There is one common denominator in all cybercrime investigations: digital evidence was present in the environment long before the target organization became aware. In our experience, advanced transnational criminal enterprises often maintain remote access to the target environment for 6-18 months before being detected. For state-sponsored cyber intrusions, unfettered access lingers on for years and sometimes is never detected. Further, detection usually does not involve in house technology, processes, or people. Rather, detection comes in the form of a tip from domestic law enforcement, a customer, a business partner, or some other third party.
Download this publication to learn about the consequences of cyber attacks and espionage and what to do in the event that your organization is targeted.