Victims of cyber crime often don’t know where to go to get help when their servers have been ravaged or when top secret information has been swiped, but Toronto-based JAWZ Inc. is hoping to be of help with the creation of its Cyber Crime Response Unit (CCRU).
With many companies still in the “it can’t happen to me” mindset and the world’s governments still trying to understand how to legislate the Internet, JAWZ’s CCRU was officially announced in December under the company’s Professional Security Services division.
“Most organizations don’t know how to respond to [cyber crime],” said Tom Welch, vice-president of global security solutions at JAWZ. “If someone stole their laptop, they certainly can respond to that. They’d call the police and then it’d be done. When someone steals intellectual property or there’s a hack attack, they don’t necessarily know what to do.”
The CCRU’s teams are made up of ex-law enforcement, technical and ex-military professionals with at least 10 years of experience, Welch said. CCRU teams are capable of providing computer incident response, computer crime investigation and forensic analysis, and forensic training and certification services.
“I think what they’re doing is really interesting, and it’s certainly unique. I haven’t heard of anything like this anywhere else,” said Dan McLean, research manager, network support and integration with International Data Corp. Canada in Toronto.
JAWZ guarantees clients 24-hour response time. When the team arrives on-site, it assists clients in figuring out what happened, minimizing further loss and damage, and obtaining evidence in a way that would be admissible in court. The teams also act as liaisons between law enforcement officials and, if the client wants to go public, with the media.
“It gives us a knowledge base that most of our competition and most of our clients don’t have this knowledge in-house,” Welch said. The majority of the time, the crimes the CCRU investigates are occurring from the inside.
The types of crimes the CCRU focuses on investigating include intellectual property theft, hack attacks, civil or criminal wrongs and virus contamination. Most investigations concern intellectual property theft and hack attacks, he said. Because of the nature of the CCRU’s business, it offers its client extremely strict confidentiality. And even though a lot of the big attacks, such as those against giants like Microsoft or Yahoo, are reported in the media, there are a lot of attacks that are unknown to the general public.
“Every organization can be attacked, even JAWZ,” Welch said. “We’re a security company and there’s always the potential that we can be attacked, although we have security all over the place. If someone has enough money and enough time, you can break into anything.”
So far, none of JAWZ’s clients have gone public with their cyber crime problems. According to McLean, going public can often cause damage to the company’s reputation or cause it to lose customers.
“If the service that JAWZ is offering allows people to build a case but also provides a degree of confidentiality and allows people to prosecute without making everything public, then that’s probably an appealing thing for a lot of companies,” McLean said.