Digital Risks Respond

A global leader in the redistribution of pricing and reference data for financial institutions fell victim to a ransomware attack by the cybercriminal group Akira. The group rendered the company’s systems inoperable. Critical data stores were potentially corrupted. Akira was threatening to leak the stolen data.

The client brought on Control Risks to support with initial crisis management as well as rebuilding and recovery, forensic investigation, and cyber threat intelligence monitoring. Our experts conducted a thorough forensic investigation to assess the impact on data integrity and the likelihood of data exfiltration, provided reassurance regarding the minimal impact on data integrity, and aided in the recovery and communication efforts.

The crisis response minimised operational downtime, while the prioritisation of forensic investigation led to a swift determination of the low likelihood of data exfiltration, which allowed for precise legal and regulatory guidance. Deep and dark web monitoring informed proactive measures against potential leaks and provided endpoint detection and response, with insights into the cybercriminal's potential moves to navigate the aftermath of the attack.

In collaboration with Control Risks, the client not only navigated the crisis but mitigated further risks and began the process of restoring normal business operations. 

A prominent communications infrastructure operator engaged in the deployment and management of six undersea cabling projects was confronted with a significant challenge. This client was involved in a high-stakes project to establish a high-speed, low-latency fiber optic cabling link connecting European cities and Mumbai. During this complex operation, they encountered a critical issue: a suspected payment misdirection fraud involving a substantial six-figure sum meant for a Middle Eastern entity. This incident raised urgent concerns about the security of their financial transactions and the potential impact on their extensive network of stakeholders, including listed investors and direct regulators.

In response to this critical financial security breach, the client enlisted Control Risks to conduct a thorough investigation into the nature and extent of the incident. The aim was to determine whether their systems had been compromised and if other transactions were at risk. Control Risks took immediate action to advise on containment and mitigation strategies while their forensic investigation was underway. Furthermore, comprehensive reporting was produced for a diverse group of stakeholders across the UK and Ireland, including law firms, listed companies, regulators, investors, insurers, and loss adjusters, ensuring all parties were informed and aligned during the resolution process.

As a result of the proactive measures and expert investigation conducted by Control Risks, the client successfully managed the situation with their key stakeholders, preventing any further financial losses and addressing all raised concerns efficiently. The client was able to resume normal operations, bolstered by a reinforced understanding and handling of cybersecurity risks, thereby safeguarding its critical infrastructure projects and maintaining trust among its investors and regulatory bodies.

Control Risks was approached by a prominent charity organisation following a critical security incident: approximately seven terabytes of the charity’s data were illicitly extracted from its systems. The exfiltrated data potentially included sensitive internal management files such as financial records, HR, personal data and medical information of both donors and beneficiaries, threatening not only the privacy of the individuals affected, but also the organisation's reputation.

The organisation’s primary concern was to determine the extent of the data breach, evaluate the potential escalation by the threat actor and devise effective strategies to safeguard its reputation while continuing to protect its staff and beneficiaries. Given the organisation's large scale and complex governance structures, the ambiguity regarding the full scope of the exfiltrated data compounded the challenge. Our experts conducted a thorough review of the organisation’s incident response measures and provided expert guidance on managing communications with the threat actor and realigning the internal response teams.

The solutions implemented by our team included a strategic reassessment of the organisation’s crisis management protocols. This led to the establishment of a new, streamlined crisis management structure. The structure was specifically designed to reduce the time spent in crisis management meetings by 60% while clarifying deliverables and responsibilities across the organisation. Our team also provided tailored advice on potential next steps and escalation pathways, which had been crucial in managing the incident discreetly and effectively.

With our support, the organisation reinforced its capacity to manage and mitigate crises, ensuring a robust framework for protecting its critical data and supporting its global operations amidst evolving cyber threats.