logo

Computer Forensics

Support when IT matters

Data Recovery - Litigation Support - Penetration Testing - Computer Security

Computer crime is a buzz word heard in business almost daily. Some think the problems are of almost epidemic proportions. We do not necessarily subscribe to that view because we feel computer crime is a much abused phrase. Let us explain. Very few people use a computer for a specific criminal act. Hackers do, but most people use a computer to create a document to use as part of a criminal act. After all, 25 years ago we never had 'typewriter fraud'. Today a computer sits on every desk in the business environment so it has to be used to create the crime or fraud.

Our small but professional team is made up of former members from Scotland Yard's Computer Crime Unit and GCHQ in Cheltenham. They have all been security cleared by HMG and, as a result, have worked on a number of sensitive issues. Because of their law enforcement background, they are more than capable of preparing their work to criminal and civil court standards, especially with regard to the rules of evidence etc.

Data Recovery - Litigation Support

What needs to be established is how the computer was used. Many fraudsters when they have finished their dastardly deeds will delete the work. That's where we come in. We will profile the systems and find out what has taken place, recover data and provide answers to what has taken place. The whole package will be up to the highest level of probity i.e. that of the criminal justice system. How you choose to deal with it is a different issue but we will tell you what has gone on.

Case study - We were recently called to assist a medium-sized company who had offered an MBO to four of its directors. After protracted negotiations, the four directors decided not to complete the MBO stating the cost was too high. Several weeks later, they simultaneously gave notice and literally walked out the door the same day. Initial research showed they had set up a parallel trading operation and, worse, had wiped part of the client's database clean, deleting all their personal files, emails and the contact and customer database lists. Working with the civil litigation lawyers, we were able to reconstruct all the above files and, by profiling the thousands of emails, we were able to show that an array of proprietary information had been emailed out by those directors to their own domestic computers. Such was the quality of our result, defence lawyers offered immediate settlement.

In other cases we have found child porn hidden on systems; threatening emails sent by employees; proprietary and confidential information forwarded to third parties; and in one case was able to show that records held on an individual's computer had actually been sent in from an external party to try and discredit him. In the latter case, this senior manager was about to be fired, despite his protests of innocence. Our team not only saved his job but, more importantly, his reputation.

Penetration Testing (aka Pen Testing)

How much does your reputation mean to you?

Research in the US and UK on computer security has recently come up with the same result, namely that 94% of systems can be hacked into. In a recent case, our team gained access to a client's (a major household name) system within seven minutes and within four hours we had total control of their network.

The IT Health Check

The Problem

We have all read stories about the activities of computer 'hackers' and the havoc they can cause by penetrating your IT system. Their motives vary:

The pure challenge to get in and trawl the system
Seeking specific information (environmentalists)
Theft of intellectual property (competitors seeking market advantage)
Theft of proprietary information (bid specific intelligence)
Blackmail (HERF's)
Business disruption (the grudge factor)
To destroy the reputation of the company and the good faith of its customers
Closure of the business through the collapse of systems (pure malice)

The Question

How secure is your system from such an external attack? Probably not as good as you have been given to understand. It's not because your advisers are lacking in their practical ability but merely because system penetration is a skill few have. The problem, therefore, can be business critical.

The Challenge

>To independently test the system using a method as closely aligned to a real world scenario as possible.

>To provide a computer health check based on reality.

No matter how complex the design and build, until it has been 'road tested' you will never truly know the flaws.

The Solution

With your written authorisation we will approach the problem as potential hackers and test the vulnerability of your system. If successful we will report on the weaknesses, lack of defences, etc., and offer advice as to the best way forward. If unsuccessful... Then it's good news.

For further information please call:

01508 518619

How much risk are you prepared to expose your business to?