Digital Forensics

A growing number of criminal, civil and internal investigations are conducted within the digital infrastructure. Three forms of digital examination are incident response, electronic discovery and criminal investigation. Proper preparation and an awareness of legal and ethical issues are crucial.

When processing legal cases that revolve around digital artifacts it is important that forensically sound methods are followed.

Packetninjas LLC utilizes industry standard forensic methodologies and tools to ensure repeatable processes are followed for proper legal discourse.

CASE CATEGORIES
Case categories which involve digital evidence in which you may become involved with may be brief depending on your practice, but could include the following:

  • Employment disputes
  • Computer Fraud
  • Computer Compromise
  • Misuse of company computer involving gambling, pornography, blackmail , fraud.
  • Embezzlement / Fraud
  • Organized Crime, Narcotics, Credit Card Theft, Identity Theft
  • Breach of contract
  • Software Licensing
  • Intellectual Property Theft
  • Insurance Fraud
  • Sexual Harassment

Pricing Information

CASE STUDIES

The following cases described below are a small snapshot of the type of cases that we have been involved in.

Case type: Large Scale Fraud / Organized Crime
Generic information: Fraud is occurring at a financial institution where the actors are acting in concert with organized crime. Forensic analysis is needed to determine who the insider attackers are and to reconstruct external compromises against a timeline over three to five year time period.  Extensive knowledge of forensics, incident response, computer compromise, and intimate knowledge of credit card and payment systems has been relied upon for this task (as well as stealth). (Investigation length 7 months)

Case type: Intellectual Property Theft
Generic information: A salesperson was believed to have stolen the primary database of clients and has continued to use these clients in their next job. Forensic analysis was used to prove that this individual did have this information and did use this information to his benefit and his new employer’s benefit. Current status on legal outcome is pending.

Case type: System compromise / Incident Response / Intellectual Property Theft
Generic information: Members of an oppressive dictatorial government threaten local businesses by computer based intrusion and political threats. A client needs quick forensics performed as well as an ethical hacker assessment of critical assets to ensure government funded hackers have not compromised critical assets.

Case type: Intellectual Property Theft
Generic information: A senior group vice president has not signed his current employee contract for the year while bypassing a large sum of bonuses in this process. Several months later he opens a competing business and it is believed that he stole intellectual property of key business processes to ease the start of his own business. Forensic analysis proved that theft had occurred. The new business owner was fined a substantial amount of money while also agreeing to sign a non-compete for one year.

Case type: Data Recovery
Generic information: Users information has been lost due to hard drive corruption. Forensic analysis was performed to recover all information from this computer.

Case type: System compromise / Incident Response
Generic information: Computer systems have been compromised and access has been used to lure users of financial systems into giving up their credentials  while also utilizing the victims’ computers for a distributed denial of service botnet and selling information to other hacker groups for further system penetration. Involvement included assessing the vulnerabilities exploited while also performing network based forensics to determine the source of compromise and future compromises