SITUATION
A software company was being extorted by an unknown threat actor who threatened to release sensitive information related to the company’s employees. The company retained FTI Cybersecurity to perform digital forensics, investigate the root cause of the incident, and engage with the threat actor.
OUR ROLE
At the direction of counsel, FTI Cybersecurity experts traveled to the company’s office and forensically acquired targeted devices. The team conducted digital forensic analysis and complex investigative services to identify indications of unauthorized access, data exfiltration, and threat actor attribution.
FTI Cybersecurity negotiators engaged the threat actor on non-attributional communication platforms, gathered intelligence, and performed negotiations.
Simultaneously, FTI Cybersecurity’s forensic experts collected evidence to help identify the threat actor. The team met with federal law enforcement on a recurring basis and compiled multiple evidence packages supporting the legal process. This information was shared with the Federal Bureau of Investigation (FBI), leading to the threat actor’s arrest and a search warrant for the electronic devices used to conduct the illicit activity.
OUR IMPACT
As a result of FTI Cybersecurity’s efforts, the threat actor was positively identified through digital forensics, and ultimately arrested by the FBI. Keeping the threat actor active in negotiations allowed law enforcement to work through the necessary legal process to support an arrest warrant and prevent sensitive employee information from being released to the public.