Story image

New investigative tool helps Kiwi businesses uncover cyber crime

19 Aug 16

As cyber crime continues to pose a major threat to New Zealand, businesses are being advised to look at ways they reduce the risk.

In response to these ever-increasing threats, Kiwi data recovery specialists Computer Forensics have launched a new data exploration service that can quickly reveal different types of cybercrime.

Managing director at Computer Forensics Brian Eardley-Wilmot, says the new tool, CheckIT, is especially useful for revealing intellectual property (IP) theft but can be used to uncover any kind of computer misuse, such as false document creation, harassment, the downloading of porn.

According to the latest latest Symantec Security Threat Report, more than 108 cyber crime attacks are now being reported daily in New Zealand.

“Companies frequently know when they have a problem – people’s instincts are usually correct. But managers are loathe to undertake a full investigation with attendant fees before they can be quite sure of a positive result” says Eardley-Wilmot.

“We developed CheckIT to help with this,” he says.

“The CheckIT process involves getting a brief from management as to what they think is happening. We then perform an exploratory examination on the hard disk/media concerned, then we come back with indicative information that essentially says ‘Yes, you’re right and you should move to a full forensic investigation,’ or ‘No, there isn’t a problem’, as the case may be,” Eardley-Wilmot explains.

“If there is no sign of any wrongdoing, then the company has saved the cost of a formal forensic investigation and can be confident that no offence has occurred,” he says.

“If we are instructed to conduct a full forensic investigation, to provide incontestable evidence, we are forearmed with the knowledge that the investigation will provide incontestable evidence.”

Eardley-Wilmot says there are four areas where CheckIT can be used, to both reveal and deter cyber-crime: 

  • When a key employee resigns and there are concerns  
  • When incontestable evidence of misconduct is needed
  • When an employee is specifically suspected of wrongdoing
  • When a random audit of computers and mobile devices can discourage cyber-crime

He gave the example of a recent case he dealt with when a company had a nagging suspicion something was not quite right after a key staff member left. According to Eardley-Wilmot, the man had been with the company for many years and left amid many good wishes.

“He said he was starting up in business with a friend. But, later, it was discovered he’d started up in competition instead – and taken key clients with him. Company data had also been stolen,” he says.

Eardley-Wilmot describes CheckIT as a ‘significant advance in the fight against such cybercrime’. He points to PricewaterhouseCoopers’ recent Economic Crime Survey (2016).

“It’s well in line with Symantec’s report and confirms cyber-crime has jumped sharply, which is what we are seeing.”

PwC’s report says cyber-crime now accounts for almost a third of business frauds, with 40% of New Zealand organisations suffering an economic crime over the past two years – up from 33% in 2014. 

“If managers suspect a particular wrongful activity, they can use CheckIT to confirm it,” saysEardley-Wilmot. 

“Then they will know for sure whether it’s worth moving to a full forensic investigation.”

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.