Internet Forensics: Six Ways to Make Yourself Bullet-Proof
Most people are aware that dangers lurk on the Internet, but they are often amazed when they discover just how destructive attacks can be. And threats tend to come from the most unexpected quarter. In Australia, for example, the federal taxation commissioner recently warned that identity theft and the rorting of online tax refunds were a particular problem. Blatant and increasingly sophisticated scams, he said, were causing havoc in the lives of those innocent people targeted, adding that, “If your identity is stolen it can take years to put things right.” The commissioner’s worry, of course, isn’t just the loss of revenue but also a national loss of confidence in the tax system itself. What if you, as an individual or as a company chief, had your reputation destroyed? That of your company would go with it as well.
So how do you fight back against those who use the anonymity of the Internet to commit such crimes and to cause harm and distress? That’s where Internet forensics come in. Here are six areas in which professionals experienced in this state-of-the-art field of investigation can help you retrieve what you’ve lost.
1. Tracing Anonymous Emails.
The proliferation of web-based email may seem to offer anonymity, but it actually doesn’t. There are those users – or abusers – for whom the act of bouncing unidentified emails around the world through specialist routing services and proxy servers is their stock in trade. They send harassing, defamatory, threatening or bullying messages; they try to defraud and induce unwitting victims into bogus schemes and transactions; or they lure them into questionable relationships, all in the belief that they can avoid identification by hiding in the shadows.
What these anonymous authors don’t know is that they are detectable. The reality is that the Internet leaves significant meta data as well as an identifiable trail with every communication that occurs. If you choose the right professional firm to help you it will use the latest software tools to map and uncover every stage in this sequence to locate the offender. The leading experts operating in this field have access to a wide range of specialist Internet programming tools and applications that allow them to monitor and interrogate websites and email. Moreover, the methods they utilise for deep Internet meta searching enable them to pinpoint what a user or website has been doing and who the offending party is connected to. They can get in behind the Internet provider and locate exactly where a computer and its user are situated. Employing the latest business intelligence programs, if not also their own purpose-built search tools, they can access many thousands of proprietary, subscription and online data sources that reveal a stunning array of facts on individuals and organizations.
Most computer forensic experts focus solely on what has transpired historically, but the best in the field will go out trawling the Internet to actually hunt down the party giving you trouble. Only through such clever sleuthing can those who hide behind masked Internet addresses, activist sites, blogs, social networking postings or anonymous articles be exposed.
Make sure you hire a professional firm whose forensic investigation team is made up of top-rated analysts, as well as intelligence, law enforcement and security IT experts. The longer they’ve been at the cutting edge of technological advance the better. If they’ve been operating in this area for decades they’ll have grown up with the technology involved.
2. Unauthorised Access.
Here’s a startling fact: computer intrusion is normally believed to come from outsiders, but in reality it’s the other way round. US Federal Bureau of Investigation statistics show that over 70 per cent are a result of internal abuse. Of all unauthorised access, 26 per cent involve theft of proprietary information, 19 per cent sabotage of data or networks, 14 per cent financial fraud and 32 per cent are from denial of service.
But whether it is an employee exceeding their rights to access or a sinister figure remotely hacking your computer, the right professionals can find out exactly what has taken place during each session, including such things as the opening and closing of files, alterations or actions, files printed, copied, deleted or forwarded to another email address. If data has been deliberately deleted, they will recover it and reconstruct your records. They can also identify files downloaded, forwarded or copied to a USB or external drive, or to whom they have been emailed.
3. Cyber Crime.
Computer or cyber crime involves the use of technology to intercept, access, delete, damage and suppress data, or to attack networks. Its role in online fraud, embezzlement and identity theft is well known, but it also includes hacking, spamming, child grooming and paedophilic pornography, copyright infringement, drug trafficking and the illegal breach of confidentiality. It also covers the singling out and targeting of individuals with obscene and offensive acts that can involve vilification, racism, libel, slander, seditious behaviour, harassment, bullying and predatory and hate crimes.
Operating at the cutting edge, the right professionals will always remain one step ahead to expose and resolve these sorts of issues. They should be able to crack encrypted files and passwords to get in behind the hidden evidence, and to locate key loggers or spyware-monitoring programs left behind by past employees, associates or network administrators.
4. Sourcing Leaks.
Beware, your organization could fall victim to any one of the following:
- Misguided employees deliberately leaking information or spreading mischievous comments about other employees or about your organization.
- Vital pricing, sales, customer lists, tender information and IP passed on to suppliers, friends, competitors or in preparation for an employee starting up their own rival business.
- Those aligned to other interest groups with a different agenda to your own.
- Information regarding unannounced decisions or pending changes passed on to the media or to others who may profit.
You could also find that your organization has been targeted in other ways. It might be the focus of a sophisticated intelligence gathering exercise aimed at systematically penetrating and exploiting key details of strategies, sensitive negotiations, market aspirations, customers and of personal and stakeholder relations.
A top professional team will have an arsenal of weapons it can deploy to combat the problem. These allow it not only to identify and prove who is responsible for the leaks but also to determine exactly what has been accessed. Such a team will work with you to develop the most appropriate course of action.
5. Online Reputation.
Watch out for online abusers who may be determined to undermine your reputation, whether it’s that of your corporation, of your brand or of you personally. Such people anonymously post erroneous rumours and malicious information and are active on weblogs, social networking sites, chat forums and message boards. They may even establish websites for the specific purpose of making spurious claims against you that elicit hate and derision.
A professional team will go deep into the Internet using the latest meta analysis techniques to identify and monitor the telltale signs and activities of those who have taken great pains to hide their dealings with you. It should be able to track keywords used to link you or your business, social networking references (Facebook, Twitter, LinkedIn, Bebo etc.), social bookmarking sites, RSS blog and news feeds, microblogging communities, search directories, electronic media, dating and personal rating sites in order to produce hard evidence of the abuse that has taken place.
6. Gathering Crucial Evidence.
Opt for a team that can bring together for you a holistic solution.
It should not only help to identify and profile offenders, but also acquire evidence that is vital to a successful prosecution. Where appropriate, it should also coordinate its investigation with the relevant police agencies and with your legal counsel too, if you believe that to be necessary. This could include detailed work with your legal team to obtain court orders and to piece together evidence that is not only essential to eradicating the threat and prosecuting the offender but also to successfully seeking damages.
As the case against Sir Allen Stanford – the financier accused of operating a $US7 billion Ponzi scheme – has shown, thorny questions of cross-border jurisdiction and international cooperation often arise. You may well need a team that can help you build up the complex mosaic of evidence you need if this is the sort of scenario you’ve been unwittingly drawn into.
Think positively and realistically. Don’t be intimated by dangers that lurk on the Internet. That is exactly what the party threatening you is dependent upon. They’re counting on the fact that because an attack is unseen and hi-tech, it is therefore unlikely to be detected. They believe they can strike with impunity from within the dense fog that for most users surrounds the world of the Internet. The right professionals can provide you with an infra-red map of that world so that you can see clearly where you are, who’s looking over your shoulder and how you can protect your operations.
