Liberty was engaged by a major petroleum company to evaluate its threat landscape ahead of changing its cyber insurance coverage. The Liberty team quickly assessed the firm’s security and was able to utilize its proprietary business threat intelligence techniques to uncover a host of potentially damaging information on the dark web.

A major petroleum company was considering transferring some of its terrorism and cyber risk through a specialty insurance program for limits in excess of hundreds of millions of dollars. Although the company was confident in the security of both its IT and OT systems and believed they presented low risk, they contacted Liberty to better understand how threat intelligence could further secure their operations and potentially help them land reasonable coverage.

Within hours, Liberty was able to retrieve, decrypt, and analyze archived chat transcripts from the dark web involving members of the hacking group Anonymous who had been sharing a reconnaissance report of the company’s network and discussing the ease in which the group could disrupt the company’s SCADA systems. Liberty also discovered telecom and SCADA room diagrams, as well as account passwords of employees responsible for equipment installation. Such vulnerabilities can serve as an intelligence windfall that greatly accelerates attack planning. Lastly, threat intelligence collected on the company’s supply chain allowed Liberty to learn the degree to which suppliers were revealing sensitive information about the company via online performance reviews and other media. These same partners were also found by Liberty to have significant network vulnerabilities as well, including a series of exposed hosts and applications that were introducing serious risk both upstream and downstream of the supply chain.