---
title: "Why Firms Are Treating Cyber Attacks Like Crimes: NewSky Security’s Take on Digital Investigations"
description: AI-powered cyber investigations redefine business resilience as firms combat advanced threats to IoT, VPN security and remote work with forensic precision
author: Darie Nani (Editor-in-Chief)
date: 2025-11-07T16:55:49.000Z
updated: 2026-02-26T18:01:41.672Z
canonical: https://www.sovereignmagazine.com/article/why-firms-are-treating-cyber-attacks-like-crimes-newsky-security-s-take-on-digital-investigat
image: https://cdn.nanimediahouse.com/hh8l-uq5l48.jpg
categories: Science &amp; Tech
content_type: Analysis
region: United States
publication: Sovereign Magazine
---

Earlier this year, the FBI exposed a sophisticated operation that turned hundreds of American routers into weapons against their own country. The [Volt Typhoon botnet](https://www.justice.gov/archives/opa/pr/us-government-disrupts-botnet-peoples-republic-china-used-conceal-hacking-critical) had compromised small office and home routers across the United States, creating a digital army that China-sponsored hackers used to target critical infrastructure. The routers belonged to remote workers and small businesses – the backbone of America’s distributed workforce.

What made this case different wasn’t just the scale or sophistication. It was how investigators approached the breach. Rather than simply patching vulnerabilities and moving on, federal agents launched a forensic investigation to trace the attack back to its source, identify the perpetrators and understand their methods. They didn’t treat it as a technical failure – they treated it like a crime scene.

## From Defence to Detection

This investigative approach is gaining ground in the private sector, where companies are discovering that stopping an attack isn’t enough anymore. They want to catch the people behind it. NewSky Security, a cybersecurity firm that focuses on artificial intelligence and Internet of Things protection, recently announced it’s expanding into private cyber investigations – a move that companies across multiple industries are pursuing.

‘We are proud to announce our enhanced capabilities in cyber security private investigations, which will be crucial in not just stopping cyber threats, but in identifying and helping to bring the perpetrators to justice,’ said Scott Wu, CEO at NewSky Security.

The numbers explain why businesses are taking this approach. [Ransomware complaints](https://www.reuters.com/world/us/complaints-about-ransomware-attacks-us-infrastructure-rise-9-fbi-says-2025-04-23/) targeting US critical infrastructure rose 9% in 2024, with overall cybercrime losses reaching $16.6 billion. For IoT-specific attacks, the average cost exceeds $330,000 per successful breach, according to [World Economic Forum research](https://www.weforum.org/stories/2024/05/internet-of-things-dark-web-strategy-supply-value-chain/) – often leading to higher cumulative losses than non-IoT breaches.

## Business Drivers Behind the Investigation Push

Financial institutions and IoT-dependent companies are leading this investigative approach for practical reasons. When hackers compromise a bank’s systems or hijack a factory’s connected machinery, the damage goes beyond immediate financial losses. Business disruption costs mount quickly, regulatory scrutiny intensifies and customer trust erodes.

Remote work has amplified these risks. [Small businesses now manage thousands of employees](https://www.sovereignmagazine.com/article/practical-solutions-for-small-businesses-facing-cyber-threats-without-in-house-defences) connecting through VPNs from home networks they can’t control. Each connection creates potential entry points for sophisticated botnets that have grown increasingly aggressive since the remote work boom.

Legal pressures also drive this direction. Regulators expect companies to demonstrate they’ve taken reasonable steps to protect customer data and investigate breaches thoroughly. Simply fixing the hole isn’t enough – businesses need to show they understand how attackers got in and what they did once inside.

## What Private Cyber Investigations Actually Involve

NewSky Security’s approach illustrates how these investigations work in practice. The company uses [AI-powered threat detection](https://www.sovereignmagazine.com/article/what-ai-cybersecurity-really-looks-like-on-the-ground-for-us-businesses) and real-time network monitoring to conduct forensic analysis of cyberattacks. Their investigators work to uncover attack methods and potentially identify perpetrators, providing intelligence to law enforcement agencies.

The process goes beyond traditional incident response. Rather than focusing solely on containing damage, investigators study the attackers themselves – their techniques, tools and patterns. [Understanding how modern hacking groups operate](https://www.sovereignmagazine.com/article/young-english-speaking-hackers-reshape-global-cyber-threat-landscape) helps build more robust defence mechanisms and supports law enforcement efforts to prosecute cybercriminals.

The [Center for Strategic and International Studies](https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents) notes that collaboration between private sector investigators and law enforcement has become critical, with international cooperation efforts like Australia’s AFP Operation ZINGER and Europol-Interpol partnerships focusing on intelligence sharing and joint operations against cybercrime.

### Focus on VPN Security and Remote Connections

NewSky Security’s expanded services include specific focus on VPN security, addressing what has become a critical vulnerability for businesses. The rise of remote work created millions of new connection points that companies struggle to secure effectively.

The Volt Typhoon investigation revealed exactly why this matters. Attackers specifically targeted outdated routers used by remote workers – devices that companies couldn’t directly manage or update. These compromised routers became launching pads for attacks on critical infrastructure, demonstrating how remote work vulnerabilities can escalate into national security threats.

IoT devices present similar challenges but with greater scale. The number of [cellular IoT connections](https://www.lightreading.com/iot/cellular-iot-connections-to-reach-5-1b-by-2030-omdia) is projected to reach 5.1 billion by 2030, creating an exponentially larger attack surface. Each connected device in a factory, hospital or office building represents a potential entry point that attackers can exploit to move laterally through networks.

## Track Records and Real Results

NewSky Security reports it has already identified numerous botnets and malware campaigns for clients through its investigative approach. The company’s methodology involves studying attackers’ behaviour patterns to predict and prevent future attacks.

This proactive stance aligns with broader law enforcement efforts. The FBI’s [Internet Crime Complaint Center](https://www.reuters.com/world/us/complaints-about-ransomware-attacks-us-infrastructure-rise-9-fbi-says-2025-04-23/) works closely with private sector partners to identify victims and disrupt criminal operations, using the intelligence that private investigators provide to build cases against cybercriminals.

## Physical and Digital Security Converge

Scott Wu frames NewSky Security’s expansion around how cybersecurity has evolved. The company’s mission focuses on creating ‘a hack-proof experience’ that allows clients to operate without fear of cybercrime.

Cyber attacks now have physical consequences. When hackers compromise IoT devices in manufacturing plants, they can shut down production lines. When they breach financial institutions’ networks, they can freeze payment systems that millions of people depend on daily.

NewSky Security’s focus on financial, IoT and VPN-based threats targets the areas where these physical-digital boundaries matter most. Banks handle real money, factories produce real goods and [remote workers access real corporate systems](https://www.sovereignmagazine.com/article/how-digital-dna-recognition-works-fingerprinting-puts-invisible-protection-to-the-test) from their homes.

## A Practical Response to Real Risk

Treating cyber breaches as criminal investigations rather than technical failures reflects the reality that modern businesses face. Attackers are becoming more sophisticated, consequences are growing more severe and traditional defence-only strategies aren’t keeping pace.

Companies like NewSky Security represent this new approach – one that combines immediate incident response with longer-term investigative capabilities. [Their AI-powered threat detection systems](https://www.sovereignmagazine.com/article/automated-cybersecurity-services-drive-profitability-as-market-heads-towards-53-billion) don’t just stop attacks; they gather intelligence about who launched them and how.

For businesses that depend on interconnected devices and remote workers, this investigative approach offers something that purely defensive strategies can’t: the possibility of actually reducing future attacks by helping law enforcement identify and prosecute the people behind them. Cyber attacks have become crimes with real victims, so treating them like crimes makes practical sense.
