Beware of Removable Media Place in Cyber Crime

Even something as big as a global meeting of nations could have its share of cyber mischief, and innocent-looking USB thumb drives and smartphone rechargers could be the crime tools. Not all malicious threats are clear to notice as DDoS (distributed denial of service). The G20 Summit was held in St. Petersburg on September 5-6, 2013 with a group of finance ministers and central bank governors of 19 countries and the European Union. Specifically, they were Argentina, Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, the Republic of Korea, Mexico, Russia, Saudi Arabia, South Africa, Turkey, the United Kingdom, the United States of America and the European Union, represented by the President of the European Council and by Head of the European Central Bank. Russia took the G20 presidency on December 1, 2012, a first for the country. The major categories of thought and planning are Business 20, Think 20, Civil 20, Youth 20 and Labor 20.

At the September 2013 summit, heads of state and their teams were given USB thumb drives with the ability to copy sensitive data from the laptops that they were inserted in. Reports also noted that the representatives received smartphone recharger gifts that could have covertly looked at their emails, SMS and phone calls. Was anyone purposefully trying to spy on the G20 participants? If so, who was responsible?

The “spying” campaign was first noticed by Herman Van Rompuy, the President of the European Council, noted the Italian newspaper Corriere della Sera. It covered the story on its front page. Mr. Van Rompuy ordered analysis of the USB pen drives and other devices by both intelligence experts in Brussels and Germany’s secret service. The Brussels component declared that the allegations were not true and that there was nothing wrong with the gift devices.

How can thumb drives and smartphone chargers be used to hack devices that access the Internet? In fact, they are responsible for some cyber attacks offline! Kaspersksy noted in August 2013 that it is “becoming more and more common for attackers to find new ways to infiltrate your devices, like through your removable media.” Removable media includes readers, writers, and drives.

Every optical disc (Blue-ray disc, DVD, CD), memory card (CompactFlash card, Secure Digital card, Memory Stick), floppy disk, zip disk, magnetic tape, disk packs, VHS tape, USB flash drive (also called ), external hard disk, digital camera, printer, smart phone and other external or dockable peripheral that are easily removed or inserted into a system is removable media. They all are capable of infecting, copying, and spying on the system and network if they have the right compromising file on them. If they can store media, that media could be a malicious threat.

Some best practices to use when using USB thumb drives or other removable media:

1. Set up automation of scans the second items are plugged into a device.

2. Regularly update device OS (operating systems). Updates are available for Mac, Windows, Android, Linux and other operating systems. Set up the updates to occur automatically or to even do so manually at least once per day.

3. Know what is behind the Facebook, Twitter or other social network chat, wall, timeline or private message attachments and links. One good tip is to hold one’s mouse over the link without clicking to see a preview of what is there.

4. Removable media for personal needs should stay separate from those of crucial business needs. Music and video files that are downloaded from websites, forums and file sharing sites should never be mixed with crucial data.

Keep in mind: even reports on Edward Snowden’s 2013 activities show that he used a flash drive when he downloaded NSA data. The USB stick was also the vehicle of two other famous cyber compromises, the devastating malware, Stuxnet worm, and the data exfiltration vector associated with the Flame virus. The removable data was plugged into a computer, secretly collects data based on certain keywords. The stolen documents are then hidden in a secret folder on the USB drive until it connected to any Internet-enabled computer again. Then, the documents automatically sent to certain IP addresses of the originating perpetrators for their purposes.

Like DDoS attacks, compromising removable media are often a cover for or part of other fraudulent activity such as the stealing of sensitive documents, extortion, and ransom and not just childish mischief.

Cyber Crime – How You Are Involved?

Apart from altering the way the system runs, cyber attacks /attackers may tend to steal valuable information, such as credit card numbers and some other information of value to the owner of the infected device.

Cyber attack does not just happen it is deliberate, if you are using the internet with your PC mobile devices you are very much at risk. But how can you protect yourself from this ever growing menace?

We are going to discuss that, but it is vital to note that the country Nigeria is among the top ten countries at the highest risk of cyber attack.

You do not have to be a cyber crime expert to protect yourself and devices, nonetheless even as a novice you can do a lot to protect yourself.

PROTECT YOURSELF

1. Avoid A Second Hand Device

In Nigeria, the market is swarming with second hand laptops, desktops and mobile devices, off course these devices are cheap and affordable compared to the brand new devices, moreover in some areas buyers believe that most second hand devices are more durable than brand new devices.

Although the above, however true it may be, all who purchase second handed devices put themselves in the crossfire of cyber crimes or cyber attacks. How so?

This is so because some of these devices might have been infected by a malware. Buying a second hand device is like adopting a child, not just adopting a child, but adopting a teenager, who might have acquired a lot of bad habits and traits.

Moreover some second hand devices which are sold cheap might have been previously used to commit crimes, such as kidnapping, imagine you bought a device associated with such crime, this will put you in the crossfire of the police investigation.

Perhaps you may see yourself getting arrested for a crime which you did not commit.

2. Be Mindful Of What You Download And Install

Have you ever tried to install an app? And your device warned you that it is not from a trusted source?

Or perhaps tried to download a video, music, or PDF, and what you end up downloading is an app?

In a lay man’s explanation such downloads are somehow not safe for you and your device, in this case instead of overriding you device firewall (security) by ignoring its warning, it is advised you heed that warning.

3. Use Safe Websites

But how do you know if a website is safe or not?

Websites are like houses, some are fenced, some are not, some has CCTV cameras, some do not.

Will you not prefer a fenced house to one which is not?

If that is the case, the internet is very volatile in terms of security, one need to be sure they are protected.

Safe websites has SSL (secured socket layer) c certificate which is usually indicated by a padlock symbol at the address bar.

Some websites also employ CAPTCHA, at especially sensitive areas such as login page, take your time to solve these CAPTCHA and do not grow impatient.

4. Use Anti-Virus

Get good anti-virus software and maintain a regular scan of your system.

An anti-virus is just like analgesics used against headache, but sometimes when the symptom persists you may need to see a doctor, this gives rise to the fifth point.

5. Visit A Good Technician

Have your device checked occasionally by an experienced technician, the technician should not just be experienced but also trusted. This is because some technicians can also manually plant malware in your system.

If your system is Hanging or not responding, some apps are misbehaving then know that you may be at risk. You may need a deep scan from an anti-virus or visit a technician.

6. Be Social Network Smart

A friend once said: ” ‘maturity’ is when you stop posting or sharing all the events that happen in your life in the social network”.

Some person share more than they keep, some individuals use their date of birth, nicknames, as password and pin, yet this same information is publicly displayed in their social network wall or page.

Cyber criminals are smart, the key is this, upload less, say less, know more, use password that has both uppercase, lower case, and symbols as this will be difficult for both man and computer to predict (example instead of berry1111, you may use bERry!/”@).

7. Stay Updated

Whenever your system or software in your system need an update always updates it, this is because system and software developers might have spotted a serious security flaw in the previous version, which is why there will be need for an immediate update.

Hence if you refuse or remain adamant towards making the update, you may be susceptible to such security flaws, even this article will continuously be updated.

Cyber Crime – Can Locard’s Exchange Principle Be Applied to Cyber Crime?

Cyber Crime is replacing drug trafficking. Recent government findings indicate that cyber crime has pushed aside the illicit drug trade as one of the top sources for hundreds of millions of dollars in ill-gotten gains the world over. In its infancy, the Internet seemed like something that could develop into a useable tool for scientific research. If we had only known back then what potential it held, perhaps more thought would have gone into its protection.

Today the newswires are filled with reports of massive thefts of personal information as well as depleted bank accounts-all due to the criminal element that, for a small investment in a computer and an Internet connection, is changing the landscape of criminal investigation. One highly regarded research survey stated that 8.1 million Americans were victims of identity theft in 2010. Losses were in the hundreds of millions.

The Locard Exchange Principle (LEP)

Dr. Edmond Locard (1877-1966), known to many as the French “Sherlock Holmes,” was a pioneer in forensic evidence investigation. Locard formulated the basic principle of forensic science, “Every contact leaves a trace,” Of course Locard’s theory dealt with the physical contact made by the perpetrator to items in the crime scene. But today’s crime scene may not involve a physical structure-more than likely the crime scene is located out there in cyberspace.

So the question evolves, “Does Locard’s Exchange Principle apply to an electromagnet passing over a spinning disk?” Some digital detectives believe that it does. For example, a hacker gains access to a computer system that may or may not be secure. Is any computer completely secure? Granted, security software is effective against many such invasions, but a secure system will only take the hacker a little longer to get into it. Now, the question is, does the exchange principle apply?

Cyber crimes leave no physical evidence

On the surface, the infiltrator would leave no physical trace of his having been there. But other electronic trace evidence may be present. If the computer’s file access logs were accessible, it’s possible that a record will be available showing that the file was, in fact, accessed, and even that a network transmission followed. Also a possibility is that a side-channel analysis of any activity on the hard drive will uncover network operations. As a last resort, the examiner may check the access logs of the Internet Service Provider (ISP) to uncover surreptitious entry. This step will not necessarily divulge what specific data was removed, but it will indicate that data was, in fact, lifted from the line.

Industrial espionage is becoming commonplace

Personal information and cash are not the only targets of this spreading menace. Online industrial espionage is a growing threat to the U.S. economy as well as our national security. U.S. intelligence agencies recently warned elected officials that China and Russia are engaged in cyber-espionage. “Trade secrets developed over thousands of working hours by our brightest minds are stolen in a split second and transferred to our competitors,” said one counterintelligence executive. These foreign governments deny this claim.

The Cyber Exchange Principle

Perhaps when relating to cyber crime, the “Cyber Exchange Principle” applies. Forensic examination of a computer or server will uncover artifacts of invasion. The investigator is then, faced with a situation that the crime scene is not limited to a single computer and may involve another computer half the world away.

The hacker will not be leaving latent fingerprints, foot prints, or traces of physiological fluids in the wake of his intrusion. But electronic activity in this case can be far more valuable in the bits and bytes this activity leaves behind. The principle that Locard espoused so long ago must be forefront in the minds of our digital detectives as they seek what clues an invaded computer holds as well as what traces are awaiting discovery out there in cyberspace.