CASE STUDY
Insider Threat: Preventing Destruction During M&A Activity
The Challenge
A global technology company (the Client) was in the process of divesting a previous acquisition. Upon learning of the divestiture plan , the key executives at the acquisition company threatened to destroy corporate infrastructure if the company was not sold back to the original founders at a lower price.
Why Nisos
Working with the Client’s inside and outside counsel, we needed to use our all-source investigative and technical resources to infiltrate the divestiture’s environment and ensure the integrity of sensitive infrastructure and protect sensitive data over the course of the two weeks divestiture proceedings.
Preparation
We were granted access to the network through a previous auditor’s credentials. This access was used to probe the infrastructure and piece together the location of the data stores and the business application’s source code.
We provided this information to the Client in order to plan a course of action and identify personnel within the divestiture that could provide further access. After conferring with the identified key personnel within the divestiture, Nisos was given full access to data stores and infrastructure to proceed with execution of monitoring and containment.
Execution
Over the course of a week, we were able to backup all of the application source code and customer databases. We also put in place a system of tailored monitoring to ensure no one was trying to exfiltrate or destroy data – measures designed to persist for the two weeks leading up to the sale.
Once the system was in place, we played the role of de facto administrators, utilizing proprietary monitoring and containment scripts to achieve confidence in the integrity and stability of the environment.
After the sale was executed, and as the announcement was made during an all-hands meeting, we removed everyone’s access to the application, source code, devices and infrastructure. We then filtered new accesses to trusted individuals and those staying aboard the divestiture.
Impact
The Client’s sale price was several times higher than it would have been had it sold to the original co-founders. Nisos saved the Client millions by preserving the infrastructure, preventing data loss, and giving the Client time to achieve a deal with the new buyers.
About Nisos
Nisos is the Managed Intelligence company. Our services enable security, intelligence, and trust and safety teams to leverage a world-class intelligence capability tailored to their needs. We fuse robust data collection with a deep understanding of the adversarial mindset delivering smarter defense and more effective response against advanced cyber attacks, disinformation, and abuse of digital platforms.
For additional information, contact info@nisos.com