CRA’s Forensic Services experts were engaged to investigate a remote IT employee, whose actual identity became questioned by management when a local police officer by the same name showed up to the corporate offices, alleging identity theft. We conducted a combination of public records research, a review of our client’s hiring records and processes, remote collection and digital forensics analysis of the target’s computer, and document metadata analysis. We concluded that the company’s remote IT employee had used a stolen identity to get hired and was operating as an agent of the Democratic People’s Republic of Korea, as part of a sophisticated scheme to evade US and UN sanctions. Our work helped the company mitigate its exposure by using a risk-based approach to successfully separate from the bogus employee, engage with the FBI, and:
- conduct enhanced due diligence on similarly situated other employees/contractors
- perform a code review to mitigate risk of ransomware injections
- strengthen ongoing monitoring capabilities of employees/contractors
- bolster defenses against the inappropriate exfiltration of valuable information
- reduce the risk of remote access tools being launched in ways that could circumvent the typical requirement for administrative privileges
- prepare to better respond to ransomware and other cyber incident response situations
The engagement was co-led by Kristofer Swanson, Vice President and Forensic Services Practice Leader with invaluable support from Patricia Peláez, Principal, Pete Stavroplos, Kaya Overholtzer, Naciye Celebi, Zach Tingle, Ashley Adams, and Jessica Harvey.
Kristofer Swanson and Patricia Peláez are both licensed private investigators, holding Permanent Employee Registration Cards issued by the Illinois Department of Financial and Professional Regulation, as required to furnish certain investigative services.
CRA’s Forensic Services Practice assists in the prevention, detection, and correction of a broad range of risks and potential misconduct, reaffirming companies’ commitment to integrity and exemplary corporate governance. Recent assignments at public companies have included investigating and assessing allegations of financial statement irregularities, fraud, FCPA non-compliance, #MeToo issues, theft of trade secrets, ineffectiveness of SOX controls, and cybercrime. Our independent experts advise companies as they navigate complex challenges, helping to ensure robust compliance and effective risk management frameworks.
