After a person or a business has been the victim of a cyberattack or cybercrime, it’s unlikely that the cybercriminal will be caught. But in some cases, the victim may have a legal course of action that will require a forensic evaluation by an expert witness such as my firm.

I’m asked to review evidence to determine my expert opinion on what happened, who is responsible for the breach or the breakdown that led to the crime, such as a ransomware attack. We will do a forensic evaluation for the victim, who is the plaintiff, or for the insurance company or financial institution, who is the defendant. In some cases, the insurance company or the financial institution may be the plaintiff.

We’ve done forensic investigations for cryptocurrency thefts, business email compromise, HIPAA data breaches, compliance, and other regulations where a breach has occurred.

I’m hired to examine evidence and to review reports from the opposing side. Based on my expertise, I assess my opinion of what happened. I’ll review what the plaintiffs said happened and what the defense said happened. I may review hundreds of pages, research the Internet for references and then give my opinion in the form of a written report.

SIM Swap Attacks

The latest of these cybercrimes I’ve been hired to investigate are called SIM swap attacks.

All mobile carriers have been dealing with social engineering and SIM swap attacks. It’s important for you to call your mobile provider and set a unique PIN on your account to elevate your security.

A cybercriminal will call your provider, impersonate you, and say, “I’ve lost my phone. I need a new SIM card.” They persuade the representative to activate a new SIM card and send it to them.

Since you are the victim, your phone stops working, and your phone number gets transferred to the cybercriminal. They’ve stolen your phone number because many banks and websites use it for what’s called a ‘time-based one-time password’ or TOTP sent in the form of a text message.

You login to your bank, enter your username and password, and then you get a one-time PIN sent as a text to your phone number. You enter the PIN.

Since the thief has your phone and data, they can go through past data breaches and figure out all your details. Because the IRS and most major companies have been hacked, all our details are out there. So they piece it all together, steal your identity, and try to get into your financial accounts to drain your money. The amounts stolen from individual cell phone users have been in the millions.

The cybercrook may also steal cryptocurrency. For example, when cryptocurrency prices were really high, there were a lot of SIM swap attacks targeting cryptocurrency holders because they knew that the holders were most likely using their phone numbers for that second factor, and then they drained their cryptocurrency wallets.

It’s all about the reconnaissance, what they can do, and how far they go. Most financial institutions still use the phone number as a token-based authentication method, and that’s where the SIM swap attacks come.

Who is At Fault?

I’ve been hired as an expert witness by the victim’s attorney to build the case around who is at fault. It could be the carrier or the financial institution.

Suppose my client is the defendant, and it’s determined they are at fault. In that case, they may retain me to review and recommend changes in their cybersecurity system, so they are less susceptible to a future attack.

The post Expert Witness Forensic Evaluations After Cybercrimes appeared first on Attorney at Law Magazine.

Craig Petronella

Craig Petronella is the founder of Petronella Technology Group, Inc. (PTG) an internationally trusted IT cybersecurity and compliance consulting group with over 30 years’ experience helping federal contractors and businesses with cybersecurity and compliance regulations, and who’s patented 22-layer systems cover your People,

Craig Petronella is the founder of Petronella Technology Group, Inc. (PTG) an internationally trusted IT cybersecurity and compliance consulting group with over 30 years’ experience helping federal contractors and businesses with cybersecurity and compliance regulations, and who’s patented 22-layer systems cover your People, Processes and Technology.

Craig is an Amazon #1 Best-Selling Author of many books, including “The Ultimate Guide To CMMC”, founder of the podcast Cybersecurity and Compliance with Craig Petronella – CMMC, NIST, DFARS, HIPAA, GDPR, ISO27001 https://petronellatech.buzzsprout.com/ and is an MIT Certified Professional in AI, Blockchain, Cybersecurity and Compliance.

Almost all of Craig’s clients are earned by referral with little or no advertising, and he is well-known and highly-regarded in professional circles throughout the US, after serving as compliance consultant and conducting onsite risk assessments for over 500 medical practices, hospitals, and business associates across the country.

Continuity of your business operations starts with cybersafety.

PTG provides Cybersecurity & Compliance Consulting Services, including:

We help defense contractors, medical practices, law firms and various businesses that are regulation comply with ANY regulation, including:

  • CMMC
  • DFARS
  • NIST 800-53 & 171
  • DFARS
  • HIPAA & HITECH
  • SOX
  • All ISO & SOC levels
  • & Many More…

We serve customers across all sectors in public & private organizations. We understand that each industry and organization has unique IT challenges and our expertise enables us to help you navigate the regulatory mandates and customize a solution tailored to your needs.