Case Studies

Case Studies – Cybersecurity

Title Company Falls Prey to Wire Transfer Fraud

Responding to Sophisticated Phishing Attacks

Problem

A title company – through its normal course of business – performs millions of dollars in financial transactions every year via wire transfers. After several transfers failed to reach the correct client, the company began to investigate the transfer process and learned that they had become a victim of fraud, with losses totaling more than $700,000.

Solution

Pathway Forensics was engaged to conduct the investigation and mitigate any digital threats that might still be lurking on the company network. During the investigation, our analysts quickly noticed that a broker’s email account had been compromised during a sophisticated phishing attack in which malicious actors set up forwarding rules to an unknown outside address. We also learned these actors would observe email activity within the company and wait for wire transfer instructions to be ordered. At that time, they would interject into the conversation – acting as the broker’s manager – and then change the transfer routing information and account.

Results

Upon completing the investigation, Pathway remediated the forwarding rules and reviewed all other email configurations for indications of compromise. All effected employees’ accounts were reset and two-factor authentication was implemented as an additional layer of protection. We documented our findings in an official report that the client shared with law enforcement to begin an official criminal investigation. 

Services Employed

Investigation

Remediation

Case Studies – Digital Forensics

High-Tech IP Taken by Former Employees

Keeping Source Codes Protected from Inside Threats

Problem

Quantlab, a high-tech company in Houston, Texas, invested many years and millions of dollars in developing valuable source code. Three employees abruptly left the company, leaving behind a mole. Six months after leaving, the departing employees started a competing business. Quantlab suspected the former employees took the proprietary code with them to the new company.

Solution

Pathway Forensics was hired to preserve and analyze devices retrieved from multiple sources, including the former employees’ new company and their personal items. Our experts examined more than 125 pieces of evidence, and our analysis proved Quantlab’s suspicions were merited. We found evidence the former employees and the mole not only took their employer’s source code, but also took intentional steps to cover their tracks, thus spoliating evidence in an attempt to avoid justice. We provided evidence and expert witness testimony in the evidentiary hearing that led to death penalty sanctions being imposed.

Results

After documenting our findings in more than 300 pages of expert reports, declarations, and affidavits, plus offering expert witness testimony over two days in a federal court trial, Quantlab received a favorable verdict and was awarded more than $40M.

Services Employed

Digital forensics

eDiscovery

Expert witness testimony

Case Studies – Additional Consulting Services

Chemical Company Outsources Ops Improvements

Utilizing external experts to optimize internal skillsets and processes

Problem

A global chemical company wanted to make improvements within their IT Security and Forensics department, specifically focusing on processes and procedures along with staff training. They decided hiring an outside expert would yield the best results.

Solution

Pathway Forensics was contracted to assist with forensic toolset selection and procurement, hardware recommendations, forensic lab processes and procedures, internal process development for new internal legal cases, documented workflows with training guides, and forensic training of the company’s full-time staff. During the process, Pathway also assisted with an internal investigation, collecting data from six custodians from one of the company’s locations in China and performing a routine, high-level investigation. When reviewing the data loss prevention logs, we discovered many alarming log entries that indicated data exfiltration of confidential, business-critical documents.

Results

The internal team not only has the right tools, resources, and workflows in place, but by observing Pathway’s investigative process, they now have a better understanding of the types of red flags to look for in future investigations. Additionally, they consult Pathway regularly whenever questions arise, getting an immediate answer and continuing to expand their own expertise.