The CEO of a multinational manufacturer (Client) identified an urgent need to remove a key executive, along with several accomplices, from the operations of the company, based on concerns that these insiders were intent on sabotaging the company. Given the known IT expertise and access of the executive and his associates, the Client needed to prevent these persons of interest (POI) from stealing sensitive data or disrupting the network prior to being fired. The Client also intended to pursue legal action against the POI and needed digital evidence preserved.
Nisos was tasked to acquire additional information on a threat actor making violent threats against a big tech company's executive leadership.
A technology company’s proprietary information was leaked to unauthorized third parties presumably from an identified disgruntled employee. The Client required assistance in determining with certainty whether such actions could be directly attributed to a specific employee within its organization and whether mitigation controls could be put in place to prevent further leaks.
A global consumer service provider was exploring different foreign cities to launch their new service, using security and safety as a critical metric.
A major pharmaceutical company made the decision to terminate an administrator and was concerned about the malicious exfiltration of personally identifiable information (PII) before his termination.
A global manufacturing company experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant downtime resulting in major losses in revenue, it was suspected this outage was likely caused by malicious insider activity involving a recent acquisition
Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every month.
A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.
A multinational manufacturer needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected indicators of wide-spread compromise on the Client’s network using external telemetry not available to the Client.
A global retailer’s peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Out of concern that a subsidiary could be targeted by a similar ransomware attack, Nisos was contacted to assist.