Episode 68 - Catching Cyber-Criminals With Digital Forensics
Ransomware attacks, data breaches, digital theft – on the rise. Who are the cyber-criminals? Can they be traced? And what can a company do to minimize risk and respond to an incident?
Joining us for a tour of the dark side of the digital age is Bill Corbitt, Vice President of Digital Forensics and Incident Response at Intersec Worldwide. www.intersecworldwide.com, a US-based team of former federal cybersecurity experts who have worked on some of the world’s largest security breaches. The firm was named a 2021 top Digital Forensics & Incident Response firm by Enterprise Security Magazine. Bill’s team has addressed serious incidents for many Fortune 100 companies. In this podcast episode he shares insights into dealing with ransomware attacks, data theft, and the aftermath.
Ransomware attacks are conducted by sophisticated criminal enterprises, usually operating from data havens where government seldom prosecutes them for attacks abroad. They probe for vulnerabilities and find attack vectors into a company’s IT system, freeze digital operations, then post a ransom demand before releasing their grip that can paralyze the victim’s business.
Modern digital forensic techniques can generally identify the attackers. The quicker an attacked business engages a forensic expert, the more likely it is that the perpetrator can be identified. Ransomware attackers increasingly have two waves of ransom demand – the first to unlock the system, the second to promise not to release exfiltrated data to the world. Every ransomware attack should be viewed as a data breach, though it is possible for a forensics expert to determine if data has been taken rather than only temporarily encrypted.
Cybercrime, like all crime, will not disappear. If there is money to be made, criminals will seek it. Minimizing risk is essential. Businesses should constantly upgrade their entire IT systems, eliminating weak points and discarding outdated elements. Those with access to company computers and systems need training and discipline to view company property and data with care.
If you have ideas for more interviews or stories, please email info@thedataprivacydetective.com.