Our professionals routinely advise and engage on computer breach response, cyber threat assessment, information governance, controls and procedures to protect clients’ sensitive information, and risk mitigation.
We evaluate client vulnerabilities and countermeasures and prescribe steps to safeguard key data from organized cyber criminals, sovereign sponsored advanced persistent threats and other hackers.
Selected Case Studies/Notable Matters
- Developed the extended perimeter security and passive penetration early warning system for a wealth management firm catering to high profile public figures.
- Assessed the vulnerability of our client’s new claims processing facility by evaluating their network, data center, and end-user systems as well as their automatic call distribution system. We were challenged to penetrate the physical security of the high-security payment processing group within the claims processing facility. We demonstrated that we could seize remote control of the call distribution system at will and overcome all existing countermeasures. Our professionals gained access to the network and by tunneling through it we penetrated other corporate facilities enabling SL&A to produce copies of executive’s hard drives that were made without their knowledge or the knowledge of their IT department. SL&A professionals were able to tape their business cards to the inside of computers and check printers in the payment processing facility without being detected. We provided the client with a robust set of procedures and controls to disallow the type of incursion we demonstrated in the vulnerability test.
- Investigated an internal espionage matter at major defense contractor. Identified the perpetrator, determined the IP that had been exfiltrated and the recipient. Coordinated with federal law enforcement in the locating and prosecution of the trade secrets thief.
- Identified an anonymous hacker that had targeted the share price and the executives of a biotech/pharmaceuticals company. The hacker engaged in an anonymous Internet campaign designed to adversely impact the company and its leadership with respect to both financial markets and regulators. The hacker had exploited back doors into the Company’s internal communications and used a combination of publicly available and non-public information in order to harm the company and its C-Suite executives. SL&A mitigated the threat, caused the hacking to cease, and implemented data security measures sufficient to prevent similar incursions.
- De-anonymized and neutralized a hacker who had gained access to critical production servers of a major news outlet and was threatening to disable them. The investigation led to the criminal and civil prosecution of the hacker.
- Developed a repeatable and defensible breach response protocol for a large financial services firm. Executed that breach response after detection, contained the breach, organized notice to those impacted, implemented mitigation steps, and kept all-in breach response and notification costs below the expected target.