We had one of our employees steal data from the company and gave it to one of our competitors...”
Typical digital forensic investigation scenarios:-
- An employee or ex-employee:
- exfiltrate emails, intellectual property or other confidential information;
- deletes intellectual property, important or confidential information;
- sells your products or services on the side;
- makes fraudulent payments or other expense claims;
- compromises your digital security by visiting harmful websites;
- manipulates or otherwise alters digital records;
- misuses company assets by storing child pornography etc. on the servers/computers and deletes the evidence;
- hack confidential user accounts etc.
- External cybercrime where a perpetrator:
- uses your company identity for nefarious purposes;
- gains access to your systems:
- by performing an SQL, brute force, DOS or other forms of attack;
- using identity theft, phishing, spoofing or by other means.
What can you expect from a digital forensic investigation?
We will endeavour to extract, recover and analyse digital evidence from all electronic data storage devices that may have been used to determine and report the who, what, when, where and how of an incident, e.g.:-
- What data was accessed, copied, sent or deleted, how was it done, where was the data sent to or stored, and when did this happen?;
- What programs were installed, deleted or uninstalled and when did these actions take place;
- What websites, social media, online communication, forums, file storage sites etc. were visited, what was posted or uploaded and when did this happen?;
- Who else is involved?;
- What files and folders were obfuscated, password protected or encrypted - Can the passwords be cracked or the data decrypted?
Tags: Digital Forensics Computer Forensics Data Forensics Electronic Forensics Digital Search And Seizure Digital Evidence Digital Forensic Investigation Data Message Forensics Electronic Evidence Forensic Duplicates Intellectual Property Theft Data Theft