USE CASES
ACID Technologies continues to enable clients around the globe to block and/or mitigate the consequences of cyber attacks. Learn below how ACID may help your organization.
Adding ACID’s Intelligence platform to our security stack helps us to increase our security posture. Using ACID’s automated threat detection daily helps us more easily in alerting our team immediately and protecting our company from various malicious threats.
Guy HavushaCISO Banking and Finance
Theft of confidential data from a bank (1)
- A disgruntled bank employee stole a database of 1 million customer records and 2 million credit cards from his employer, and demanded ransom.
- ACID conducted extensive searches on multiple platforms to verify whether the stolen information was also being offered for sale to others, to prevent harm to the bank’s reputation while it was negotiating with the attacker, in order to provide the police sufficient time to apprehend him.
- ACID continued its close monitoring in order to collect more data on the attack, which would help apprehend the attacker.
- The attacker was identified and brought to justice.
- The stolen data was retrieved, and the bank’s reputation remained intact.
- ACID continued monitoring the web for several months, to verify that the data had not been copied and was still being offered for sale by possible accomplices.
Theft of confidential data from a bank (2)
- A third-party employee, of a company providing services to the bank, stole sensitive information and tried to sell it.
- ACID detected the attempts to sell the stolen data and informed the bank in real time.
- ACID continued its close monitoring in order to collect more data on the attack, to help apprehend the attacker.
- The attacker was arrested.
- The stolen data was retrieved, and the bank’s reputation remained intact.
- ACID continued monitoring the web for several months, to verify that the data had not been copied and was still being offered for sale by possible accomplices.
Theft of credit card information (multiple cases)
- Cybercriminals stole the data of a large number of credit cards, and offered it for sale.
- ACID detected the attempts to sell the information on the dark web and alerted the banks, providing all the details.
- ACID continued its close monitoring in order to collect more data on the attacks, to help apprehend the attackers.
- The banks cancelled the stolen credit cards and issued new ones to their affected clients.
- The data was reclaimed, bank clients avoided misuse of their stolen credit cards, the banks avoided potentially heavy financial losses, and their reputation remained intact.
Harm to reputation of a financial institution
- A cybercriminal hacked the Facebook account of a financial institution, which was being managed by a contractor, and posted defamatory language on it.
- ACID detected the attack and alerted the financial institution in real time, providing all known details.
- The financial institution contacted the contractor and regained control of its Facebook account, deleting the text posted by the attacker.
- The quick response, made possible as a result of the immediate alert provided by ACID, mitigated the harm to the institution’s reputation.
Attempt to disrupt a bank’s operation and harm its image
- ACID detected a Facebook post calling for a mass protest at the entrance to the bank’s headquarters, aimed at disrupting its activity.
- ACID contacted the bank, providing all the details of the planned protest.
- The bank was able to summon law enforcement to contain the protest.
- The bank continued operating normally.
Healthcare
Theft of patients’ PII from a healthcare institution (multiple cases)
- ACID detected the attempted sale of PII of hundreds of thousands of patients on the dark net.
- The information included patient treatment records, details of therapy sessions with psychologists and X-rays, among others.
- The healthcare institutions were immediately alerted and provided with all available data on the attack.
- In one case, the attacker was unable to sell the stolen information, and posted chunks of data in Pastebin.
- ACID detected the posted chunks and informed the relevant institution in real time.
- ACID also detected activity aimed to defraud health insurers with fake certificates.
- The institutions were able to take action to mitigate the consequences of the attack.
- The healthcare institutions were able to close the security breach and prevent future attacks.
- The institutions had time to prepare a PR response before the theft became public knowledge.
Oil and Gas
Stolen remote access code to SCADA
- ACID detected a remote access code to SCADA infrastructure, which was offered for sale on the dark web in exchange for Bitcoin.
- ACID reported the theft and attempted sale to the client.
- The client was able to take immediate action to identify the perpetrator and eliminate the threat.
- The client’s activity was uninterrupted, it avoided financial losses, and its reputation remained intact.
Leaked classified report of a malfunction
- ACID detected a utilities & power company’s classified report on a system malfunction on the dark web.
- ACID immediately alerted the company, which was unaware that the report had been leaked.
- The information provided by ACID allowed the company to investigate who had leaked the report and take action to mitigate the consequences of the leak.
Theft of private information and its attempted sale
- ACID detected an attempt to trade in confidential information stolen from a telecommunications company.
- The attacker stole the information from the company’s engineering network, and offered private correspondence of individual users, identified by their telephone number, for sale.
- ACID alerted the company in real time, providing all available details.
- ACID continued monitoring the incident to collect additional data and update the client.
- The company was able to take immediate action to mitigate the consequences.
Gained control of an industrial management system
- ACID detected that a cybercriminal had hacked into a thermal power plant’s management system and gained full control.
- ACID immediately informed the client, providing all known details.
- The client was able to close the security breach and regain control of its management and control systems.
- The client avoided financial losses, as well as damage to reputation.
- Potential harm to the environment was also avoided.
Gambling and Gaming
Stolen admin access credentials
- ACID detected that an attack in which the SSL VPN server of a gambling company’s financial system had been hacked, and its admin access credentials were traded on the dark net.
- ACID immediately alerted the company, providing all the known details.
- ACID continued monitoring in order to collect additional information, as it became available.
- The company was able to take action to eliminate the threat and mitigate its consequences.
- The company avoided financial harm and damage to its reputation.
State and Local Government
Gained control of backend systems
- ACID detected that the personal information of hundreds of thousands of citizens, including the ID photos of some of them, was being offered for sale on the dark web.
- ACID alerted the governmental body from which the information had been stolen, providing all the available details.
- The governmental body took action to close the security breach.