The CEO of a multinational manufacturer (Client) identified an urgent need to remove a key executive, along with several accomplices, from the operations of the company, based on concerns that these insiders were intent on sabotaging the company. Given the known IT expertise and access of the executive and his associates, the Client needed to prevent these persons of interest (POI) from stealing sensitive data or disrupting the network prior to being fired. The Client also intended to pursue legal action against the POI and needed digital evidence preserved.
A technology company’s proprietary information was leaked to unauthorized third parties presumably from an identified disgruntled employee. The Client required assistance in determining with certainty whether such actions could be directly attributed to a specific employee within its organization and whether mitigation controls could be put in place to prevent further leaks.
A global consumer service provider was exploring different foreign cities to launch their new service, using security and safety as a critical metric.
A major pharmaceutical company made the decision to terminate an administrator and was concerned about the malicious exfiltration of personally identifiable information (PII) before his termination.
A global manufacturing company experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant downtime resulting in major losses in revenue, it was suspected this outage was likely caused by malicious insider activity involving a recent acquisition
Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every month.
A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.
A multinational manufacturer needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected indicators of wide-spread compromise on the Client’s network using external telemetry not available to the Client.
A pharmaceutical company was facing a sophisticated “short and distort” stock market manipulation campaign, costing the company billions in market cap. A variety of virtual anonymous personas were publishing false information on the company’s leadership on social media and investing platforms - apparently in a coordinated fashion. These activities negatively influenced public perception about the company’s overall corporate governance and damaged the stock price thereby allowing those holding short positions to profit.
A multinational energy company operating in a volatile nation had recently faced serious threats to its personnel and infrastructure as threat actors had begun resorting to violence. The company needed in-depth social media sentiment analysis and timely indications and warnings across social media and closed online forums in order to achieve a more stable risk posture and protect its people and assets.
A global retailer’s peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Out of concern that a subsidiary could be targeted by a similar ransomware attack, Nisos was contacted to assist.
A global consultancy experienced network outages resulting from a large-scale Distributed Denial of Service (DDOS) attack against their Domain Name Service (DNS) servers. Nisos was engaged to leverage access to external telemetry and analytic expertise in order to determine if the consultancy was specifically targeted by the DDOS attack and to perform potential attribution of the threat actors and attack sources.
A global data and infrastructure provider determined a very tightly controlled database was for sale on the dark web. The Client discovered this database was being sold on criminal forums and needed to attribute the seller and the source of the leak.
A global technology company was in the process of divesting a previous acquisition. Upon learning of the divestiture plan , the key executives at the acquisition company threatened to destroy corporate infrastructure if the company was not sold back to the original founders at a lower price.
A publicly traded technology company with thousands of global employees maintains a premier business unit application platform regularly abused by eCrime and cyber espionage actors.
A technology company with thousands of employees across the globe was under attack by a nation-state level adversary. They requested Nisos’ assistance to provide critical intelligence to detect indicators and respond to the attack.
A private equity company focusing on mid-size businesses acquired an e-commerce platform, and during the post-acquisition period learned of a breach affecting the company’s public-facing application server.
A multinational manufacturer (The Client) came to Nisos for help responding to an unusual incident. An unauthorized user opened a trouble ticket in the Client’s internal IT ticketing system. In the ticket, the actor demonstrated access to sensitive client resources and associated the ticket with a senior IT security executive.
Executing a successful merger or acquisition is a major undertaking. There are countless details to be managed by a multitude of stakeholders against fast-approaching deadlines. Strategic issues including financials, employment, tax, and technology must all be considered within the scope of regulatory and integration considerations to ensure the smooth unification of distinct entities.