Our client – an internationally leading provider of marketing services – required digital forensic aid to assist their in-house internal fraud investigators.
This was a straightforward digital forensics assignment, were suspicions already pointed in the direction of one of the employees. With forensic techniques we captured images of this suspect’s computer, and then executed a manual file recovery. Then followed the work of decrypting files that were heavily encrypted for protection, as well as making a script to facilitate the interpretation of the recovered data. The result of uncovering the data proved economically satisfying to our client. The suspected employee had been involved in a large-scale fraud. The investigation also provided conclusive evidence against this fraudster, locating the account where his private gains were banked.
Our client – one of Scandinavia’s major online car parts retailers – suspected a network intrusion and wished to uncover the exact nature of the attack and identify the possible damage.
The digital forensic work on this case primarily involved collection and analysis of logs from firewalls, servers and parts of the network. In addition, it proved valuable to conduct interviews with the client’s IT-staff, to get a clearer understanding of routines etc. We could soon confirm that there had in fact been an intrusion, where the perpetrator had gained full access. But we could also pinpoint the vulnerability in the particular application that the intruder had used, and identify malware that granted remote controlling. The location of the intruder could be identified and our client referred the case to legal authorities.
A financial consultancy firm required assistance to improve their in-house data collection capabilities and update incident response and IT-security practices.
We helped our client reform existing IT-security and incident response routines to ensure that they corresponded to current industry standard best practices. In addition, we provided practical training for the IT-staff in the fields of data collection and incident response. At the end of this assignment, we performed penetration tests and similar to make sure that the security of our client’s network and the competence of the staff could withstand and deal with potential attacks in the future.
Our client – a legal professional representing a global telecommunications supplier – requested support with the digital forensic parts of a dispute concerning intellectual property.
A former employee of the telecommunications company was suspected of having extracted copyright covered Java code and using it to the benefit of his new employer. In this case, the source code was extracted by a process of decompilation, and we could provide a detailed forensic report of the events to support our client’s legal action.
Our client – an unfortunate copywriter with insufficient backup routines and a taste for black coffee – required urgent assistance to recover files from a crashed hard drive.
The particular feature of this assignment was the time restraint. Our client had an important meeting with a client of his own – in two hours from the time of contact! Certain files would be demonstrated and discussed at this meeting, and showing up without them was not an option. Fortunately, this case was easily resolved. Though the hard drive proved permanently damaged, we managed to recover the necessary files. In time!