JavaScript is disabled. Please enable to continue!
Managed Services >> Incident Response >> Cyber Incident Support

Cyber Incident Support

Sidebar Image

A forensic investigation of digital evidence is commonly employed as a post incident response to a cyber-attack or any other computer related crime. Eurofins provides a professional  cyber incident response service. The focus of this service is to bring businesses which have suffered a cyber attack back to an operational state in the shortest time possible, while protecting, preserving and analysing any forensic evidence in order to rapidly establish the degree and causes of loss.

 

On-Call Cyber Incident Response

Our cyber incident response is an organised approach to address and manage the aftermath of a security breach or attack (also known as incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

We provide on-site cyber investigation, digital device seizure, imaging and analysis services at any location specified. We have vast experience in on-site operations, forensic imaging on-site, on-line server acquisitions and on-site analysis. Our corporate case and law enforcement portfolio has led us to investigate a wide range of cybercrime, breaches and computer misuse including but not limited to fraud, murder, rape, child abuse, contentious insolvency and intellectual property theft.

We recommend a step by step process that should be followed when an incident occurs. This process is designed to support any incident and minimises the damage to the integrity of any evidence.

 

Five steps to handling an incident most effectively:

1. Identification

Our cyber incident response service is activated to decide whether a particular event is, in fact, a security incident.

2. Containment

Our team determines how far the problem has spread and contains the problem by disconnecting all affected systems and devices to prevent further damage. This will be done in conjunction with the users.

3. Eradiction

The team investigates to discover the origin of the incident. The root cause of the problem and recommend what to do next.

4. Recovery

Normal systems are restored and everything is functioning correctly.                                               

5. Conclusion

Our teams analyse the incident and how it was handled, making recommendations for better future response and for preventing recurrence enabling us to modify our responses and make them even more robust.

 

Types of cyber-attacks Investigated

  • Use of Malware
  • Network Attack inc Denial of Service
  • Network Intrusion
  • Unauthorized Access
  • Illicit Distribution
  • Insider Activity
  • Extortion, Fraud & Phishing Attempts
  • Hacking Operations

 

Effects Investigated

  • Stolen/Leaked Data - Personal, Financial - illegally copied or taken from a business or other individual
  • Intercepted Communications - Electronic surveillance, compromised emails, eavesdropping
  • Data Altered/Destroyed - deleted files and comparison of files architecture
  • Damaged Reputation - Often related to times when accounts are taken over and used to spread slanderous / misinformation that effects the reputation of an individual or company
  • Fraud - Identity theft by using individual's information to make purchases/makes changes to their bank account etc
  • Vandalism - Website defacement, addition, removal, or other modification of the text or other material that is either humorous, nonsensical, offensive, humiliating, or otherwise degrading nature

 

Targets Investigated

  • Social Media accounts, Email Accounts, User Accounts, Cloud Accounts
  • Point of Sale Systems/Software, Consumer Electronics/Home Appliances
  • Network Equipment, Firmware, Operating Systems, Mobile Operating Systems,
  • Web Browsers and browser add-ons/plug-ins - Internet Explorer, Google Chrome, FireFox
  • Communications Software - All remote access, file exchange (FTP clients), and messaging software clients including email clients and instant messaging/chat  - Outlook Express, Gmail, File Sharing, Messenger & Online Chat
  • Productivity Software - Word processing, database, spreadsheet, and all other office/end user productivity applications  - MS Office, Photoshop, Adobe Acrobat
  • Development Software – Application and web development software, programming software and APIs - Java, Adobe ColdFusion, Jboss Application Server
  • Cloud Services/Applications  - Anything-as-a-Service. This category also includes applications hosted on websites, web 2.0, HTML5 and ASP apps  - Amazon Cloud Drive, iCloud, Evernote, Dropbox, CryptoCat, Pandora, Talkr
  • Content Management Systems - Website management software and plugins - Wordpress, Joomla, Datalife, vBulletin
  • Data - Digital assets, includes documents, records, database contents, intellectual property, cred card information, PII, account credentials - Electronic health records, source code, customer data, SMS messages
  • Wireless Networks - Any wireless local area network (WLAN), usually providing a connection through an access point to the wider Internet
  • Websites/Forums/Blogs - A public site for a company/business or any other entity. Frequently the target of defacements

 

Examinations

Network Examinations

  • Live operating systems and data capture
  • Email and file servers, domain controllers, SAN, NAS and infrastructure storage devices         
  • Access control, accounts, hosted and cloud servers
  • Vulnerability assessments, audits, search and control of sensitive data
  • Forensic examinations into home networks and data
  • Operation planning in networked environments

Computer Examinations

  • Servers, desktops, laptops, towers and tablet computers inc. iPads
  • Windows, UNIX, Linux and Apple OS operating systems                                                       

Storage Device Examinations                                                       

  • Computer hard disks
  • External hard disks
  • USB flash drives
  • Memory cards
    • iPods and MP3 players
    • Digital stills cameras and video cameras             
  • Games consoles inc. PS3, X-Box etc.
  • Printers, photocopiers, fax machines, modems etc.
  • Smart TV’s and other embedded/smart devices

                                                                                                                                                

 

Contact us for more information