Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

The investigation
of virus-related computer incidents (VCI)

Doctor Web offers paid services related to the investigation of virus-related computer incidents.

Investigation | Scope of the investigation | Questions and answers | Report | Request an investigation

Incident investigation results are aggregated in a report. All reports have the following structure:

  1. The purpose and the reason for creating the report.
  2. The VCI investigation.
    • The VCI description.
    • Causes or probable causes of the VCI.
    • Methods and tools used by the hackers involved in the VCI.
    • Description of the investigated items (data storage media and documents acquired from the customer). An assessment of their value to the investigation.
    • A description of the steps taken: the investigation objective and activity start and end time. Investigation progress and time frame. Methods, software, and hardware (optional) used in the investigation and investigation’s steps.
    • Individuals identified by the investigation as participants in the incident. The extent of their responsibility for the VCI. Information about attempts (if any) to thwart the Doctor Web task group’s investigation.
    • Evidence, collected during the investigation, proving the VCI did take place, and a description of how it was acquired.
  3. Conclusion
    • VCI consequences for the customer: impact on the business, image and relations with customers and investors (shareholders), the moral impact on employees. Tips on how to minimize the negative effects.
    • The roles of the customer's employees involved in the VCI investigation.
    • A description of weak points in the customer's security policy. Steps that can be taken to minimise the impact of or resolve possible security problems.
    • Recommendations on how to prevent future incidents like this one.
  4. Applications
    • Report authors, their job titles at Doctor Web or roles (responsibilities) in the VCI investigation task force.
    • A list of items (documents and media) received from the customer and used in the investigation.
    • A questionnaire.

A report may lack certain sections if the customer did not specify that they be present in the contract.

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040