East Irondequoit claims victory over Emotet with Malwarebytes

How Malwarebytes’ solution conquered a network trojan virus in just 20 days

Achieving teaching excellence through digital conversion

The East Irondequoit Central School District leadership team believed that thoughtful integration of current technologies had the potential to fundamentally shift how instruction could be facilitated in the classroom. With this in mind, Joseph Sutorius, chief information officer for East Irondequoit CSD, and his team began equipping the faculty and students with 3,400 iPads and Windows laptops and ultimately helped foster the creation of modern teaching spaces. “Teachers became comfortable with mobile technology, digital resources, and the advantages of every student having a computing device. They realised that classroom redesign and digital transformation has a big and positive impact on learning,” said Sutorius.

Emotet slips past incumbent endpoint security

The IT team takes pride in following industry best practices. “We adopt rigorous security controls and conduct regular penetration audits,” said Sutorius. The team were put to the test when the invasive Emotet trojan slipped past the district’s incumbent endpoint security solution on the sixth day of school. “We started getting helpdesk calls that devices had blue-screened, and quickly realised we had a significant issue,” said Sutorius. Within 24 hours, East Irondequoit had 1,400 infected computers.

Malwarebytes to the rescue

The district IT team suspected that the incumbent endpoint security solution had let them down. Sutorius went on a mission to select an automated remediation tool to manage the incident response process. His research lead him to Malwarebytes, which also had positive reviews from Gartner Peer Insights.

Case study

Sutorius started with Malwarebytes’ free incidence response tool for expediency and then purchased Malwarebytes Endpoint Protection and Response (EPR) to automate the district’s remediation. Malwarebytes EPR was essential to the recovery efforts. The IT team installed the solution, and by midday they had critical insight into the extent of the outbreak. “We marvel that Malwarebytes was nimble enough to help us out so quickly. We would have been in big trouble if we hadn’t gotten the solution in place as fast as we did,” said Sutorius.

Automated remediation and cloud management console lead the way

Malwarebytes’ cloud-based dashboard provided a centralised view into which endpoints needed Malwarebytes EPR installed, and allowed the team to identify new infections. “You can’t put a price on the comfort level the dashboard gave my team to have eyes on the remediation progress. In contrast, our incumbent solution only showed us that we still had infections, and we had no insight if we were making progress. With Malwarebytes, my team could quantify that their efforts were making a difference,” said Sutorius.

The dashboard also enabled the team to identify machines that were getting re-infected. Sutorius called Malwarebytes Support to triage the issue. They realised Emotet had cracked the network’s admin password, so it had access to deactivate endpoint security. Once the team addressed this they made fast headway in removing all traces of Emotet.

Emotet knocked down in 20 days

Malwarebytes’ automated remediation provided the powerful capabilities required to fully remediate Emotet from the network. The solution stopped web access on the devices, crippling Emotet’s ability to obtain further control. Malwarebytes EPR also isolated the endpoints, limiting communication only to the cloud-based dashboard. This ensured the PC didn’t get re-infected. “Malwarebytes made it possible to knock down the Emotet infection in 20 days without taking down our network. Without Malwarebytes, our remediation would have taken significantly longer and would have required a network interruption during our busiest time of the school year,” said Sutorius.

Modern solution for the modern endpoint

“It’s great to detect malware but to have a solution that also isolates and disinfects the infection is huge. Malwarebytes has a powerful solution, and no one currently has anything close to it,” said Sutorius.

To find out more about Malwarebytes, visit: www.malwarebytes.com