Guest Post on Getsafeonline.org

I have posted a guest blog about the TalkTalk saga on https://www.getsafeonline.org/business-blog/talktalk-saga-lessons-and-thoughts/

Please have a read and send me any feedback

Thanks

HTCC BRIEFING 3

HTCC Newsletter Update

The newsletter will aim to brief members on issues relating to Digital Forensics and collaboration as well as news about the HTCC  In the news recently

 

 

HTCC UPDATE issues	If you wish to join HTCC go to www.hightechcrimecops.org
Review: Google Earth Forensics	Authors: Michael Harrington and Michael Cross Pages: 122 Publisher: Syngress ISBN: 0128002166 Introduction Learn how to use Google Earth geo-location in your digital forensic investigations. About the authors Michael Harrington is a former Law Enforcement officer
School threats by text, phone apps frustrate police	Using apps, social media and Internet phone services, anonymous threats of violence are forcing school evacuations and responses by Police
TalkTalk hack: Boy at centre of cyber attack probe returns to his home in NI	TALKTALK hack in the UK caused widespread concern and debate.  Allegedly 34M peoples data stolen
Cybercrime training for Police in Africa	A group of 28 investigators from 10 African countries are in Kigali for a Cybercrime Investigation Training for the African region.  It seeks to enhance their capacities in overcoming emerging crimes committed through the use of technology.
Computer forensics on a small department budget	These days everyone has access to computers, including criminals.  This means that it’s rare for a complex case not to involve some kind of digital media, whether it’s a desktop computer, a laptop, a smartphone, or a flash drive.
Apple tells US judge it's 'impossible' to unlock new iPhones thanks to strong encryption	• Apple said it can't help authorities access iPhones running iOS 8 and 9 • This is due to strengthened encryption methods introduced in June 2014 • Apple told US Magistrate Judge James Orenstein that it could access the 10 per cent of its devices that continue to use older operating systems • Tech giant will find out on Friday whether it will have to help with the case

TalkTalk some comments

Those interested in Cybercrime and the changing speed and extent of crime need look no further than the TalkTalk case for a good example of how life has changed.
This morning's BBC news broke the main story with concerns that up to 4M customer accounts had been compromised.

The Chief for TalkTalk, Dido Harding, was forced into undertaking many tasks to keep TalkTalk afloat and was extremely open in her comments and showed a caring side. Then many organisations started to flood Twitter and Facebook as well as the Media generally with "what should I do now comments?"

Basically change your passwords, check you bank account and contact TalkTalk or ActionFraud if there is a problem
Check out the Get Safe Online website, the primary site for prevention

Then the attacks started. Complaining about Dido's salary, previous attacks, the share price falling and huge speculation about who did it. Finally later in the day the threat and demand was sent by the alleged criminals

So what does this mean.

For a Business perhaps
At the top you are in the firing line, literally
Any attack can impact on public preception
That can hit confidence amongst customers and your share price or value
Exercise and learn together as a Top Team use Cybx for example 

Government perhaps
The need for a swift response operationally
The need to kick in an effective prevention and advice campaign eg GetSafeOnline
Ensure that regulatory agencies are quick off the mark and supportive

Law Enforcement perhaps
The need to act quickly and access the right data, processes and people
To have the capacity to deal with the issue using all national resources
To have knowledgeable people available when needed

Customers perhaps
Change your passwords regularly and effectively
Check the detaisl of your Bank accounts and Credit Cards
Read the information available to you and act on it

It would be nice to think this will be the last, it wont.

So prepare for for more TalkTalk episodes

 

HTCC Briefing 2 issues of interest

HTCC  Update 2 19/10/2015

The newsletter will aim to brief on issues relating to Digital Forensics and collaboration as well as news about the HTCC  In the news recently

HTCC is a Not For Profit organisation	please see www.hightechcrimecops.org
Naval Lab Earns Prestigious Cyber Forensics Award	CHARLESTON, S.C. (NNS) -- Space and Naval Warfare Systems Center (SSC) Atlantic's Cyber Forensics Criminal Investigations (CFIX) Laboratory became the first in the Navy to earn the prestigious cyber forensics award
AccessData launches Summation 6.0 and FTK 6.0	AccessData Group, a provider of integrated digital forensics and e-Discovery software solutions, today announced the simultaneous launches of Summation 6.0 and FTK 6.0, powered by a forensically secure database and enhanced interoperability between both products
ISACA Survey: Mexican Consumers Confident about Controlling Security on their Internet of Things Devices, Yet Cybersecurity Pros Caution That Security is Insufficient	Mexico City, Mexico (14 October 2015) Is the Internet of Things safe? A new survey from global cybersecurity association ISACA suggests a major confidence gap about the security of connected devices between the average consumer and cybersecurity and information technology professionals.
Cyber Insurers Jack Up Rates in Response to Increasing Hacks	It's getting more expensive to protect against cybersecurity risks. In response to increased hacking of U.S. companies, insurance firms are raising cyber premiums and limiting coverage, according to a recent report by Reuters. Many cyber insurance policies cover the cost of digital forensics, credit management, and litigation expenses.
2015 Pacific Northwest Digital Forensics Bootcamp	November 2015 digital forensics training event features Forensic Explorer instructor led training, Oxygen Forensics instructor led training, three certification exams, and a voucher for the CyberSecurity Forensic Analyst (CSFA) three-day certification exam; voted one of the best digital forensic certifications to have for 2015 and 2016
Securing Digital India from Fraud	To truly secure Prime Minister's Modi's Digital India project and "Make in India" initiative, enterprises must maximize connectivity, but minimize cybersecurity risks, given growing cyber-threats and fraud.

HTCC Briefing 001

This is a briefing posted for the High Tech Crime Consortium

If you wish to join please email me stu@stuhyde.com

HTCC Newsletter Update

The newsletter will aim to brief members on issues relating to Digital Forensics and collaboration as well as news about the HTCC  In the news recently

The world's biggest student cybersecurity games	New York University Cyber Security Awareness Week (NYU CSAW) organizers re-engineer the High School Forensics Challenge to introduce thousands of young investigators to the field of information security. NYU Polytechnic School of Engineering in Brooklyn for the 12th annual NYU CSAW November 12-14, 2015
Advice to companies when they lose employees	Most managers have to deal with the unpleasant task of letting someone go at some point, and whether or not the employee expects the termination, a small chance of violence or retaliation exists. With that in mind, we collated a list of ways bosses can make sure former workers don't come back to bite them
Digital Forensics Training in the UK	CCL Group Ltd open its new building expanding its operations and training academy for digital forensics (Registration)
DriveSavers 30 years of business	DriveSavers, the worldwide leader in data recovery, eDiscovery and digital forensic services, today celebrates 30 years of rescuing data from physically damaged, mechanically failed, virus-infected storage devices and corrupt data files.
Healthcare not ready to deal with Phishing attacks	According to the HIMSS Senior Director of Research, phishing is “the number one thing that keeps CISOs up at night” among healthcare organizations, and yet, many fail to prepare staff with realistic exercises. Global Digital Forensics can help organizations increase social engineering awareness across the board with controlled phishing campaigns which help drive security awareness home across the board.
Fake Passports, Drivers Licenses and Police Badges a Click Away	The manufacturing of fake credentials has been an issue for years; however, after a two-year investigation, Kessler International has determined that items such as passports, driver's licenses and police badges are more attainable than ever. These items are manufactured and sold by counterfeiting operations around the globe, and with the constant expansion of the Internet, new generations of cyber criminals are thriving
Rise of anti-forensics techniques requires response from digital investigators	Good news and bad news from the security industry. Bad news first: there’s a booming population of stealth cyber attackers, who can invade your IT infrastructure without leaving a trace. The good news: there’s a massive shortage of people who can deal with this.