Cyber Investigations

What can a cyber investigator do for your case?

Cyber investigators use various tactics and methods for obtaining evidence and getting to the bottom of your case. Some of the methods we use for investigating cyber matters are:

  • Investigate system event and security logs to determine the origin and the specific cause associated with the event at hand.

  • Acquire erased or purged digital documents, photos, and files by digital forensic examination technology.

  • Research potentially malicious applications, software, and code to determine it’s intent and and the degree of impact on a system and an organization.

  • Preserve the integrity of data and digital evidence for administrative bodies by evidence integrity controls such as hashing and data duplication.

  • Tracing and confirming unknown individuals by combing traditional investigative tactics with modern cyber security tools. 

What is a cyber investigation?

A cyber investigation is any investigation that takes place on digital devices or information assets. Such information include computers, smartphones, tablets, servers, IoT devices, modems, routers, and even sprinkler systems. Any device that has an internet connection and a circuit board can be compromised by hackers. If you believe your network has been compromised, reach out for a free consultation. 

What are the types of cyber investigations?

There are various types of cyber investigations. Some of the most common ones are:

Access Auditing: Access auditing is an umbrella term that refers to the investigation of digital or logical access to an information system. This can be authorized or unauthorized access by an individual for a malicious means. The cyber investigator will review audit and access logs in order to determine if a specific individual had access to a given information asset at a specific time. This is usually used in support of other investigations. 

Catfish / Dating: A catfish investigation looks into online individuals who have a pseudo-anonymous or online relationship with our clients. A catfish will traditionally lead the victim on for a long period of time, usually by pretending to be someone they aren’t. In cases of scams or fraud, they may ask the victim for money or other personal identifiable information to further the scam. 

Cyber Harassment: Cyber harassment or cyber bullying is when a victim is bullied by means of electronic communication, normally through cell phones or online social media. There are different methods of cyber bullying, the most notable is anonymous texts and fake online accounts of the victim. These are generally resolved by gathering evidence and putting together a risk management plan that limits exposure to harassers. 

Device Monitoring: Device monitoring is a service offered by a cyber security company that monitors certain aspects of your device. This is usually reserved for companies with information assets needing to protect. However, for private clients with potentially high risk of cyber crimes, the service can be implemented as part of a long term cyber investigation. 

Digital Forensics: Digital forensics or a digital forensics examination is the act of acquiring digital information that has been erased or purged beyond the scope of normal cyber investigations. Digital forensics is normally an expensive and time consuming process and is usually only used in criminal cases for which exploitation or white collar fraud is the cause. 

Digital Intrusion: A digital intrusion investigation looks for digital intrusion attempts or successes into electronic devices such as phones, computers, servers, or any other device with access to the internet. This is often achieved by remote access using malicious software, or other legitimate software used in a malicious way. With any intrusion, evidence is always left behind to potentially lead back to the threat actor.

Identity Theft: Digital identity theft is a form of identity theft that occurs through online means. Identity thieves can steal personal data and create online fake identities which can hurt a victim. This can include stealing personal information via phishing or pharming, or the end result of a successful digital intrusion. 

Malware / Spyware: Malware is malicious and authorized software. The most common forms of malware are spyware, viruses and ransomware. What makes malware, malware, is the fact that it is doing something it shouldn’t, such as stealing your personal information and files. Most malware is easily preventable by using reliable anti-malware / anti-virus, however a proper investigation should still be conducted if your information assets contain sensitive information.

Articles related to cyber investigations: