Sensitive Incident Investigations. Digital Risk Management. Forensics Testing.



Similar documents
Presentation Presented By FORENSIC INVESTIGATIVE TEAM

Conviction Integrity Unit Best Practices October 15, 2015

Chapter 15 Criminal Law and Procedures

Decades of Successful Sex Crimes Defense Contact the Innocence Legal Team Now

Digital Forensics & e-discovery Services

Glossary of Terms Acquittal Affidavit Allegation Appeal Arraignment Arrest Warrant Assistant District Attorney General Attachment Bail Bailiff Bench

INDIANA FALSE CLAIMS AND WHISTLEBLOWER PROTECTION ACT. IC Chapter 5.5. False Claims and Whistleblower Protection

Attorney General Balderas Criminal Affairs Update to Courts, Corrections & Justice Interim Committee

OFFICE OF THE DISTRICT ATTORNEY GEORGE H. BRAUCHLER, DISTRICT ATTORNEY 18TH JUDICIAL DISTRICT

A Federal Criminal Case Timeline

General District Courts

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak

GOVERNMENT PROSECUTIONS AND QUI TAM ACTIONS

Computer Forensics US-CERT

Lance Eliot Sloves. Computer Forensic Services, Inc Allen St. #743

The Legal System in the United States

trial court and Court of Appeals found that the Plaintiff's case was barred by the statute of limitations.

United States Court of Appeals

White Collar Criminal Defense, Internal Investigations & Corporate Compliance

Computer Forensics Preparation

A Whistleblowers Journey

Case Study: Hiring a licensed Security Provider

C O H E N, T O D D, K I T E & S T A N F O R D, L L C

GENERAL INSTRUCTIONS For Use with All DOM REL Forms

STATE OF NEVADA Department of Administration Division of Human Resource Management CLASS SPECIFICATION

Services. Computer Forensic Investigations

11 HB 87/CSFA A BILL TO BE ENTITLED AN ACT

Information for Crime Victims and Witnesses

CHAPTER 124B COMPUTER MISUSE

CONSTITUTIONAL RIGHTS

GUIDE TO SMALL CLAIMS COURT The Rural Law Center of New York, Inc.

18 U.S.C General rules for civil forfeiture proceedings

To do Justice, as no one is above the Law nor beneath its protection.

SMALL CLAIMS COURT INFORMATION

Small Claims Court in Michigan

C O H E N, T O D D, K I T E & S T A N F O R D, L L C

GUIDANCE Implementing Section 176 of the Anti-social Behaviour, Crime and Policing Act 2014: Lowvalue

C RIMINAL LAW O V E RVIEW OF T H E T E XAS C RIMINAL J USTICE P ROCESS

System Overview ~~~~~ Presented by: Darcie McElwee

We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services

Department, Board, Or Commission Author Bill Number

TAIWAN. Edgar Y. CHEN. Tsar & Tsai Law Firm G 8 th Fl., 245 DunHua S. Rd., Sec. 1. Taipei 106 TAIWAN

Arrests/Convictions/IFBs. First Half The Insurance Frauds Bureau posted 215 arrests during the first half of 2013.

Glossary of Court-related Terms

HP0868, LD 1187, item 1, 123rd Maine State Legislature An Act To Recoup Health Care Funds through the Maine False Claims Act

BRYCE A. FETTER ORLANDO JUVENILE CHARGES ATTORNEY

PARRY G. CAMERON, Senior Attorney

Spoliation of Evidence. Prepared for:

In a recent Southern District of California decision, the court sent a

Chapter 4 Legal Ethics

INTRODUCTION DO YOU NEED A LAWYER?

MASSACHUSETTS WARRANTLESS CELL PHONE SEARCHES CASE HEADS TO THE SUPREME COURT

TESTIMONY OF CAROLINE CIRAOLO ACTING ASSISTANT ATTORNEY GENERAL TAX DIVISION U.S. DEPARTMENT OF JUSTICE BEFORE THE

Connecting with clients through authentic interactions that not only satisfy their practical needs, but also their emotional

GLOSSARY OF TERMS - CRIMINAL

Case 2:13-cv RBS Document 1 Filed 03/19/13 Page 1 of 8 IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA

CALIFORNIA FALSE CLAIMS ACT GOVERNMENT CODE SECTION

IC Chapter 5.7. Medicaid False Claims and Whistleblower Protection

Questions You Should be Asking NOW to Protect Your Business!

PAMELA BURNS, CPA, FCPA, CVA, CTC, EA. Curriculum Vitae

GENERAL ASSEMBLY OF NORTH CAROLINA SESSION 2011 SESSION LAW HOUSE BILL 27

A Victim s Guide to Understanding the Criminal Justice System

WILLIAM OETTINGER PHONE (702)

Facts for. Federal Criminal Defendants

Law Enforcement Legal Defense Plan

PRODOC FEDERAL CRIMINAL DEFENSE

Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.

STUDENT LEGAL SERVICES THEFT, FRAUD AND POSSESSION OF STOLEN PROPERTY A GUIDE TO THE LAW IN ALBERTA REGARDING OF EDMONTON COPYRIGHT AND DISCLAIMER

Fraud and Abuse in the Sale and Marketing of Drugs

Information Technologies and Fraud

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised

HOW TO REPRESENT YOURSELF IN CIVIL CASES IN JUSTICE COURT

DATA BREACH COVERAGE

Digital Forensic. A newsletter for IT Professionals. I. Background of Digital Forensic. Definition of Digital Forensic

National Polygraph Institute Director - a certified polygraph school. Recent Excerpts

Modalities for Forensic Review of Computer Related Frauds

The Effect of Product Safety Regulatory Compliance

THE DIVORCE PROCESS: WHAT TO EXPECT

What Is Small Claims Court? What Types Of Cases Can Be Filed In Small Claims Court? Should I Sue? Do I Have the Defendant s Address?

MPRE Sample Test Questions

The Recover Report. It s business. But it s personal.

Cyber and data Policy wording

INFORMATION FOR CRIME VICTIMS AND WITNESSES CHARLES I. WADAMS PROSECUTING ATTORNEY

[Cite as Mahoning Cty. Bar Assn. v. Vivo, 135 Ohio St.3d 82, 2012-Ohio-5682.]

Transcription:

Sensitive Incident Investigations. Digital Risk Management. Forensics Testing.

2009 Innovation Award Winner Austin Chamber of Commerce

2010 Innovation Award Finalist Austin Chamber of Commerce

Only private laboratory in the world with same accreditation for digital forensics as FBI American Society of Crime Laboratory Directors 2010

Who We Are Since 2004, we ve provided sensitive incident response and investigation to clients around the world, including foreign governments, corporations, law firms, and state and federal agencies. Our digital forensics laboratory is ISO/IEC 17025:2005 compliant and accredited by the American Society of Crime Laboratory Directors under their International program (ASCLD/LAB International). Certificate ALI-113-T Field of Accreditation Forensic Science Testing Discipline 9.0 Digital and Multimedia Evidence

What We Do forensics. When corporations and foreign governments feel outstripped by technology, they call us. We provide 24-hour crisis support and computer incident response, including: Forensic Media Examination and Analysis crimes. disputes. corporate distress and investigations. Mobile Device Seizure and Investigation blackberrys. iphones. Evidence Preservation forensic collection. chains of custody. secure evidence storage. Data Recovery hardware failures. data reconstruction. advanced searching & processing. Expert Services Testimony. Affidavits. Reports.

What We Do Consulting. One of the things we do best is help clients cut us out of the process. FBD Global provides training and specialized advisory services to industry clients building their own internal forensics and data recovery labs, including: Strategic Consultation laboratory and clean room construction. staffing. toolkits. Regulatory Advisory Services risk assessment. audits. process and quality system development. Training forensic examination. data recovery. quality management. security. Our personnel have backgrounds in law, criminal investigation, intelligence, fraud examination, and information systems and security. We offer basic-to-advanced training on the techniques we use to provide digital forensics and data recovery support.

We Tell Stories. Computer Incident Autopsy Mobile Device Seizure and Analysis Lost or Fragmented Data Reconstruction User Profiling Internet History Analysis Event and Communication Analysis Deleted File Recovery Advanced Data Searching and Processing Google Search History Recovery and Analysis Social Networking Activity Forensic Evidence Collection Encryption Analysis We Keep Secrets.

These clients faced the same choice you do:

Case No. 08880 CRIME A successful chain of retail businesses was acquired for a large sum of money. The day after the sale was announced the principal owner s 6-year old boy was kidnapped in a foreign country and held for ransom. The kidnappers negotiated an approximately $1M ransom. The money was dropped, and the kidnappers seized the ransom, murdered the boy, and vanished. Foreign law enforcement investigated and the case went cold after several months. We were engaged by the Attorney General for the country of incident. It was suspected that government employees may have masterminded the kidnapping. Within a week, forensic examination of agency computers developed evidence that identified the prime suspect in the case, a police officer. While in custody police discovered thesuspect was holding children from two other kidnappings. The case made national headlines and the rescued children were returned to their families. The suspect was killed in prison three weeks later.

Case No. 07715 FRAUD Case No. 06732 data breach Our client represented the wife in a complex divorce proceeding. Husband and wife had co-owned and sold an early stage company during their marriage for approximately $8M dollars. At the time divorce was filed, the marital estate was estimated to be approximately $2M dollars, and there was no accounting for the missing $6M dollars. Forensic examination of cell phones, personal computers, and financial activity uncovered data fragments which, upon analysis, were traceable to an undisclosed bank account that had been surreptitiously accessed by the husband. Following a subpoena to the bank, it was discovered that this undisclosed account contained about $6 million dollars. A settlement agreement was reached and greatly favored our client. We were retained by a government agency to respond to and investigate a breach incident that had resulted in data theft. The stolen data was sensitive and the client needed an emergency response. Our crisis support team responded in the middle of the night to assess the incident, analyze the technical landscape, and contain the breach. Progress was initially slow despite an all hands response. However, deep examination in our laboratory identified a small, almost insignificant string of malicious code intentionally obfuscated within other code. And further analysis traced the source to multiple internal employees. The breach was contained and criminal proceedings were instituted against the offenders, all software development engineers and programmers. Case No. 06286 embezzlement We were engaged by a company to examine its technical infrastructure for suspected intrusion and/or monitoring. Investigation revealed an ongoing breach was in fact occurring, but the source was internal. We discovered multiple keyloggers and other monitoring software had been deployed to company computers. Further investigation determined the source was a trusted employee and that, in addition to monitoring, the employee had been embezzling money from the company for several years. It was later revealed her motive was to steal customer lists and spy on management in order to later separate from the company and form a competitor. Both civil and criminal proceedings were instituted against the suspect, who was ultimately convicted and imprisoned.

Case No. 09192 ip theft Case No. 08911 crime We were engaged by an online seller of nutritional supplements being sued in Federal Court for intellectual property theft. A motion was to be heard by the court regarding possible spoliation by our client. This motion was based upon a report generated by a national computer consulting and security firm hired by the plaintiffs. Our examination of the report revealed it contained multiple inaccurate statements and fundamental misunderstandings about computer forensics. We testified in court and advised our client during cross-examination of plaintiff s expert in a brutal challenge of his forensics expertise, which turned out to be rudimentary. Our client was a foreign government agency. We were engaged to investigate computer activity in connection with a suspected child exploitation ring. Forensic examination linked some computers to child pornography operations in Eastern Europe. The results of our investigation implicated multiple individuals, including a ranking member of the foreign ministry, as well as a local priest. The suspects were tried and imprisoned. The evidence we developed was instrumental in securing the conviction and sentence. Based on our work, the motions for sanctions and summary judgment were dismissed and a settlement between the parties was quickly reached. This was good news for our clients as they would have been personally bankrupted had they not prevailed on these motions. Case No. 09358 e-forgery We were engaged to provide expert consulting and reports in connection with a complex lawsuit based on allegedly falsified contracts. A proud supporter of HTCIA high-tech crime investigation association An independent third party had been ordered by the court to handle document production and searching. Our forensic examination and analysis of the discovery provided by this third party indicated the contractsinquestionhadbeencreatedmore than two months after they were supposedly executed. Understandably, the judge in the case didn t have a sense of humor about the forgery, and our client prevailed on summary judgment.

Case No. 09068 criminal defense Case No. 06745 criminal defense Our client was charged with computer intrusion, aggravated identity theft and possession of contraband images. The case was investigated by the U.S. Secret Service in Dallas. Evidence comprised more than two million files spread across twelve computers and devices, many of them encrypted. Defendant filed a motion to suppress the evidence as seized outside the scope of the search warrant. Over the course of several months, both in our laboratory and at the U.S. Secret Service, we determined there were several misrepresentations in the government s responses to Defendant s motion. We further determined the government had no basis for searching encrypted files given the scope of its warrant. The District Judge granted the motion, calling the search an obvious case of deliberate overreaching by the government in an effort to seize data to which it lacked probable cause. Our client was charged with distribution of narcotics, counterfeiting, and possession of contraband images. The case was investigated by the U.S. Secret Service in Dallas. Defendant moved to suppress evidence claiming the computer was searched by police prior to obtaining a warrant. Our forensic examination determined (i) that local police had searched the computer for approximately two hours prior to seeking a warrant to search for evidence of counterfeiting, and (ii) the police exceeded the scope of that warrant for another three hours searching for contraband images. The court agreed that these and other actions were strong indicators of bad faith by the officers. The computer was suppressed and without it there was no evidence of counterfeiting or possession of contraband images. (And the narcotics alleged in the indictment which were found in a sugar bowl turned out to be sugar.) All charges against Defendant were dismissed with prejudice. Case No. 06518 ip theft We were engaged by a multinational software firm being sued by its principal rival. Several employees had departed the rival firm and were employed by our client. The suit alleged sensitive confidential data had been taken without authorization. Examination of computers and cell phones determined that, while employees still possessed confidential data, no employee attempted to use or transfer the data, and there were no indications any data had been intentionally accessed. Member in good standing infragard association of certified fraud examiners The litigation had a potential loss for our client of $2 billion and was settled for a much more favorable sum.

Contact us today. +1 866.786.5700 (U.S. and Canada) +1 512.301.5700 (all other countries) info@fbdglobal.com

Global Consulting Flashback Data FBD Management

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information