Computer Forensics recipes
Social Networking: How Secure is Your Business?
Companies of all sizes are increasingly using sites like Twitter, Facebook and LinkedIn to advertise their services and products, to communicate with customers, and even to recruit new employees. Most businesses, however, remain unaware of the dangers that lurk in this rapidly expanding arena. Phishing scams are but one example of this, where devious ploys are used to manipulate employees into clicking on links that immediately download malicious software into your computer system. Once inside, this malware can run riot, gathering sensitive personal and company data at will, much like a vacuum-cleaner, all to be used later to perpetrate fraud or to steal someone’s identity. Pharming is another danger, similar in nature to phishing, whereby an employee is encouraged to click on a link in a bogus email that then directs them to a false website geared to fleece them. Smishing is the mobile phone form of phishing, where a text message contains the menacing link.
These, of course, are incoming threats. On the outgoing side, there are employees who divulge sensitive corporate information while on social networking sites. There, their idle banter can be harvested as public property and used in a way that may damage your company’s reputation, if not demolish public trust in your products and services.
Just how insidious social networking sites can be was brought home to Britons when the UK Justice Minister, Jack Straw, revealed in February that 30 Facebook pages had been taken down because prisoners were using them to taunt their victims. Facebook removed the offending pages within 48 hours. “It’s not that people at Facebook have a different sense of morality from us,” the Minister told the BBC. “They have the same sense of morality but they have to police hundreds of thousands of their sites, so what we have to do is set up a better system with Facebook.” He said he was reassured by the cooperation his department was receiving from Facebook as the government sought a longer-term solution “to this very modern version of the old problem of victim harassment.”
Cyberspace-Junk: Three Top Ways to Avoid a Collision
The start of 2010 brought with it a spate of reporting on the dangers of cyberspace, whether it be cyberattacks on an individual, a corporation, a public utility system like an electricity grid, or nation states playing games with each other. Mid-January saw an unlikely cyberwar breaking out when Iranian hackers attacked China’s largest internet search engine, Baidu, and Chinese counterparts retaliated against Iranian websites. In this rapidly expanding arena of competition, Russia, China and a number of other countries have been accused of mounting massive operations, though in this field there are far more sinners than saints.
A McAfee survey of 600 international technology executives (‘In the Crossfire: Critical Infrastructure in the Age of Cyberwar’, available at www.mcafee.com), released in January, helped wipe away any New Year complacency. It found that recession-driven cuts in spending on online security over the past 12 months had led to an increase in threats. The result was that more than one-third of those interviewed believed their sector was unprepared to deal with a major attack. More than half felt that the laws in their country were inadequate in deterring potential cyber-attacks, and almost half lacked any faith in their government’s capacity to prevent or deter them. One expert believes that consumers will increasingly bear the cost of online crime and security breaches as organisations seek to limit their exposure in an escalating battle against such attacks.
Art Coviello, president of EMC’s data security arm RSA, for example, has little confidence in government, pointing out that data security regulations have fallen way behind the internet age. He believes that government regulation on security should focus on outcomes and not on prescriptive measures. Data breach regulation is a great regulatory initiative because it does just that. It says, if you are negligent in protecting information, you need to publicly confess. He says it’s amazing what California has done to ensure that people do the right thing because they don’t want to be embarrassed. “Compare that,” says Coviello, “with prescriptive regulation like the obligation to encrypt this or provide that. That relies on the government having the kind of technological sophistication to keep up with the threats. What do you suppose are the odds that governments are going to move quickly enough? They can’t even update the laws for the internet age, let alone data protection. It’s much easier for government to say don’t let something happen and put the onus back on the organisation to protect its infrastructure however it sees fit.”
Viral Email Destroys Career and Embarrasses Employer
By mid-December, many offices around the world are customarily infused with the Christmas spirit. But one young London woman got the fright of her life when she found that her contribution had suddenly taken on global dimensions. The British media ran with her story on December 12 and it rolled on from there.
It started when graduate trainee, Holly Leam-Taylor, planned an awards ceremony to name the most attractive men in her office. Thinking this would be a bit of tongue-in-cheek fun, she emailed a small number of female colleagues at City accountancy firm Deloitte asking them to vote. With nine categories such as “Fittest body” and “Boy most likely to sleep his way to the top”, her message certainly grabbed attention. So much so that the email was forwarded around the world, spreading like wildfire over the internet. Soon millions of people had read it. But it wasn’t such a laughing matter for her managers and less than 24 hours after sending the email, Ms Leam-Taylor felt obliged to resign. A graduate in management from Warwick University, she had joined Deloitte as a consultant analyst in August 2009 on an estimated $45,000 a year.
Speaking from the Surrey home where she lives with her parents, the 22-year-old said, “It was just a lighthearted joke to celebrate Christmas. It’s a complete shock that one email could spread like this and who would think it could get so far out of hand? In retrospect, it was a stupid thing to do but there wasn’t anything controversial or sexist in there. But if I could take it back I would and I will be so, so careful about sending any emails in future.” She hit the send button on her Christmas Awards email on Tuesday, December 8, and when she arrived at her office the next day found her inbox full. “It was crazy,” she said. “I had so many emails from all over the world saying I had made people’s day and that I’d put a smile on their face. I had loads of emails from men in the office nominating themselves for various categories and everyone thought it was hilarious. But once I realised it had been forwarded outside the office I realised both Deloitte’s and my reputation had been damaged so I decided to hand my notice in there and then.”
Ms Leam-Taylor sent her letter of resignation at 3.00 p.m. on Wednesday and left the office. She insists she was not asked to do so, but thought she should jump before she was pushed, adding that, “In all our contracts it says we mustn’t use our emails for personal use so I knew I was in breach of that.”
Guarding Against Corporate Fraud
The Indian outsourcing firm, Satyam Computer Services, which was the subject of the country’s biggest corporate fraud scandal in January 2009, has been hit with a tranche of supplementary charges. According to India’s Central Bureau of Investigation, the extent of the total fraud now stands at around $US3 billion. What the Bureau has revealed provides a salutary warning to any company in virtually any country that this could be happening right under your nose. If you suspect that might be the case, call in experienced professionals without delay. A wide variety of methods, ranging from detailed transactional analysis to computer forensics can be used by these experts to give you a clear picture of reality.
The original charges against Satyam’s former chairman revolved around his admission that he had misrepresented the company’s financial condition by inflating assets and understating debts. This included a fictitious cash balance of more than $US1 billion. He stunned India’s financial world when he made his confession. At the time, Satyam was rated as India’s fourth-largest information technology services group by revenue, with world-wide clients like General Motors, Nestlé and General Electric.
The new charges show that others at Satyam had been creating fake customer identities and generating fake invoices against them to boost revenue figures. They had also forged board resolutions and obtained unauthorised loans that were used to buy properties. Investigators have found over 1,000 such properties, purchased by the accused with the siphoned funds and involving 2,430 hectares of land as well as housing plots and building space.
Open Slather on Corporate Secrets
A new trans-Atlantic survey has confirmed what many suspected: staff moving on to another job will often take much more than their payout with them. While you can’t stop employees carrying your company’s intellectual property out in their heads, there is something you can do to protect yourself before they leave. Call in a team of professional experts to show you how state-of-the-art technology and the intricacies of computer forensics can be used to pinpoint what’s being downloaded prior to an employee’s departure. If you see redundancies on the horizon, act well in advance.
Nearly half of the financial sector workers surveyed in New York and London admitted that they would take with them sensitive corporate information if they were sacked. The survey, carried out by management specialists Cyber Ark in November, also showed that just over 40 per cent had already taken sensitive data with them to their new jobs. Just under 40 per cent said they would download such information pre-emptively if they sensed that their position was at risk. Over 30 per cent revealed that they would not hesitate to pass on sensitive corporate data if that were to be instrumental in their gaining employment for friends and relatives. Topping the information-stealing list was customer-related information – which in its own right could contain highly sensitive records – followed by product information and company strategy.
As frightening as these figures are, even more so was the fact that a quarter of the workers surveyed acknowledged that in light of the current economic downturn they felt less commitment and loyalty to their employer. As the UK director of Cyber Ark put it, “employee confidence has been rocked. Many workers are willing to do practically anything to ensure job security or make themselves marketable – including committing a crime.” Not surprisingly, 85 per cent of those surveyed recognised that it was illegal to download company information. Nevertheless, of those who admitted they would steal data some also stated that they would take passwords and any other information they needed in order to continue accessing the network of their previous employer.
Seven Danger Areas To Watch For In A Hi-Tech World
With new technologies being introduced into your business environment at a dazzling pace, it’s easy to overlook the extent to which the divide between your employees’ work time and their private lives and ambitions is increasingly blurred. Some corporate managers wonder whether they can any longer define where it is. One American CEO recently observed that it’s more like a seismic fault line that’s expanded into an ever-widening corridor.
Here are a number of areas where you need to be aware of what your employees are doing. If you’re not sure how to monitor their activities, call in a team of experienced professionals who are sensitive to the privacy and legal issues sometimes involved. Using sophisticated equipment and new techniques like computer forensics, they will analyse all of your electronic traffic, access to your databases, incoming and outgoing mobile and text communications, business transactions and other relevant dimensions of your corporate operations in order to provide you with a map of what’s really going on. Once that’s established, they can also help you grapple with what needs to be done.
1. The Mobile Employee.
The widespread use of 3G wireless broadband means that much of what used to be done in your office can now be carried out almost anywhere. Smartphones, for example, have all but replaced the need for an office with a fixed line. While BlackBerry has contributed greatly to satisfying our addiction to mobile email, the market for staying connected while you’re out and about has expanded enormously. In a similar way, notebooks are increasingly coming with built-in 3G wireless for internet access on the road. If you have a fair percentage of your staff constantly outside your office you need to know whether you’re getting value for money from them, be it in customer relations terms or through recruiting new clients. Do you have any idea where they are when they’re outside your office? There are ways of checking.
Hackers: Barbarians at Your Corporate Gate
The risk of hackers penetrating your company’s database and exposing your commercial secrets – if not some dirty linen as well – was brought home recently when the internal musings of Britain’s leading climate science research centre were laid bare. Thousands of private emails between top climate change scientists were made public, revealing the bitter disagreements over the cause of this contentious phenomenon. It’s like a paper trail from hell. Whether or not your company is involved in a controversial industry, make sure that hackers don’t plant malware in your system that allows them to monitor what you’re doing until they feel the time is right for a massive exposé. Computer forensics and a host of other state-of-the-art technology can save you from such an ignominious fate.
The climactic downpour in the UK, which included some 2,000 emails and 3,000 related documents, first appeared online on November 20, courtesy of an anonymous Russian server. While there’s nothing surprising about that, there is in the degree of spite that some of the communications display. One top man at the Climate Research Unit, based at the University of East Anglia, wrote in 2004 that he was “cheered” by the news that a prominent climate change sceptic in Australia had suddenly died of a heart attack. Another says he would like to meet his adversaries in a dark alley one night. Other experts refer to their colleagues in highly unflattering terms.
Scientists who support the theory of man-made climate change are lined up against their heretical opponents, each side armed to the teeth and ready to fight the War of Roses all over again. One rues the fact that his team can’t account for the lack of warming at the moment, which he sees as a travesty. He cites data published only a few months ago that shows that there should be even more warming. The data must surely be wrong, he suggests. The sceptics hurl missiles back, claiming that the emails are evidence of a conspiracy to bully into submission those who challenge the man-made hypothesis. With Copenhagen just around the corner, something is clearly rotten in the State of Denmark.
Guarding Your Company’s Customer Records
Mid-November brought an embarrassing admission from a mobile phone company in the UK. T-Mobile had to inform Commissioner Christopher Graham, Britain’s watchdog responsible for safeguarding personal information that staff had passed on millions of records from thousands of customers to third party brokers. Graham, whose office is currently preparing a case for prosecution, said the data breach was the biggest of its kind. A T-Mobile spokesman admitted that the data was sold “without our knowledge”. If you want to ensure that this doesn’t happen to your firm, consider calling in a team of experienced professionals straightaway. They are skilled in using sophisticated methods of investigation – like computer forensics and transactional analysis – to identify and reinforce the weakest links in your operational chain.
The Commissioner has explained how the brokers involved sold the data on to other phone companies, which in turn cold-called the customers as their contracts neared their expiry date. He also said that the case highlighted why there should be a prison sentence to dissuade people from trafficking in private data in this way. Britain’s Minister for Justice supported him, recommending custodial sentences to prevent the illegal trade in data. Graham believes that the existing “paltry fines” – £5,000 following a successful prosecution – are simply insufficient to deter people from engaging in this lucrative criminal activity.
Moreover, he said that data theft wasn’t just about mobile phone companies. It’s also about blagging information from databases to use to “put the frighteners on witnesses, attempt to knobble juries, pursue ‘nasty neighbour’ disputes, interfere in family courts, and in difficult divorce settlements. Personal data has value and there are people out there exploiting it.” The Conservative Party in Britain wants to go even further. It’s calling for the Commissioner’s authority to be beefed up, with him being provided with “a full set of punitive strings to his bow, including the power to fine organisations.”
The Contagion of Fraud: Best Nipped in the Bud
Only a few months ago, mention of the name Bernard Madoff brought to mind America’s biggest-ever Ponzi scheme. The sheer scale of the financial fraud involved and the audacity with which it was carried out dazzled most people. Fast forward to now and Madoff as an individual has largely faded from sight. Instead, it’s the ramifications of what he did that keep throwing up his name. The latest is the revelation that the former head of Optimal, the Geneva-based hedge fund investment wing of Satander, the Spanish bank, has been charged with criminal mismanagement of client funds placed with Madoff’s operation. The charge carries a maximum sentence of five years jail under the Swiss penal code.
The Spaniard concerned is one of the most senior wealth managers known to be confronting criminal charges as a result of the Madoff scandal. Central to the case against him, as well as to accusations against Satander, is that investors were misled by false claims that adequate due diligence had been conducted on Madoff’s activities. As one legal observer notes, the court investigation will have to establish why people were closing their eyes and not asking enough questions.
The problem is, that’s what people do when things seem to be going smoothly and everyone’s happy with their return. The only solution is to have systems in place that set bells ringing that simply can’t be ignored. It’s dangerous to wait until suspicions are aroused, or intensify to the degree that action is imperative. Rather, it pays to bring in a team of professionals that can apply sophisticated methods of computer forensics and financial analysis to give you the early-warning system you can’t afford to be without. The technology involved and its reach will surprise you.
The Cyberspace Explosion: Five Tips for Survival
The new digital world of easy communications and social networking is so surprisingly open that many no longer see the problem as one of Big Brother watching us. It’s more a matter of us being obsessed with watching each other. And sharing, too. As The New York Times put it in September, “Your parents probably told you that sharing was simply the right thing to do. But on the Web, inducing people to share links has become big business, all about driving traffic back to a site and increasing revenue.”1 This is music to the ears of cyber-crooks and hackers.
The notion of being open and passing everything on is bolstered by stories like the following, which suggest that because everyone’s participating in one way or another, we can easily sit back and enjoy the freedoms that come with this ‘global electronic community’.
Until recently, the wife of the new head of the British Secret Intelligence Service – the country’s external spy agency, commonly known as MI6 – had a Facebook page. It had no privacy protection so details of the family’s London home, daily transport arrangements, vacations and friendships with other senior British officials were freely available to some 200 million users around the globe. The page was speedily removed when its contents were published in the media, raising more than a few eyebrows in the intelligence world in London and beyond. You see, Sir John Sawers, who was Britain’s ambassador to the United Nations when his appointment was announced in mid-2009, was once an MI6 officer himself and should have been aware of the implications of his family’s networking profile well before his new job was broached. After all, he had worked in places like Yemen, Syria, Egypt and Iraq, and also been closely involved at the policy level with Iran, Iraq and Afghanistan.
