Case study: Corporate Resources Hijacking (OutSec - CyberDetect)


The challenge

An online retail business owner suspects two of his key employees of fraud. Several clues led him to that conclusion but there was a lack of evidence. For some time the working atmosphere around the office was real tense in their presence but suddenly lightened-up when they were not around. When one of the employees started holding back information critical to the business, the owner decided to call upon professionals to solve the issue.

Our approach

A forensic expert was dispatched on site to perform a forensic copy of the workstation of both suspects in presence of the business owner and a notary. Analysis of the data showed that both were working on the design of a new online retail platform intended to compete with the client on one of his key product range. It was obvious that most of their time in the office was spent on this new platform and that they were transferring most of their normal workload to colleagues. The key information held back from the business owner by one of the suspect was also recovered. A plan was quickly prepared to ensure the continuity of the business after the two employees were dismissed. That plan included the taking over by the management of critical information systems through AGR shortly before the dismissal and until the transition was completed.

The impact

The client was able to dismiss the two employees for breach of contract based on the evidence collected. The evidence was strong enough to discourage either employee to even attempt litigation against our client. The client did not have to wait until a replacement was found to dismiss them as AGR was able to take over some critical responsibilities during the transition time.

What the client valued

The fact that an intervention was arranged quickly outside office hours together with proper legal support and that the in-depth analysis gave definitive proof of the fraudulent activities. Our deep understanding of Information Systems allowed us to design and implement a transition plan for the remote management of some key information systems without any consequence for the business and with the full confidence that there would be no service disruption.

<< Back