Ransomware : Your Feared Information Technology Catastrophe
Ransomware  Remediation ExpertsRansomware has become a modern cyber pandemic that presents an extinction-level danger for businesses vulnerable to an attack. Different iterations of ransomware such as Reveton, Fusob, Locky, SamSam and MongoLock cryptoworms have been out in the wild for a long time and continue to cause harm. Modern versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Conti and Nephilim, as well as frequent unnamed newcomers, not only perform encryption of on-line files but also infiltrate most available system backup. Data synched to off-premises disaster recovery sites can also be encrypted. In a poorly designed system, it can make automatic restoration hopeless and effectively sets the entire system back to square one.

Retrieving applications and information following a ransomware outage becomes a sprint against time as the targeted business tries its best to stop lateral movement, remove the ransomware, and resume enterprise-critical operations. Because ransomware takes time to move laterally across a network, penetrations are often launched on weekends and holidays, when attacks are likely to take longer to detect. This multiplies the difficulty of rapidly marshalling and organizing a qualified mitigation team.

Progent offers a variety of services for protecting businesses from crypto-ransomware events. Among these are team education to help identify and avoid phishing exploits, ProSight Active Security Monitoring (ASM) for endpoint detection and response (EDR) using SentinelOne's AI-based cyberthreat protection to detect and disable day-zero modern malware assaults. Progent also offers the assistance of veteran ransomware recovery professionals with the track record and perseverance to reconstruct a breached system as urgently as possible.

Progent's Crypto-Ransomware Restoration Services
Following a ransomware event, sending the ransom demands in cryptocurrency does not ensure that criminal gangs will provide the needed keys to unencrypt any of your information. Kaspersky determined that 17% of ransomware victims never recovered their data even after having sent off the ransom, resulting in increased losses. The gamble is also very costly. Ryuk ransoms are often a few hundred thousand dollars. For larger enterprises, the ransom demand can be in the millions of dollars. The other path is to re-install the vital parts of your IT environment. Absent the availability of essential system backups, this requires a wide range of skill sets, well-coordinated project management, and the capability to work 24x7 until the job is completed.

For twenty years, Progent has made available professional Information Technology services for companies throughout the US and has earned Microsoft's Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's team of subject matter experts includes professionals who have earned high-level industry certifications in foundation technologies like Microsoft, Cisco, VMware, and popular distributions of Linux. Progent's cybersecurity specialists have garnered internationally-renowned certifications including CISM, CISSP, CRISC, GIAC, and CMMC 2.0. (Refer to Progent's certifications). Progent also has expertise in financial management and ERP software solutions. This breadth of experience affords Progent the skills to efficiently identify important systems and consolidate the surviving pieces of your network system after a ransomware event and rebuild them into a functioning system.

Progent's recovery team deploys powerful project management tools to coordinate the sophisticated recovery process. Progent understands the importance of working swiftly and in unison with a customer's management and Information Technology staff to assign priority to tasks and to get critical systems back on line as soon as humanly possible.

Case Study: A Successful Crypto-Ransomware Virus Restoration
A client sought out Progent after their company was taken over by Ryuk crypto-ransomware. Ryuk is generally considered to have been created by North Korean state cybercriminals, possibly adopting technology leaked from America's NSA organization. Ryuk targets specific businesses with limited room for disruption and is among the most lucrative versions of ransomware viruses. Well Known organizations include Data Resolution, a California-based information warehousing and cloud computing company, and the Chicago Tribune. Progent's customer is a regional manufacturing business headquartered in Chicago and has about 500 workers. The Ryuk attack had brought down all business operations and manufacturing processes. The majority of the client's data backups had been on-line at the time of the intrusion and were destroyed. The client considered paying the ransom (more than $200K) and hoping for the best, but in the end brought in Progent.


"I can't say enough in regards to the support Progent gave us throughout the most fearful time of (our) company's survival. We would have paid the cyber criminals if not for the confidence the Progent group gave us. That you were able to get our messaging and important servers back into operation quicker than seven days was something I thought impossible. Every single staff member I got help from or communicated with at Progent was urgently focused on getting our system up and was working non-stop to bail us out."

Progent worked hand in hand the customer to rapidly identify and prioritize the critical applications that had to be restored in order to restart departmental operations:

  • Microsoft Active Directory
  • Electronic Messaging
  • Accounting/MRP
To begin, Progent followed Anti-virus penetration mitigation best practices by stopping lateral movement and disinfecting systems. Progent then began the work of rebuilding Windows Active Directory, the heart of enterprise networks built upon Microsoft Windows Server technology. Microsoft Exchange Server messaging will not work without Windows AD, and the customer's financials and MRP applications utilized Microsoft SQL Server, which requires Active Directory for security authorization to the databases.

In less than 48 hours, Progent was able to restore Active Directory services to its pre-attack state. Progent then charged ahead with setup and hard drive recovery of key servers. All Exchange Server ties and configuration information were intact, which accelerated the rebuild of Exchange. Progent was also able to locate local OST files (Microsoft Outlook Offline Folder Files) on staff PCs to recover mail messages. A recent offline backup of the client's accounting/ERP systems made it possible to return these vital programs back on-line. Although a lot of work still had to be done to recover completely from the Ryuk virus, core services were restored rapidly:


"For the most part, the production manufacturing operation was never shut down and we made all customer shipments."

Throughout the following few weeks important milestones in the recovery project were accomplished through tight collaboration between Progent consultants and the customer:

  • Self-hosted web applications were returned to operation without losing any data.
  • The MailStore Microsoft Exchange Server containing more than four million archived emails was brought online and accessible to users.
  • CRM/Customer Orders/Invoicing/AP/Accounts Receivables (AR)/Inventory capabilities were fully restored.
  • A new Palo Alto 850 firewall was brought online.
  • Most of the user desktops were back into operation.

"Much of what occurred that first week is mostly a blur for me, but our team will not soon forget the urgency all of the team accomplished to give us our company back. I've been working with Progent for the past ten years, maybe more, and every time I needed help Progent has impressed me and delivered as promised. This event was a testament to your capabilities."

Conclusion
A possible business extinction disaster was averted through the efforts of results-oriented professionals, a wide range of technical expertise, and close collaboration. Although in hindsight the ransomware incident detailed here could have been blocked with modern security technology solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, user and IT administrator training, and well designed security procedures for information backup and applying software patches, the fact is that state-sponsored cyber criminals from China, North Korea and elsewhere are tireless and are not going away. If you do get hit by a ransomware attack, feel confident that Progent's roster of professionals has extensive experience in ransomware virus blocking, removal, and file restoration.


"So, to Darrin, Matt, Dan, Claude, Jesse, Arnaud, Allen, Tony and Chris (and any others who were helping), thank you for making it so I could get rested after we got past the most critical parts. Everyone did an fabulous effort, and if any of your team is visiting the Chicago area, dinner is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To read or download a PDF version of this case study, please click:
Progent's Ransomware Incident Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Removal Expertise
For 24-Hour crypto-ransomware removal help, reach out to Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24 Hour Microsoft Exchange 2007 Consulting IT Consultant Exchange Server 2007
  • Albany Remote Workers Management Solutions Consulting Services Albany, NY Albany Offsite Workforce Management Tools Consulting Services Albany-Clifton Park, NY

  • Linux, Windows Services
    Microsoft Certified Partner Windows, Linux, UNIX, Solaris Remote Troubleshooting

    If your company network mixes Linux technology platforms with Microsoft Windows, Progent can assist you to incorporate your computers into a cohesive network that permits all your operating systems to run side by side for easy administration, seamless dataflow, high availability, superior performance, and strong protection. Progent's Linux and MS Windows integration assistance offerings feature IT architecture integration and support, support for Windows services for UNIX, online network monitoring and management, online technical support and repair, in-person technical support, and Help Desk support.

  • At Home Workers Rochester Consulting and Support Services - Endpoint Management Systems Expertise Rochester, NY Rochester Telecommuters Endpoint Management Systems Consulting and Support Services
  • At Home Workforce Tacoma Consulting and Support Services - Collaboration Solutions Expertise Tacoma, Pierce County Work at Home Employees Assistance near Tacoma - Collaboration Technology Consulting and Support Services Tacoma, WA
  • BlackBerry Synchronization Computer Network Support Firms Cabo Frio, RJ BlackBerry BES Server Small Office Computer Consultants
  • Broomfield Spora Crypto-Ransomware Settlement Negotiation Expertise Broomfield, US Broomfield-Boulder, Colorado, America Urgent Broomfield Conti Crypto-Ransomware Negotiation Expertise
  • CISSP Certified Expert Rancho Cordova Design Consultants Implementation Support Rancho Cordova, CA
  • Cisco Computer Expert Fremont California Newark, CA 24-Hour Migrations Cisco
  • Cleveland Public Square Security Consultant CISSP Security Consulting Cleveland, OH
  • Cleveland, Cuyahoga County Remote Workforce Cleveland Consulting Services - Call Desk Outsourcing Consulting Experts Teleworkers Guidance near Cleveland - Help Desk Augmentation Expertise Cleveland Public Square, USA
  • Colorado Springs Fort Carson Supplemetary IT Staffing for Computer Support Teams Short Term IT Staffing for IT Support Organizations Colorado Springs, El Paso County, America

  • WatchGuard Firebox M-Series Firewall Security Audits
    WatchGuard Firebox M570 Firewall Security Services

    Progent provides support services for WatchGuard Firewall security gateways such as the WatchGuard Firebox and XTM lines of Firewalls and the Firebox SSL Core VPN Gateway. Progent's WatchGuard consultants can show you how to choose, configure, and maintain a WatchGuard Firewall/VPN product that aligns with your network security requirements and budget. Progent can help you to manage outdated WatchGuard firewalls or migrate efficiently to current WatchGuard firewall solutions.

  • Consultants Chief Information Officer Part-Time CIO Technical Support Services

  • Network Consulting Catalyst 9166 Access Point
    Catalyst 9162 Access Point Technical Support Services

    Progent's Cisco-certified Catalyst 9100 Series Wi-Fi 6 WAP consultants offer affordable online and on-premises support for Catalyst next-generation Wi-Fi 6 wireless access points (WAPs).

  • Dallas Fort Worth Biggest At Home Workforce Dallas Guidance - VoIP Systems Consulting Experts Dallas Remote Workers IP Voice Systems Consulting and Support Services
  • Des Moines, Iowa Small Business Computer Consulting Company 24/7/365 Des Moines, Iowa Server Consultant
  • Eliminating Earthquake Risk Job Opportunities Job Opportunity Home Based Network Consultant
  • Emergency Google Cloud Docker Consult Cisco Expert Google Cloud solutions Specialists
  • ransomware cleanup and restore Consult
  • Engineer OS X Troubleshooting Technology Professional Mac Online Technical Support
  • Exchange 2016 Outsourcing Napa, CA Small Office IT Consultant Exchange 2019 Vallejo, Benicia
  • Fort Collins Colorado Windows Security Network Designers Help Desk Network Setup Fort Collins, CO, United States
  • Grand Rapids, Michigan Consulting Companies Grand Rapids Technical Consultant

  • Immediate Specialists Microsoft Skype for Business 2015
    Microsoft Certified Skype for Business and Call Analytics Engineers

    Lync 2010 provides Instant Messaging, Real Presence, voice/video conferencing, desktop collaboration, and both IP-based and public switched telephone network voice communication. Microsoft Lync 2010 can enhance the functionality of Microsoft Exchange Server, SharePoint Server and Office or cloud-based Microsoft 365 and streamlines administration via integration with Active Directory. Lync can also cut expenses by eliminating VoIP hardware and subscription fees, PBX gear, or conventional video conferencing solutions. Progent's Microsoft-certified IM and Presence consultants can provide remote and on-premises support services to assist you to manage and repair your current Lync 2010 environment or evaluate the advantages of upgrading from Lync to Skype for Business, which is Microsoft's new version of the product. Progent can also assist you to design and carry out an efficient Skype for Business migration or a migration to Microsoft Teams.

  • ransomware removal and restore Technology Professional
  • Immediate RIM BlackBerry Server Help Los Angeles County BlackBerry Online Troubleshooting Long Beach, CA

  • Support Company Consultant Rates
    Network Consulting Organization Consultant Price

    Progent's pricing model is to charge for remote support and in-person visits per minute. Consequently, you pay just for received services. Progent does not impose a higher rate for after-hours or urgent service, and inside California or in regions where Progent provides in-person support, Progent does not bill for travel time except for urgent support where on-site work is less than four hours. In addition, Progent applies no minimum charge and requires no retainer for services provided during normal working hours. Many support firms impose large minimum fees or charge for every quarter hour or longer. Progent's one-minute granularity eliminates large invoices for quick repairs so you won't be forced to permit minor problems to stay unaddressed.

  • Immediate San Francisco Netwalker Crypto-Ransomware System-Restoration San Francisco Bay Area SF Bay Area San Francisco Dharma Crypto-Ransomware Recovery
  • Jundiaí, SP At Home Workers Consulting and Support Services near me in Jundiaí - Backup Systems Assistance At Home Workers Guidance near me in Jundiaí - Backup Systems Assistance Jundiai, State of São Paulo
  • Knoxville Telecommuters Set up Consulting Services Knoxville Teleworkers Connectivity Solutions Consulting Services Knox County Tennessee
  • Leeds Remote Workforce Collaboration Systems Consulting Leeds At Home Workers Consulting near me in Leeds - Collaboration Solutions Assistance Leeds-Sheffield
  • Londrina IT Staffing Temps Support Services Maringa, Parana Londrina IT Staff Temps Support
  • Lower Manhattan Remote Workforce Call Desk Outsourcing Consulting Experts New York City-Downtown Lower Manhattan Teleworkers Help Desk Call Center Augmentation Expertise Manhattan-East Village, NY

  • Small Business 100 AP Online Consulting
    IT Consultants Small Business WAP321

    Cisco's Small Business series of access points are Linux-based units intended as value-priced wireless solutions for small offices. Progent's Cisco CCIE wireless network consultants can provide online or onsite integration and debugging support to help you to design, configure, update, tune, administer and troubleshoot Cisco Small Business Wi-Fi AP environments of any scale or topology.

  • ransomware business recovery Consultant Services
  • MIA SharePoint Server 2013 Remote Troubleshooting 24-Hour SharePoint Server 2019 Consulting South Beach
  • MS Dynamics GP (Great Plains) Vendor nearby Eugene - Setup Consultant Open Now Eugene Microsoft Dynamics GP Migration Expert Lane County Oregon
  • MS Dynamics GP Addison Premier Partner - Training Expert Addison-Richardson, Texas 24x7 Dynamics GP (Great Plains) Addison Solution Provider - Implementation Consultant Addison-Richardson, Texas
  • Hermes ransomware recovery Specialist
  • Microsoft Remote Support Careers Kansas City International Airport MCI, United States Part-Time Job Microsoft Consulting Kansas City, Jackson County
  • Microsoft Toronto-Mississauga Canada Design Toronto-Brampton Remote Support
  • Migration Company Microsoft Exchange Server 2013 Union City, CA Installation Microsoft Exchange 2016 San Lorenzo, CA
  • MongoLock ransomware recovery Engineer
  • Mill Valley, Corte Madera CA Microsoft SQL Server Tech Consultants Microsoft SQL Server 2016 Tech Consultant San Anselmo, Belvedere CA
  • Minneapolis Urgent Ransomware Repair Support Services Minneapolis Hennepin County Minneapolis Crypto-Ransomware Recovery Services Twin Cities, Minnesota
  • Mission Viejo-Dana Point, United States Work at Home Employees Consulting Services near Mission Viejo - Collaboration Technology Consulting Services At Home Workforce Consulting Services near Mission Viejo - Collaboration Solutions Consulting Mission Viejo-San Clemente, California, America
  • Missouri - Kansas City, MO, Saint Louis, MO, Springfield, MO, Independence, MO Computer Tech Missouri Small Business IT Consultant
  • Consultant Ryuk ransomware recovery
  • Network Consulting Openings Walnut Creek, CA Computer Engineer Freelancing Jobs Walnut Creek, CA
  • Largest Consulting Services ransomware cleanup and recovery
  • Networking Computer Setup Peoria Networking Information Technology Consulting Companies Peoria County
  • Newark New Jersey Immediate Newark Ransomware Remediation Services Newark 24/7 Crypto-Ransomware Cleanup Essex County New Jersey

  • Engineers Virtualization
    Virtualization Engineers

    Server proliferation puts pressure on IT budgets and administrative resources. Server consolidation through a virtual architecture offers lower TCO of hardware and faster return on investment, more efficient use of servers, simplified operations, increased network uptime, and easier management. Common usage scenarios for virtual machines include resource consolidation, low-cost platforms for mission-critical legacy software running on outdated operating systems, and affordable quarantine of program development or evaluation environments from on-line systems.

  • Norfolk, Hampton Roads, United States MS Dynamics GP Norfolk Supplier - Upgrade Consulting Norfolk MS Dynamics GP Implementation Consultant Norfolk Virginia

  • Top Consult Security Architecture
    24-7 ISSAP Security Tech Services

    Progent's ISSAP Certified security consultants, or Information Systems Security Architecture Professionals, are experts who have earned ISSAP status through rigorous testing and extensive experience with network security design. ISSAP consultants have comprehensive understanding of access management mechanisms and techniques, telecommunications and network infrastructure protection, cryptography, requirements analysis, business continuity and disaster recovery, and physical security integration. Progent's ISSAP-certified security experts can help your company with all phases of architecture security.

  • Online Troubleshooting SharePoint 2010 Ipanema SharePoint Support and Setup
  • Salinas Professional Services Monterey County Migration Help
  • San Mateo Avaddon Crypto-Ransomware Repair San Carlos, CA, USA San Mateo WannaCry Crypto-Ransomware Business-Recovery San Carlos, CA
  • Santa Cruz IT Staffing Temps Services Santa Cruz California Emergency IT Staffing Temps for IT Support Teams Santa Cruz California
  • Schaumburg Ryuk Crypto-Ransomware Negotiation Guidance Schaumburg-Carol Stream, IL Schaumburg Avaddon Crypto-Ransomware Settlement Support Schaumburg-Elgin
  • Scottsdale Crypto-Ransomware Spora Vulnerability Review Scottsdale, Maricopa County Scottsdale Ransomware MongoLock Vulnerability Report Scottsdale Tempe Paradise Valley

  • Open Now Professionals NetApp MetroCluster Troubleshooting
    NetApp MetroCluster Troubleshooting Professionals

    NetApp MetroCluster is a disaster recovery platform that uses array-based storage clustering with replication to provide rapid, zero RPO disaster recovery between datacenters located as far as 300km apart from each other. Progent's team of seasoned network experts can assist your business to design, deploy, manage, update, test and repair a disaster recovery system based on NetApp MetroCluster. Progent can help you to select a topology for your MetroCluster deployment that meets your technical requirements and budget. Progent can ensure you follow leading practices for configuring your MetroCluster environment by delivering guidance with procedures like assigning shelf IDs, arranging plexes layout, provisioning NetApp FlexVol volumes, setting up Data ONTAP configuration replication service, installing switches, designing a tiebreaker, setting up a configuration replication network, and testing your MetroCluster disaster recovery solution to prove compliance with industry standards and government requirements.

  • Security Security Company Albany Albany Security Information Technology Consulting
  • Ryuk ransomware cleanup Technology Professional
  • Sodinokibi Ransomware Hot Line Fort Lauderdale, FL Ransomware Rebuild Fort Lauderdale Weston Margate
  • Sodinokibi Ransomware Hot Line Virginia Beach, U.S.A. Lockbit Ransomware Hot Line Virginia Beach Virginia

  • SCDPM 2012 and Windows Server 2012 Integration Support
    SCDPM 2012 Planning Integration Services

    Progent's Microsoft-certified consultants offer remote or in-person support to help businesses of all sizes to plan, deploy, administer, and repair a backup/restore system built around System Center 2012 Data Protection Manager (SCDPM 2012). Progent can help you to upgrade from older versions of Data Protection Manager or from a different backup platform, and Progent can integrate your Data Protection Manager deployment for onsite, cloud-based, or hybrid datacenters. Progent can provide as-needed support for fixing particularly challenging issues, or comprehensive project management support. Progent's consultants can also help you to design SCDPM 2012 into an enterprise-class disaster recovery plan.

  • Top Ryuk ransomware recovery Consult
  • Support Group Cisco New York City-Greenwich Village, New York Midtown Manhattan Cisco IT Specialist

  • Mid-sized Business Computer Support Company
    Midsized Company Computer Outsourcing

    Progent offers technical services for medium size businesses with 100 to 250 system users. The mid-size business or work group has traditionally been an underserved segment of the market for network consulting expertise. The overhead and service access models of large third-party service organizations make them excessively costly for the typical small business or small medium business (SMB), which usually has a modest IT budget with which to support an IT system whose complexity and capability are often comparable to the information systems of much bigger enterprises. Progent's support delivery model, which takes great advantage of remote service, virtual office technology and proactive network monitoring, significantly lowers the IT support costs of a small-medium business while providing the small company with big-company service from certified, world-class consultants knowledgeable in a broad range of small business technologies. If your medium size organization or small business is searching for levels of network support needed for a mid-size organization without budgeting big-company costs, contact Progent.

  • Tacoma-Pierce County Service Providers Networking Services Tacoma, Washington

  • VBScript programming Professional
    Urgent Business Software Programming

    If you need assistance writing, enhancing, or repairing applications for Windows, any version of Linux, or for the Web, Progent's team of program developers, relational database designers, and project managers can help make sure you get the job completed on time and within your budget. Progent's experienced application programmers can provide affordable and efficient online consulting for projects as small as writing VBA scripts for Office Excel or as large as rolling out mission-critical database applications based on SQL Server ,Oracle, or MySQL.

  • Top Quality Dynamics GP Skokie Supplier - Training Consulting Skokie Dynamics GP (Great Plains) Skokie Vender - Upgrades Support Services Skokie-Lincolnwood, Illinois, USA
  • Top Ranked Exchange Server 2010 Technical Support Organizations Emergency Microsoft Exchange Server 2013 Information Technology Outsourcing Firm Orlando-Kissimmee
  • Ubuntu Linux, Solaris, UNIX Remote Support Rockville-Fredrick Gentoo Linux, Solaris, UNIX Technical Consultant Rockville-Montgomery County, Maryland
  • Vacaville Small Business IT Consultant Solano County Setup
  • Work from Home Employees Long Beach Expertise - Infrastructure Consulting Services After Hours Long Beach Remote Workers Integration Expertise Long Beach California

  • © 2002-2024 Progent Corporation. All rights reserved.