Cyber Operations and Incident Response
We have broad experience investigating, characterizing, and containing complex cyber incidents across a range of industries, working seamlessly with corporate IT and security teams, legal counsel, and law enforcement investigators.
BRG’s Cyber Operations and Incident Response team includes former federal law enforcement cyber investigators, computer scientists, and other industry-recognized professionals who have conceived and led some of the most significant cyber operations of the internet era.
As former law enforcement investigators, certain members of the team spearheaded the investigation and arrest of the administrators of Silk Road, a notorious $1.2 billion underground drug website, seizing hundreds of thousands of bitcoins in the process—the largest such seizure ever. These members orchestrated a worldwide law enforcement shutdown of Silk Road 2.0 and other illicit darknet marketplaces. They have investigated, identified, and arrested the leadership of the prolific “hacktivist” groups Anonymous and LulzSec.
In addition, our team has broad experience investigating, characterizing, and containing complex cyber incidents across a range of industries, working seamlessly with corporate IT and security teams, legal counsel, and law enforcement investigators. They understand the important of maintaining ongoing business operations and put their experience and practical awareness to work to provide rapid and successful solutions.
Speed is critical when dealing with a cyber incident. BRG’s global presence enables our incident response teams to respond quickly, regardless of geographic challenges. Our professionals provide rapid on-site deployment to conduct data breach investigations using technologies, methods, and practices that have been rigorously tested for defensibility before courts and regulators. Services include:
- Breach scoping, containment, and remediation
- Forensic collection and analysis of electronic evidence, including computers, mobile devices, and cloud-based platforms and hosting services
- Malware analysis and reverse engineering
- Advanced data-recovery capabilities, including deleted and password-protected files
Complex Cyber Investigations
Our security experts have world-renowned technical experience investigating a diverse range of cyber incidents and know firsthand the value of gathering facts and evidence in a systematic way suitable for investigation and, potentially, prosecution or other legal action. They have created pioneering investigative techniques to overcome the technical complexities of the most challenging cyber investigations. Services include:
- Cryptocurrency transaction analysis and tracing
- Dark web or “darknet” investigations
- Cyber-related intellectual property infringements, including insider theft, fraudulent domains, and website spoofing
- Development of custom advanced investigative techniques and solutions
- Expert witness testimony on matters including darknet investigations, cryptocurrency, and computer and mobile forensic analysis
Our professionals focus on building a detailed understanding of an organization’s business objectives, technology infrastructure, and data, and the risks and threats specifically associated with that environment. They leverage years of experience responding to and investigating complex and sophisticated cyber incidents—and their deep knowledge of how cyber criminals operate—to identify, prioritize, and remediate weaknesses before they can be exploited. Services include:
- Penetration testing and vulnerability assessments
- “Red-team” security assessments
- Social-engineering exercises
- Application security reviews and source code audits, including websites and mobile applications
- Cyber security training for employees, executives, and in-house security teams