The Customer
- Portfolio of over 100 companies
- Over $8 billion in assets
“We very likely narrowly avoided a catastrophic network intrusion for our portfolio company. The ROI on Flare’s monitoring is massive, as a strong cybersecurity posture is extremely important throughout the venture cycle.”
– Private Equity Firm
The Challenge
A Single Cookie or Email Login Can Cause a Massive Data Breach
There have been breaches with initial access obtained through the Genesis Market: a clear web market selling infected computers, offering buyers credentials and cookies belonging to the infected devices’ owners. Threat actors can then use social engineering techniques to elevate their level of access, sometimes all the way up to source code.
A single stolen string of text or a cookie possibly leading to millions of dollars in costs and potential ransomware attacks is not news, but cybercriminals continue to innovate their methods of attack. Security teams can become overwhelmed with the sheer amount of information needed to analyze to respond to threats.
Especially for a private equity firm, their external attack surface spans to include all of their portfolio companies. If the evaluation process for an M&A turns up an infected device, this could greatly impact the valuation of the company and ROI for the private equity firm.
The Impact and Benefits
The private equity firm prevented a potentially catastrophic network intrusion for one of its portfolio companies with Flare. The platform alerted the organization’s security team about an infected device for sale on the Genesis Market that contained cookies for a webmail server located inside the company internal network among other banking and payment application credentials.
Due to the very specific subdomain shown in the Genesis listing (webmail.companyname.com), the security analyst had a high level of confidence that the infected computer belonged to an employee.
Following approval from the portfolio company, they obtained access to the credential for sale. This provided access to the corporate mailbox of the employee, including a huge amount of attachments, personal information, and other documents that could easily be leveraged by a malicious actor. Both the investment firm and their portfolio company agreed that this infected computer access, sold on Genesis Market for about $100, could have had disastrous consequences for the firm.
“We reduced risk greatly by finding and mitigating a serious threat that could have impacted future valuation or M&A activities.”
– Private Equity Firm