New report shows that Cyber Crime cost UK Organisations the average of £2.1 million per year. The report called Cost of Cyber Crime published by the Ponemon institute shows that the cost of attacks ranges between £400,000 and £7.7m. The report also showed that attacks had become more common (something we all knew) attacks vary from DoS (denial of service) to malicious hacks but what we are asking is what can digital forensic analysis to help the fight?
Digital Forensic Analysis can be used after an attack to great effect when trying to pin point the start of an attack or the perpetrators, post event. X-actForensics Ltd have been instructed on many cases like this in the past.
Much more needs to be done by UK businesses and organisations alike to improve the security they have in place and to constantly update processes and procedures to fall in line with the latest trends and developments otherwise digital forensic analysis will be refereeing the fight and the cyber crime wave will win by a K.O!
The fatal shooting of Mark Duggan has been in and out of the press and news since the incident occurred. However cell site analysis has potentially shown that Mark Duggan was in contact with a man accused of supplying him with a gun minutes before he was shot dead by Police a court has heard.
The prosecution say that data and subsequent analysis shows that the minicab Mr Duggan was traveling in stopped at a house in Leyton where it is alleged he collected the hand gun.
Cell site analysis is becoming more and more widespread in cases as the usage of mobile communications increases.
This also shows the power of being to place an individual’s handset in a particular location at a particular time giving strong cases for the prosecution and Defence alike.
For more information on how cell site analysis can assist in your case please X-actforensics Ltd call 01789 450906 and speak to our team.
As the bring your own device (BYOD) trend continues Juniper Research is expecting to see a big increase in the number of employees using their own tablets and smartphones in the office.
The group’s new report shows that the number of employee owned personal mobile devices being used in the workplace is set to double by 2014 to 350 million.
But while BYOD has many benefits in terms of productivity and employee motivation, it can also bring with it many security risks.
Juniper Research pointed out that the majority of personal smartphones and tablets do not have any form of security software installed on them, leaving sensitive company information unprotected.
Nitin Bhas, author of the report, said: “While BYOD has become an inevitable trend for the enterprise, businesses need to create new end user IT policies and address key security issues emerging.”
The report also shows that it is the private sector that’s leading the way with BYOD, while the public sector is likely to be a late adopter.
As this shows there needs to be a greater emphasis on securing data on mobile devices as the risk of data being compromised increases.
X-Act Forensics has seen a large rise in mobile phone forensics and tablet forensics (conventional computer forensics) perhaps due to the BYOD or just the increased levels of cyber crime.
Britons are being urged to create passwords made up of short stories or random words linked together rather than the traditional characters and numbers, which will form a “near uncrackable” password according to a security expert.
When conducting computer forensics analysis and mobile phone analysis there have been traditional methods of bypassing security codes and passwords but there has still been the need to decode passwords.
Leading security expert Andi Hindle, director at Ping Identity, a firm which provides cloud identity security solutions, denied the existence of an uncrackable password but did claim there are some which will take “millions of hours” to decode.
He claims that using 4 random words with no apparent link such as Pink, Chesnutt, gin barley. Easy to remember if the user assigns a short story to them but they remain mathematically hard to crack! Some systems however will require numbers and special characters still.
It’s not just passwords being cracked though and Andi underlined that computer viruses that harvest passwords for phishing attacks are the most common ways for systems to become compromised.
As usual computer forensic experts can conduct computer forensic analysis after the event to try to pin point an attack and try to recoup some of the losses, this is no substitute for a solid data protection strategy among business and personal users alike.
It’s now only a matter of a couple of weeks until the start of the 30th Modern Olympics kicks off in London.
In the run up to the games the Home Office has warned that cyber crime is now as great a threat as terrorism to the UK’s national security.
Hackers have become more aggressive, and according to Richard Clarke (Home Office Security and Counter Terrorism Department Director) the threat is being spread across a wider area than ever and that you don’t need many people to mount a serious threat to the UK.
Ominous sounding words there, the UK has a huge amount of knowledge and experience within digital forensics, which through the use of computer forensics can (after an incident) provide vital information about the source of the attack and provide more clues in tracking the criminals down. More needs to be done in terms of proactive defence and adapting security strategies.
During the Lord Mayor’s annual defence and security lecture chief of MI5 said that the levels of cyber attacks on UK industry is already on an industrial scale and has reached an astonishing level.
Considering the world will be watching London in 2012 and the determination of cyber criminal criminals, UK businesses need to adapt their ongoing security strategies in line with an evolving threat.
X-act Forensics successfully assisted a private company in a computer forensic investigation for intellectual property theft. A former employee had copied confidential design plans from their work laptop to an external USB stick. The intention was to steal the electronic plans and sell them to a competitor.
On analysis of the employee’s laptop X-act Forensics managed to locate the information copied, the times and dates of the action, the logon information of the user and the unique serial number of the USB device.
A cell site is a low power transmitter with an antenna capable of transmitting radio waves to mobile phones. The reason why the antennas have to be positioned so high on tall masts is because radio waves travel in straight lines and can be deflected or interrupted by buildings or terrain. The antenna transmits radio frequencies allowing us to make calls on a network with our mobile phone – which is also fundamentally a radio transmitter. Macrocells provide additional coverage in areas with a higher number of users such as urban and suburban areas. These Macrocells are usually mounted at street level and are more subtle looking than the larger “mast” cell sites.
Many people believe that when a hard drive is formatted the data on the drive is somehow wiped or irretrievable from the disk. This is certainly not the case. The process of formatting a hard drive simply re-organises the computer’s file structure. If you format a disk you are only changing the file structure not erasing the data on it. In order to bring formatted data back, computer forensic experts would look for “flags” in the raw data that would suggest the start and end of a block of data and then piece this data back together to form a single file. This method is known as “data carving” and proves very successful in recovering data from formatted hard drives.
X-act Forensics recently assisted in a case where footage from a van involved in a robbery was taken. The van pulled up outside a warehouse in the dark to commit the robbery but night vision CCTV cameras managed to captured the van’s registration plate. However, the light from the van’s rear lights made the letters on the registration plate unidentifiable. X-act Forensics used a variety of techniques to change the image contrast and further “zoom in” to capture the identity of the vehicle and the suspects.
Imaging is the first step in acquiring digital evidence in any computer forensic investigation. It is highly important that this process is carried out in the first instance, as questions regarding the methodology of a digital investigation can be raised later should the case go to court.
The image itself is an exact copy of the original computer and is created using a combination of hardware and software. The hardware that is involved is known as a “write-blocker”, and the purpose of this device is so that information can only be read and not written to the hard drive when acquired or analysed. Finally, the imaged is verified using an algorithm know as “MD5 Hash” to confirm that the copy is indeed the same as the original.
Imaging is important so that the data is secured and preserved in it’s original format.