Digital Forensics in Hong Kong

Digitpol’s digital forensics experts investigate, analyse and recover forensic data from computers, portable devices and hard disk drives. We ensure that no digital evidence is overlooked and assist at any stage of an investigation, regardless of the size or location of data sources. Claims of leaks, fraud, cyber espionage, financial tampering, computer crime, employee misconduct, and other illegal or wrongdoing actions require corporations, law firms, and government agencies to deploy digital forensic methods to piece together facts that lead to the truth.

Mobile Phone Forensic Investigation 

Digitpol utilizes global leading technology, Cellebrite Technology, Cellebrite’s forensic expert technology allows us to carry out forensic acquisition of data from the supported listed devices.

What Data is Recoverable ?

  • SMS | IM Chat | WhatsApp | Viber | Skype | Wechat | IRC | Deleted
  • Call history | Incoming | Outgoing | Missed | Deleted
  • EMAILs | Incoming | Outgoing | Drafts | Deleted
  • GPS locations | Waypoints | GEO tagging of pictures
  • Photos | Sent | Received | Deleted
  • Social Network logs | Activity Time | GEO Login | Deleted
  • Internet History | History | Entered Keywords | Searches | Deleted | Cookies
  • Wifi Data | SSID | MAC | I.P
  • Bluetooth | Paired devices | Timestamp

Forensic Examination of Computers

Computer forensics is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the digital information.

Although it is most often associated with the investigation of a wide variety of computer crime, computer forensics may also be used in civil proceedings. The discipline involves similar techniques and principles to data recovery, but with additional guidelines and practices designed to create a legal audit trail.

Digitpol’s computer forensics experts investigate, analyse and recover forensic data from computers, portable devices and hard disk drives. We ensure that no digital evidence is overlooked and assist at any stage of an investigation, regardless of the size or location of data sources. Claims of leaks, fraud, cyber espionage, financial tampering, computer crime, employee misconduct, and other illegal or wrongdoing actions require corporations, law firms, and government agencies to deploy digital forensic methods to piece together facts that lead to the truth.

Malware

Criminals may use malicious software (or malware) to monitor your online activity and cause damage to the computer. Malware is often downloaded when people open an infected email attachment or click a suspicious link in an email. Malware can also be used to steal your usernames, passwords or other information, which is then forwarded to a third party.

‘Malware’ is a catch all term to describe different types of malware which include viruses, worms, spyware, trojans or bots.

Sophisticated attacks

Sophisticated criminals are active daily to exploit vulnerabilities on computers and other devices. Some of the techniques they use include:

  • unauthorised access or hacking – when someone gains access to your computer or device without permission,
  • malware – malicious software (such as viruses, trojans and spyware) which monitor your online activity and cause damage to the computer,
  • denial of service attacks – an attack which floods a computer or website with data, causing it to overload and prevent it from functioning properly. This type of attack is more frequently targeted at businesses, rather than individuals.

Email Forensics

Digitpol's Email Fraud Investigation Team are certified digital forensic experts and fraud examiners and can assist to all cases related to Email Scams and Fraud. Digitpol can examine emails in PST format or any raw email format to determine the senders IP address, email server used and metadata to investigate and undercover fraud.

Email fraud investigation is the collection and forensic investigation of evidence into email hacking, phishing attacks, tracing and recovery of stolen funds. Email Fraud is the intentional deception made for personal gain or to damage another individual through email. Almost as soon as email became widely used, it began to be used as a means to defraud people. Email fraud can take the form of a "con game" or scam. Investigating email fraud reaches to all aspect of cyber crime from recovery of funds transferred to a fraudsters bank account to a forensic examination to determine how fraudsters hacked into email accounts.

Email fraud, scams, phishing attacks happens in most cases when cyber criminals find ways to hack into the email servers or accounts of small and medium companies, often targeting those with business in Asia countries. Cyber criminals gain access to email accounts and  search through email accounts looking for sensitive information such as outstanding, unpaid invoices or data relating to financial transactions and business between supplier, vendor and clients. When cyber criminals identify a sale or a due invoice, the fraudsters then send various fictitious emails from the hacked email account or an email address replicated to the original purporting to be in charge of the sale or due invoice to be paid, the fraudster is then asking for transfers of funds into a nominated bank account, usually giving an excuse that there is a problem at the bank and an alternative account needs to be used. It is common that the nominated account is in the same name as the company name or with a very slight change such as an extra letter. It is common the bank account to be in the same city as the victim or client.

Email Fraud Investigation

Digitpol's Cyber and Fraud Team are certified fraud and forensic examiners and can deploy to assist with all cases related to email fraud, email spear phishing attacks, email scams and on-line related fraud. Digitpol can deploy forensic examiners to investigate hacking, determine how it took place and report the findings, Digitpol ensures that hackers are not active in your network and ensure your user accounts policies and rules are configured correctly to prevent further attacks.

Data theft and leak investigation

Digitpol’s data breach and leak investigation services, range from identifying the source of the leak, the digital tracing of the problem, forensic investigation and detailed reporting. We can help you protect your brand and re-build trust with the individuals impacted by a breach or data leak. If you suspect that your company’s data has been breached or compromised, you immediately face several time-sensitive and highly technical questions from enforcement bodies and the individuals impacted by a breach or data leak. Digitpol’s digital investigators, digital forensics teams and legal experts can help companies collect evidence to fully understand the scale and the impact of a breach. The evidence discovered can help you protect your business and prevent further breaches.

Drone Forensics

Digitpol's expert forensic technology to carry out forensic acquisition of data from the supported drones.

  • Serial number of the  drone aircraft and some internal components such as MAC, IMEI, & IMSI
  • Version numbers for firmware
  • Metadata from operations such as launching, waypoint logs, GPS available or unavailable during flight.
  • Geo location information for critical locations – launching, landing, and home or return location
  • Full flight path information
  • Wifi Data | SSID | MAC | I.P
  • Bluetooth | Paired devices | Timestamp

WiFi Forensics

Digitpol Cyber Crime Team specialise in wireless network analysis, we offer RF site surveying, WiFi network scan and analysis, Secured wireless network installation and Wi-Fi security services for private and public Wi-Fi networks.

Digitpol developed a probe named “Wi-Fi Signal Analysis” to detect Wi-Fi snooping, payload injection, rogue devices and Wi-Fi Spying in seconds, the probe operates on-location and the data is sent to an AI based database for analysis which then alerts CSO and CIO’s. The probe has prevented thousands of hacking attempts on companies networks and prevented spying on devices installed on networks. We perform Surveys to record all Wi-Fi networks on the 2.4GHz and 5GHz spectrum to determine what devices are on your network and if any rogue devices are present.

Digitpol’s Wi-Fi experts are certain Wi-Fi and IOT over-the-air attacks will rise in 2020, Digitpol’s team are conducting Wi-Fi audits for business across Europe, the probe audits details such as the number of connected devices on a network, Wi-Fi traffic, approved Wi-Fi devices, security flaws, unauthorised devices and instant upgrades. The audits have so far discovered out-of-date firmware allowing remote control, hijacked routers, modified firmware, many connected un-authorised devices and active interception. The probe can be deployed as a fixed install to sites to detect Wi-Fi interference within 900ms.

WiFi Network Monitoring

Are you concerned about information loss or business secrets being targeted over WiFi? A small amount of information could be worth millions to the right people or could damage important negotiations. Loss of confidential information such as theft of data, hacking incidents, leaks and executive schedules could even put lives in danger.

WiFi networks are a common focus point for hackers. To ensure all is in order, our forensic team will conduct a forensic audit on your Wi-Fi network to detect any rogue or unauthorised devices. We will detect all connected devices on your network or Wi-Fi, Detection and Intrusion, Malware or unauthorised devices monitoring data traffic. Detection of infected PC's, phones, tablets and digital devices.

Unauthorised access

We investigate and analyse unauthorised access or hacking incidents such as when someone gains access to your computer or device without your permission. Hackers may gain access to your computer or device through security weaknesses, malware or phishing. Once they have compromised your email, banking or social media accounts, they can change passwords preventing you from accessing your account. Scammers often send out messages impersonating and directing people to fake websites, or asking them to send money. Modern attacks are very sophisticated the fake websites may seem to be genuine.

Malware

Criminals may use malicious software (or malware) to monitor your online activity and cause damage to the computer. Malware is often downloaded when people open an infected email attachment or click a suspicious link in an email. Malware can also be used to steal your usernames, passwords or other information, which is then forwarded to a third party.

‘Malware’ is a catch all term to describe different types of malware which include viruses, worms, spyware, trojans or bots.

Sophisticated attacks

Sophisticated criminals are active daily to exploit vulnerabilities on computers and other devices. Some of the techniques they use include:

  • unauthorised access or hacking – when someone gains access to your computer or device without permission,
  • malware – malicious software (such as viruses, trojans and spyware) which monitor your online activity and cause damage to the computer,
  • denial of service attacks – an attack which floods a computer or website with data, causing it to overload and prevent it from functioning properly. This type of attack is more frequently targeted at businesses, rather than individuals.
Denial of service or distributed denial of service attacks

Cyber attacks are common and often a method seen is a denial of service attack which floods a computer or website with data, which can overload the system or computer and prevent it from functioning properly. Unlike hacking or malware, it generally doesn’t involve access to the computer system. A distributed denial of service (DDoS) attack is a denial of service attack that comes from multiple systems, often a network of compromised computers.

Our Solutions

Digitpol’s computer forensics experts investigate, analyse and recover forensic data from computers, portable devices and hard disk drives.

We specialise in recovery of data from mobile and portable devices. Portable devices are proven to be valuable sources of information in the majority of investigations.

Cloud data sources represent a virtual goldmine of potential evidence for forensic investigators. Together with mobile device data, they often capture the details and critical connections investigators need to solve crimes. However, access remains a challenge.