Michael Webber possibly has worked on the biggest cyber crime cases in the country. He might have helped authorities track down Albert Gonzalez, the hacker responsible for exposing tens of millions of debit and credit card numbers in the data breaches at Hannaford, TJX Cos., Heartland Payment Systems and others. Or maybe he helped unravel Bernie Madoff's massive Ponzi scheme that led to more than $60 billion in losses.
If he did, it would mean great publicity for his company, BitSec Global Forensics, or even just interesting stories to share around the dinner table. But if he did, he wouldn't be talking about it. To anyone.
"I know of about a half dozen cases you've heard of — high-profile cases we've been involved with — that we can't talk about," he says. "Some of our best clients and most consistent clients we aren't able to name."
BitSec's stature is unexpected, given the company's unassuming and ill-marked office in the Governor Hill's Mansion in Augusta and its small staff — just two people, not counting one full-time contractor and about a dozen part-time consultants. Operating under the radar, BitSec specializes in uncovering what others are keeping hidden: malware that subverts a corporation's security systems and steals funds, unscrupulous digital deeds performed by a departing CEO, dangerous plots hashed out at seemingly innocuous Internet cafes.
Using a two-server lab in Augusta as well as a mobile equivalent, Webber and partner Eric Austin perform computer forensics consulting and training for dozens of clients, including Maine law firms, local and state law enforcement, and U.S. government agencies like the FBI and Homeland Security.
BitSec also offers anti-cyber terrorism training to law enforcement agencies in countries like Thailand, Jordan and Morocco on behalf of the U.S. State Department and the Department of Defense. Since founding the company in 2005, Webber and his consultants have provided training to more than 25 countries, teaching officials how to respond to credit card hacking, detect cyber threats and seize and analyze electronic evidence.
Last year, the company was honored by the State Department's Diplomatic Security Anti-Terrorism Assistance Program for its training of Colombian government officials. Gary Kessler, a former college professor, heads the company's training and curriculum development from Vermont.
A Litchfield native and former police officer, Webber helped found the Maine Computer Crimes Task Force and left a job as a special investigator and forensic examiner for the Attorney General's Office to start BitSec. Initially he focused on forensics training, but about a year and a half ago branched into consulting services for law firms and other companies, helping them uncover and document electronic data related to lawsuits, internal investigations and security breaches. "There were not a lot of vendors in the area providing that service, so we wanted to help fill that void," Webber says.
BitSec's two-tiered approach gives it a unique niche in an already small industry, say the company's partners. "I can't think of anyone that combines training and consulting like we do," Austin says.
As reliance on technology grows, cyber crime's impact on businesses increases as well. A survey conducted this year by Panda Security found that 46% of the 10,000 small and mid-sized businesses polled suffered at least one cyber crime attack during the first half of 2010, a 2% increase over last year. And the damages can be great. A July 2010 report from Ponemon Institute that surveyed 45 businesses with 500-105,000 employees found that the cost of detecting and remediating cyber crime attacks ranged from $1 million to $52 million a year for each company.
At BitSec's office, information culled from hard drives and computer memories scrolls across four monitors. One set of monitors used for training displays the Internet habits of a fictitious terrorist, readily identifying his Google searches for bomb-making websites and an entire online conversation with a cohort. On the other two monitors, a program searches e-mails related to a real case, picking out messages based on certain criteria, like key words or the receiver. A shelf above the monitors displays plaques from foreign governments, including India, Indonesia and Bahrain, in appreciation of BitSec's service.
BitSec works with both small companies and Fortune 500 and 100 corporations in industries from finance and insurance to energy and manufacturing, responding to security breaches or hacks, finding out if a former employee stole trade secrets or helping companies compile data required for a lawsuit.
Webber spends half his time on the road, meeting many of his clients on site. A mobile imaging device allows him to connect to hard drives and essentially reproduce them, which he can analyze back at the office. A drive's snapshot can also include items users have deleted. "When someone formats a hard drive, 99% of the time the information can be recovered," he says. And even if the data can't be recovered, "the absence of data is very telling," he says. Webber is sometimes called as an expert witness to testify on the information the company's work has uncovered.
Because one gigabyte of information is roughly equivalent to 50,000 printed pages, searching the right criteria to get the most relevant results is important to avoid wasting time poring through unnecessary documents. And while companies may have tackled this kind of work in the past, the advances in technology and sheer amount of data that businesses have has led many to hire an outside firm like BitSec, especially when the stakes are high. "The slightest mistake can appear to be intent of wrongdoing," Webber says. Hiring an outside firm "transfers the risk to a company like ours, a neutral, independent third party."
The rising demand for litigation support has helped make 2010 BitSec's busiest year yet. "With consulting, we've had the most traction that we've ever had in the last 12 months," Webber says. "[Law firms are] realizing these are important services, and maybe they were hesitant in the past … but now they're proactively seeking companies like ours early on."
Dave Barry, a partner at Portland law firm Pierce Atwood, agrees. He was the first lawyer at the firm to work with Webber about five years ago, and has tapped the company to help his clients properly respond to grand jury subpoenas or regulatory agency requests. "Whether in the context of government investigations or civil litigation, issues involving electronic data are a minefield that is very difficult to navigate," he says. "As a law firm, unless you're dealing with a business with very sophisticated in-house IT capabilities, it is really critical to have the expertise of a company like BitSec to ensure that your client meets its responsibilities and doesn't end up creating additional issues or problems by failing to meet those responsibilities."
BitSec relies on word of mouth from clients like Barry to drum up much of its business, says Austin. He joined the company in 2009, and as director of operations handles financial and business development. "The challenge is, because of the confidential nature of our work, we're limited to how we market ourselves," he says.
Also a challenge is keeping up with changes in technology and software. The average hard drive size doubles every year and a half, and BitSec must constantly update its programs to quickly process larger amounts of data. The company develops curricula for a number of computer forensic courses and training, and recently launched a course on how to navigate Microsoft's new operating system, Windows 7. Learning the system's ins and outs when it comes to electronic discovery took the company months of research, Webber says. "Every release necessitates changes on our end and impacts our business."
Building off of the company's 2010 trajectory, Webber and Austin plan to continue building BitSec's brand as a trusted legal adviser and plan to hire a few employees next year. And whether the company is focused on training foreign police officers or tracking down deleted documents, its goal is ultimately the same. "Companies and individuals are more aware of the dangers that come from the Internet," says Webber. "No defense is foolproof, and at the end of the day, our focus is on making users aware all the time of the risks and being security conscious all the time."
Mindy Woerter, Mainebiz e-news editor, can be reached at firstname.lastname@example.org.
BitSec Global Forensics
136 State St., Suite 210, Augusta
Founder and CEO: Michael Webber
Employees: 1 full-time and about 12 part-time contractors
Services: Computer forensics and electronic data discovery services to businesses, law firms and government agencies, as well as cyber crime and terrorism training to law enforcement in the United States and abroad
Annual revenue: Under $2 million