• >
  • >
  • >
  • >
  • >
CrowdStrike > Case Studies > European Construction Supplier Repels Ransomware, Rebuilds Security Defenses

European Construction Supplier Repels Ransomware, Rebuilds Security Defenses

CrowdStrike Logo
Customer Company Size
Large Corporate
Region
  • Europe
Country
  • France
  • United Kingdom
  • Germany
  • Ireland
  • Poland
Product
  • CrowdStrike Falcon Complete™
  • Falcon Overwatch™
  • Falcon Discover™
  • Falcon Device Control™
Tech Stack
  • Managed Detection and Response (MDR)
  • Endpoint Security
  • IT Hygiene
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Customer Satisfaction
  • Digital Expertise
Technology Category
  • Cybersecurity & Privacy - Endpoint Security
  • Cybersecurity & Privacy - Security Compliance
Applicable Industries
  • Construction & Infrastructure
Applicable Functions
  • Business Operation
Use Cases
  • Intrusion Detection Systems
Services
  • Cybersecurity Services
  • System Integration
About The Customer
SIG is a publicly traded supplier of specialist building products and solutions, serving commercial customers across the UK, France, Germany, Ireland, Poland, and Benelux. With a workforce of 6,500 employees spread across 425 locations, SIG is a significant player in the European construction industry. The company provides a wide range of building solutions, catering to various construction needs. As a large corporate entity, SIG operates with a lean IT organization, supported by regional teams and a centralized IT function. The company places a strong emphasis on building vendor partnerships to enhance its security posture and ensure the protection of its operations. SIG's commitment to cybersecurity is evident in its proactive approach to evaluating and reinforcing its cybersecurity strategy, particularly in the face of growing cyber threats. The company's focus on endpoint protection and its decision to partner with a reliable cybersecurity vendor highlight its dedication to safeguarding its operations and maintaining business continuity.
The Challenge
SIG, a leading European building solutions provider, faced a significant cybersecurity challenge when a GandCrab ransomware attack struck over 600 devices in its France-based operations. This incident forced the company to shut down its entire French operation, which accounts for almost 30% of its total revenues. The attack highlighted the growing threat of cyberattacks and the vulnerability of endpoint devices. At the time, SIG had multiple endpoint antivirus products in place, but they were proving ineffective due to unnecessary administration challenges and the varying efficacy of the products. The company had a lean IT organization, with regional teams supported by a centralized IT function, making it crucial to find a reliable cybersecurity partner to augment their internal team. The SIG security team had already begun evaluating its cybersecurity culture and infrastructure to protect against such threats, especially for end users who were seen as primary targets. The ransomware attack underscored the need for a robust endpoint protection strategy and the importance of selecting a capable cybersecurity vendor.
The Solution
To address the cybersecurity challenges, SIG decided to reinforce its cybersecurity strategy with a focus on endpoint protection. The company evaluated independent consultants' reports and recommendations, including research by Gartner and Forrester, to select an endpoint security vendor. CrowdStrike emerged as the favored choice due to its proven managed service capability, reputation, and quality of response during the tender process. SIG deployed CrowdStrike Falcon Complete™ managed detection and response (MDR) to protect thousands of dispersed endpoints across 425 locations in multiple European countries. The deployment began in the UK and was completed on schedule, but the rollout to other countries was slower due to various reasons. Despite this, CrowdStrike was considered a critical component of SIG's security posture, and the company prioritized its deployment to ensure protection. In France, CrowdStrike endpoint agents had just been installed on a couple of devices when the ransomware attack occurred. These protected devices detected the attack and alerted SIG, enabling the company to take action to prevent the ransomware from spreading further. SIG mobilized its global IT team and partners, and CrowdStrike provided critical incident support, helping SIG triage the incident and providing vital information on the GandCrab ransomware variant. The SIG IT team worked to rebuild key infrastructure components and reimage devices across branch locations in France to return to normal business operations.
Operational Impact
  • Received critical incident support from CrowdStrike despite no formal agreement in place at the time.
  • The ransomware attack in France reinforced the value of CrowdStrike, leading to the rapid deployment of Falcon Complete across all endpoints.
  • SIG utilized CrowdStrike Services Compromise Assessment capability to investigate the GandCrab attack and ensure measures were put in place to prevent similar threats.
  • Exercises were conducted to measure the effectiveness of the Incident Response plan and improve understanding of risks and threats across the business.
  • Data from CrowdStrike Falcon sensors is being integrated with SIG's ServiceNow platform to improve IT resource management and create a vulnerability program and security scorecards.
Quantitative Benefit
  • Two CrowdStrike-protected devices provided insights needed to secure 600 infected systems.
  • Achieved an 'amazing feat' securing 450 vulnerable endpoint devices in just 30 minutes.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that AGP may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from AGP.
Submit

Thank you for your message!
We will contact you soon.