Story image

New investigative tool helps Kiwi businesses uncover cyber crime

19 Aug 2016

As cyber crime continues to pose a major threat to New Zealand, businesses are being advised to look at ways they reduce the risk.

In response to these ever-increasing threats, Kiwi data recovery specialists Computer Forensics have launched a new data exploration service that can quickly reveal different types of cybercrime.

Managing director at Computer Forensics Brian Eardley-Wilmot, says the new tool, CheckIT, is especially useful for revealing intellectual property (IP) theft but can be used to uncover any kind of computer misuse, such as false document creation, harassment, the downloading of porn.

According to the latest latest Symantec Security Threat Report, more than 108 cyber crime attacks are now being reported daily in New Zealand.

“Companies frequently know when they have a problem – people’s instincts are usually correct. But managers are loathe to undertake a full investigation with attendant fees before they can be quite sure of a positive result” says Eardley-Wilmot.

“We developed CheckIT to help with this,” he says.

“The CheckIT process involves getting a brief from management as to what they think is happening. We then perform an exploratory examination on the hard disk/media concerned, then we come back with indicative information that essentially says ‘Yes, you’re right and you should move to a full forensic investigation,’ or ‘No, there isn’t a problem’, as the case may be,” Eardley-Wilmot explains.

“If there is no sign of any wrongdoing, then the company has saved the cost of a formal forensic investigation and can be confident that no offence has occurred,” he says.

“If we are instructed to conduct a full forensic investigation, to provide incontestable evidence, we are forearmed with the knowledge that the investigation will provide incontestable evidence.”

Eardley-Wilmot says there are four areas where CheckIT can be used, to both reveal and deter cyber-crime: 

  • When a key employee resigns and there are concerns  
  • When incontestable evidence of misconduct is needed
  • When an employee is specifically suspected of wrongdoing
  • When a random audit of computers and mobile devices can discourage cyber-crime

He gave the example of a recent case he dealt with when a company had a nagging suspicion something was not quite right after a key staff member left. According to Eardley-Wilmot, the man had been with the company for many years and left amid many good wishes.

“He said he was starting up in business with a friend. But, later, it was discovered he’d started up in competition instead – and taken key clients with him. Company data had also been stolen,” he says.

Eardley-Wilmot describes CheckIT as a ‘significant advance in the fight against such cybercrime’. He points to PricewaterhouseCoopers’ recent Economic Crime Survey (2016).

“It’s well in line with Symantec’s report and confirms cyber-crime has jumped sharply, which is what we are seeing.”

PwC’s report says cyber-crime now accounts for almost a third of business frauds, with 40% of New Zealand organisations suffering an economic crime over the past two years – up from 33% in 2014. 

“If managers suspect a particular wrongful activity, they can use CheckIT to confirm it,” saysEardley-Wilmot. 

“Then they will know for sure whether it’s worth moving to a full forensic investigation.”

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”