Ransomware Filtering and Cleanup Expertise Des Moines
Ransomware Cleanup: A Case Study
Ransomware : Your Feared IT Nightmare
Crypto-Ransomware has become an escalating cyber pandemic that represents an extinction-level threat for businesses unprepared for an attack. Versions of crypto-ransomware like the CrySIS, CryptoWall, Bad Rabbit, Syskey and MongoLock cryptoworms have been around for years and continue to inflict havoc. Newer versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, LockBit and Nephilim, plus daily unnamed viruses, not only do encryption of online information but also infect most configured system restores and backups. Files synchronized to the cloud can also be corrupted. In a poorly designed system, this can render any recovery impossible and effectively knocks the datacenter back to zero.
Retrieving services and information after a crypto-ransomware intrusion becomes a race against the clock as the victim struggles to contain and remove the crypto-ransomware and to resume business-critical activity. Due to the fact that ransomware requires time to replicate, assaults are usually sprung during weekends and nights, when attacks tend to take longer to uncover. This compounds the difficulty of promptly assembling and organizing a knowledgeable response team.
Progent provides a variety of support services for securing Des Moines organizations from ransomware attacks. Among these are user training to help recognize and avoid phishing scams, ProSight Active Security Monitoring (ASM) for remote monitoring and management, plus setup and configuration of the latest generation security solutions with machine learning technology to rapidly detect and suppress day-zero threats. Progent in addition can provide the services of seasoned ransomware recovery consultants with the skills and perseverance to reconstruct a compromised network as soon as possible.
Progent's Ransomware Recovery Support Services
After a ransomware penetration, sending the ransom in Bitcoin cryptocurrency does not guarantee that merciless criminals will provide the codes to decipher any of your data. Kaspersky determined that seventeen percent of ransomware victims never restored their data even after having paid the ransom, resulting in increased losses. The risk is also very costly. Ryuk ransoms frequently range from 15-40 BTC ($120,000 and $400,000). This is significantly higher than the typical ransomware demands, which ZDNET determined to be around $13,000 for small businesses. The other path is to re-install the key components of your Information Technology environment. Absent access to essential information backups, this requires a broad complement of IT skills, top notch team management, and the willingness to work 24x7 until the recovery project is finished.
For twenty years, Progent has provided professional Information Technology services for companies across the United States and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts includes professionals who have attained high-level industry certifications in key technologies like Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cybersecurity engineers have garnered internationally-renowned industry certifications including CISM, CISSP, CRISC, and GIAC. (Visit Progent's certifications). Progent in addition has expertise in financial systems and ERP application software. This breadth of expertise gives Progent the ability to quickly ascertain important systems and consolidate the surviving components of your network environment following a ransomware event and rebuild them into a functioning system.
Progent's recovery team of experts deploys best of breed project management systems to orchestrate the complex restoration process. Progent appreciates the urgency of acting swiftly and in unison with a client's management and IT team members to assign priority to tasks and to put key services back online as soon as humanly possible.
Business Case Study: A Successful Ransomware Attack Recovery
A client contacted Progent after their company was brought down by the Ryuk ransomware virus. Ryuk is generally considered to have been developed by North Korean state cybercriminals, possibly adopting technology exposed from America’s National Security Agency. Ryuk targets specific companies with little or no ability to sustain operational disruption and is one of the most profitable iterations of ransomware. High publicized organizations include Data Resolution, a California-based info warehousing and cloud computing firm, and the Chicago Tribune. Progent's customer is a regional manufacturer located in Chicago with about 500 staff members. The Ryuk event had frozen all company operations and manufacturing processes. The majority of the client's information backups had been online at the beginning of the attack and were eventually encrypted. The client was pursuing financing for paying the ransom demand (exceeding $200K) and praying for good luck, but ultimately made the decision to use Progent.
Progent worked with the customer to rapidly get our arms around and assign priority to the essential areas that needed to be recovered to make it possible to continue business operations:
- Microsoft Active Directory
- Microsoft Exchange Server
- Financials/MRP
In less than two days, Progent was able to recover Active Directory services to its pre-penetration state. Progent then performed rebuilding and storage recovery of critical servers. All Exchange Server schema and attributes were usable, which accelerated the restore of Exchange. Progent was also able to assemble non-encrypted OST files (Microsoft Outlook Off-Line Data Files) on team desktop computers and laptops to recover mail information. A recent off-line backup of the client's accounting systems made it possible to restore these essential services back online for users. Although a lot of work remained to recover totally from the Ryuk damage, critical systems were restored rapidly:
During the following couple of weeks important milestones in the recovery process were achieved through close cooperation between Progent engineers and the client:
- Self-hosted web sites were returned to operation without losing any information.
- The MailStore Exchange Server exceeding four million archived emails was spun up and available for users.
- CRM/Orders/Invoicing/Accounts Payable/Accounts Receivables (AR)/Inventory capabilities were fully operational.
- A new Palo Alto 850 security appliance was installed.
- Most of the user desktops were operational.
Conclusion
A probable business-ending catastrophe was dodged due to hard-working experts, a broad spectrum of subject matter expertise, and tight collaboration. Although in retrospect the ransomware attack detailed here could have been shut down with current cyber security solutions and ISO/IEC 27001 best practices, user and IT administrator training, and well designed security procedures for information protection and keeping systems up to date with security patches, the reality remains that state-sponsored hackers from China, Russia, North Korea and elsewhere are relentless and will continue. If you do fall victim to a crypto-ransomware incursion, remember that Progent's team of experts has proven experience in ransomware virus blocking, cleanup, and data recovery.
Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this customer story, please click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)
Contact Progent for Ransomware Cleanup Consulting in Des Moines
For ransomware system recovery expertise in the Des Moines metro area, call Progent at
An index of content::
At Home Workforce Computer Consulting
Telecommuter Services Configuration
Progent has two decades of experience assisting small and medium-size organizations to design, install, tune, manage, and debug IT networks that incorporate at-home workers.
CISM Cybersecurity Firms
Consultant CISM Certified Security Management
Progent can provide the expertise of CISM Certified security professionals. The Certified Information Security Manager (CISM) organization defines the core competencies and international standards of skill that information security professionals are required to master. CISM provides executive management the confidence that those who have qualified for their CISM certification possess the background and capability to deliver efficient security administration and support consulting.
Exchange 2003 Upgrade Online Technical Support
Microsoft Specialists Exchange 2003
Progent's Microsoft Certified engineers can provide world-class support for corporate-wide deployments of Microsoft Exchange. Progent's consultants can show you how to prepare for multi-site Exchange installations or upgrades and can provide onsite personnel to help enterprises with installations of Exchange Server 2007 in the or any region served by Progent's consultants.
Colocation Support Outsourcing
Colo Remote Consulting
Progent’s data center IT services are intended for businesses with hardware housed at Internet Data Centers or data center colo hosting facilities and requiring timely on-site service at the co-location facility as well as off-site help from Microsoft and Cisco Premier professionals. Progent provides a full range of IDC and data center and colo support services such as network architecture analysis, Windows and UNIX server integration and support, troubleshooting for server and telecommunications infrastructure, development and deployment of non-stop systems, defining and implementing layered security structures, firewall integration and troubleshooting, designing load balancing environments, and creating fault tolerant server cluster systems.
SharePoint InfoPath Forms Services Network Consulting
SharePoint InfoPath Forms Services Consultant Services
Progent's Microsoft engineers can provide affordable online technical support and development services to assist you to plan, implement, administer, and maintain Microsoft SharePoint 2010 environments that can include web sites that can function as intranets, extranets, document and media management tools, wikis, data warehouses, business information systems, enterprise search, workflows, and other tools to promote and improve information sharing. Progent can help you integrate SharePoint 2010 with Microsoft SQL Server and with other data sources and with Microsoft's familiar desktop programs like Office Excel, Word, PowerPoint, and Project. Progent can assist you to upgrade from earlier versions of SharePoint or move a multi-vendor mix of web applications into a consolidated and easy-to-manage SharePoint 2010 solution.
Live Communications Server 2007 Consult
Microsoft LCS Server IM Computer Consultant
MS Communications Server delivers Instant Messaging and presence in an extensible, enterprise-grade solution featuring enhanced protection, transparent compatibility with additional Microsoft products, an expandable, industry-standard development platform, and support for regulatory mandates such as HIPAA, SOX, and Gramm-Leach-Bliley. The product allows cost savings and elevated operational efficiencies, increased worker output, and stronger IP protection. Microsoft Communications Server 2007 has been replaced by Lync Server, which in turn has been replaced by Skype for Business. Progent's Microsoft-certified IM and Presence experts offer online and on-premises support and mediation services for your Office Communications Server deployment and can assist you to assess the advantages of upgrading to Microsoft's Skype for Business. Progent can also assist you to design and carry out a smooth upgrade that will add significant strategic value to your information network
Professional CISSP-ISSEP Security
CISSP Certified Security Manager Consultant
Progent's CISSP-premier network security consultants can assist businesses of all sizes with any aspect of IT security. Progent can create efficient security systems that protect a small office from modern threats or Progent can plan, configure, and manage a comprehensive security strategy for hybrid enterprise networks that accommodate onsite, online, and mobile clients accessing network resources spread across multiple physical sites and various clouds.
Online Help Help Desk Sharing
Microsoft Experts Specialist Virtual Helpdesk
Progent’s Shared Help Desk service makes it possible for your IT organization to share responsibilities for Help Desk support transparently between your IT team and Progent's roster of certified desktop support technicians and subject matter experts (SMEs). Progent’s Co-managed Help Desk service is an advanced support solution based on ConnectWise Manage, the leading shared professional services automation (PSA) tool for handling service requests, ticket lifecycle, ownership, progress tracking, and metrics.
UNIX Cybersecurity Organization
Cybersecurity Organization Sun Solaris
If your company has a Sun Solaris environment or a multi-OS computer system, Progent's CISM and CISSP-certified security specialists can assist your entire organization in a wide range of security topics including security management practices, security design and strategies, access management products and methodology, software development security, business processes security, hardware security, communications, network and Internet security, and business continuity preparedness. CISM, CISSP and ISSAP define the fundamental skills and worldwide standards of knowledge that information security professionals are expected to possess. These certification offer executive management the confidence that consultants who have achieved their CISM, CISSP or ISSAP qualification have demonstrated the background and theory to deliver world-class security support and engineering services.
Cisco Certified Onsite Technical Support Virtual Help Desk Costs
Co-managed Helpdesk Costs Consulting Services
Progent's Helpdesk management and co-management services help organizations to save money and enhance productivity.
Open Now Jobs Computer Consulting
Top Recruit Cisco Consultant Full-Time Job
If you are an information technology consultant with technical support expertise, teaming with Progent and working for Progent's customers will enhance your skills through collaboration with our staff of mutually supportive, world-class consulting experts. Progent's commitment to providing network consulting and technical support to small and midsize businesses will give you the opportunity to consult closely with business leaders and add tangibly to the success of dynamic companies. In addition, Progent's virtual office environment provides the most advanced tools for off-site service and wireless connectivity to help you to deliver fast solutions when you take on business-critical issues.
Cisco CCIE Online Security Consulting Services
Cisco Router Security Consulting Services
Progent's CCIE-certified network infrastructure experts have extensive background assisting Internet Service Providers to design, deploy, manage, optimize, and troubleshoot high-availability, scalable network environments suitable for shared public networks.
Internet Security and Acceleration Server Engineer
Largest Microsoft Firewall Configuration
Progent’s Microsoft certified professionals offer small and medium sized companies expertise for Microsoft Forefront TMG and ISA Servers. Microsoft's Forefront Threat Management Gateway and Internet Security and Acceleration Servers include a full featured application-layer aware firewall that can secure your business system from attack by outside and inside sources. Forefront Threat Management Gateway and ISA Server provide deep examination of Internet protocols such as Hypertext Transfer Protocol, which allows these security platforms to detect many threats that can elude traditional firewalls. The integrated firewall and VPN architecture of Forefront TMG and ISA Server support stateful filtering and monitoring of all VPN traffic. ISA Servers are the mainstay of Microsoft's network security strategy, and Progent's Microsoft-certified engineers and CISSP, CISA and CISM certified security professionals can help you enhance your IT security through experienced design and integration of Forefront Threat Management Gateway and Microsoft ISA Servers. Progent's Microsoft-certified consultants can assist you to deploy Microsoft Forefront Threat Management Gateway 2010, manage and troubleshoot any version of ISA Server, or migrate smoothly from ISA Server environments to Microsoft Forefront TMG.
24/7 High-Availability Data Centers Services
24x7x365 Fault Tolerant Data Center Computer Consultants
Progent's Data Center consultants can show you how to select high availability data centers that match the specific needs of your company. Fault tolerant Internet Data Centers are particularly attractive to small businesses because of their affordability and simplified logistics compared to pursuing a do-it-yourself approach. Attempting to create an in-house data center with even a minimum level of fault tolerance is financially prohibitive for typical small organizations. Progent is ready to show you how to reap all the benefits of non-stop data centers and fault tolerant colo sites by offering a full array of engineering and support services.
Exchange 2000 Migration
Technology Consulting Services Exchange 2000 Server
Progent is among the most qualified information technology support firms for integrating e-mail systems powered by Microsoft Exchange 2000. Progent is skilled in helping small and mid-size companies derive the full benefits of Exchange 2000 for typical situations such as upgrading from Microsoft Exchange 5.5 Server, moving from an ISP-managed or POP3 e-mail system, and jobbing out your Exchange 2000 Server support.
Double Take Replication Manager Professional
DoubleTake Carbonite Backup and Restore Consultant
DoubleTake/Carbonite Software offers a selection of products intended to provide small and midsize businesses a variety of cost-effective alternatives for backing up and restoring vital workloads such as Exchange Server, Microsoft SQL Server, Blackberry, and SharePoint. Progent’s disaster recovery planning experts have extensive backgrounds integrating DoubleTake/Carbonite technology into small business IT systems to achieve a high level of availability and disaster recovery capability at a budget-friendly price.
Telecommuting Jobs Compensation for Cisco Certified
Remote Support Jobs Home Based Microsoft Consultants
Progent's compensation structure is built on contribution, so similar to being a freelance consultant, your earnings are entirely driven by your work effort. Some Progent support staff stress quality of life and choose to work at an easy pace, using our self-determined schedule to follow individual pursuits like hiking, car racing, snow boarding, fishing, vacations, or sharing free time with family and acquaintances. Other consultants use the chance to make major bucks via lots of work and extended days. Progent completely encourages both sides of the spectrum and everything in the middle.
Consulting CRISC Certified Risk and Information Systems Control
CRISC Certified Risk and Information Systems Control Auditor Consulting
Progent can provide the guidance of a CRISC-certified risk management consultant to help you to design and deploy an enterprise risk management (ERM) strategy following leading practices promoted by CRISC and geared to align with your organization's risk tolerance, business objectives, and budgetary guidelines.
Dynamics GP Great Plains Accounting Online Support Services
Dynamics GP Power BI IT Consulting
Progent’s Microsoft certified consultants offer a range of support services for Microsoft Dynamics GP/Great Plains. Dynamics GP/Great Plains is a Microsoft accounting package and corporate management tool built, like all Microsoft financial solutions, on the expandable and popular foundation of Microsoft Windows technology. Microsoft Dynamics GP/Great Plains 2010, the latest edition of Microsoft accounting products in the Dynamics GP family, provides a cost-effective tool for managing and integrating accounting, e-commerce, supply chain, manufacturing, project accounting, on-site support, CRM, and human resources. Microsoft Dynamics GP/Great Plains is easy to deploy and configure, and with its segmented approach you can license only the capability you currently require, with the option to add clients and increase functionality in the future. Progent’s Microsoft Dynamics GP Software support engineers can show you how to install, configure and administer Microsoft Dynamics GP 2010 as well as older versions of Microsoft Dynamics GP.
UNIX Consultancy
24/7 Computer Engineer Solaris
Progent's Sun Solaris family consulting experts provide small and mid-size businesses and developers help with administering and supporting Solaris systems that run with Microsoft-powered networks. Progent offers your business access to Solaris experts, support professionals premier by Microsoft and Cisco, and security specialists with CISM and CISA credentials. This wide array of expertise provides you with a convenient one-stop source to show you how to create and maintain a protected and robust cross-platform connectivity and communications infrastructure that allows Sun Solaris and Microsoft coexistence by combining Microsoft Windows with major variants of UNIX such as Mac OS X, Solaris, AIX UNIX from IBM, HP-UX, Berkeley UNIX (BSD), SCO UNIX, and Silicon Graphics IRIX (SGI/IRIX or leading Linux derivatives including RedHat Linux, SUSE, CentOS Linux, Ubuntu, PCLOS, fedora, Gentoo, Mandrake/Mandriva, Debian GNU/Linux, and Slackware Linux.
Catalyst 1000 Switch Technology Consulting
On-site Technical Support Catalyst 2900 Switch
With Catalyst switches for small and mid-size companies, Cisco allows companies to gain the full benefits of bringing smart traffic control into their networks. Cisco's Catalyst switch technology allows you to enable features that make your network infrastructure highly available to handle real-time needs, scalable to facilitate growth, safe enough to guard confidential data, and capable of prioritizing and controlling all traffic to optimize network performance. Progent's CCIE certified consultants can help you select and deploy Cisco Catalyst switches that make sense for your company. In addition, Progent's CISA certified security specialists can show you how to create a comprehensive protection policy and set up Catalyst switches so they help support your security strategy. Cisco Catalyst switching products that Progent provides expertise for include the Cisco Catalyst 2950 switches, Cisco Catalyst 3560 switches, Cisco Catalyst 4900 switches, and Catalyst 6500 switches.
Network Consulting SQL Server 2019 Reporting Services
SQL Server 2019 and VMWare IT Services
Progent's certified SharePoint 2019 and SharePoint Online consultants offer economical remote and on-premises consulting, application development, and troubleshooting services for businesses of any size who want to migrate to SharePoint Server 2019 or SharePoint Online from older versions of SharePoint. Progent can help customers plan and carry out a cost-effective upgrade to SharePoint 2019 on prem, SharePoint Online, or a hybrid environment that incorporates onsite and cloud-based infrastructure into a seamless intranet system.
Exchange 2013 Availability Professional
Exchange 2013 Configuration Computer Consultants
Exchange 2013 incorporates significant improvements to the capabilities of Exchange 2010 and delivers important innovations plus a revamped architecture. These improvements favorably impact vital facets of IT like manageability, high availability (HA), compliance, cost of ownership, collaboration, expandability, throughput, compatibility, and the user experience. Progent's Microsoft-certified Exchange Server 2013 consulting experts can help you understand the possible advantages of upgrading to Exchange Server 2013, design an efficient validation and rollout strategy, and train your IT staff to manage your Exchange Server 2013 solution. Progent also offers ongoing online consulting and management for Exchange 2013.
Microsoft 365 Excel Power BI Programming Firms
Excel 2019 Specialist
Progent's certified Office Excel and Office 365 Excel application consultants can provide a wide range of online support services to help you to design, program, pilot test, install, manage, and debug applications based on any version of Excel, including Excel Online and Office 365 Excel. Progent can help you to move your existing Excel solutions to the newest versions of Excel, integrate Excel with iOS-based iPhones and iPads and Android phones and tablets, and identify and fix compatibility issues between various releases of Excel. Progent can provide on-demand help to clients who need a quick solution to a specific problem related to Excel and Progent also offers full project management services for upgrading or creating line-of-business application software built on Excel. Progent's affordable webinar training classes for Office Excel can be customized to address the special requirements of individuals or groups.
Select Topic: