Ransomware : Your Crippling Information Technology Disaster
Crypto-Ransomware  Recovery ExpertsRansomware has become an escalating cyberplague that poses an existential danger for organizations unprepared for an assault. Different iterations of ransomware like the CrySIS, CryptoWall, Locky, SamSam and MongoLock cryptoworms have been circulating for years and still inflict destruction. Newer versions of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Snatch and Egregor, along with more unnamed viruses, not only encrypt online information but also infiltrate most configured system protection. Information synchronized to cloud environments can also be rendered useless. In a poorly architected system, this can make automatic restoration impossible and effectively sets the entire system back to square one.

Getting back programs and information after a crypto-ransomware attack becomes a sprint against the clock as the targeted organization fights to stop lateral movement and cleanup the ransomware and to restore mission-critical operations. Due to the fact that ransomware takes time to replicate, assaults are often launched at night, when successful penetrations typically take longer to recognize. This compounds the difficulty of quickly mobilizing and coordinating an experienced mitigation team.

Progent offers a variety of help services for protecting Dallas businesses from ransomware penetrations. Among these are team member training to become familiar with and not fall victim to phishing exploits, ProSight Active Security Monitoring for remote monitoring and management, in addition to deployment of the latest generation security gateways with AI capabilities to quickly detect and suppress day-zero cyber threats. Progent in addition provides the services of experienced ransomware recovery professionals with the track record and perseverance to restore a breached network as soon as possible.

Progent's Crypto-Ransomware Recovery Services
Subsequent to a ransomware penetration, paying the ransom demands in Bitcoin cryptocurrency does not guarantee that distant criminals will respond with the keys to decipher any of your data. Kaspersky determined that 17% of ransomware victims never restored their files even after having sent off the ransom, resulting in increased losses. The risk is also very costly. Ryuk ransoms often range from fifteen to forty BTC ($120,000 and $400,000). This is well higher than the usual ransomware demands, which ZDNET estimated to be in the range of $13,000 for small businesses. The other path is to setup from scratch the essential parts of your IT environment. Absent access to complete data backups, this calls for a broad range of skill sets, professional project management, and the ability to work continuously until the task is completed.

For decades, Progent has provided professional IT services for businesses across the U.S. and has earned Microsoft's Partnership certification status in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes consultants who have attained top industry certifications in foundation technologies such as Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cybersecurity specialists have garnered internationally-renowned industry certifications including CISA, CISSP-ISSAP, ISACA CRISC, and GIAC. (See Progent's certifications). Progent in addition has expertise with financial systems and ERP applications. This breadth of experience provides Progent the skills to knowledgably determine critical systems and consolidate the surviving parts of your IT environment after a crypto-ransomware attack and assemble them into an operational network.

Progent's recovery group uses state-of-the-art project management applications to orchestrate the sophisticated restoration process. Progent understands the importance of working swiftly and in unison with a client's management and Information Technology staff to assign priority to tasks and to get the most important services back on-line as soon as humanly possible.

Client Story: A Successful Crypto-Ransomware Incident Response
A customer escalated to Progent after their organization was brought down by Ryuk crypto-ransomware. Ryuk is thought to have been launched by Northern Korean state sponsored hackers, possibly using algorithms leaked from the U.S. NSA organization. Ryuk attacks specific organizations with little or no tolerance for operational disruption and is among the most profitable iterations of ransomware viruses. Major organizations include Data Resolution, a California-based data warehousing and cloud computing company, and the Chicago Tribune. Progent's client is a regional manufacturer located in Chicago with about 500 staff members. The Ryuk intrusion had shut down all essential operations and manufacturing capabilities. The majority of the client's information backups had been online at the beginning of the attack and were destroyed. The client was actively seeking loans for paying the ransom demand (in excess of two hundred thousand dollars) and praying for the best, but ultimately called Progent.


"I cannot tell you enough about the care Progent gave us throughout the most fearful time of (our) businesses life. We would have paid the Hackers if not for the confidence the Progent group gave us. That you could get our messaging and important applications back online faster than five days was something I thought impossible. Every single consultant I got help from or messaged at Progent was totally committed on getting us restored and was working all day and night on our behalf."

Progent worked hand in hand the customer to rapidly get our arms around and prioritize the critical areas that needed to be restored in order to continue business operations:

  • Active Directory
  • Electronic Messaging
  • MRP System
To get going, Progent adhered to AV/Malware Processes incident mitigation industry best practices by halting lateral movement and cleaning up infected systems. Progent then initiated the process of restoring Microsoft Active Directory, the heart of enterprise networks built upon Microsoft technology. Microsoft Exchange messaging will not function without Windows AD, and the customerís financials and MRP software used SQL Server, which needs Windows AD for authentication to the information.

In less than 48 hours, Progent was able to re-build Active Directory services to its pre-intrusion state. Progent then completed setup and storage recovery of the most important applications. All Exchange Server schema and configuration information were intact, which greatly helped the restore of Exchange. Progent was able to locate non-encrypted OST data files (Outlook Off-Line Data Files) on user PCs and laptops in order to recover email messages. A recent offline backup of the businesses financials/ERP systems made it possible to restore these vital applications back online for users. Although a large amount of work remained to recover totally from the Ryuk damage, core systems were restored quickly:


"For the most part, the production line operation showed little impact and we produced all customer sales."

Throughout the next month key milestones in the restoration process were accomplished in tight collaboration between Progent team members and the customer:

  • In-house web sites were returned to operation with no loss of information.
  • The MailStore Server with over four million archived emails was brought on-line and available for users.
  • CRM/Product Ordering/Invoicing/Accounts Payable/Accounts Receivables/Inventory modules were completely operational.
  • A new Palo Alto 850 security appliance was set up and programmed.
  • 90% of the user desktops were fully operational.

"Much of what was accomplished during the initial response is mostly a blur for me, but our team will not forget the urgency each and every one of your team put in to help get our company back. I have trusted Progent for the past ten years, possibly more, and each time Progent has come through and delivered. This situation was a life saver."

Conclusion
A possible company-ending catastrophe was dodged by dedicated experts, a broad array of knowledge, and close teamwork. Although in hindsight the ransomware incident described here could have been prevented with modern security technology solutions and best practices, user and IT administrator education, and well designed incident response procedures for backup and keeping systems up to date with security patches, the reality is that government-sponsored criminal cyber gangs from China, Russia, North Korea and elsewhere are tireless and are not going away. If you do fall victim to a ransomware penetration, remember that Progent's roster of professionals has proven experience in ransomware virus defense, removal, and information systems recovery.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Chris (along with others that were involved), thank you for making it so I could get rested after we got past the initial fire. Everyone did an fabulous effort, and if anyone that helped is around the Chicago area, a great meal is my treat!"

Download the Ransomware Removal Case Study Datasheet
To read or download a PDF version of this customer story, please click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware System Recovery Expertise in Dallas
For ransomware system restoration expertise in the Dallas area, phone Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24-7 Exchange 2007 Consultants Exchange 2007 Server Consult
  • At Home Workers Dallas Consulting Services - Collaboration Solutions Assistance Downtown Dallas, U.S.A. Dallas Offsite Workforce Collaboration Solutions Guidance Dallas, TX
  • At Home Workers Dallas Consulting and Support Services - Cloud Systems Consulting and Support Services Dallas County Immediate At Home Workers Dallas Consulting Experts - Cloud Solutions Consulting Dallas

  • Top Dynamics GP Great Plains Software Professional
    Computer Consultant Dynamics GP Great Plains Software

    Dynamics GP/Great Plains can help you expand and manage your company more efficiently by delivering easy availability of strategic data and a fast return on investment. Dynamics GP/Great Plains confers major business benefits including its ability to expand the presence of your company, manage your financials, computerize financial operations, unify processes throughout your company, improve inventory control, enhance order accuracy, grow sales and minimize lead-time, and increase free cash flow. Progent can help you configure and manage a reliable, secure server and communications foundation to support Great Plains, and can offer experienced Microsoft Dynamics GP support professionals to make sure you derive all the advantages of your Microsoft Dynamics GP software.

  • At Home Workers Dallas Consulting and Support Services - Security Solutions Guidance Dallas DFW, U.S.A. Top Work from Home Employees Dallas Assistance - Cybersecurity Systems Consulting and Support Services Dallas Fort Worth
  • Cisco CCIE CCNA CCDP CCNP CCIP CCSP CCVP Network Engineer Freelancing Job Dallas County Microsoft MCTS Engineer Telecommuting Job Dallas Texas

  • Home Based Network Consulting Part Time Job
    Virtual Office Certified Subcontractor

    Progent believes that a well architected and implemented network can be a pivotal factor for enabling a company's success, and we follow this belief in our corporate system infrastructure. Progent has built a fault-tolerant virtual office network that enables our in-house engineers and authorized contractors to deliver fast and efficient support, cooperate easily on complex projects, and gain from career and private maturity by acting as part of an exciting business culture of self motivation and freedom.

  • Cisco Technical Consulting Dallas, TX Dallas County Cisco Installation

  • Dynamics GP Software Support Services
    Great Plains Migration Network Engineer

    Microsoft Dynamics GP 2010 financial software is a comprehensive business management platform that unifies information and processes throughout your business, communicates easily with other applications, and connects employees, clients and vendors unrestricted by time or place. Created for small to mid-size companies, Microsoft Dynamics GP 2010 and Microsoft Dynamics GP Release 10.0 provide capability for accounting, analytics and reporting, project management, inventory and order control, eCommerce, human resource management, CRM, field service, manufacturing, retail management, and web-based business services. Progent can help you set up and manage a reliable, secure server and network environment to support Microsoft Dynamics Great Plains, and can give you access to expert Great Plains consultants to help your company benefit from the full potential of Dynamics GP 2010.

  • Consultants for Network Support Firms nearby Dallas - Temporary Staff Augmentation Dallas County Consulting Expertise for Computer Support Providers in Dallas - Seamless Temporary Staff Help Dallas County
  • Dallas - Irving Texas BlackBerry Professional Software Computer Systems Consulting Computer Consultancy Services BlackBerry Software Dallas - Irving Texas
  • Dallas - Irving Texas Remote Microsoft SharePoint Consulting Services Downtown Dallas Microsoft SharePoint 2010 Support Services
  • Dallas At Home Workforce Setup Consulting Services Downtown Dallas Work at Home Employees Consultants near me in Dallas - Infrastructure Consultants Downtown Dallas
  • Dallas County Dallas Crypto-Ransomware Computer-Malware Preparedness Dallas Ransomware Egregor Susceptibility Assessment Dallas Fort Worth, United States
  • Dallas County Dallas Remote Workforce Solutions Consulting Top Rated Remote Workers Consulting Services - Dallas - Support Guidance Dallas County
  • Dallas Crypto-Ransomware Attack Operational Recovery Dallas, TX Dallas - Irving Texas Dallas WannaCry Crypto-Ransomware Removal
  • Dallas Fort Worth, U.S.A. SQL Server 2012 Computer Support For Small Offices 24 Hour Computer Systems Consulting Microsoft SQL 2008 Dallas Fort Worth

  • Open Now Microsoft Denali Remote Support
    Microsoft Certified Expert SQL Server 2012 AlwaysOn Failover Cluster Integration Support

    Progent can provide the support of Microsoft-certified engineers as well as seasoned database application developers, DBAs, project managers, Cisco-certified network architects, disaster recovery/business continuity planning specialists, and certified security professionals to assist your business to evaluate the likely benefits of Microsoft SQL Server 2012 for your organization, set up test systems at your datacenter or at Progent's lab, plan and carry out an efficient migration to SQL Server 2012 from earlier releases of SQL Server or from other database platforms, and configure a cost-effective and safe IT infrastructure that helps you realize the full business benefit of SQL Server 2012.

  • Dallas Microsoft Dynamics GP-Great Plains Upgrade Consultants Dallas MS Dynamics GP-Software Gold Partner - Dallas - Reporting Support Dallas DFW
  • Dallas Migration Companies Configure Dallas, Texas
  • Dallas MongoLock Crypto-Ransomware Negotiation Support Dallas Dallas Ransomware Settlement Negotiation Expertise Dallas - Irving Texas
  • Dallas Netwalker Ransomware Mitigation Dallas Fort Worth Dallas Spora Crypto-Ransomware Data-Recovery Dallas County
  • Dallas Remote Workforce Backup Technology Consulting Dallas DFW, USA Telecommuters Consulting Services near me in Dallas - Data Protection Systems Consultants
  • Dallas Spora Ransomware Forensics Investigation Dallas DFW Dallas Dallas Netwalker Crypto-Ransomware Forensics

  • Exchange 2013 Compliance Support and Setup
    Exchange 2013 Unified communications Setup and Support

    Microsoft Exchange Server 2013 incorporates significant enhancements to the functionality of its predecessor Microsoft Exchange 2010 and delivers important innovations as well as a redesigned structure. These enhancements affect vital areas like ease of administration, high availability (HA), security and compliance, operational costs, collaboration, expandability, throughput, cross-version interoperability, and productivity. Progent's certified Exchange Server 2013 consulting professionals can help you understand the potential advantages of upgrading to Exchange 2013, design an efficient test and deployment strategy, and train your IT team to manage your Microsoft Exchange 2013 environment. Progent also offers ongoing remote consulting and support and management for Exchange 2013.

  • Dallas WannaCry Crypto-Ransomware Restoration Downtown Dallas Dallas WannaCry Ransomware System-Rebuild Dallas County

  • Largest iPhone VPN Network Consulting
    Outsourcing iPhone and Skype for Business integration

    Progent offers cost-effective online assistance to help you to design, configure, and troubleshoot any facet of your iPhone and iPad and Windows integration efforts and is available for short-term jobs to help you get past occasional technical bottlenecks or long-term engagements to help you finish large-scale initiatives on schedule and within budget. Progent has experience in local, cloud-based, or hybrid networks and can help you create or support a highly available, protected and efficient network infrastructure that is best suited to your mode of computing. Progent also offers online and onsite training for individuals or groups to show you how to manage and use your iOS devices in a safe, collaborative ecosystem that maximizes the business value of your IT network.

  • Dallas, TX Remote Consulting Debian Linux, Sun Solaris, UNIX Gentoo Linux, Sun Solaris, UNIX Setup and Support Dallas Texas
  • Dallas, Texas Technology Consulting Company Consulting Dallas County
  • Downtown Dallas, US Temporary IT Staffing Services Consulting Experts Supplemental Staffing Support Services Consulting Dallas, TX
  • Emergency Citrix StorageLink Site Recovery Consultancy Citrix Workflow Studio Engineer
  • Exchange Server 2010 Network Support Company Dallas Online Help Exchange Downtown Dallas
  • Information Technology Consultant Remote Branch Office Relocation Consult
  • Locky Ransomware Hot Line Dallas DFW Hermes Ransomware Hot Line Dallas
  • Dallas Ryuk Crypto-Ransomware Infection Recovery Example Dallas DFW
  • Mac and Windows Active Directory Consultants Professionals Mac and Windows
  • Remote Workforce Consulting Experts in Dallas - Video Conferencing Technology Consulting Experts Teleworkers Expertise nearby Dallas - Voice/Video Conferencing Systems Assistance Downtown Dallas
  • Security Compliance Audit Dallas Texas CISSP Cybersecurity Company Dallas County
  • Server Installation Kentucky Support Specialist Tennessee
  • Small Business Network Architect Small Business Network Providers
  • Top Exchange 2016 Disaster Recovery Network Consultant IT Consultants Exchange 2016 Configuration
  • Top ProSight Email Guard AES Encryption Technology Professional 24x7 ProSight Outbound Email Filtering Professional

  • Custom Web Outsourced Programming
    Web Programming Company

    If you want to revamp your corporate web site, create internal websites for applications such as human resources or employee education, design a high-impact web presence for a new business, or write enterprise-class, data-driven specialized web applications, Progent can supply skilled and experienced web designers. Progent's experts can also show you how to build and maintain a secure, robust server and communications infrastructure, including remote and wireless access, to run your web tools.

  • Top Ranked Immediate Dallas CryptoLocker Repair Help Dallas DFW Top Ranked Ransomware Removal Experts Dallas DFW
  • Windows 2019 Server Computer Network Consulting Downtown Dallas, United States Windows Outsourcing Company Dallas
  • Work at Home Employees Assistance near me in Dallas - Endpoint Management Tools Consulting Services Dallas County Remote Workforce Dallas Consulting - Management Tools Assistance Downtown Dallas
  • Work from Home Employees Assistance - Dallas - Call Desk Solutions Consulting Services Dallas, United States 24x7x365 Work at Home Employees Consulting Experts near me in Dallas - Call Desk Solutions Consulting Services
  • Work from Home Employees Dallas Consultants - IP Voice Solutions Assistance Dallas, TX, United States Largest Offsite Workforce Consulting Experts near me in Dallas - IP Voice Systems Guidance Dallas

  • © 2002-2022 Progent Corporation. All rights reserved.