Simon Smith is an experienced digital forensics and cybersecurity expert who provides cyber attack investigation and incident response services for businesses, government entities, law firms, insurers and individuals. Through Official Intelligence Pty Ltd (OFI), Simon assists after ransomware, malware, account compromise, business email compromise, unauthorised access, data theft, system encryption, insider activity and third-party provider failures. A cyber attack can create urgent operational, legal, insurance and reputational problems at the same time. The first priority is to preserve evidence, contain further compromise, understand whether data was accessed or removed, assess safe recovery options, and prepare a clear technical record of what happened and what should happen next.
Cyber attacks and cyber incidents can involve:
Simon provides tailored cyber attack response and forensic services, including:
Simon acts independently and offers unbiased technical opinions supported by forensic methodology. His findings have been relied upon in civil and criminal courts and by legal counsel across Australia and New Zealand.
OFI cyber attack and data breach response services
Through Official Intelligence Pty Ltd (OFI), Simon Smith assists organisations after serious cyber attacks, ransomware events, data breaches and business email compromise incidents. This work is practical, forensic and dispute-aware: the aim is to quickly preserve evidence, understand what happened, contain further harm, identify what information or systems were affected, and prepare clear reporting that can be relied on by directors, lawyers, insurers, regulators and affected stakeholders.
OFI can assist with breach triage, forensic preservation, server and cloud account review, email and traffic-log analysis, suspicious login review, malware and ransomware impact assessment, recovery planning, data exposure assessment, and advice on whether the incident may trigger notification obligations under Australian privacy and notifiable data breach laws. Where systems have been encrypted or damaged, OFI can help assess recovery options, review backup integrity, supervise safe testing in isolated or cloned environments, and document the technical basis for any recovery or containment decision.
Simon’s experience is especially useful where a cyber incident becomes a dispute. After a data breach or cyber attack, questions often arise about whether a provider, insurer, bank, IT support company, software vendor, staff member or third party failed to act properly. OFI can investigate the digital forensic artefacts, explain the sequence of compromise, identify gaps in controls or response, and prepare confidential technical reports or expert evidence for insurance claims, AFCA matters, litigation, regulatory engagement or commercial negotiations.
Three cyber attack response services available through OFI
1. Urgent breach triage and containment planning. Rapid review of what is known, what must be preserved, which systems or accounts may still be at risk, and what immediate containment steps should be taken without destroying forensic evidence.
2. Forensic investigation, recovery and data exposure assessment. Analysis of logs, devices, cloud accounts, mailboxes, servers, backups, network paths and recovery options to determine how the incident occurred, what data or systems were affected, and what can safely be restored.
3. Reporting for insurers, lawyers, regulators and disputes. Preparation of clear technical summaries, confidential forensic reports, expert witness reports, breach chronology, liability analysis and support material for OAIC/OVIC consideration, insurance claims, AFCA complaints, court proceedings or stakeholder communications.