Feeds

Forensic computing uncloaks industrial espionage

Damning evidence wins case

  • alert
  • submit to reddit

5 things you didn’t know about cloud backup

Forensic computing techniques proved decisive in winning a recent High Court action involving underhand dealings and industrial espionage in Britain's automotive tools industry.

Computer forensics firm Vogon International was called in to help investigate the alleged theft of electronic copies of vital engineering drawings by a former director and members of staff who had left British Midland Tools, in Tamworth near Birmingham, to join Midland International Tooling Ltd (MIT). British Midland Tools' suspicions were aroused when MIT set up shop almost on its doorstep, offering identical services only weeks after its staff had left their former company.

It was alleged the suspects had taken the electronic blueprints to their new company and had begun to attract business from customers of British Midland Tools valued at £3m. British Midland Tools began a legal action and obtained a search order authorising a raid on MIT.

Vogon assisted British Midland Tools’ solicitors, Cripps and Shone, in the search and seize order at the site of Midland International Tooling. Vogon’s investigators took a complete image of the entire contents of Midland International Tooling’s AutoCAD (engineering drawing software) system, providing an exact replica of the system at the time the forensic process took place. AutoCAD files record information on data that is deleted - much like the metadata recorded by Microsoft Word.

Tooling up

Vogon investigated drawings from both companies at its laboratories in Bicester, Oxfordshire. The initial investigation revealed no real problems, but a different picture was revealed when the drawings were converted into common formats. Vogon’s investigators discovered that drawings found at Midland International Tooling contained one of British Midland Tool’s address blocks, the original of which had been overwritten and replaced with the address of the new company. Further investigation revealed two pages of British Midland Tools’ quality manual in the slack space of Midland International Tooling’s computer, which should not have been there.

How was MIT going to defend itself against such damning evidence? At the eleventh hour, the defence presented Vogon’s investigators with floppy disks, purporting to be Midland International Tooling’s original drawings on their original disks. Midland International Tooling claimed that these drawings were made in 2000; but checks with Sony revealed that the floppy disks had not been manufactured until two years later, in 2002.

In court, Justice Hart concluded that the drawings had been deliberately copied from British Midland Tools’ computer to the Midland International Tooling’s computer, as part of its plans to set up a rival business. The Judge found in favour of British Midland Tools and made an award for substantial undisclosed damages and all costs. The original judgement was made in January 2003, but an appeal in the case against former MIT directors was only exhausted in January this year. Both Midland International Tooling and British Midland Tools were wound up last year following the failure of their respective businesses.

Tony Dearsley, senior computer investigation manager at Vogon International, said its computer forensics expertise is split evenly between criminal and civil cases where the "same principles and attention to detail apply".

"Company loyalty is a thing of the past and this has led to an increase in people taking vital company information with them when they leave. We're often called in cases where sales and contact databases going missing," he said. ®

Related stories

Suspected paedophile cleared by computer forensics
Child porn case highlights browser hijack risks
Court slams Vogon for overbilling Serious Fraud Office
EU develops cyber crime forensics standards
Traces of Guilt: computer crime from the front line
WestJet disputes industrial espionage charge
Lucent trade secret suspect goes on the run

Secure remote control for conventional and virtual desktops

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
JLaw, Kate Upton EXPOSED in celeb nude pics hack
100 women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.