Situation:
CloudCover was brought in to address network security concerns for a large US based energy distribution and storage company with hundreds of employees in multiple locations across the United States following the Colonial Pipeline ransomware data breach event in 2021. Upon investigation, we discovered that Russian attackers had infiltrated the network through the VOIP phone system. Thanks to the expertise of the CC/B1 team, they were able to quickly detect and block the threats.
Solution:
We installed our AI-based CC/B1 security solution to monitor all internal SCADA network traffic in the researcher’s lab environment. We then we placed CC/B1 into full security protection mode after 72-hours of mapping the topology of the client’s network.
Results:
Using AI machine learning and deep packet inspection, we found an average of 2.3 million security events per day including Russian attackers who had infiltrated the network through the VOIP phone system. The CC/B1 was able to detect this unique threat vector and immediately stopped and blocked the attacks instantaneously.
On a monthly basis (to date), the energy distribution and storage company’s network experiences an average of 70 million security events. Despite this high volume of events, the CC/B1 team is capable of successfully detecting, mitigating and protect the network by stopping an average of 8,000 ‘never-before-seen’ malware-based attacks each month utilizing its generative-AI XDR/SASE system.