24-Hour Detroit Urgent Crypto
Computer Virus Assessment and Restoration Experts
For Business Essential Information Technogy Systems
Case Study: Crypto Virus Removal and Business Restoration
Ransomware : Your Crippling Information Technology Nightmare
Crypto-Ransomware has become a modern cyberplague that represents an enterprise-level threat for businesses poorly prepared for an attack. Different iterations of ransomware such as Reveton, Fusob, Locky, Syskey and MongoLock cryptoworms have been circulating for many years and continue to inflict harm. More recent versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, DopplePaymer, LockBit or Nephilim, as well as additional unnamed malware, not only encrypt online critical data but also infect any configured system restores and backups. Files synched to cloud environments can also be encrypted. In a vulnerable data protection solution, this can make automated recovery hopeless and basically sets the datacenter back to zero.
Getting back on-line applications and information after a ransomware attack becomes a race against the clock as the targeted business fights to stop the spread and clear the ransomware and to restore business-critical activity. Due to the fact that crypto-ransomware requires time to move laterally, penetrations are often launched at night, when penetrations are likely to take more time to uncover. This compounds the difficulty of rapidly marshalling and coordinating a capable response team.
Progent provides a range of support services for securing organizations from ransomware attacks. These include team member education to become familiar with and not fall victim to phishing scams, ProSight Active Security Monitoring for remote monitoring and management, plus setup and configuration of modern security solutions with machine learning technology from SentinelOne to detect and extinguish day-zero cyber attacks quickly. Progent also can provide the services of experienced ransomware recovery professionals with the talent and perseverance to restore a breached network as quickly as possible.
Progent's Ransomware Restoration Help
Following a ransomware attack, sending the ransom demands in cryptocurrency does not provide any assurance that cyber hackers will respond with the needed codes to decrypt all your files. Kaspersky ascertained that 17% of ransomware victims never restored their information even after having sent off the ransom, resulting in more losses. The risk is also costly. Ryuk ransoms often range from 15-40 BTC ($120,000 and $400,000). This is greatly higher than the usual crypto-ransomware demands, which ZDNET determined to be in the range of $13,000. The other path is to re-install the mission-critical elements of your IT environment. Without the availability of full system backups, this calls for a broad complement of skills, professional team management, and the ability to work 24x7 until the task is completed.
For two decades, Progent has offered certified expert Information Technology services for businesses in Detroit and throughout the United States and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts (SMEs) includes consultants who have earned advanced certifications in leading technologies including Microsoft, Cisco, VMware, and popular distros of Linux. Progent's security specialists have earned internationally-renowned certifications including CISM, CISSP, ISACA CRISC, and GIAC. (Refer to Progent's certifications). Progent in addition has experience with financial systems and ERP application software. This breadth of experience affords Progent the capability to efficiently determine necessary systems and consolidate the surviving pieces of your Information Technology environment after a ransomware event and assemble them into an operational system.
Progent's ransomware team of experts utilizes top notch project management applications to orchestrate the sophisticated restoration process. Progent understands the importance of acting quickly and in concert with a client's management and IT team members to assign priority to tasks and to get key applications back on line as fast as possible.
Client Case Study: A Successful Crypto-Ransomware Intrusion Response
A business escalated to Progent after their network was penetrated by Ryuk crypto-ransomware. Ryuk is believed to have been developed by North Korean government sponsored hackers, possibly adopting techniques leaked from the United States NSA organization. Ryuk goes after specific companies with little or no room for operational disruption and is one of the most profitable instances of crypto-ransomware. Headline organizations include Data Resolution, a California-based info warehousing and cloud computing firm, and the Chicago Tribune. Progent's client is a small manufacturing company based in the Chicago metro area and has about 500 staff members. The Ryuk intrusion had shut down all company operations and manufacturing processes. Most of the client's data protection had been on-line at the time of the attack and were destroyed. The client was pursuing financing for paying the ransom (in excess of two hundred thousand dollars) and praying for good luck, but in the end engaged Progent.
Progent worked together with the customer to quickly understand and assign priority to the key applications that needed to be recovered in order to restart business functions:
- Windows Active Directory
- Electronic Mail
- Accounting/MRP
Within two days, Progent was able to restore Windows Active Directory to its pre-penetration state. Progent then accomplished setup and storage recovery on mission critical systems. All Exchange Server schema and attributes were intact, which facilitated the rebuild of Exchange. Progent was able to find intact OST data files (Outlook Off-Line Data Files) on team workstations in order to recover email data. A not too old offline backup of the businesses financials/MRP systems made them able to recover these required applications back on-line. Although a lot of work still had to be done to recover fully from the Ryuk attack, the most important services were recovered rapidly:
During the next month critical milestones in the recovery project were completed in close collaboration between Progent consultants and the client:
- In-house web applications were returned to operation without losing any data.
- The MailStore Server exceeding 4 million archived emails was restored to operations and accessible to users.
- CRM/Product Ordering/Invoicing/Accounts Payable/AR/Inventory Control capabilities were completely recovered.
- A new Palo Alto Networks 850 security appliance was installed.
- 90% of the desktop computers were functioning as before the incident.
Conclusion
A likely business-ending catastrophe was avoided by hard-working professionals, a wide range of IT skills, and tight collaboration. Although in retrospect the ransomware virus incident detailed here would have been identified and disabled with current security technology solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, staff education, and well thought out security procedures for information protection and applying software patches, the reality is that government-sponsored cyber criminals from China, North Korea and elsewhere are relentless and are an ongoing threat. If you do fall victim to a crypto-ransomware attack, feel confident that Progent's team of professionals has a proven track record in ransomware virus blocking, removal, and file disaster recovery.
To read or download a PDF version of this case study, click:
Progent's Crypto-Ransomware Virus Recovery Case Study Datasheet. (PDF - 282 KB)
Additional Crypto-Ransomware Protection Services Offered by Progent
Progent can provide companies in Detroit a range of online monitoring and security assessment services to help you to reduce the threat from crypto-ransomware. These services include next-generation machine learning capability to detect new strains of ransomware that are able to get past legacy signature-based security products.
- ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
Progent's ProSight Active Security Monitoring (ASM) is an endpoint protection service that utilizes SentinelOne's cutting edge behavior-based machine learning technology to defend physical and virtual endpoint devices against new malware assaults such as ransomware and email phishing, which routinely escape traditional signature-based anti-virus tools. ProSight Active Security Monitoring protects on-premises and cloud resources and provides a unified platform to automate the entire malware attack progression including filtering, identification, containment, remediation, and post-attack forensics. Top features include single-click rollback using Windows VSS and real-time system-wide immunization against newly discovered threats. Progent is a SentinelOne Partner, dealer, and integrator. Read more about Progent's ProSight Active Security Monitoring next-generation endpoint protection and ransomware recovery. - ProSight Enhanced Security Protection (ESP): Endpoint Security and Microsoft Exchange Filtering
Progent's ProSight Enhanced Security Protection (ESP) managed services deliver economical multi-layer protection for physical servers and virtual machines, desktops, smartphones, and Exchange Server. ProSight ESP uses contextual security and advanced machine learning for round-the-clock monitoring and reacting to security threats from all attack vectors. ProSight ESP provides two-way firewall protection, penetration alerts, endpoint control, and web filtering via leading-edge technologies packaged within a single agent accessible from a unified control. Progent's data protection and virtualization consultants can assist you to design and configure a ProSight ESP environment that meets your organization's unique needs and that helps you demonstrate compliance with legal and industry information protection regulations. Progent will assist you specify and implement security policies that ProSight ESP will manage, and Progent will monitor your IT environment and react to alerts that call for urgent attention. Progent can also help your company to set up and test a backup and disaster recovery system such as ProSight Data Protection Services so you can recover quickly from a potentially disastrous security attack like ransomware. Find out more about Progent'sProSight Enhanced Security Protection unified physical and virtual endpoint protection and Microsoft Exchange filtering. - ProSight Data Protection Services (DPS): Backup and Recovery Services
Progent has partnered with advanced backup/restore technology providers to create ProSight Data Protection Services (DPS), a selection of subscription-based offerings that deliver backup-as-a-service. ProSight DPS services manage and track your backup processes and enable non-disruptive backup and fast recovery of vital files, applications, system images, and VMs. ProSight DPS helps your business protect against data loss resulting from equipment failures, natural disasters, fire, cyber attacks like ransomware, user mistakes, malicious insiders, or application bugs. Managed services in the ProSight Data Protection Services portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight ECHO Backup using Barracuda purpose-built hardware, and ProSight DPS MSP360 Cloud and On-prem Backup. Your Progent expert can help you to determine which of these managed services are best suited for your network. - ProSight Email Guard: Inbound and Outbound Spam Filtering and Data Leakage Protection
ProSight Email Guard is Progent's spam filtering service that incorporates the technology of top data security vendors to deliver centralized management and world-class protection for all your email traffic. The powerful structure of Progent's Email Guard managed service integrates a Cloud Protection Layer with an on-premises gateway device to offer complete protection against spam, viruses, Denial of Service Attacks, Directory Harvest Attacks (DHAs), and other email-borne threats. The cloud filter acts as a preliminary barricade and blocks most threats from reaching your network firewall. This decreases your exposure to inbound threats and saves system bandwidth and storage. Email Guard's on-premises gateway device provides a further layer of inspection for incoming email. For outbound email, the on-premises security gateway offers anti-virus and anti-spam filtering, policy-based Data Loss Prevention, and email encryption. The onsite security gateway can also help Microsoft Exchange Server to track and protect internal email that originates and ends inside your security perimeter. For more information, see Email Guard spam filtering and data leakage protection. - ProSight WAN Watch: Network Infrastructure Management
ProSight WAN Watch is a network infrastructure management service that makes it easy and affordable for smaller businesses to map, monitor, optimize and troubleshoot their connectivity appliances such as routers and switches, firewalls, and load balancers as well as servers, printers, endpoints and other networked devices. Incorporating state-of-the-art Remote Monitoring and Management technology, ProSight WAN Watch makes sure that network diagrams are kept current, captures and displays the configuration of virtually all devices connected to your network, monitors performance, and generates notices when problems are discovered. By automating complex management activities, ProSight WAN Watch can cut hours off ordinary chores like network mapping, reconfiguring your network, finding appliances that require critical software patches, or resolving performance issues. Find out more details about ProSight WAN Watch network infrastructure management consulting. - ProSight LAN Watch: Server and Desktop Remote Monitoring
ProSight LAN Watch is Progent's server and desktop monitoring service that uses state-of-the-art remote monitoring and management (RMM) techniques to keep your network running at peak levels by tracking the state of vital assets that power your information system. When ProSight LAN Watch detects a problem, an alert is transmitted automatically to your designated IT management staff and your assigned Progent engineering consultant so that all potential problems can be resolved before they have a chance to impact your network. Learn more details about ProSight LAN Watch server and desktop monitoring services. - ProSight Virtual Hosting: Hosted VMs at Progent's World-class Data Center
With Progent's ProSight Virtual Hosting service, a small organization can have its key servers and apps hosted in a protected Tier III data center on a fast virtual host set up and managed by Progent's IT support professionals. Under the ProSight Virtual Hosting model, the client owns the data, the operating system software, and the apps. Since the environment is virtualized, it can be moved immediately to an alternate hosting solution without requiring a time-consuming and difficult configuration process. With ProSight Virtual Hosting, your business is not locked into a single hosting provider. Learn more about ProSight Virtual Hosting services. - ProSight IT Asset Management: Network Documentation Management
ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to capture, update, retrieve and protect data related to your IT infrastructure, processes, business apps, and services. You can quickly find passwords or IP addresses and be warned automatically about upcoming expirations of SSL certificates or warranties. By updating and organizing your network documentation, you can save as much as half of time thrown away trying to find vital information about your network. ProSight IT Asset Management includes a centralized repository for holding and collaborating on all documents related to managing your network infrastructure such as standard operating procedures and self-service instructions. ProSight IT Asset Management also offers a high level of automation for collecting and associating IT data. Whether you're planning improvements, performing maintenance, or reacting to a crisis, ProSight IT Asset Management gets you the data you need the instant you need it. Read more about Progent's ProSight IT Asset Management service. - Progent Active Defense Against Ransomware: Machine Learning-based Ransomware Identification and Cleanup
Progent's Active Protection Against Ransomware is an endpoint protection service that incorporates cutting edge behavior analysis technology to defend endpoint devices and servers and VMs against modern malware assaults such as ransomware and file-less exploits, which easily get by traditional signature-matching anti-virus tools. Progent Active Security Monitoring services safeguard local and cloud-based resources and offers a unified platform to address the entire malware attack lifecycle including protection, infiltration detection, containment, cleanup, and forensics. Top features include one-click rollback with Windows Volume Shadow Copy Service and real-time network-wide immunization against newly discovered threats. Read more about Progent's ransomware defense and recovery services. - Progent's Outsourced/Shared Call Desk: Help Desk Managed Services
Progent's Support Desk managed services permit your IT group to outsource Call Center services to Progent or split activity for Help Desk services transparently between your in-house network support team and Progent's nationwide roster of IT support engineers and subject matter experts (SMEs). Progent's Co-managed Help Desk Service provides a transparent supplement to your corporate IT support team. Client interaction with the Help Desk, delivery of technical assistance, escalation, ticket creation and updates, performance measurement, and maintenance of the service database are consistent whether incidents are taken care of by your internal network support group, by Progent's team, or both. Read more about Progent's outsourced/shared Service Desk services. - Progent's Patch Management: Patch Management Services
Progent's managed services for patch management provide organizations of all sizes a versatile and affordable solution for assessing, testing, scheduling, implementing, and documenting software and firmware updates to your ever-evolving information system. In addition to optimizing the protection and reliability of your IT environment, Progent's software/firmware update management services free up time for your in-house IT team to focus on line-of-business projects and tasks that derive the highest business value from your information network. Learn more about Progent's software/firmware update management services. - ProSight Duo Multi-Factor Authentication: Identity Validation, Endpoint Remediation, and Secure Single Sign-on (SSO)
Progent's Duo MFA managed services incorporate Cisco's Duo cloud technology to defend against stolen passwords through the use of two-factor authentication. Duo supports single-tap identity confirmation with Apple iOS, Android, and other personal devices. Using Duo 2FA, whenever you sign into a secured application and give your password you are asked to confirm who you are via a unit that only you have and that is accessed using a different network channel. A wide selection of devices can be utilized for this added means of authentication such as a smartphone or wearable, a hardware/software token, a landline telephone, etc. You may designate multiple verification devices. To learn more about ProSight Duo identity validation services, go to Cisco Duo MFA two-factor authentication services for access security. - ProSight Reporting: In-depth Reporting for Ticketing and Network Monitoring Applications
ProSight Reporting is a growing suite of real-time management reporting plug-ins designed to work with the industry's leading ticketing and remote network monitoring applications including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting incorporates Microsoft Graph and features color coding to highlight and contextualize critical issues like inconsistent support follow-through or machines with missing patches. By identifying ticketing or network health problems concisely and in near-real time, ProSight Reporting enhances network value, lowers management hassle, and saves money. For more information, visit ProSight Reporting for ticketing and network monitoring applications.
An index of content::
Desktop Monitoring Computer Engineer
Remote Server Monitoring Network Engineer
ProSight LAN Watch is Progent's server and desktop remote monitoring managed service that incorporates state-of-the-art remote monitoring and management (RMM) techniques to keep your network running efficiently by tracking the state of vital assets that drive your IT network. When ProSight LAN Watch uncovers a problem, an alarm is transmitted immediately to your designated IT management personnel and your assigned Progent consultant so all looming problems can be addressed before they have a chance to impact your business.
MS SQL Security Firms
Development Companies Microsoft T-SQL
Microsoft SQL Server 2000 is a rich, web-aware database and data analysis package that opens the door to the rapid development of cutting-edge high-end programs that can give your company a significant competitive advantage. SQL Server features core support for XML and the ability to query across the Internet and outside the firewall. The knowledge and experience of Progent's Microsoft-certified SQL Server 2000 consultants, with an average of more than over 10 years of work helping with Microsoft integration, assures you success in designing, deploying and managing Microsoft SQL Server solutions that are seamlessly integrated with other applications based on Microsoft's .NET platform.
ProSight Private Cloud Services Consultant Services
ProSight VM Hosting Consultant
Progent's ProSight Virtual Hosting outsourcing offers comprehensive hosting of a small organization's servers in a solution that gives the maximum level of availability and expandability and is also simple to migrate to any data center. ProSight Virtual Hosting and management options are based upon mature virtualization techniques that allow small and midsize businesses with multi- platform IT systems to economize significantly on the expense of capital investments, system support, and network administration while achieving world-class reliability and an unmatched level of vendor independence.
Immediate Positions Work from Cisco Engineering
Work from Cisco Engineer Part-Time Jobs
Progent believes that a well architected and implemented network is a crucial piece for accelerating a firm's success, and Progent applies this credo in our corporate network infrastructure. Progent has built a zero-downtime virtual office network that enables our staff engineers and certified contractors to offer rapid and effective support, cooperate easily on challenging projects, and experience professional and private maturity by acting as a member of an exciting business ethos of personal drive and freedom.
Remote Support Meraki CMX
Meraki 802.11ac Access Point Upgrade IT Consulting
Progent's Cisco-Meraki Wi-Fi access point experts can assist you to design, configure, administer and debug Cisco's Meraki-based Wi-Fi networks for deployments ranging from a branch office to a campus or a multi-site enterprise. Progent can also assist clients to incorporate other Cisco devices for centralized management.
Consulting VMware VMotion
VMware Help and Support
Progent can provide the support of a certified VMware VCDX consultant to help you design, configure, administer and repair VMware vSphere and vCloud-based virtualization solution for on-premises datacenters, cloud environments, or hybrid deployments. Progent offers advanced knowledge for installing and configuring VMware Site Recovery Manager (SRM) and VMware's NSX network virtualization system for disaster recovery and business continuity. Progent offers in-depth understanding of VMware vCloud Director (vCD), vRealize Automation (vRA), vRealize Orchestrator and vCloud Suite used for managing private and hybrid cloud solutions that deliver high uptime, data security, and disaster recovery.
Small Business Computer Consulting Group Microsoft Certified Partner
Microsoft Partner Consultant
Progent is a Microsoft Certified Partner and has earned accredited competencies such as Advanced Infrastructure Solutions. Microsoft Certified Partners are the elite organizations who receive the highest client endorsement and are afforded the tightest working relationship with Microsoft. The understanding, skills, and commitment required to earn the status of Microsoft Certified Partner benefits Progent's customers by allowing Progent to offer your company better solutions for your IT network.
At Home Workers Cybersecurity Remote Support Services
Remote Employees Cybersecurity Help and Support
Progent can assist small and medium-size companies to install network security protection solutions and provide response expertise for a remote workforce.
Microsoft Certified SharePoint Server 2003 Troubleshooting
SharePoint Portal Server Specialists
Progent's Microsoft-certified consultants offer companies of any size consulting, troubleshooting, and development services for SharePoint Server and SharePoint Online. SharePoint is an advanced solution that uses web technology for efficiently coordinating people, groups and data. Microsoft SharePoint Server provides a common location for your workers or clients to connect to, organize, distribute and interact with relevant data, documents, and applications and to interact with other people. SharePoint enables faster and better decisions, more effective access across teams and more economical business processes. Windows SharePoint Services join employees, customers, teams and major tasks with the knowledge they've developed in a manner that makes data convenient to find, retrieve and re-use. Progent's SharePoint experts can help your organization to support your existing SharePoint ecosystem or upgrade to the current version of SharePoint.
Remote Office Consultant Services
Branch Location Consultant Services
Years of background delivering Microsoft expertise and Cisco technology consulting has enabled Progent to build a unique ability for supporting branch offices that need IT help with the responsiveness associated with with small firms but which offers effective client interaction, complete documentation, and compliance with corporate IT standards. If your corporation has a branch office located anywhere in or any region covered by Progent's consultants, Progent can provide a broad array of onsite and remote network support services and network design assistance.
Microsoft Teams at home workers Engineers
Microsoft Teams conference bridges Consultant
Progent can help your organization to design a migration to Teams from Skype for Business or Lync Server and configure, administer, and troubleshoot a cloud-based or hybrid deployment of Teams. Progent can assist you to integrate Teams with Office and Microsoft 365 apps, Exchange Online, SharePoint, and your phone system.
Network Engineers Telecommuting
Notebook VPN Small Business Network Consulting Group
Progent's remote connectivity and wireless synchronization specialists can help you to plan and deploy secure access solutions for off-site desktops, laptops, and smartphones so they integrate seamlessly with your IT network, enabling you to optimize the productivity of your off-site workforce.
Lync Server 2013 VoIP Consult
On-site Technical Support Microsoft Lync Server Instant Messaging
Microsoft Lync 2013, renamed Skype for Business, enables businesses of all sizes to create a manageable and protected communications environment that supports a Bring-Your-Own-Device computing model with IM, presence, audio/video and web meetings with application sharing and whiteboard, as well as IP and PSTN telephony across a broad range of desktop and handheld clients. Progent's certified Lync Server 2013 consultants and system integrators can assist your company to assess the advantages of Lync 2013, create an in-house, cloud-based (via Microsoft Lync Online) or mixed model appropriate for your present and future goals, deploy Lync 2013 so as to speed up your return on investment, and deliver custom webinar and onsite training to your management staff and users. Progent has in-depth expertise in key pieces of a Lync 2013 deployment that include Windows Server, SQL Server and Exchange Server, and Progent can assist your organization to combine Lync 2013 with key Microsoft 365 applications including Outlook and PowerPoint.
24x7 ISA 2004 Enterprise Edition Server Specialists
ISA 2004 Enterprise Edition Server Online Help
Progent's certified Internet Security and Acceleration Server consulting experts have extensive backgrounds configuring Microsoft ISA Server-based security installations for IT networks with multiple offices, mobile workers, and mission-critical web applications. Progent's ISA Firewall consultants are available to help your small business in designing and implementing an installation of ISA 2000 Server or ISA 2004 Server that meets your information protection requirements without overly restricting your IT system productivity. Progent's consultants can help you migrate from Microsoft Proxy Server from ISA 2000 Server to Microsoft ISA 2006 Enterprise Edition Server or Microsoft ISA 2006 Standard Edition Server.
Fault Tolerant Network On-site Support
On-site Technical Support Fault-tolerant system
Progent's Disaster Recovery/Business Continuity consultants have in-depth backgrounds assisting small and mid-size businesses to minimize system downtime by providing affordable remote consulting support for disaster recovery/business continuity planning, high-availability IT architecture, backup/restore solutions, and transparent system maintenance. Progent's business continuity consultants can assist your company to plan and test a sensible business continuity strategy that matches your business goals and budget. Progent's disaster recovery specialists can help you to architect, implement, and maintain fault-tolerant technologies such as non-stop Internet connectivity, virtualized servers, clustering, network load balancing, continual online backup, and multi-location data centers.
24 Hour Professional Microsoft Dynamics GP System Update Planning
Dynamics GP System Upgrade Planning Consultants
Progent's consultants have supported Dynamics GP and Great Plains software for over 20 years and Progent has provided integration, software development, education, and troubleshooting services since the platform's original release. Progent offers in-depth expertise for upgrading out of date Dynamics GP deployments. Progent can help your business to design, test, and carry out an efficient upgrade from a an outdated version to the current version of Dynamics GP.
Select Topic: