It’s 3:35pm on a random quiet Tuesday and all of a sudden one of our customer’s remote employees is tagged as logging in from two different continents seconds apart. Is this a case of a serious cyber breach in the organization or something more benign? How do you know? This scenario happened to the tech team at Nero Consulting several months ago when a customer’s security alert systems went off. A blurb about the customer; they raise millions of dollars for real estate development from investors around the world, so any breach can prove costly and time was of the essence. Within a few seconds, our security information and management systems (SIEM for short) determined this is in fact a breach and in real time our Technicians were witnessing this employee’s login credentials being active at two different locations at once via two different authorization protocols. One login was from a computer in America, the other via a web browser in Canada. Immediately, we called the employee and asked if by any chance she is traveling and/or has given out her password to anyone. She told us she had not. One of the Technicians now assigned to this investigation asked for permission to review her account to which she accepted. The Technician logged in as the employee from his computer and found a series of conversations taking place almost in real-time. Apparently, the investors were asked by the perpetrator (who is now masquerading as the employee), who had logged in using the employee’s login details, to send money to a different bank account number. The same perpetrator had also edited previously shared email threads, between the employee and investor, and changed the recipient bank account numbers so that even if the numbers looked questionable, had the investor scrolled down to earlier conversations they would have seen the number repeated, which would appease any of their concerns. Very calculated move on the perpetrator’s part. However, this malicious attempt at extracting investment money was foiled by our meticulous Technicians and our A.I. assistant. This story illustrates the cyber-security power of NightCrawler.
NightCrawler is Nero Consulting’s blend of AI-powered behavioral analytics algorithms along with various cybersecurity tools including Intrusion Prevention & Detection in firewalls, cloud based and local forensics, and other forms of security information and event monitoring handled by Technicians. This multi-layer approach allows Nero Consulting to send receive timely alerts about any employee’s multiple login locations or other suspicious behavior.
It may seem like luck that we caught the cyber-criminal activity just in time to save our client from losing millions of dollars of investments, but the reality is that the cybersecurity tools that we have created using the power of AI in tandem with our brilliant Technicians ensured that Nero Consulting was able to act swiftly and deter any breaches and cyber phishing immediately with no losses to the client or investors.
In many similar instances, Nero Consulting has implemented such enterprise-class cybersecurity technologies to help other organizations operating in scientific research, energy, legal, finance, hospitality, construction and architecture/engineering spaces to protect their sensitive data. These days we also receive regular support from FBI, Department of Defense (DoD), and DHS cybercrime communications to help fight back against cyber criminals globally.
Besides Nero Consulting’s major focus on cybersecurity services, as an owner, I also emphasize in-person training and education with our exceptionally skilled team of technicians. From discussing cyber threats, their inherent risks, and cybersecurity tools for performing audits and being aware of business vulnerabilities, Nero Consulting has embedded security deep within its work environment.
For the past decade, I am happy to say that Nero Consulting has been steadily gaining traction in terms of customer base and our track record speaks for itself when it comes to improving our cybersecurity platforms (mostly using AI-powered services). Our firm is an ardent believer of continuous development and is consistently investing in AI, dark web monitoring, security audits, penetration testing and more security-related platforms to help our clients in deterring, preventing, and disrupting cyber attacks.