Expelling the source of malicious virtual attacks on a leading pharmaceutical firm

Situation

A series of disruptive and damaging cybersecurity incidents begins harming the internal and external operations of one of the nation’s leading publicly-traded pharmaceutical companies. The offenses included email spoofing, anonymously written emails threatening certain employees, and a number of anonymously posted blog entries detailing company trade secrets.

Action

The client commissioned GRA Quantum technicians to identify the source of the disruptive security incidents, assess their full scope, and advise the company on measures to resolve the problem.  Our engineers began immediately with a meticulous review of evidence provided by the client and systematic examinations of leads ascertained via dark web resources. This analysis quickly revealed the personal identity and location of the anonymous email account used by the perpetrator to send the malicious emails.

Outcome

GRA Quantum representatives conducted a site visit to the client’s headquarters and undertook an in-person investigatory interview with the suspected culprit. Drawing from the compelling evidence amassed by the investigation, our examiners conducted a rigorous interview that ultimately resulted in a full confession by a senior executive. Having admitted his role as the sole source of all the malicious activity, the executive agreed to resign his positions in the company leadership and on the board of directors. This clean break spared the client millions in severance and litigation fees, a further dip in stock value, and brand tarnishing public embarrassment. A complete network security architectural review was subsequently implemented to shore up the company’s cybersecurity protocols to prevent similar incidents from occurring again.