At CyberClue, we also assist in situations not directly related to cyber attacks, but which require support with detection and evidence collection. Such situations are, for example, internal data leaks or fraudulent actions of competitors.
We carry out dozens of analyses every year, in which we provide the necessary knowledge and evidence, regardless of the specifics and industry of our clients.
DFIR activities, as appropriate, include:
- Identification of the IP address from which the hacking or other crime occurred
- Identification of the vulnerability that made the intrusion possible
- Analysis of the process that allowed the adverse effect to occur
- Checking whether the security of other, related systems or applications has been compromised
- Detection of back doors left by the offender and their analysis if identified
In the final report, we also provide recommendations for improving security.
We also offer support in implementing the recommended changes.
Among other things, we prepare reports to the police with the necessary information about the attack: type of attack, IP addresses from which the attack was carried out, losses incurred, etc.