Digital Forensics

Suspicions or indications of cyber intrusion?

Companies that are victims of a cyber intrusion or ransomware can call on us for a forensic audit. It's important to find the cybercrimes and the malware so that you can restore the security of your network.

Thanks to our forensic techniques, we are going to uncover traces that show what intrusions have been carried out. We carry out full forensic investigations or support you in forensic analysis of your company computers, company network and company data where necessary.

Our digital forensic investigators mainly focus on:

  1. Confirming suspicions of malicious or ethically objectionable actions conducted within the company. For example, a (former) employee who is suspected of having stolen or transferred business-sensitive information to third parties.
  2. Collect evidence of hacking or malware infection. For example: check whether hackers still have access to systems and/or whether these still contain potentially dangerous code (e.g. an installed backdoor, crypto locker,...).

For each of these situations, there are some important questions that need to be answered such as:

  • Have data or files been deleted or modified?
  • Has there been a file transfer to external media?
  • Has software been installed?
  • Have configurations been changed?
  • What is the browser history?
  • Has there been any evidence of withheld or destroyed evidence?
  • Who had access to certain data at any given time?
  • Has any data been leaked from the system (via a network, data carriers, printouts,...)?

Our forensic audit provides a clear answer to the above questions. In order to discover the traces left behind, an analysis of the storage media as well as of the volatile memory of the systems will be carried out. In this way, we can unmask advanced malware with built-in anti-forensic techniques.

Report

Afterwards, you will receive a report with a complete overview of all traces discovered during the course of the investigation. All (relevant) historical actions are displayed in a timeline in order to be able to easily form a global picture of what happened.

Furthermore, recovery of deleted files is also possible as long as they have not been overwritten. If this is within the scope of the report, these files will of course also be handed over together with the report.

 

Note: Forensic investigations will always try to give a picture as truthful as possible of what happened on the basis of technical traces. The interpretation of these traces is not an exact science and strongly depends on the researcher. As a result, the report will only give an overview of the traces and one possible interpretation of them (without any guarantee that this is the absolute truth).

Most Popular Ethical Hacking

CORPORATE NETWORK

A penetration test on your corporate network shows whether hackers can penetrate your internal network. It also checks whether rogue employees or visitors can misuse data from within.

WEB APPLICATIONS

Websites, e-shops, portals or CRM systems are a gateway from the internet to sensitive data on your internal company network. Our pen test finds all vulnerabilities and advises the necessary countermeasures.

SECURITY AUDITS

A penetration test is often a mandatory part of a certification or compliance process. Just think of the ISO 27001 certification. During this test, it is checked whether your company meets all the requirements.

Hacking facts and figures

Hacking is a serious problem for companies.

days it takes on average for a hack to be discovered
% of all hacking attacks can be easily prevented
% of digital burglaries have been patchable for more than 1 year

Immediately request a quote?

Not really sure yet?

Visit our contact page, we will be happy to contact you!