This post was last updated on September 12th, 2019 at 11:35 am
Download Case Study
Submit this form to download our case study
Case Study Overview
With mergers and acquisitions it's extremely important to certify the assets, network, and environment being acquired are free of breaches, malware, vulnerabilities, and cyber risk. This cyber due diligence can help M&A firms avoid downtime, data theft, and breach damage.
Find out how an investment bank leveraged Infocyte HUNT for a conclusive assessment to identify, investigate, and eliminate cyber risk prior to completing an acquisition.
Mergers and acquisitions (M&As) can be high-risk operations where it’s difficult to determine what the buyer is acquiring.
In this case, Infocyte’s client ─ a major banking and financial institution ─ was considering the acquisition of a wealth management firm serving high net-worth clients. The acquiree’s primary value involved highly sensitive customer data and intellectual property such as trading algorithms used to manage a billion dollars in assets.
Accordingly, our client needed to fully verify the health and security posture of the acquired IT systems, data, and network as part of the transaction’s due diligence. In particular, the institution needed to determine if the acquired/inherited network had been breached, was currently breached, or if it posed any risk of being breached in its current state.
After being briefed on Infocyte’s tools and technology, our client’s IT Risk Manager asked the Infocyte team to perform an Infocyte HUNT Compromise Assessment.
The assessment took five days. Infocyte HUNT was loaded on a virtual machine to remotely scan the environment. The Infocyte product enumerated and mapped all 54 workstations and servers currently active on the network. These systems were then deep-scanned by deploying a dissolvable agent to collect a forensic snapshot of each system.
Several primary scans took place to maximize coverage of active systems because the network had many transient laptops. Suspicious executables and artifacts were collected for deeper analysis as required. Scans were concluded at the end of day three, successfully inspecting 88 percent of all assets.
A malware analysis and threat intelligence expert was on-hand to help identify and correlate suspicious findings to organized threat groups, corporate espionage, and/or insider threats.
Our initial security/risk assessment provided a clean bill of health for the environment being acquired and showed that the firm had strong technical controls, regular security hygiene, and IT policies in place to protect the network. In fact, Infocyte HUNT found surprisingly few unwanted programs and no nuisances (like adware and browser toolbars) which are common on any network, even when serious threats are absent.
Infocyte HUNT also reported several instances of legitimate Remote Access Tools active on the network. These tools were confirmed to be authorized but would need to be carefully controlled to minimize attack surfaces and the risk of insider misuse.
Without Infocyte’s Compromise Assessment, our client would have taken on an unknown level of risk involving undetected security breaches. With Infocyte, however, the client was able to continue with confidence to the next phase of the transaction, consolidating networks and finalizing the transaction.