A case of corporate espionage?
ChallengeAn UK corporation suspected that someone, from its own argentinian branch, was hacking its system to steal a database. If so, the theft would cost the company up to $2.1 million. Odd enough, it was feared that the information was stolen from a computer that the corporation considered as highly protected.
Solution
reviewed the Information Systems data security procedures, and found room for improvement. Thus, we set some standards and handled them to our client. Is better to be proactive when it comes to prevent hacking. On the other hand, we analyzed all suspected computers and devices. With Encase Forensics and other threat detection software we thoroughly inspected 5 Mac computers, 2 PCs and 2 iPads. We found only one PC compromised, with multiple virus infections. All other equipment were clean.
Through a detailed forensic examination of the computer we were able to identify and individualize the moment of infection, and the different mechanisms used by viruses to access it. After all, the origin of the infection was caused by access to a Web site for kids and downloading an infected game. After sharing our results with the company we found that one CEO assistant had taken his notebook computer home ,and that one of his child had been using it at the very same date and time of the virus infection
Results
The results were quite striking: there was a breach of security, but it was not caused by a cyber theft. in spite of preliminary fear-fueled reports from the security area of the company, no spy nor hacker had attacked: the virus had acceded through a game- a most innocent, popular one. Nonetheless, we were able to ensure that computer viruses involved were not able to steal information. So no data espionage was involved. Anyway, it's necessary to come to basis: to protect the data pays. So reviewed procedures were immediately implemented to prevent further alarms and improve system security.