This post was last updated on September 17th, 2019 at 03:56 pm
Download Case Study
Submit the form below to download our case study
Case Study Overview
In January of 2019, Linden Bulk Transportation's IT department began receiving a high volume of help desk calls. They noticed a spike in network latency, slowing communication between their various systems and servers.
Learn how our partner, Check Point Software, leveraged Infocyte's MDR platform to help Linden quickly investigate, isolate, and respond to an Emotet Trojan malware attack.
Linden Bulk Transportation provides safe, reliable bulk and intermodal transport across North America. The organization supports a fleet of more than a thousand trucks, power units, trailers, and other transportation assets.
In January of 2019, Linden’s IT department began receiving a high volume of help desk calls and noticed an increase in network latency. Communications among their various systems and servers were getting precariously slow.
When the IT staff investigated some of the servers in question, they noticed a large number of services being enabled and populated—indications of an attack in progress. They tried to contain the attack by isolating what they believed were the infected systems and servers. However, this proved to be a difficult task for an environment with hundreds of systems spread across a highly segmented network spanning multiple locations.
The malware also appeared to be constantly evolving and replicating itself, further complicating their efforts to manage issues. Even after weeks of intense effort by the Linden IT team, what began as a network slowdown was now a full-fledged attack.
Linden contacted Check Point Software’s Incident Response (IR) team for help. Check Point deployed Infocyte HUNT from the cloud. Within hours, the IR team had executed a network-wide scan and a forensic state analysis to gain deep visibility of Linden’s hosts, systems and servers. Check Point was able to identify exactly which systems were infected and then work with Linden and Sycomp, a Check Point strategic partner, to begin containment and remediation efforts.
With Infocyte HUNT, the team was able to identify multiple cyber threats in minutes, including Ryuk ransomware, Mimikatz trojans, and the Emotet virus, an advanced modular trojan that primarily functions as a downloader or dropper of other malicious software.
Infocyte HUNT also determined that the malware had breached Linden’s IT environment in October and had bypassed installed firewall and antivirus tools. The malware was able to dwell in the environment unnoticed for months.
The in-depth analysis report enabled the IT team to focus its resources and remediate the infected systems. Seeking to avoid a repeat of this nightmare, Linden now leverages Check Point Software to provide protection, and Infocyte HUNT for proactive detection and incident response. Through scheduled, ongoing scans of the network environment and real-time alerts, Linden is able to certify that its environment is free of breaches as well as pinpoint and investigate any new potential threats quickly.
Read our case study to learn how Linden Bulk Transportation has gained peace of mind by proactively protecting its network and hunting for any threats that may arise.