Forensic Files: The Case of the Suspiciously Flawless Investigation

When business security is spotless, use digital forensics to look to third parties for errors.

The following post is a segment in my digital forensics series, "Forensic Files." I’ve found the best way to inspire better security practices is to show examples of true security blunders. Hopefully the security failures I’ve seen while investigating compromised businesses will help you realize some actions you should take to ensure your own business’ security.

What happens when forensic investigators can’t find evidence of a compromise? In a recent digital forensics investigation of an e-commerce ticketing site, we were placed in this exact scenario. As far as we could tell, the ticketing site was PCI compliant and showed no sign of vulnerability.

Eventually, we discovered that this e-commerce vendor licensed many third parties to sell tickets to their events. It dawned on us that the breach could have been caused by a third party.

Although the original ticketing site was secure, one of their resellers was not. The close shave inspired them to exercise extra diligence when selecting partners in the future.

View our Slideshare below: The Case of the Suspiciously Flawless Investigation.

‍The Case of the Suspiciously Flawless Investigation from SecurityMetrics