Tag Archive for computer forensics

Computer Misuse Summary

UK Legislation Coat Of Arms

Confused by the Computer Misuse law? There’s a handy guide on the Computer Science Labs web site.

What is computer misuse and what does it mean for companies and individuals? Here’s the Wikipedia entry for “computer misuse”, whilst a more brief summary of computer misuse can be found on the UK Computer Science Labs web site here.

Of course the phrase is supposed to define is utilizing the computer for prohibited or dubious purposes. Whilst browsing normal internet porn isn’t prohibited, many businesses would have a dim view if their employees were carrying this out during operating hours. It’s also an activity that can upset other members of staff and quickly lead to problems and arguments at the office. Thus firms class browsing pornography as computer abuse and will regularly dismiss employees who are found doing it. Playing on-line games during working hours is really a far less controversial problem but additionally regarded by companies to be computer abuse as the employee will be paid by the organization to function, to not play games.

The definition of computer abuse can also be designed to connect with computer crime, including web blackmail, hacking and phishing. All 3 of these activities are rather common. Computer viruses are an early case of computer abuse and were being created long before anyone had even considered a pc abuse law. Computer viruses have now morphed in to what’s often referred to as malicious software.

So previously you may view that computer misuse may be deliberate (as within the preceding example of browsing porno during office hours) and at times not (where in actuality the possessor doesn’t have an thought their malevolent program hijacked computer is used for illegal purposes).

Malware is essentially any kind of malicious computer software which is design to cause damage or harm. Actually, the definition of malicious software is somewhat long winded and complex, Wikipedia.org get an excellent stab at defining the word here. There are many types of malware plus one of the most interesting types are those that turn computers in to network zombies – these are huge amounts of machines which are infected (nearly always with all the knowledge of whoever owns the machine) having a malware software which allows them to be discreetly controlled by legal gangs.

It’s easy to recognize computer misuse when it’s deliberate but as with the majority of laws, the construal of the law of computer abuse might be tricky and somewhat long winded. Computer misuse can be interpreted and legislated otherwise by many countries. For all those of us under UK regulation there’s a great computer abuse FAQ page to the Computer Science website. The webpage discusses & defines computer abuse in equally civil and criminal cases and goes into further detail about the genuine means of computer misuse and committing computer crime.

It’s a good idea for both corporations and people to be aware of the definitions of computer abuse and also what constitutes an offence, both legal and civil. At present, most folks believe we know what computer misuse is and believe we can spot it, however this is just an a superficial foundation. Reading the computer abuse FAQ reveals that the law is actually for further achieving and concerned than you might currently believe.

Computer Crime – How Your Data Is Stolen

Stealing credit card dataJust as technology has advanced, so do the techniques and skills of cyber criminals. These theives have achieved significant results in extracting personal and private data from people’s computers and put it to good use to further their personal gain. Some of these approaches are listed below.

Very common and very effective, the victim won’t ever recognize what happened before the charge card is illegally used later on. This could be disconcerting and is at the top of the approaches employed by cyber-criminals.

What’s done with the charge card information that’s been gathered? Any side company can direct all of their clients right into a boat-load of problems and frequently become victim to such websites.

Bot-net Attacks
The concept with this particular would be to have a string of virtual bots that may distribute malware onto a method.

Malware is intended to perform a variety of stuff and this may frequently be based on which the cyber-criminal requires. It’s a good idea to possess the appropriate antivirus software installed on 1’s computer to be able to handle these problems directly.

Social Engineering
It has just started becoming quite a popular approach used by criminals within the virtual world. The point would be to get the person to personally provide all of the advice to the offender by means of manipulative, neatly put tricks.

Phishing sites are frequently used for such approaches as they’re effective for people who aren’t in the know. All it requires is a couple of sufferers for this particular technique to be an easy one to get up their sleeves.

Always be cautious when using all these sites and make certain they’re safe and dependable. Advice should just be distributed to reputable sites with a history for protecting data.

Fast Flux
This is actually the notion of getting right through to a person’s computer with rapid (virtual) motion. It’s important to maintain a watchful eye out for just about any such action.

It’s significant to keep a watch on all action that’s being done on one’s computer. Law enforcement continues to handle this problem head on, but the greatest preventative measure is constantly on an individual level in the home.

Angela Merkel’s Phone Hacked by US…

Germany has summoned the US ambassador in Berlin around promises the US monitored German Chancellor Angela Merkel’s mobile phone.

Foreign Minister Guido Westerwelle will meet US envoy John Emerson after in what is viewed as an unusual measure between close friends.

However, it left open the question of whether calls were listened to formerly.

French President Francois Hollande had already called for the issue to be place within the strategy of the summit, where EU leaders are anticipated to discuss Europe’s digital economy, economic recovery and immigration.

‘Completely unacceptable’
The German government has not said how it received the hint about the alleged US spying. But news magazine Der Spiegel, which has printed reports predicated on content from former CIA contractor Edward Snowden, said the guidance had come from its investigations.
Continue reading the story
Press review

Germany’s Berliner Zeitung regrets that “just now does the government appear to really understand what it is happening”

Press aghast at latest US spying claims
State-observation of phone calls has a particular resonance in Germany – Mrs Merkel herself grew up in East Germany, where mobile-tap was pervasive.

Her spokesman said the German leader “views such practices… as completely unacceptable” and had needed a “complete and comprehensive explanation”.

White House spokesman Jay Carney said the US “is not tracking and cannot monitor the communications of the chancellor”.

German ministers’ phones have purportedly been protected using technology from security company Secusmart since 2009. Secusmart said in March that German government officials could be issued with new, highlysecured technology made for Blackberry mobile phones.

A German ADVICE technology expert told the BBC that security services for lots of countries may have intercepted the chancellor’s calls before she had complete encryption.

Numerous US friends have expressed fury on the Snowden-based spying allegations.

‘No business as usual’
Germany’s press echoed a sense of indignation, with a frontpage comments Sueddeutscher Zeitung – 1 of the country’s most respected newspapers – referring to the “biggest possible affront”.

German Defence Minister Thomas de Maiziere said it will not be possible to come back to business as usual. That is much more than a tiff that’ll blow over easily, the BBC’s Stephen Evans reports from Berlin.

President Obama had guaranteed Chancellor Merkel in June that German citizens were not being generally spied upon.

Edward Snowden – A Timeline

This timeline deals with events from June-August 2013.

Useful Link: http://en.wikipedia.org/wiki/Edward_snowden

Edward Snowden, a former Central Intelligence Agency technical worker, is the wellspring of one of the worst info leaks in US history. Materials supplied by Mr Snowden for the media allege the US has conducted widespread and illegal surveillance of its own citizens and other states. The BBC looks at the way the relationship has developed since it broke in June.
Scandal starts

6 June 2013: Guardian journalist Glenn Greenwald reports the US National Security Agency (NSA) is accumulating the phone records of millions of Verizon customers beneath a top secret court order giving the government unlimited ability to get communications data for a span.

7 June: The Washington Post report and Guardian the NSA is gathering data under a previously undisclosed surveillance programme called Prism, and obtaining the systems of US internet giants including Facebook and Google. The programme enables officials to accumulate material including live chats, emails and search histories.

8 June: US President Barack Obama says the government surveillance programmes reach “the right balance” between security and privacy and are closely supervised by Congress and also the courts.
Snowden named and in Hong Kong

9 June: Edward Snowden, 29, is named as the origin of the intelligence leaks. Speaking from Hong Kong, he describes why he went public.

10 June: Mr Snowden checks out of his Hong Kong hotel and his whereabouts remain unknown since it’s rumoured the US is pursuing a criminal investigation against him.

11 June: The EU demands US assurances that Europeans’ rights aren’t being infringed by the just-revealed surveillance programmes. Mr Snowden’s company, defence contractor Booz Allen Hamilton, says it has fired the infrastructure analyst for breaking its ethics code.

12 June: Mr Snowden tells the South China Morning Post from a secret place in Hong Kong that he’ll fight any effort to extradite him. The Speaker of the US House of Representatives John Boehner describes him as a traitor. British citizens their intelligence agencies and the UK guarantees US are functioning within the law.

13 June: Mr Snowden says the US government is hacking computers in mainland China and Hong Kong for years. NSA Director Keith Alexander tells the US Senate that surveillance programmes have interrupted dozens of terror plots.

14 June: FBI Director Robert Mueller says Mr Snowden has caused the US “considerable damage” and tells Congress the US will hunt him down and prosecute him.

15 June: Hundreds of protesters march to the US consulate in Hong Kong, demanding local authorities protect Mr Snowden.

17 June: Mr Snowden denies he is a Chinese agent and says US officials, in labelling him a traitor, have ruined any chance of the fair trial.

18 June: Mr Snowden’s dad, Lon, issues a public plea urging his son not to commit “treason”.

19 June: NSA Director Alexander tells the surveillance programmes to the US House intelligence committee leaked by Mr Snowden helped thwart 50 strikes since 2001.
From Hong Kong to Moscow

20 June: Wikileaks creator Julian Assange tries to broker a deal to allow asylum to Mr Snowden in Iceland.

22 June: US prosecutors file a criminal charge, charging Mr Snowden with larceny and espionage. His extradition is requested by the White House from Hong Kong.

23 June: as extradition pressure builds Mr Snowden flies from Hong Kong to Moscow. Ecuador’s foreign minister confirms on Twitter that Mr Snowden has requested asylum there. Ecuador sheltered Mr Assange in its London embassy for the previous year, and has has an extradition treaty with all the US but allows for political asylum exemptions.

24 June: White House spokesman Jay Carney urges Russia to return Mr Snowden, and says the fashion of his own departure from Hong Kong would “unquestionably affect” on US relations with China.
June Vladimir Putin, right, and Barack Obama in Northern Ireland, June 2013 Relationships between the USA and Russia were already anxious on 17

25 June: China describes US accusations that it facilitated the departure of Mr Snowden from Hong Kong as “groundless and unacceptable”. Russian President Vladimir Putin confirms Mr Snowden is really in the transit region of Moscow’s Sheremetyevo airport and stays a free guy. US Secretary of State John Kerry requests Russia transfer the “fugitive of justice” to the Usa.

27 June: Ecuador warns it could take weeks to rule on Mr Snowden’s asylum bid.

28 June: Mr Snowden’s dad, Lon, ask US Attorney General Eric Holder for “ironclad assurances” his son’s rights will probably be protected should he return for the US.

29-30 June: Germany’s Der Spiegel magazine says it has seen a secret file supplied by Mr Snowden showing the US bugged EU offices in Washington and at UN headquarters in Big Apple. European officials demand “complete clarification” from the US.
Snowden’s bids for asylum
Edward Snowden at Sheremetyevo Airport in Moscow (12 July 2013) July Edward Snowden is seen for the very first time in three weeks on 12

1 July: Mr Snowden applies to Russia for political asylum; President Putin says he should stop leaking US secrets if he wants to remain. President Obama recognizes “high level” discussions with Moscow on extradition.

2 July: Mr Snowden withdraws his asylum request to Russia and sends requests to 20 other states, according to Wikileaks.

3-5 July: Bolivian President Evo Morales’ plane is redirected to Austria amid suspicion that Mr Snowden is on board. President Morales threatens to shut the US embassy in Bolivia in response.

6 July: Nicaragua and Venezuela offer Mr Snowden asylum.

12 July: Mr Snowden emerges at Sheremetyevo airport for the very first time in three weeks, saying as he was not able to travel to Latin America he sought asylum in Russia.
Glenn Greenwald and David Miranda embrace inside an airport Glenn Greenwald greets Mr Miranda August as he arrives in Brazil on 19

1 August: Mr Snowden leaves the airport and enters Russian land after trying to get temporary asylum. The US says Russia’s conclusion is “incredibly unsatisfactory”.

7-9 August: President Obama cancels a meeting with Russian President Putin following Russia’s asylum determination. He promises “proper reforms” to ensure greater supervision of US surveillance programmes.

16 August: Citing documents leaked by Mr Snowden, the Washington Post reports the NSA broke privacy rules and overstepped its legal authority a large number of times in the previous couple of years.

19-20 August: Mr Greenwald’s associate, David Miranda, is detained under terror laws at London’s Heathrow airport for nine hours on his way to Rio de Janeiro. The citizen allegedly has his mobile phone, notebook, DVDs and other things seized. UK politicians demand an explanation. The US denies involvement but recognizes it was given a “heads up” from British officials concerning the detention.

Data vs Information – A Quest For The Computer Forensics Examiner

The main action of the forensics detective within an information organization would be to look through information by searching, separating, removing information from data, and evidence collection is just planning the data form.

In this specific article, it’s significant the ideas of information and data are mixing securely. Evenly important is link between data and data, because without these ideas, the forensics detective will fight to finish also the easiest job.

Data versus Information
The crucial role in almost any forensics analysis is pertinent data; the shifting nature of whatever is relevant makes forensics an iterative procedure to investigations.

For instance, a first-pass of analysis may try to find email that signifies preparing, in a case. Another move, following the analysis progresses, may hunt for hidden pictures which are proof the homicide itself.

Info is better understood to be data that’s applicable for the case and data is basically any electronic evidence that’s not info. The truth is the fact that information and data are evenly critical as data; but the info is more crucial to improving the probe. Think about the typical pc. It definitely comprise an OS e.g. Windows, programs e.g. Ms Word and a few stored result from such programs. It’s critically important to accumulate evidence. Otherwise, a attorney might challenge quality of work.

Data as Documents
Data is rationally arranged into units, called documents, these documents are subsequently saved in groups, called directories or sites. These organizations are subsequently arranged into arrangement hierarchies I.e. listing trees, even though the plan of software applications which needs data rationally arranged.

For instance using computers in offense usually entails common applications including MS Office, storing data temporarily to enhance functionality, and storing copies to shield the data of its own client from reduction or by problem.

Group Files into Folders
Data is logically arranged in files. It’s much like how someone may sort and team printed paper records into a reasonable device. Like, am employee records may be kept by employer together by putting them in a document.

In many employers’ files, each worker may have files which are work description, degree, and wages. Therefore each kind of articles includes a title that conveys such; e.g. “wages” displays the content confirms. Data within the file arranged are later recovered by worker.

Thus, it’s ideal for your forensics detective to comprehend why borders to such hierarchical structures exist, they’re under:

Documents, files, and listing buildings for a number of physical apparatus that has limited capability. Therefore the apparatus capabilities itself becomes the border.

Execution of person bounds is beyond just what the physical apparatus demands for:

  • Data prioritization – some customers might have higher or lesser concern for the machine assets. A storage allowance like.
  • Data separation – a person may produce a border on spam that’s different from work-related e-mail files.
  • PC dependencies – some computers demanded trunk connected articles, situated inside the very first couple of Megabytes in the physical storage system.
  • Functionality – Physical storage products are identified to save and recover data with various shows founded on the data location inside the physical storage system.
  • Accessibility — when listing structure borders aren’t established correctly, programs or providers may neglect. In such instances, boundaries for the directory construction convert in to boundaries to accessibility or unavailability of a software or service.

Cyber Threats and Acceptable Risks

Cyber Crime and criminalityThere are numerous security problems that jeopardize the IT field now, in-fact data security is really a problem over the whole IT field. Risks often focused around WIFI systems, mobile phones, and also the cloud.

Do you know the Problems in Protection right now?
For system managers (even prior to the utilization of the web) network protection (prevention of outside network attacks which might potentially trigger harm, entry or take private information or data) has been among the most significant and challenging problems.

I believe the present scenario together with the developments in information and communication systems, which comprise bigger segments of society, brings improved security issues over a large size that formerly didn’t exist. Protection breaches to info methods is just another problem and it improve at an amazing tempo daily and provided that social and individual reliance on IT systems boost the chance of security breaches may continue growing at exactly the similar speed.

More therefore, the rate of cyber-crime nearly increases annually and I believe this price may continue to grow in accordance together with the quick progress in web use because it becomes more readily available and obtainable in now’s technologies.

May we actually have great Protection on Mobile Phones?
I believe we may have great protection but since the utilization of said devices increases because, assaults to mobile products will grow, we won’t and ever have complete security on mobile devices. Certainly, security measures are improved too with technical progress but however mass utilization of mobile phones also increases user recognition and understanding of aforementioned methods which that may maybe transforms like a security dangers. (INFORMATION technology experience is really no longer a specific area recognized by a couple thousand individuals but by millions all over the world and such information is freely-accessible with several experts being self educated.)

Likewise, technical systems and mobile phones are produced by folks as are protection measures. Thus, there’ll remain the threat that such methods may probably be subjected to assaults by systems specialists. While technical improvement raising an individual’s functionality and functionality also it may expose them to risks from specialized experts who investigate and then uses any program weaknesses.

Nevertheless, computer crimes increasing nearly twice by annually and it’ll keep increasing as web use increase. Consequently I believe every passing day provided that technology maintain creating people increasingly begin with them (more people become a specialist) mobile devices won’t be as safe.

Do Wi-Fi Systems must become more safe?
Wifi Networks are merely another sort of system that isn’t completely risk-free like the rest within the INFORMATION technology world. Actually it may be quite harmful if some significant components aren’t taken into consideration. As wifi networks offer a link with the web from just about any place, you will find more possible targets for hackers than other kinds of systems.

Definitely by getting some protection measures including altering password before begin using it (many Wi-Fi access apparatus and device includes default password that are simple to discover.), limit your access to your own Wi-Fi network (hence only trusted individuals who you enabled can employ your system.), change your wireless system name, secure your wireless signals, Mac filtering (so just the given products can link to your own Wi-Fi network.), decrease the number of the Wireless Transmission etc it’s not really difficult to turn your wireless network more protected.

But after taking all these security measures which largely prevents the others using your online or getting charge of the pc during your own wifi network, the concerns which should be requested here are “does our internet velocity stay steady?”, ” are we encountering delays while moving or delivering data or advice?”,”can such delays change our business?” etc.

Do you know the Primary Difficulties on Protection inside the Cloud?
Cloud computing supplies computing resources on-demand using a company as opposed to keeping your personal equipment or software environment. In a different words, we don’t must save data into our personal pc hard disks anymore, rather than this we use tremendous on-line computers. Picture without taking your laptop to be able to get all your own own personal data at any certain minute, being able to manage and share data, photographs, films, contacts, emails, files, etc. to your pals, family, or coworkers from just about any on-line resource.

Along with this there are many more advantages of businesses when working with cloud computing, including decreased IT price (prices of equipment and software), improved efficiency, immediate upgrade, endless storage capability, enhanced integration between os, increased document format compatibility, enhanced data protection. Cloud computing become quite appealing, nevertheless if we mention cloud computing before many of the benefits, the very first query that seems within our head is; could it be protected, as soon as we consider all these benefits? Obviously cloud computing could be compromised, there isn’t any strong protection program, however, I believe security within cloud processing could be considerably greater than that businesses can supply itself.

The primary problem here is; will there be any guarantee that not one of the cloud providers are going to have access to view our info or data? But if I were the proprietor of a large business I’d feel unsafe using cloud computing since there isn’t any guarantee that nobody has the capability to get an encryption key and take, damage, destroy or promote my businesses’ advice and data.

What’s Appropriate Risk?
In daily life, nothing that we’re utilizing or performing is completely protected. There isn’t any guarantee that we aren’t likely to perish with a falling brick striking us around the top while strolling along the street or run over with an automobile while crossing the street and so forth (even though the opportunities are reduced these sort of mishaps occur). Because, there’s always a danger of dying, should we quit going outside? Therefore, even though heading outside has some dangers, we may accept these as an okay dangers.

Their own acceptable risk levels are defined by everybody. For example some folks won’t travel by airplane thinking the amount of threat isn’t adequate due to the risk of crashing and so they favor vacationing my car-even though it requires more time. But, nearly all people don’t share this perspective and use airplanes knowing should you examine morbidity between plane crashes and motor vehicle collisions that statistically more individuals perish on your way.

Also, there’s always a danger from hackers while using communication and info technology methods but this really does not mean we ought to stop using them because they make our existence simpler. Provided that some protection measures are obtained (this cannot be 100 percent safe) we could maintain carry on with them.

The amount of acceptable risk depends on personal options, as I mentioned above, this applies to businesses. Every business identifies their own amount of acceptable risk depending on their demands. Like using cloud computing is found by some businesses being a suitable danger (even though there’s no guarantee the cloud providers won’t grab their info and market it onto other businesses) which shields them from hackers better-than using other systems, together with the additional safety from dropping details or data together with the lack of notebooks, exterior hard-drives and data storage products (Cloud computing also provides an individual the chance to get all their data anytime from just about any on-line source). But, some businesses consider the utilization of cloud processing is really not a satisfactory amount of danger that they’ll consider and where they could guard their information by personal approaches they would rather use their particular systems.