Case Studies
Investigating Nation-State Espionage and Theft of Intellectual Property
The Challenge A technology company approached Nisos after it appeared some of their source code and intellectual property was leaked. The client discovered the issue after identifying a series of emails that had been sent to one of their engineers from a foreign...
Monitoring Geopolitical Sentiment and Physical Threats During COVID-19
The Challenge A multinational energy company (the client) operating in a volatile, foreign nation was faced with threats of violence directed at its personnel and infrastructure. In the interest of safety, the client arranged for many of its personnel to depart the...
Disrupting Nation-State Recruiting and Disinformation Efforts on Job Site Platform
The Challenge A job recruiting platform approached Nisos to determine the severity and authenticity of an affiliate recruiting company that appeared to be involved with disinformation and foreign nation state espionage efforts. The foreign nation state was suspected...
Reducing Executive Risk by Removing Sensitive Personally Identifiable Information (PII) from the Internet
The ChallengeA technology company tasked Nisos to conduct a threat evaluation assessment on one of their executives after multiple internet forum users posted inflammatory, threatening, and racially derogatory content.More concerning, some forum users posted the...
Identifying and Disrupting Platform Abuse in the Gig-Economy
The Challenge A technology company noticed a disturbing increase in malicious activity across their platform. Unknown individuals were selling bots that claimed to automate interactions with their platform and provide those that purchased the app an advantage over...
External Hygiene Assessment Delivers Valuable Insight Prior to Company Acquisition
The Challenge Nisos was contracted to conduct cybersecurity diligence and an assessment of external network hygiene for a cybersecurity company’s acquisition target. Why Nisos Although the client, a cybersecurity company, leverages many of the same services as Nisos,...
Mitigating Advanced Threat Actors: Acquiring and Analyzing Malicious Tools to Stop Fraud
The Challenge Malicious foreign actors were creating automated tools to abuse an e-commerce client’s platform. Using that automated process the threat actors were able to mass create and bulk manage accounts, run advertisements, and use credit cards. With those credit...
Mitigating Advanced Threat Actors: Gaining Access to Closed Groups to Gain Insight into Vulnerability Disclosure and Further Litigation
The Challenge A retail client requested our assistance to identify an individual, who was also a paying customer, who wrote a python script that scraped a backend server. The customer had also previously published a WiFi vulnerability present at the company’s offices...
Preventing Corporate Sabotage by a High-Level Executive
The Challenge The CEO of a multinational manufacturer (Client) identified an urgent need to remove a key executive, along with several accomplices, from the operations of the company, based on concerns that these insiders were intent on sabotaging the company. Given...
Data Driven Executive Protection
The Challenge Nisos was tasked to acquire additional information on a threat actor making violent threats against a big tech company’s executive leadership. Why Nisos The client understood Nisos employs analytic experts with years of threat mitigation expertise...
Using Data for Market Entry of Product and Services Based on Security Incidents
The Challenge A global consumer service provider (the Client) was exploring different foreign cities to launch their new service, using security and safety as a critical metric. Why Nisos Nisos was tasked with identifying geographic and temporal crime patterns within...
Preventing the Exfiltration of PII from a Malicious Administrator
The ChallengeA major pharmaceutical company (Client) made the decision to terminate an administrator and was concerned about the malicious exfiltration of personally identifiable information (PII) before his termination. Why Nisos The administrator was being...
Investigating a Destructive Administrator Following Merger and Acquisition
The Challenge A global manufacturing company (the Client) experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant...
Malicious Insider Leaking Information to the Unauthorized Third Parties
The Challenge A technology company’s (the Client) proprietary information was leaked to unauthorized third parties presumably from an identified disgruntled employee. The Client required assistance in determining with certainty whether such actions could be directly...
Attributing E-Crime Syndicates Adds Critical Context
The Challenge Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every...
Online Indicators and Warning Enables Business
The Challenge A multinational energy company (the Client) operating in a volatile nation had recently faced serious threats to its personnel and infrastructure as threat actors had begun resorting to violence. The company needed in-depth social media sentiment...
Attributing Short Sellers to Increase Confidence in Corporate Governance
The Challenge A pharmaceutical company (the Client) was facing a sophisticated “short and distort” stock market manipulation campaign, costing the company billions in market cap. A variety of virtual anonymous personas were publishing false information on the...
Countering Destruction to Save a Business
The Challenge A healthcare technology company (the Client) suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data. Why Nisos In addition to the primary forensics firm that was...
DDOS Investigation Leads to Much Greater Network Security Bolstering
The Challenge A multinational manufacturer (The Client) needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected...
Investigating a DDOS Attack
The Challenge A global consultancy (The Client) experienced network outages resulting from a large-scale Distributed Denial of Service (DDOS) attack against their Domain Name Service (DNS) servers. Why Nisos The Client engaged Nisos to leverage our access to external...
Countering APTs, Ensuring M&A Standards Through Threat Hunting
The Challenge A global retailer’s (the Client) peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Why Nisos Out of concern that a subsidiary could be targeted by a similar ransomware...
Threat Intelligence to Remediate Platform Abuse
The Challenge A publicly traded technology company (the Client) with thousands of global employees maintains a premier business unit application platform regularly abused by eCrime and cyber espionage actors. The Client requested Nisos’ expertise in threat...
Insider Threat: Preventing Destruction During M&A Activity
The Challenge A global technology company (the Client) was in the process of divesting a previous acquisition. Upon learning of the divestiture plan , the key executives at the acquisition company threatened to destroy corporate infrastructure if the company was not...
Third Party Risk Management: Investigating a Leak of Sensitive Data from a Customer
The Challenge A global data and infrastructure provider (The Client) determined a very tightly controlled database was for sale on the dark web. The Client discovered this database was being sold on criminal forums and needed to attribute the seller and the source of...
Cyber Diligence: Critical for M&A
The Challenge A private equity company (the client) focusing on mid-size businesses acquired an e-commerce platform (the portfolio company), and during the post-acquisition period learned of a breach affecting the company’s public-facing application server. An...
Actively Countering Advanced Persistent Threats with External Telemetry
The Challenge A technology company (the Client) with thousands of employees across the globe was under attack by a nation-state level adversary. They requested Nisos’ assistance to provide critical intelligence to detect indicators and respond to the attack. Given the...
Eight Hours to Attribution
The Challenge A multinational manufacturer (The Client) came to Nisos for help responding to an unusual incident. An unauthorized user opened a trouble ticket in the Client’s internal IT ticketing system. In the ticket, the actor demonstrated access to sensitive...
Mergers, Acquisitions and Hidden Threats: When Due Diligence Isn’t Enough
Executing a successful merger or acquisition is a major undertaking. There are countless details to be managed by a multitude of stakeholders against fast-approaching deadlines. Strategic issues including financials, employment, tax, and technology must all be...