Suspected Code Theft Creates a Forensic Furor

Computerworld - I recently received a call from one of my company's intellectual-property lawyers, who suspected that someone had stolen the source code to one of our products. A license for the product costs more than $10,000, so the possibility that it might have been taken was cause for great alarm.

Here's what happened: Our company entered into a joint development agreement with another firm and provided a Solaris workstation containing the source code for the software in question for purposes of interoperability testing with our partner's products.

During the course of the integration work, one of the other firm's employees was laid off. Prior to his departure, the employee, now disgruntled, claimed that an unnamed colleague had copied our company's source code for his own use. The colleague allegedly had bragged about using parts of our code to create a new product. Upon hearing this, our attorney immediately ordered the server brought down and the system's internal hard drive returned. My task was to determine, if possible, whether the source code had been copied—and by whom.

Faced with a forensic analysis of the hard drive, I had three options. I could do the work in-house, outsource all of the work or outsource part of it. To avoid bias or conflict of interest, I decided to outsource the entire project.

Finding an Expert

My first job was to find a reputable, capable and efficient forensic analyst to do the work quickly. I called a few people I used to work with who had expertise in this area. The first person said he could create a mirror image of the drive, but he wasn't skilled enough with the Solaris operating system to provide an analysis that would prove—or disprove—the transfer of our company's source code. The other fellow had the Solaris skills we needed but had his hands full indefinitely with work related to the Enron Corp. case. However, he gave me a reference, and I also obtained references from other information security professionals and found the names of reputable firms through an Internet search.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Additional Resources

WHITE PAPER

Enter the Security KnowledgeVault

Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

WHITE PAPER

Cut Communications Costs Once and for All

New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Top Stories

• Microsoft's upgrade plans will test IT pros
• Google's Motorola buy seen boosting Android in workplace
• Apple CEO Tim Cook passes up $75M
• NASA hits new frontier with historic SpaceX rendezvous

Free Insider Guide

Excel 2010 Cheat Sheet

Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Register for FREE now! »

Servers White Papers

Dell 12 G Case Study with VMware

In this guide, we discuss the different pieces that comprise a Dell 3-2-1 Reference Configuration, the benefits they bring to your organization, and...

North York General Hospital Doubles Storage Performance: Cutting Costs and Simplifying Management by Standardizing on IBM XIV

Read the white paper and see how this platform increased performance for applications such as Microsoft Exchange and eliminated maintenance costs while simplifying...

Cisco UCS B230 M2 Blade Server: Uncompromised Virtual Desktop Performance

When deploying our virtual desktop solution, choosing hardware powerful enough to support a large number of virtual desktops is crucial.

Practice Management: Double Billing Rate and Improve Patient Services

Would you like to double your billing rate and achieve faster payment for services?

Download this customer success story to see how One Health...

Mission Critical Data Explosion and Customer Case Study

Would you like to double your tier 1 storage capacity while simultaneously reducing your storage footprint?

Download this customer success story to see how...

All Servers White Papers

Servers Webcasts

Distributed Database Security with Real-time Monitoring

View this demo and learn how IBM InfoSphere Guardium database activity monitoring can help protect your sensitive data in distributed DBMS environments with...

InfoSphere Warehouse Packs Demo

These flash modules make warehousing more tangible and relevant to business users through detailed explanations of the InfoSphere Warehouse Packs.

Delivery Management -- Extending Lifecycle Management

Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs,...

Leverage automation today to reduce IT complexity

Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific...

Redefine Expectations in the Data Center

Need to do more with less? Watch this video to learn how HP ProLiant Gen8 servers can help your business deploy servers three...

All Servers Webcasts

Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter

1. Server & Data Center Roundup
2. Cloud Computing
3. Operating Systems
4. Data Management
6. Industry Tech: Communication Carriers (ISP, Telecomm, Data Comm, Cable) Tech: Computer/Network Consultant Tech: E-commerce/Internet Tech: Manufacturing - Hardware/Software Tech: Retailer/Distributor/Wholesaler (computer-related) Tech: Service Provider (MSP, BSP, ASP, ESP, Web Hosting) Tech: VAR/VAD/OEM Tech: Other Non-Tech: Advertising/Marketing/PR/Media (Publishing, Broadcast, Online) Non-Tech: Aerospace/Defense Contractor Non-Tech: Agriculture/Forestry/Fisheries Non-Tech: Business Services/Consultant Non-Tech: Construction/Architecture/Engineering Non-Tech: Education Non-Tech: Finance/Banking/Accounting Non-Tech: Government - Federal (including Military) Non-Tech: Government - State/Local Non-Tech: Healthcare/Medical/Pharmaceutical/Bio-Tech Non-Tech: Insurance/Real Estate/Legal Non-Tech: Manufacturing & Process Industries Non-Tech: Mining/Oil/Gas Non-Tech: Retailer/Wholesaler/Distributor (non-computer) Non-Tech: Travel/Hospitality/Entertainment/Recreation Non-Tech: Transportation/Utilities (Energy, Water, etc.) Non-Tech: Other
7. Job Title IT Management: CIO, CTO, CSO IT Management: Executive VP, Senior VP IT Management: VP IT Management: Director IT Management: Manager IT Management: Supervisor IT Management: Systems Integrator IT Management: Technical Consultant Business Management: CEO, COO, Chairman, President Business Management: CFO, Controller, Treasurer Business Management: Executive VP, Senior VP, VP, GM Business Management: Director, Manager Business Management: Other Corporate, Business Manager Business Management: Consultant (Non-Technical) Other: IT Staff Other: Non-Manager
8. Company Size 20,000 or more 10,000 - 19,999 5,000 - 9,999 1,000 - 4,999 500 - 999 100 - 499 50 - 99 Less than 50
9. Country United States of America Afghanistan Albania Algeria Amercian Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia-Herseg Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Cook Islands Costa Rica Cote DIvoire (Ivory Coast) Croatia Cuba Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland-Malvinas Faroe Islands Fiji Finland France French Guiana French Pacific Islands (French Polynesia) French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Great Britain Greece Greenland Grenada Guadeloupe Guam Guatemala Guinea Guinea-Bissau Guyana Haiti Heard and McDonald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Israel Italy Jamaica Japan Jordan Kazachstan Kenya Kiribati Kuwait Kyrgyzstan Laos Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives (Maldive Islands) Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Metropolitan France Mexico Micronesia, Federated States of Moldova Monaco Mongolia Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island North Korea Northern Mariana Islands Norway Oman Pakistan Palau Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Islands Poland Portugal Puerto Rico Qatar Reunion Romania Russian Federation Rwanda Saint Helena Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and the South Sandwich Islands South Korea Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Islands Swaziland Sweden Switzerland Syria Taiwan Tajikistan Tanzania Thailand The Democratic Republic of the Congo Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United States of America United States Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Viet Nam Virgin Islands (American) Virgin Islands (British) Wallis and Futuna Islands Western Sahara Yemen Yugoslavia Zaire Zambia Zimbabwe
10. US State Alabama Alaska Arizona Arkansas California Colorado Connecticut Delaware District of Columbia Florida Georgia Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virginia Washington West Virginia Wisconsin Wyoming Puerto Rico Virgin Islands Guam American Samoa U.S. Minor Outlying Islands Armed Forces Africa Armed Forces Americas AA Armed Forces Canada Armed Forces Europe AE Armed Forces Middle East AE Armed Forces Pacific AP
12. Subscribe View all newsletters | Privacy Policy

IT Jobs

See All Jobs Post a job for $295

Go

Jobs by SimplyHired

Servers White Papers | All Servers White Papers

• Dell 12 G Case Study with VMware
• Cisco UCS B230 M2 Blade Server: Uncompromised Virtual Desktop Performance
• Mission Critical Data Explosion and Customer Case Study
• Database Activity Monitoring Is Evolving
• Thinking Outside The Data Warehouse
• Driving Secure Enterprise File Sharing and Syncing in the Enterprise
• Mobile Middleware Strategies
• Native & HTML5 Mobile Apps: Not an either or, but a where and when
• Finding the right cloud solutions for your organization
• Measuring the Business Value of CI in the Data Center

• North York General Hospital Doubles Storage Performance: Cutting Costs and Simplifying Management by Standardizing on IBM XIV
• Practice Management: Double Billing Rate and Improve Patient Services
• Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
• Establishing a Strategy for Database Security is No Longer Optional
• Using BD for Smarter Decision Making
• The Enterprise File Sharing Option
• The Evolution of Enterprise Mobile App Development
• Activities Streams Base An Integrated Social Layer
• Converged Infrastructure for Dummies
• Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution

Sponsored Links

• IT works better together with HP Converged Infrastructure.
• Better, more meaningful EMR/EHR solutions from Kodak Document Imaging.
• Elevate storage agility and efficiency with HP 3PAR storage.
• Easily create and manage custom iPad & iPhone apps for your business.
• Redefine your data center with HP servers.
• Protect against cyber attacks with a cybersecurity degree from UMUC.
• Technology for Tomorrow's Cloud
• Earn the law degree that works for I.T. management. Over 1,300 Grads.
• Simplify your data center with HP. Download the case study now.
• Learn the best approach for SMB data protection
• Join us for an upcoming Microsoft 365 live online demo event.
• Discover your easiest path to unified communications
• FREE SSCP Webcasts - overview of each domain and how to study for the exam.
• Protect your data now and down the road. Use LTO-5 Tape!
• Connect with global CIOs now at Enterprise CIO Forum
• Download Microsoft's latest Data Protection Management tool
• Not All QSAs Are Created Equal: What You Should Know Before You Buy
• The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability
• The AMD Virtual Experience Virtual Trade Show
• "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management

• Connect with IT leaders redefining mobility at the Enterprise Mobile Hub
• Easily create and manage custom iPad & iPhone apps for your business.
• Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.
• Splunk translates machine data into "aha" moments for IT and the business.
• New! Diskeeper Corporation is now Condusiv Technologies. Visit Our New Website For More Information!
• Free SAP paper on managing mobility at the app level. Get yours today!
• BlackBerry® Mobile Fusion. Different mobile devices. One platform.
• Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.
• Free Whitepaper : Why Phones Are the Leading Authentication Device
• Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class
• Cognizant. Leading in Business, Application & Technology Services
• Webinar: A Practical Approach for Using DLP to Manage Risk to Information Assets
• Virtualizing Your Infrastructure Just Got Easier
• MIT Sloan Executive Education. innovation@work
• Tolly Performance Report  "Citrix NetScaler with nCore Outperforms F5 BIG-IP"
• ITwhitepapers.com - Access thousands of white papers on 300+ technical topics.
• Leverage Your Cisco infrastructure for Superior Application Performance
• Learn about the AMD Virtual Experience
• "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
• Introducing: Project Icebreaker

Resource Center

See your link here

THISWEEK'SGLOSSARY MD5 checksum: This algorithm, originally designed to create digital signatures, can also be used to verify that a drive image is an exact copy. The process creates a unique encrypted value, called a message digest, based on the number of set bits in a file. Using a public key, a forensic analyst can compare the decrypted numerical value for the drive image to one calculated on the original to verify that the copy hasn’t been altered. For more information, visit http://theory.lcs.mit.edu/~rivest/ Rivest-MD5.txt. LINKS: Forensic Analysis Firms EvidentData Inc. Rancho Cucamonga, Calif. Foundstone Inc. Mission Viejo, Calif. New Technologies Armor Inc. Gresham, Ore. Do-It-Yourself Tools The Coroners Toolkit is a set of freeware tools for Unix forensic media analysis. Safeback, from New Technologies, performs “evidence-grade” mirrored backups of hard drives. EnCase, from Guidance Software Inc. in Pasadena, Calif., is one of the better-known commercial disk-analysis tools.