Technical support on mobile digital forensics for gender-based violence cases & data and infrastructure exposure

As partners from OTF’s Security Lab, we worked on mapping Internet Bolivia’s data and infrastructure exposure to secure their operations and provided technical support on suspected mobile infection and surveillance on gender-based violence cases, and built the criteria on how and when the cases need to be scaled to an outsourced forensic lab.

The engagement focused on two areas:

For technical forensic support, 0xche supported the triage and handling of cases received by the helpline, advising on how to better detect malicious behavior on devices through analysis of configured settings and installed applications. This support strengthened detection capabilities and helped build intuition around which cases should be escalated for in-depth forensic analysis at a specialized lab.

For the data and infrastructure analysis, we mapped with OSINT methodologies the exposed public data and infrastructure to secure their operations and reduce their attack surface. For this we first mapped the organization’s public data exposed, and made a list of information to be deleted. Then we mapped the domains, subdomains, technologies and services from the organization, to identify vulnerabilities on their infrastructure. Later, we did a recommendations report with a mitigation plan based on the findings.