Lex has accumulated extensive experience in Enterprise IT specialising in the areas of Digital Forensics, Incident Response and Intelligence. He has assisted companies manage threats such as Ransomware, Stock Fraud, Insider Threat, Extortion, Document Fraud and more. Lex's diverse clients have ranged from International Banks and Critical Infrastructure to Start-ups and NFP's.
Lex frequently speaks on topics such as Cyber Security, Multimedia Forensics, and IT Governance.
Expand allCollapse all
Forensic & Technology Services
Financial Services and Insurance
- International Bank: Led the intelligence team during an investigation into a cyber-attack against a bank that was used to facilitate an electronic fraud and stock market manipulation. The attacker was successfully fingerprinted based on their obfuscation techniques.
- Australian Bank: Investigated a series of fraudulent electronic funds transfers that were made possible by mobile phone number porting attacks against bank customers. This resulted in the bank being postured to detect the attacker and prevent them from defrauding further funds.
- Investment: Led a digital investigation into an Office365 breach that was used to facilitate a number of payment diversion frauds. The advice provided enable the client to recoup several million dollars.
- Accounting and Insurance: Responded to a number of Ransomware cases as part of the Cyber Response panel for an Insurance company. In each case, the company had a large amount of its data returned and was able to resume normal business operations without paying a ransom.
Government and Local Council
- Investigation into the breach of IT Systems maintained on behalf of a state government department. A system containing customer data was left unsecured and was exploited by members of the public. Lex provided Crisis advice and Forensic Breach Analysis, resulting in the identification and remediation of affected accounts and data.
- Breach detection engagement conducted on behalf of a state Auditor General's office. Network monitoring was set up in a number of government departments in order to detect cyber security and policy breaches. The outcome of this investigation resulted in a publicly disclosed report published by the Auditor General.
- Investigated a number of contracts and identity documents for a University, established that several had been manipulated using techniques that are often difficult to detect
Construction & Real Estate
- Pre-emptively discovered and halted a ransomware attack from encrypting data while investigating and advising on a separate major data breach.
Mining and Metals
- Led an investigation into a theft ring on a large mine site. Conducted a covert acquisition of evidence which was used to support a number of prosecutions.
- Responded to an "advanced persistent threat" discovered on a client system. The threat allowed an attacker to steal banking credentials and redirect nearly a million dollars in payments. Contained the threat and assisted the client in recouping its funds.
- Ran an intelligence-based investigation into a blackmail attempt. A person of interest was identified within 30 minutes of the investigation commencing. This individual was later prosecuted.
- Provided breach disclosure and credit monitoring advice to a multi-national manufacturer of retail goods who had its customer database stolen by hackers.
Oil & Gas
- Led an investigation analysing over 70,000 documents suspected to be involved in fraud or misconduct. Findings included over 4,000 instances of signature modification and other forms of document manipulation.
- Response to a number of cyber-attacks against Energy Infrastructure organisations, where the attacker was isolated and contained before they were able to pivot into the industrial control system network.
- Investigation into the breach of a safety system that had been deployed on cloud infrastructure to track the location of mining contractors and employees while in remote parts of Australia.
- Investigated a payment diversion fraud that was executed against payments to individuals sponsored by the client. This investigation enabled to client to freeze the fraudulent transfers, identify the means of attacker access and prevent future malicious transfers.
- Investigated an attempt to defraud a high-profile person by an attacker using email breaches and social engineering. The matter was resolved discreetly, with integrity of the transfer assured without compromising the privacy of the celebrity in question.
- Handled a number of attempts to blackmail high profile individuals with the threat of releasing compromising material. The investigation enabled the recipients of the blackmail to establish that the blackmailer did not access have the material that they claimed to, avoiding the need to pay.
- Worked with the board of a Not for Profit organisation which was receiving harassing communications in the form of anonymous complaints. The complaints were found to be without substance and the communications were linked to other similar communications levelled against other public organisations online using online defacement and abusive posts.
- Assisted a charity accused of sending harassing communications and proved that it was not source, but rather were also the victims of the same attacker.
See Forensic and Technology Services