Identifying threats from inside the business
A mid-sized oil and gas retailer in the US faced a significant internal security threat that jeopardised its operational integrity and financial standing. The company identified two employees who were engaged in illicit activities, including the trade of gift cards on the dark web and conducting fraudulent online transactions. Additionally, these internal threat actors submitted false expense receipts, one of whom held a critical leadership position within the IT Department, increasing the complexity and risk of the situation.
Containing the threats
Quorum Cyber was brought in to collect and preserve critical forensic evidence to enable the company to pursue legal action against the threat actors.
To address these challenges, onsite IT resources tasked with eliminating all access points utilised by the threat actors. A comprehensive inventory and security overhaul of the company’s entire IT infrastructure was conducted to ensure no vulnerabilities remained. To maintain operational stability, Quorum Cyber provided 30 days of continuous IT services to assist end users during the transition.
Three positive outcomes
The strategic interventions led to several positive results for the company:
- Prevention of Future Threats: By implementing rigorous access control measures, the company effectively thwarted potential reattacks, securing its operations against internal threats.
- Comprehensive Forensic Investigation: The oil & gas firm delivered an in-depth forensic analysis of the threat actors’ activities, providing valuable insights and evidence to support legal proceedings.
- Operational Continuity: Throughout the remediation process, the company ensured the continuous and smooth operation of its day-to-day activities, minimising disruptions and maintaining business as usual.
By addressing the internal security threats with decisive action and robust solutions, the oil & gas retailer protected its assets and reputation from harm and also reinforced its commitment to maintaining a secure and trustworthy business environment.
Contact us if you need help to strengthen your company’s cyber security.
