Case Studies – Cybersecurity
Title Company Falls Prey to Wire Transfer Fraud
Responding to Sophisticated Phishing Attacks
A title company – through its normal course of business – performs millions of dollars in financial transactions every year via wire transfers. After several transfers failed to reach the correct client, the company began to investigate the transfer process and learned that they had become a victim of fraud, with losses totaling more than $700,000.
Pathway Forensics was engaged to conduct the investigation and mitigate any digital threats that might still be lurking on the company network. During the investigation, our analysts quickly noticed that a broker’s email account had been compromised during a sophisticated phishing attack in which malicious actors set up forwarding rules to an unknown outside address. We also learned these actors would observe email activity within the company and wait for wire transfer instructions to be ordered. At that time, they would interject into the conversation – acting as the broker’s manager – and then change the transfer routing information and account.
Upon completing the investigation, Pathway remediated the forwarding rules and reviewed all other email configurations for indications of compromise. All effected employees’ accounts were reset and two-factor authentication was implemented as an additional layer of protection. We documented our findings in an official report that the client shared with law enforcement to begin an official criminal investigation.
Case Studies – Digital Forensics
High-Tech IP Taken by Former Employees
Keeping Source Codes Protected from Inside Threats
Quantlab, a high-tech company in Houston, Texas, invested many years and millions of dollars in developing valuable source code. Three employees abruptly left the company, leaving behind a mole. Six months after leaving, the departing employees started a competing business. Quantlab suspected the former employees took the proprietary code with them to the new company.
Pathway Forensics was hired to preserve and analyze devices retrieved from multiple sources, including the former employees’ new company and their personal items. Our experts examined more than 125 pieces of evidence, and our analysis proved Quantlab’s suspicions were merited. We found evidence the former employees and the mole not only took their employer’s source code, but also took intentional steps to cover their tracks, thus spoliating evidence in an attempt to avoid justice. We provided evidence and expert witness testimony in the evidentiary hearing that led to death penalty sanctions being imposed.
After documenting our findings in more than 300 pages of expert reports, declarations, and affidavits, plus offering expert witness testimony over two days in a federal court trial, Quantlab received a favorable verdict and was awarded more than $40M.
Expert witness testimony
Case Studies – Additional Consulting Services
Chemical Company Outsources Ops Improvements
Utilizing external experts to optimize internal skillsets and processes
A global chemical company wanted to make improvements within their IT Security and Forensics department, specifically focusing on processes and procedures along with staff training. They decided hiring an outside expert would yield the best results.
Pathway Forensics was contracted to assist with forensic toolset selection and procurement, hardware recommendations, forensic lab processes and procedures, internal process development for new internal legal cases, documented workflows with training guides, and forensic training of the company’s full-time staff. During the process, Pathway also assisted with an internal investigation, collecting data from six custodians from one of the company’s locations in China and performing a routine, high-level investigation. When reviewing the data loss prevention logs, we discovered many alarming log entries that indicated data exfiltration of confidential, business-critical documents.
The internal team not only has the right tools, resources, and workflows in place, but by observing Pathway’s investigative process, they now have a better understanding of the types of red flags to look for in future investigations. Additionally, they consult Pathway regularly whenever questions arise, getting an immediate answer and continuing to expand their own expertise.