certified security consultants, creation of a paper documenting the results, plus a live high-level executive summary and an in-depth live review for in-house network managers.

  • Telecommuters Expertise near Dallas - Network Security Solutions Assistance Dallas DFW Dallas DFW Top At Home Workforce Consultants - Dallas - Security Solutions Consultants
  • Teleworkers Guidance - Dallas - IP Voice Solutions Consultants Downtown Dallas Teleworkers Dallas Expertise - IP Voice Systems Expertise Dallas, U.S.A.
  • Top Dallas Maze Crypto-Ransomware Recovery Dallas County Dallas, TX Best Dallas Ransomware Recovery

  • © 2002-2021 Progent Corporation. All rights reserved.