Lindsay Automotive Group

Stopping email-borne threats in a fast-growing business

In the last 15 years, vehicle dealership Lindsay Auto Group has expanded business operations dramatically, tripling its number of store locations and increasing headcount five-fold. With business booming and a burgeoning clientele, the company was storing a growing amount of personally identifiable information (PII) and credit card data from customers on site. To mitigate potential vulnerabilities, a decision was taken to stop the local storage of client PII. However, despite having made this move, Lindsay Auto still fell victim to an attack from cyber hackers.

Paul Moline, chief information officer at Lindsay Auto Group, recounted the stressful afternoon, “I was standing in the middle of a showroom during an event we were hosting when suddenly, almost every single monitor in the room blue-screened and my phone began ringing uncontrollably with concerning reports of system failures at multiple stores!”

He continued, “The breach brought down every department, every workstation and every endpoint—all 800 of them. The remote stores couldn’t even access the network. We shut everything down for a week, cleaning machines one by one before bringing them back online. Although no client data was ever at risk, because of the disruption to operations we were hemorrhaging money. We had just successfully reconnected two stores to the network when everything crashed again. I finally realized when it was apparent that this was so much bigger than anything we were prepared for.”

Video

Lindsay Automotive Group stops email-borne threats in their fast-growing business

“I never anticipated that we could protect our environment with exactly the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night!”

- Paul Moline, Chief Information Officer, Lindsay Automotive Group

FireEye: Crisis Control Just a Phone Call Away

On the recommendation of a close personal contact who worked at a large international bank that relies on FireEye for security, a call was placed: “On Monday afternoon, FireEye immediately responded and connected me with certified partner, One Source Communications,” Moline recalled. “From Tuesday morning onward, experts from One Source were in our shop for 15-hours a day diagnosing what had occurred. They discovered a botnet had invaded our infrastructure after someone opened a phishing email, and they were able to successfully remediate the situation and get us fully operational again.”

Moline divulged, “It was probably the best phone call I ever made!”

One Source Communications is a full-service IT, communications and security solutions provider headquartered in Greenville, NC. The company offers a broad range of best-in-class services and is the provider of choice for an extensive number of blue-chip and high- profile clients.

Once the One Source consultants had stabilized Lindsay Automotive Group’s environment and established that all components were free of compromise, they conducted a comprehensive analysis to create a strategy to ensure that the situation could not reoccur. A key outcome was the immediate deployment of FireEye Email Security to secure a threat vector that is highly favored by criminals. The implementation provides Lindsay Auto Group with the ability to accurately detect and immediately stop advanced threats before they can compromise the company’s infrastructure. The scalable solution combines email-specific threat intelligence with external adversarial, machine and victim intelligence to provide contextual insights that help prioritize and accelerate responses to email-borne threats.

One Source integrated FireEye Email Security with an instance of FireEye Helix running in its security operations center, providing remote oversight to assist the automotive group’s modestly-sized IT team.

Lindsay Automotive Group

Lindsay Auto Group

Industry: Automotive

Lindsay Auto Group opened in 1963 and now operates eight dealerships and four collision centers across the Washington D.C. area. The company has more than 1,000 employees and nearly one billion dollars in annual revenues.

Benefits

  • Fortune 50 levels of protection
  • Centralized management and infrastructure-wide visibility
  • Continually adapting, proactive defense posture

“The cost for protection paled in comparison to the losses we’d face if an attack took down our network and closed our stores for days.”

- Paul Moline, Chief Information Officer, Lindsay Automotive Group

Investing in Peace of Mind

In the highly volatile and dynamic world of cyber attacks, FireEye provides a complete security solution that constantly adapts to the threat landscape. “I’m confident that in the event of someone clicking on a compromised file attachment or spear-phishing scam, FireEye Email Security will detect and contain the malware, and then FireEye Helix prevents the infected machine from contaminating the rest of the network,” enthused Moline.

Though the FireEye solution required Lindsay Auto Group to increase spending on security, the investment was unreservedly endorsed by upper management. “We did the math and the cost for protection paled in comparison to the losses we’d face if an attack took down our network and closed our stores for days again,” Moline noted.

Fortune 50-Level Security, Now Accessible to All

Moline reflected, “Years ago, the owner of Lindsay Auto Group told me, ‘You need to know when to call somebody and ask for help.’ I don’t know that I fully appreciated the value of that advice until a single phone call to FireEye saved our company. We were always in reactive mode. Now, we feel safe and ahead of the curve.”

He concluded, “The FireEye and One Source partnership is extremely powerful; the former offers an incredible set of security solutions and the latter excels at personalized deployment and execution. I never anticipated that we could protect our environment with exactly the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night!”