Ransomware : Your Crippling Information Technology Disaster
Ransomware  Remediation ExpertsRansomware has become an escalating cyber pandemic that presents an extinction-level threat for businesses of all sizes vulnerable to an attack. Versions of ransomware like the Dharma, WannaCry, Locky, NotPetya and MongoLock cryptoworms have been out in the wild for a long time and still cause harm. Newer strains of ransomware such as Ryuk, Maze, Sodinokibi, DopplePaymer, Conti and Nephilim, as well as additional as yet unnamed newcomers, not only perform encryption of online data files but also infiltrate any configured system protection. Information replicated to the cloud can also be corrupted. In a poorly architected data protection solution, this can make automatic restoration useless and effectively sets the datacenter back to zero.

Getting back on-line applications and data following a ransomware intrusion becomes a race against the clock as the targeted organization struggles to contain the damage, eradicate the virus, and restore business-critical operations. Due to the fact that crypto-ransomware takes time to spread across a targeted network, penetrations are frequently launched during weekends and nights, when penetrations tend to take longer to discover. This multiplies the difficulty of quickly assembling and organizing a qualified response team.

Progent provides a range of solutions for protecting enterprises from ransomware penetrations. These include team education to help identify and avoid phishing attempts, ProSight Active Security Monitoring (ASM) for endpoint detection and response utilizing SentinelOne's behavior-based threat defense to detect and suppress zero-day modern malware attacks. Progent also provides the services of veteran crypto-ransomware recovery engineers with the talent and commitment to rebuild a compromised network as soon as possible.

Progent's Crypto-Ransomware Restoration Services
Following a ransomware invasion, paying the ransom in cryptocurrency does not provide any assurance that cyber hackers will provide the needed keys to decrypt any or all of your data. Kaspersky ascertained that seventeen percent of crypto-ransomware victims never restored their files even after having sent off the ransom, resulting in more losses. The risk is also very costly. Ryuk ransoms are typically several hundred thousand dollars. For larger enterprises, the ransom demand can be in the millions of dollars. The other path is to piece back together the essential parts of your IT environment. Absent access to complete system backups, this requires a broad range of IT skills, well-coordinated project management, and the ability to work continuously until the task is done.

For two decades, Progent has offered expert Information Technology services for businesses across the US and has achieved Microsoft's Gold Partnership certification in the Datacenter and Cloud Productivity competencies. Progent's group of subject matter experts includes consultants who have earned top industry certifications in key technologies like Microsoft, Cisco, VMware, and major distributions of Linux. Progent's cybersecurity experts have earned internationally-recognized industry certifications including CISA, CISSP-ISSAP, CRISC, GIAC, and CMMC 2.0. (Refer to Progent's certifications). Progent in addition has expertise with financial management and ERP software solutions. This breadth of experience gives Progent the capability to quickly identify critical systems and integrate the remaining pieces of your computer network environment after a crypto-ransomware penetration and assemble them into an operational system.

Progent's recovery team deploys state-of-the-art project management applications to coordinate the sophisticated recovery process. Progent understands the importance of working swiftly and together with a customer's management and IT resources to prioritize tasks and to get the most important systems back on-line as fast as possible.

Case Study: A Successful Crypto-Ransomware Penetration Restoration
A business contacted Progent after their organization was brought down by the Ryuk ransomware virus. Ryuk is generally considered to have been developed by North Korean state sponsored criminal gangs, possibly using approaches leaked from the United States NSA organization. Ryuk goes after specific businesses with little tolerance for disruption and is among the most profitable versions of ransomware. Major victims include Data Resolution, a California-based info warehousing and cloud computing business, and the Chicago Tribune. Progent's client is a regional manufacturer headquartered in the Chicago metro area with around 500 workers. The Ryuk event had disabled all company operations and manufacturing processes. The majority of the client's backups had been on-line at the start of the intrusion and were damaged. The client considered paying the ransom (exceeding $200,000) and praying for good luck, but ultimately made the decision to use Progent.


"I cannot tell you enough in regards to the support Progent gave us during the most stressful time of (our) businesses existence. We most likely would have paid the cyber criminals behind the attack if not for the confidence the Progent experts provided us. The fact that you were able to get our messaging and important servers back online in less than one week was beyond my wildest dreams. Each staff member I spoke to or communicated with at Progent was hell bent on getting us restored and was working at all hours on our behalf."

Progent worked with the customer to rapidly get our arms around and prioritize the mission critical areas that had to be restored in order to resume departmental functions:

  • Active Directory
  • Microsoft Exchange Server
  • Accounting/MRP
To get going, Progent adhered to Anti-virus penetration response industry best practices by stopping lateral movement and cleaning systems of viruses. Progent then initiated the steps of restoring Windows Active Directory, the core of enterprise environments built on Microsoft Windows technology. Microsoft Exchange Server messaging will not work without Windows AD, and the client's accounting and MRP applications used Microsoft SQL, which depends on Windows AD for authentication to the database.

In less than two days, Progent was able to rebuild Windows Active Directory to its pre-intrusion state. Progent then performed setup and storage recovery of needed applications. All Exchange Server ties and attributes were usable, which accelerated the restore of Exchange. Progent was able to locate intact OST files (Microsoft Outlook Offline Data Files) on user desktop computers and laptops in order to recover email data. A not too old off-line backup of the customer's financials/MRP systems made it possible to restore these vital applications back online for users. Although major work needed to be completed to recover fully from the Ryuk virus, essential services were restored quickly:


"For the most part, the production operation survived unscathed and we made all customer sales."

Over the following few weeks important milestones in the recovery process were accomplished through tight cooperation between Progent engineers and the customer:

  • Internal web applications were restored with no loss of data.
  • The MailStore Exchange Server exceeding 4 million historical messages was brought on-line and accessible to users.
  • CRM/Orders/Invoicing/Accounts Payable (AP)/AR/Inventory modules were 100% operational.
  • A new Palo Alto Networks 850 security appliance was brought online.
  • Nearly all of the user desktops and notebooks were functioning as before the incident.

"Much of what transpired in the early hours is nearly entirely a haze for me, but we will not soon forget the dedication all of the team accomplished to give us our business back. I've trusted Progent for the past 10 years, possibly more, and each time Progent has come through and delivered as promised. This time was a testament to your capabilities."

Conclusion
A potential enterprise-killing catastrophe was dodged by hard-working professionals, a wide range of knowledge, and close teamwork. Although in hindsight the ransomware virus penetration described here would have been stopped with current cyber security technology solutions and NIST Cybersecurity Framework or ISO/IEC 27001 best practices, user and IT administrator education, and appropriate security procedures for information backup and proper patching controls, the fact is that government-sponsored cybercriminals from Russia, North Korea and elsewhere are relentless and are not going away. If you do get hit by a ransomware penetration, feel confident that Progent's team of experts has substantial experience in crypto-ransomware virus blocking, mitigation, and information systems restoration.


"So, to Darrin, Matt, Aaron, Dan, Claude, Jesse, Arnaud, Allen and Chris (and any others who were involved), I'm grateful for making it so I could get rested after we made it past the most critical parts. Everyone did an incredible job, and if anyone that helped is around the Chicago area, dinner is my treat!"

Download the Crypto-Ransomware Recovery Case Study Datasheet
To review or download a PDF version of this case study, please click:
Progent's Ryuk Virus Recovery Case Study Datasheet. (PDF - 282 KB)

Contact Progent for Ransomware Repair Expertise
For 24-Hour ransomware recovery consulting, call Progent at 800-462-8800 or go to Contact Progent.



An index of content::

  • 24 Hour Ransomware Hot Line Cabo Frio, RJ Nephilim Ransomware Hot Line

  • Information Technology Consulting FRx
    ASP Reporting

    Progent's expert programmers, database designers, and project managers can assist large businesses to complete development programs for Windows, Linux/UNIX, or Web applications. Progent's enterprise co-sourcing services include access to seasoned project managers for high-level planning and project co-ordination or Progent can help customers plug expertise gaps by providing database designers and software programmers skilled in developing RDBMS applications based on Microsoft SQL Server, Oracle, or MySQL. Progent's SharePoint experts can assist businesses to integrate SharePoint with additional applications such as SQL Server and Office Excel to build data-intensive intranets and portal sites. Progent also offers expertise with multiple web development tools and can help clients to build, expand, troubleshoot, or migrate web-based applications to utilize the latest advances in web technology.

  • 24-7 Information Technology Outsource Windows Server 2019 NYC-Hells Kitchen, NY, US Windows Server 2012 Network Support Consultants
  • 24-7 Microsoft MCP Consultant Contractor Job Union City CA Emergency Network Consultant Home Based Virtual Office Berkeley
  • 24/7/365 Teleworkers Toledo Consulting Services - Collaboration Solutions Expertise Toledo, OH Toledo Teleworkers Collaboration Systems Assistance Toledo Bowling Green, United States
  • Addison Ransomware Snatch Susceptibility Audit Addison-Lewisville, Texas Addison Crypto-Ransomware Ryuk Readiness Assessment Addison-Lewisville, TX
  • Addison-Farmers Branch At Home Workers Consultants - Addison - Security Systems Consulting Award Winning Offsite Workforce Addison Expertise - Cybersecurity Solutions Assistance Addison-Carrollton, TX
  • Anaheim Work at Home Employees Collaboration Solutions Consulting Anaheim California 24x7x365 Offsite Workforce Consultants nearby Anaheim - Collaboration Solutions Consulting Experts Orange County
  • Arlington Teleworkers Backup/Recovery Solutions Assistance Arlington, Kennedale, Grand Prairie Arlington Texas Arlington Work at Home Employees Backup/Restore Solutions Expertise
  • At Home Workers Expertise in Brisbane - VoIP Systems Guidance Brisbane Brisbane, Queensland Work from Home Employees Assistance nearby Brisbane - VoIP Solutions Consulting
  • At Home Workforce Configuration Remote Consulting Call Desk for Remote Workforce
  • Best SQL 2012 Consultant Services Concord California Microsoft SQL 2008 Small Business IT Consulting Companies Walnut Creek Contra Costa County, America

  • Virtual Support Desk Technical Support
    Shared Service Desk IT Consulting

    Progent's Shared Call Center service allows your IT organization to split responsibilities for Help Desk services transparently between your IT team and Progent's pool of seasoned desktop support engineers and subject matter experts. Progent's Co-managed Help Desk service is an advanced support solution based on ConnectWise Manage, the top shared PSA tool for handling service requests, ticket lifecycle, responsibility, status tracking, and reporting.

  • CCIE Certified wireless LAN controller Configuration CCNP Expert Certified 3504 wireless controller Engineer

  • SCCM 2016 Troubleshooting Specialist
    Top Quality Support and Integration SCCM 2016 Policy Settings

    Configuration Manager 2016 automates application and device provisioning and updating, centralizes security and compliance settings management, inventories network assets, protects against company data leakage, performs network health reporting, enables secure self service, and offers a common point of control for administering multi-operating system networks based on on-prem, cloud, or hybrid deployment architectures. Progent's Microsoft-certified Configuration Manager 2016 consultants and Microsoft Azure cloud integration specialists can assist you with any aspect of planning, implementing, using and troubleshooting a System Center 2016 Configuration Manager solution for local, cloud, or hybrid networks.

  • Cisco Small Office IT Outsourcing Monroe County New York Integration Consultants Cisco Monroe County New York
  • Cisco and Microsoft Salinas Small Business Network Consulting Monterey County Integration Consultant

  • ProSight Reporting Infrastructure Monitoring Specialists
    ProSight Reporting Network Infrastructure Monitoring Consulting

    ProSight Reporting is an expanding line of real-time reporting plug-ins created to integrate with the industry's leading ticketing and network monitoring platforms including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne.

  • Colorado Springs At Home Workforce Endpoint Management Solutions Guidance Colorado Springs, El Paso County Remote Workers Colorado Springs Expertise - Management Systems Assistance
  • Consulting Experts for Wilmington IT Service Firms Wilmington Wilmington Consulting Support for IT Service Providers Wilmington-New Castle, DE
  • Dharma ransomware recovery Specialist
  • Dharma Ransomware Hot Line Erie County New York Top Egregor Ransomware Hot Line Buffalo New York
  • Egregor Ransomware Hot Line Fort Collins Loveland Ransomware System Rebuild
  • Engineer SentinelOne Vigilance Respond MDR Integrator SentinelOne XDR Consultancy
  • Enterprise Windows 2019 Tech Site Move Professionals
  • Exchange Server 2019 Upgrading El Paso Greater Ciudad Juarez, US Award Winning Exchange Server 2010 Help El Paso Greater Ciudad Juarez, USA
  • Firewall Security Audits Honolulu, Waikiki CISSP Security Team Honolulu
  • Fort Lauderdale Ryuk Ransomware Removal Fort Lauderdale Immediate Fort Lauderdale MongoLock Crypto-Ransomware Repair Fort Lauderdale Tamarac
  • Hayward Ransomware Phobos ransomware recovery Hayward, CA Hayward Crypto-Ransomware DopplePaymer Vulnerability Report Hayward Alameda County

  • Remote Consulting scom 2016 alerts
    scom 2016 management groups Professional

    System Center 2016 Operations Manager (SCOM 2016) helps to ensure consistent performance and maximum availability for critical applications by offering centralized, mixed-platform tracking of IT infrastructure installed throughout local datacenters and cloud environments. Progent's consulting team can provide advanced remote and onsite expertise to assist businesses of any size to plan, implement, tune, update and troubleshoot SCOM 2016 solutions. Progent can assist your company to migrate to SCOM 2016 from older versions or from different IT infrastructure monitoring platforms, or integrate multiple monitoring tools into a unified IT management ecosystem. Progent can also help you expand your Operations Manager 2016 environment to include resources based in public clouds such as Microsoft Azure and Amazon AWS.

  • Consultants LockBit ransomware recovery
  • Help Desk Consulting Home Based Virtual Office Salinas California Microsoft MCP Consulting Full-Time Job Castroville, CA
  • Information Technology Consulting Microsoft SharePoint Server 2010 Portland, Multnomah County 24-7 SharePoint Server 2007 Technology Consulting Portland - Hillsboro
  • Leeds Maze Crypto-Ransomware Data-Recovery Leeds Leeds Ryuk Crypto-Ransomware Detection Huddersfield
  • London, England Top Rated At Home Workforce London Consultants - IP Voice Systems Assistance At Home Workforce London Consulting and Support Services - IP Voice Solutions Expertise London, England
  • Melbourne Ryuk Crypto-Ransomware Negotiation Help Melbourne Melbourne Snatch Ransomware Settlement Negotiation Consultants Melbourne
  • Microsoft Certified Partner Professional Windows 2003 Online Consulting Windows 2003
  • Norfolk Lockbit Crypto-Ransomware Settlement Experts Norfolk Virginia Norfolk Dharma Ransomware Settlement Guidance Norfolk Virginia

  • Exchange 2013 Unified communications Professionals
    Network Engineer Exchange 2013 Unified messaging

    Microsoft Exchange Server 2013 incorporates significant improvements to the functionality of its predecessor Exchange 2010 and introduces important new features as well as a revamped architecture. These enhancements favorably impact vital facets of IT like ease of administration, availability, compliance, operational costs, collaboration, extensibility, throughput, cross-version interoperability, and productivity. Progent's Microsoft-certified Exchange 2013 consulting experts can help you understand the possible business benefits of migrating to Exchange 2013, create a cost-effective validation and deployment strategy, and educate your IT team to manage your Microsoft Exchange Server 2013 solution. Progent can also provide affordable remote support and management services for Exchange 2013.

  • Oklahoma City Oklahoma At Home Workforce Consulting Services - Oklahoma CIty - Endpoint Management Solutions Assistance Oklahoma City Oklahoma Oklahoma CIty At Home Workforce Endpoint Management Tools Consulting

  • MCSE Expert Certified DotNET Developer Firm
    VB.NET Contract Development

    Progent's software experts have worked for 20 years with .NET technologies and the Visual Studio development system and can build or update .NET applications rapidly and affordably.

  • Omaha IT Staffing Temps Services Omaha Nebraska Short-Term Staffing Support Services Consultants Douglas County Nebraska, America
  • Oxford, UK Red Hat Linux, Solaris, UNIX Onsite Technical Support Integration Debian Linux, Sun Solaris, UNIX Oxford, Oxfordshire, South East England
  • Ransomware Data Restore Ransomware Cleanup and Recovery Ribeirão Preto, Preto, State of São Paulo
  • Ransomware System Rebuild Ransomware Hot Line Rio de Janeiro, RJ
  • Ransomware System Rebuild Petaluma California Locky Ransomware Hot Line Petaluma Sonoma County
  • Remote Redhat Support and Setup Baltimore, MD Solaris Consultant Services Baltimore Maryland
  • Remote Workforce Expertise nearby Minnetonka - Cloud Solutions Assistance Minnetonka-Edina Top Quality At Home Workforce Minnetonka Assistance - Cloud Solutions Expertise
  • Rio de Janeiro Snatch Crypto-Ransomware Settlement Negotiation Services Rio de Janeiro Rio de Janeiro NotPetya Crypto-Ransomware Settlement Negotiation Expertise
  • Ross, Tiburon CA Teleworkers Assistance near me in San Rafael - Security Systems Consultants Top Quality San Rafael At Home Workforce Cybersecurity Systems Consulting Experts San Rafael Marin County
  • 24 Hour WannaCry ransomware recovery Consulting Services
  • SCDPM 2012 Protection Groups Integration Services SCDPM 2012 Cloud Backup Support and Integration
  • Saddle Brook-Bergen County, New Jersey Saddle Brook Ransomware Ryuk Susceptibility Review Saddle Brook Crypto-Ransomware MongoLock Preparedness Testing Saddle Brook

  • Services CISSP Certified Security Auditor
    CISSP Certified Security Analyst Specialists

    Progent's CISSP-certified network security consultants can help organizations of any size with any aspect of information system security. Progent can help create cost-effective security solutions that protect a small business from advanced malware attacks or Progent can design, configure, and manage an end-to-end security environment for hybrid networks that support local, remote, and mobile users sharing network resources spread across multiple physical sites and various clouds.

  • San Diego California At Home Workforce Assistance in San Diego - VoIP Technology Expertise At Home Workers Assistance near San Diego - IP Voice Technology Guidance San Diego California
  • San Francisco Crypto-Ransomware Repair Support Services San Francisco, CA San Francisco, CA Immediate San Francisco Ransomware Recovery Experts
  • San Juan Computer Support Consultant Exchange 2003 Server Computer Service Companies Exchange 2019 Puerto Rico
  • SharePoint Server 2007 Consultant Greensboro Piedmont Triad IT Consultants Microsoft SharePoint Server 2007

  • Largest Remote Desktop Network Consultants
    Notebook VPN Small Office Network Consultants

    Progent's remote connectivity and smartphone synchronization experts can assist your business to plan and deploy secure access solutions for remote desktops, laptops, and wireless handhelds so they integrate tightly with your information network, allowing your business to improve the efficiency of your off-site workers.

  • LockBit ransomware recovery Technology Professional
  • SharePoint Server 2007 Remote Consulting San Rafael SharePoint Server 2007 Remote Troubleshooting Novato, Larkspur
  • Netwalker ransomware recovery Technology Professional
  • Specialists Mirial Tandberg Video Conferencing Consulting Services
  • São José dos Campos At Home Workforce Management Solutions Expertise São José dos Campos Sao Jose dos Campos-Jacareí Remote Workforce São José dos Campos Expertise - Endpoint Management Systems Consulting Experts
  • Tech Consultant SQL Server 2014 Canary Wharf, United Kingdom Microsoft SQL Server 2017 Network Installation London Canary Wharf
  • Consultant MongoLock ransomware recovery
  • Telecommuters Consultants in St. Paul - IP Voice Systems Consultants St Paul Minnesota St. Paul Remote Workers IP Voice Systems Consulting and Support Services St. Paul-Eagan
  • Top Microsoft LCS Server Instant Messaging Remote Technical Support Microsoft LCS Server Engineers
  • Virginia, US Security Technical Support Security Protection Virginia Beach, VA
  • Windows Server 2016 Network Assessments Centro de Florianópolis Windows Server 2012 Small Business Network Consulting Services Centro de Florianópolis
  • Windows Server 2016 Small Business Specialist Windows 2019 Server System Engineers State of Sao Paulo
  • Wireless Link Remote Consulting 802.11ac Computer Consultant
  • Ryuk ransomware cleanup Consulting Services
  • Work At Home Job Network Security Consulting Cuyahoga County Ohio Contract Job CISA Engineer Cleveland, Cuyahoga County, USA

  • CISSP Certified Security Multiple cloud integration Technology Professional
    Immediate Microsoft Azure hybrid cloud solutions Consultant

    Progent can assist you to plan and administer hybrid environments that support Windows and Linux systems and apps in both cloud-only systems or in hybrid architectures that utilize local resources along with one or more public clouds. To help you to incorporate public cloud services with physical datacenters, Progent offers a variety of public cloud integration services that include Microsoft Azure hybrid cloud planning and integration services, Amazon AWS cloud integration, and Amazon Web Marketing Service programming and troubleshooting. Progent has 20 years of experience providing advanced consulting services remotely, and Progent can make sure you successfully carry out your cloud migration initiatives on schedule and within your budget.

  • Work at Home Employees Uniondale Consulting and Support Services - Connectivity Solutions Expertise Uniondale-Farmingdale, NY Uniondale-Melville 24-Hour Work at Home Employees Guidance in Uniondale - Integration Solutions Consulting and Support Services
  • Work from Home Employees San Diego Consultants - Help Desk Call Center Outsourcing Consulting Services Urgent At Home Workers Consulting near me in San Diego - Help Desk Call Center Solutions Expertise San Diego County California
  • York Urgent Work from Home Employees Consulting nearby Leeds - Cloud Systems Expertise At Home Workforce Consultants - Leeds - Cloud Integration Technology Consulting Experts Leeds, West Yorkshire

  • © 2002-2024 Progent Corporation. All rights reserved.