Feeds

Forensic computing uncloaks industrial espionage

Damning evidence wins case

  • alert
  • submit to reddit

Reducing security risks from open source software

Forensic computing techniques proved decisive in winning a recent High Court action involving underhand dealings and industrial espionage in Britain's automotive tools industry.

Computer forensics firm Vogon International was called in to help investigate the alleged theft of electronic copies of vital engineering drawings by a former director and members of staff who had left British Midland Tools, in Tamworth near Birmingham, to join Midland International Tooling Ltd (MIT). British Midland Tools' suspicions were aroused when MIT set up shop almost on its doorstep, offering identical services only weeks after its staff had left their former company.

It was alleged the suspects had taken the electronic blueprints to their new company and had begun to attract business from customers of British Midland Tools valued at £3m. British Midland Tools began a legal action and obtained a search order authorising a raid on MIT.

Vogon assisted British Midland Tools’ solicitors, Cripps and Shone, in the search and seize order at the site of Midland International Tooling. Vogon’s investigators took a complete image of the entire contents of Midland International Tooling’s AutoCAD (engineering drawing software) system, providing an exact replica of the system at the time the forensic process took place. AutoCAD files record information on data that is deleted - much like the metadata recorded by Microsoft Word.

Tooling up

Vogon investigated drawings from both companies at its laboratories in Bicester, Oxfordshire. The initial investigation revealed no real problems, but a different picture was revealed when the drawings were converted into common formats. Vogon’s investigators discovered that drawings found at Midland International Tooling contained one of British Midland Tool’s address blocks, the original of which had been overwritten and replaced with the address of the new company. Further investigation revealed two pages of British Midland Tools’ quality manual in the slack space of Midland International Tooling’s computer, which should not have been there.

How was MIT going to defend itself against such damning evidence? At the eleventh hour, the defence presented Vogon’s investigators with floppy disks, purporting to be Midland International Tooling’s original drawings on their original disks. Midland International Tooling claimed that these drawings were made in 2000; but checks with Sony revealed that the floppy disks had not been manufactured until two years later, in 2002.

In court, Justice Hart concluded that the drawings had been deliberately copied from British Midland Tools’ computer to the Midland International Tooling’s computer, as part of its plans to set up a rival business. The Judge found in favour of British Midland Tools and made an award for substantial undisclosed damages and all costs. The original judgement was made in January 2003, but an appeal in the case against former MIT directors was only exhausted in January this year. Both Midland International Tooling and British Midland Tools were wound up last year following the failure of their respective businesses.

Tony Dearsley, senior computer investigation manager at Vogon International, said its computer forensics expertise is split evenly between criminal and civil cases where the "same principles and attention to detail apply".

"Company loyalty is a thing of the past and this has led to an increase in people taking vital company information with them when they leave. We're often called in cases where sales and contact databases going missing," he said. ®

Related stories

Suspected paedophile cleared by computer forensics
Child porn case highlights browser hijack risks
Court slams Vogon for overbilling Serious Fraud Office
EU develops cyber crime forensics standards
Traces of Guilt: computer crime from the front line
WestJet disputes industrial espionage charge
Lucent trade secret suspect goes on the run

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.