Case Study

Anti-Forensics

Discover how ArcherHall’s forensic experts uncovered evidence of IP theft despite anti-forensic tactics, revealing hidden data and strengthening legal investigations.

The Situation

Our client asked us to investigate a suspected theft of IP. Two employees had recently left the company for competitors and were suspected of misappropriating intellectual property and proprietary information. ArcherHall was given their laptops to search for unusual activity and build evidence of the IP theft, including file transfers to USB, files sent to personal email addresses, correspondence with rival companies, and mass deletion of files.

The Challenge

Our team quickly determined that antiforensics had been used in an attempt to hide suspicious activity on the laptops. The ex-employees had utilized different methods for copying IP, such as Google Drive and Dropbox. They had attempted to hide their activity using drive wiping software, which we could see had been used, and subsequently uninstalled, close to the time of termination of employment. Anti-forensics software makes it more difficult to find evidence of IP theft, but our team was determined to continue.

The Solution

We expanded the scope of our investigation in order to examine not only traces of IP theft, but also evidence of data wiping and anti-forensic activity. Using the latest forensic software, we examined restore points and shadow copies to identify items and activity that had been deliberately hidden or obscured. This allowed us to collect evidence of data tampering that points towards theft of IP.

The Outcome

This evidence was compiled and reported to our client to support their case. Alongside other evidence, the signs of antiforensic activity may allow for further investigation into the suspect’s personal devices, eventually leading to the recovery of IP and mitigation of losses.

Key Success

Awareness of anti-forensic activity lead to an expansion of the scope of the investigation. Our forensic team uncovered signs of IP theft, and circumnavigated attempts to cover up unusual activity.

We are a leading provider of computer forensics and e-discovery services for businesses and law firms nationwide. We don’t take chances with your data when litigation is a possibility, and proper handling is critical.

Our Solutions

Digital Forensics

eDiscovery

Cybersecurity

Want Exclusive Insights Delivered to Your Inbox?

Stay ahead with expert-driven resources covering digital forensics, 
eDiscovery, and cybersecurity—all tailored to your legal needs.

Insights from ArcherHall

Stay Ahead of the Curve

The legal landscape is constantly evolving—and so is digital evidence. ArcherHall helps you stay informed through CLE webinars, white papers, and expert insights tailored to lawyers and legal teams. From new trends in cybercrime to emerging case law on electronic evidence, our resources are designed to give you an edge.

What is Digital Forensics?

A brief overview of computer forensics, mobile forensics, and other types of digital investigation. Overview Digital forensics is...

Read More

Malpractice at a Surgical Facility

Learn how ArcherHall’s digital forensics experts uncovered falsified medical records within an EMR system, proving malpractice and securing...

Read More

Social Media Forensics: A Primer

A brief overview of the technical, legal, and practical issues in a social media investigation. Individuals and organizations...

Read More

Have Questions or Need More Information?

Call us at (855) 839-9084. Or send us a message and we’ll get back to you right away.

Name(Required)
I am a Legal Professional