Computer forensics
Computer forensics is a field of computer science and forensic science that deals with the use of computer tools and data analysis techniques to identify, collect and process electronic evidence in investigations and legal proceedings. It answers questions about the course of events, determining the nature of a possible incident, attack vector, attribution. This involves the acquisition and analysis of evidence from devices such as personal computers, phones, storage media, IT/OT systems and other electronic devices (e.g. smartwatches, vehicle on-board systems). The processes of global digitalisation of the economy and communication mean that crime increasingly has a digital face. Computer forensics is therefore becoming a permanent tool of both law enforcement and legal, compliance and private investigations departments.
What can we do for you in the scope of digital forensics?
Verificators offers the synergy of years-long experience in the investigative field with the services and methodologies of technology partners who are leading players in the digital forensics and e-discovery industry.
Digital investigations
We investigate cases including fraud, unfair competition, theft of trade secrets and intellectual property. We establish the modus operandi and the perpetrators.
The process includes analysis of, inter alia, such artefacts as e-mail correspondence archives, documents, operating and security system logs, databases, data from computers, business phones and open sources (social networks, darknet activity, etc.).
Detection of spyware applications
Verification of mobile devices to detect the presence of malware or its remnants (including traces of Pegasus-type software) using an automated tool.
Data recovery
Recovery of data from devices and media lost due to intentional acts of third parties, technical failures or natural hazard events.
Countering cybercrime
We support clients in cases of online fraud, identity theft, stalking, diffamation.
Data acquisition
Collecting evidence in the form of physical / logical acquisition or in case of large infrastructure using proprietary methodology (i.e. Nuix) while maintaining chain of custody for legal proceedings and analytics.
If necessary, attempts to bypass lock screens are performed.
Post incident analysis
The process aims to examine the infrastructure to determine the attack vector (e.g. leakage, diversionary activities, ransomware). The technical and organisational vulnerabilities used in the incident are identified. Where possible, attribution (explaining who carried out the attack) is also attempted.