SITUATION
A global automotive manufacturing company retained FTI Cybersecurity to investigate a potential insider threat involving an employee suspected of breaching security protocols to exfiltrate company information and leaking trade secrets on the dark web.
OUR ROLE
FTI Cybersecurity conducted a comprehensive insider threat investigation, employing a combination of in-person interviews, forensic review, and dark web research. We interviewed both the subject of the investigation and the technical resources who conducted a separate internal investigation. The insights gathered from these interviews were subsequently validated through a forensic review of hard drives and network activity logs. These techniques, in addition to our expertise in conducting forensic analysis within a Linux environment, enabled our experts to uncover definitive evidence of the suspected insider’s actions. FTI Cybersecurity’s investigative methodologies complemented the internal investigation, providing the client with crucial data points essential to taking appropriate action against the insider.
OUR IMPACT
Through direct interviews, forensic reviews, and dark web searches, we provided the client with a high level of confidence in the results delivered. Our findings in the investigation corroborated with the client’s discoveries and furnished substantial additional details, bolstering the foundation for administrative and legal actions taken by the client. FTI Cybersecurity’s investigation not only supported the client’s internal needs to determine malicious insider action, but also led to the implementation of a series of cybersecurity enhancements designed to protect against similar incidents.