Scenario
Vestige was contacted by the attorney for a material handling company after their e-mail system was broken into from the internet. While in the midst of defending a wrongful termination matter at the company, e-mail accounts for two current employees were commandeered by an Internet intruder and used to send false, but harmful, evidence to a third party recipient.
Vestige’s Internet Intrusion Detection and Forensic Analysis team swung into action to trace the origin of the break-in and to help identify the sender of the harmful e-mails.
Had the in-house IT Department even “poked” around to see what they could find, relevant evidence would have been destroyed.
Working to swiftly identify all of the relevant log files and the various points for data collection, Vestige worked with the company, it’s Internet Service Provider, and a number of other ISPs to track and trace the origin. Vestige’s digital forensic investigators even helped in coordinating and sending subpoenas for the necessary information.
To help protect the culprit’s anonymity, the suspect rented computer time at a popular national computer retail establishment. In the end, this was not enough to protect his anonymity.
Vestige’s cyber security analysis team worked with the Information Security department of the retail establishment to obtain the surveillance video footage that showed indisputable evidence of who the culprit was. The rest, as they say, is history.
Success
Beyond hiring the right people for the cyber security analysis, our client set itself up for success by hiring a specialist as soon as it realized it had a problem on its hands. Setting egos aside, the in-house IT staff realized that in order to ensure the admissibility of the findings, they would need to rely on a company that understands electronic evidence and the procedures and techniques needed to protect the integrity of the evidence. While the IT department was very capable of running the day-to-day operations of the company’s IT environment, management realized anything less than a professional job surrounding the handling of the evidence might end up being even more detrimental to their case. In this case, simply “poking around” and looking into the hacked email account to see what they could find would have destroyed crucial evidence that was used to ultimately prove who the culprit was.
Contact Us today to discuss how Vestige can assist with cyber security analysis and your digital forensics incident response.
Key Facts
- Client hired Vestige immediately, helping to ensure that volatile information used to track the culprit remained available
- Vestige proved the e-mails were the result of a break-in and not to be treated as evidence against the company
- Identity of culprit traced to the physical retail establishment used to “anonymously” send the e-mails
- Culprit admits break-in
