Information is the most valuable asset of the modern organization.
The ability to quickly respond to security incidents and follow
through with an investigation can mean the difference between acceptance
of a major loss and apprehension and prosecution of any intruder,
with the accompanying deterrent effect. For most businesses and
organizations, there is no option: apprehend and deter.
The choice is how to do these things as effectively
and economically as possible.
ESTec can place a security incident investigator
on retainer so you can be sure of a quick response. Our specialist
might even become a member of your own internal incident response
team. A phone call to our security engineer and he or she will be
there to trace source of the breech and help restore workability
to the company. The incident investigator can then track the evidence
back to the intruder.
Customer: A Savings and Loan Company
Services: Incident Response
Problem: A California Savings and Loan company had its entire mortgage
database destroyed and needed to catch the culprit, restore the
information, and assure its customers of better protection.
Solution: They were assigned one of our investigators, who was able
to track the incident by examining log files and identifying the
IP address of the computer that had originated the attack. With
the cooperation of the security department of the computer's company,
the offender's machine was seized, and an image of the hard drive
given to our investigator.
A log of the event from both the attack machine and the victim machine
was turned over to the FBI. Next, using an access control audit,
he quickly and confidently identified the problem areas, and designed
corrective measures to prevent a repeat intrusion.
Result: The perpetrator of this very destructive incident plead
guilty and was sentenced to five years in jail.