New York School District Claims Victory Over Emotet Trojan with Malwarebytes

SANTA CLARA, Calif: Malwarebytes, the leading advanced endpoint protection and remediation solutions, today announced the successful recovery of an Emotet outbreak for the East Irondequoit Central School District, which at one point had infected over 1,400 of the school district's endpoints.

The East Irondequoit Central School District, located in New York, first engaged Malwarebytes during a critical Emotet Trojan outbreak that a legacy endpoint security provider failed to stop. The Emotet Trojan ran rampant across the district's endpoint environment infecting 1,400 devices and impacting network operations across the district. Once on board, Malwarebytes was able to isolate, remediate and recover all infected endpoints without completely disrupting the network for students or staff in under 20 days.

Organizations from all industries and regions are turning to Malwarebytes when Emotet or other threats get past existing security solutions. Our unique ability to isolate the infected endpoints in the middle of an attack and remediate gives customers the ability to quickly recover and regain control of their systems, said Marcin Kleczynski, CEO of Malwarebytes. Malwarebytes was created to help companies fight against all types of threats. Working with this school district to protect its students and faculty shows the real-life implications of cyberattacks in our nation's critical infrastructure.

Malwarebytes Cloud Platform provided a command-central point for endpoint detection and response efforts, allowing the team to access the dashboard remotely and monitor progress. This allowed them to view the full scale of the outbreak and track efforts to contain the outbreak in real-time. By isolating infected endpoints and limiting communication to the online dashboard, the team was able to protect machines throughout the remediation process, with minimal disruption to other IT processes.

Malwarebytes made it possible to knock down the Emotet infection in 20 days without taking down our network, said Joseph Sutorius, Chief Information Officer for the East Irondequoit Central School District. Without Malwarebytes, our remediation would have taken significantly longer and would have required a network interruption during our busiest time of the school year.

In a recent report, Malwarebytes Labs found that educational institutions and students are prime targets for cybercriminals, given school networks often lack strong protection due to limited budgets and resources. Key findings in this sector include

In this first half of 2019, Emotet, Trickbot and Trace have been particularly active in Education, with the three representing nearly half of all Trojans detected (44 percent) and more than 11 percent of all compromises.
Trojans have accelerated their attacks among industries, up 132 percent in 2018
Education was the top industry impacted by Trojans in 2018 and is accelerating in 2019
Trojans represented almost 30 percent of all detections in institution-owned devices.
Among devices plugging into the network, Trojans represent the single largest threat category, even above generic Malware and Adware detections.
One in three (33 percent) of these compromised non-institution-owned devices carry Trojans, globally
Germany - 34 percent
US - 26.8 percent
Australia - 21 percent
Singapore - 17 percent
UK - 5 percent
In 2018, Education was the top industry for Adware compromises, Trojan detections, and second on the list of verticals most commonly hit with ransomware.
This continues in the first half of 2019, with Adware, Trojans and Backdoors the three largest categories of threats identified among Education institutions' devices.
Adware - 43 percent
Trojans - 25 percent
Backdoors - 3 percent

Additionally, data from educational institutions and .edu domains from March 2018 to March 2019 found

The second most prevalent threat were identified as backdoor threats.
There was a high spike in detection activity in July 2018 and September 2018 for Trojan infections from .edu emails overall.
Spyware infections to these domains spiked in August 2018, suggesting that summer is a prime time to hit students and educational institutions, while they are low on staff and perhaps less vigilant about security practices.
Summer shows .edu email addresses are also most likely being used on a wide array of other networks as students travel home and beyond, putting them at increased risk to infect devices which will be brought back onto campus networks in the fall.

Malwarebytes also recently launched a new initiative to help students get access to premium protection - and help fund technology education. Students with .edu email addresses can get four years of premium protection for just a $5.00 donation. Since launching in May, this program has raised more than $50,000 to advance technology education. To apply for this discount, visit https//
(PRN | 6 months ago)

Like This Article?
New York School District Claims Victory Over Emotet Trojan with Malwarebytes