Feeds

Forensic computing uncloaks industrial espionage

Damning evidence wins case

  • alert
  • submit to reddit

Top 5 reasons to deploy VMware with Tegile

Forensic computing techniques proved decisive in winning a recent High Court action involving underhand dealings and industrial espionage in Britain's automotive tools industry.

Computer forensics firm Vogon International was called in to help investigate the alleged theft of electronic copies of vital engineering drawings by a former director and members of staff who had left British Midland Tools, in Tamworth near Birmingham, to join Midland International Tooling Ltd (MIT). British Midland Tools' suspicions were aroused when MIT set up shop almost on its doorstep, offering identical services only weeks after its staff had left their former company.

It was alleged the suspects had taken the electronic blueprints to their new company and had begun to attract business from customers of British Midland Tools valued at £3m. British Midland Tools began a legal action and obtained a search order authorising a raid on MIT.

Vogon assisted British Midland Tools’ solicitors, Cripps and Shone, in the search and seize order at the site of Midland International Tooling. Vogon’s investigators took a complete image of the entire contents of Midland International Tooling’s AutoCAD (engineering drawing software) system, providing an exact replica of the system at the time the forensic process took place. AutoCAD files record information on data that is deleted - much like the metadata recorded by Microsoft Word.

Tooling up

Vogon investigated drawings from both companies at its laboratories in Bicester, Oxfordshire. The initial investigation revealed no real problems, but a different picture was revealed when the drawings were converted into common formats. Vogon’s investigators discovered that drawings found at Midland International Tooling contained one of British Midland Tool’s address blocks, the original of which had been overwritten and replaced with the address of the new company. Further investigation revealed two pages of British Midland Tools’ quality manual in the slack space of Midland International Tooling’s computer, which should not have been there.

How was MIT going to defend itself against such damning evidence? At the eleventh hour, the defence presented Vogon’s investigators with floppy disks, purporting to be Midland International Tooling’s original drawings on their original disks. Midland International Tooling claimed that these drawings were made in 2000; but checks with Sony revealed that the floppy disks had not been manufactured until two years later, in 2002.

In court, Justice Hart concluded that the drawings had been deliberately copied from British Midland Tools’ computer to the Midland International Tooling’s computer, as part of its plans to set up a rival business. The Judge found in favour of British Midland Tools and made an award for substantial undisclosed damages and all costs. The original judgement was made in January 2003, but an appeal in the case against former MIT directors was only exhausted in January this year. Both Midland International Tooling and British Midland Tools were wound up last year following the failure of their respective businesses.

Tony Dearsley, senior computer investigation manager at Vogon International, said its computer forensics expertise is split evenly between criminal and civil cases where the "same principles and attention to detail apply".

"Company loyalty is a thing of the past and this has led to an increase in people taking vital company information with them when they leave. We're often called in cases where sales and contact databases going missing," he said. ®

Related stories

Suspected paedophile cleared by computer forensics
Child porn case highlights browser hijack risks
Court slams Vogon for overbilling Serious Fraud Office
EU develops cyber crime forensics standards
Traces of Guilt: computer crime from the front line
WestJet disputes industrial espionage charge
Lucent trade secret suspect goes on the run

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.