On Q Professional Investigations

“Editor’s Note: Welcome to my weekly column, Virtual Case Notes, in which I interview industry experts for their take on the latest cybersecurity situation. Each week I will take a look at a new case from the evolving realm of digital crime and digital forensics. For previous editions, please type “Virtual Case Notes” into the search bar at the top of the site.

Cybercrime if often thought of as something that only happens within the generalized, invisible space of the internet. It is seen as virtual rather than physical, and those who commit cybercrime are thought of as anonymous individuals whose activities are all within the confines of the web. Run an image search for “hacker” or “cybercriminal” and you will see plenty of pictures of people with their faces hidden by hoods or masks, sitting alone in a dark room in front of a computer. But what if, instead of a hooded loner, the universal image of cybercrime was that of a group of neighbors in an impoverished part of the world, gathered together at a local cafe?

The latter is a new picture of cybercrime that researchers Jonathan Lusthaus and Federico Varese hope to make more people aware of in their recent paper “Offline and Local: The Hidden Face of Cybercrime.” The co-authors, working on the Human Cybercriminal Project out of the sociology department of the University of Oxford, traveled to Romania in 2014 and 2015 to study the oft-ignored real-world aspect of cybercrime in an area known to be a hub for one specific form of this crime—cyber fraud.

“Hackerville”

The town of Râmnicu Vâlcea, which has a population of around 100,000, has faced some economic setbacks in the last decade, including the loss of a major employer, a chemical plant; in addition, the average monthly salary in Romania as a whole (in 2014) was only €398 compared to €1,489 across the European Union. However, upon arriving in town, Lusthaus and Varese found themselves surrounded by luxury cars, “trendy” eateries, and shopping malls stocked with designer clothes and electronics. Though Râmnicu Vâlcea is poor “on paper,” the town seemed to be thriving, and interviews with Romanian law enforcement agents, prosecutors, cybersecurity professionals, a journalist, a hacker, and a former cybercriminal would soon give the researchers a clue as to why that might be.

“It was rumored that some 1,000 people (in Râmnicu Vâlcea) are involved almost full-time in internet fraud,” Varese told me, explaining why the town sometimes nicknamed “Hackerville” became a key target of their research (although the authors point out, in their paper, that the more accurate term would be “Fraudville,” as scams are focused more on the sale of fake goods than hacking or the spread of malware).

Varese said major findings from their interviews in Râmnicu Vâlcea as well as the Romanian cities of Bucharest and Alexandria were that cybercriminals knew each other and interacted with each other at local meeting spots offline, such as bars and cafes; that they operated in an organized fashion with different people filling different roles; that many in the town were aware of the organized crime but either didn’t say anything or sought to become involved themselves; and that there have been several cases throughout the years of corrupt officials, including police officers, who accepted bribes from the fraudsters and allowed them to perpetuate their schemes without interference.

“These are almost gangs,” Varese said. “They are not the individual, lonely, geeky guy in his bedroom that does the activities, but it’s a more organized operation that involves some people with technical skills and some people who are just basically thugs.”

The paper describes a culture of local complacency, often under threat of violence by a network of seasoned cybercriminals. This picture is far from that of the anonymous, faceless hacker many have come to envision, and instead reveals how internet crime can become embedded in specific populations.

“Most people think of cybercrime as being a global, international sort of liquid problem that could be anywhere and could come at you from anywhere,” Varese said. “In fact, the attacks—the cybercrime attacks or the cyber fraud—really come from very few places disproportionately. So cybercrime is not randomly distributed in the world. It’s located in hubs.”

Cultural and Human Factors

I asked Varese two major questions—why Romania and why cybercrime, as opposed to other forms of profitable crime? He responded that a look at the country’s history reveals why, instead of weapons or drugs, criminals in Romania might turn instead to their computers.

“Romania is a very special place. Mainly because, during the dictatorship of Nicolae Ceaușescu—that was the communist dictator that ruled Romania from the 60s to the 90s—he emphasized the importance of technical education, and especially IT,” Varese explained. “There was a very good technical basis among people. When the internet arrived, a lot of Romanians built up their own micro-networks. And so it turns out that when the regime fell, Romania turned out to be a country which was very, very well-connected.”

The high level of technical education, combined with a high level of poverty and a high level of corruption—as shown in the paper, which points out that Romania’s score on Transparency International’s 2016 Corruption Perceptions Index is only 48 out of possible 100—created a perfect storm for a culture of cybercrime to grown, Varese said.

But Romania is not the only place where cybercrime is highly concentrated and where online activities are strongly tied to offline factors. Varese identifies Vietnam in Asia, Nigeria in Africa and Brazil in the Americas as three other cybercrime hubs. Varese and his coauthor also plan to take their future research to Eastern Europe, where “corruption and the technical and economic of legacy of communism” have created “a highly conducive environment for cybercrime,” their paper states.

Varese hopes this sociological research will help authorities recognize and manage the human element of cybercrime that is often ignored in the fight against online threats.”

Read More

SEMINOLE COUNTY, Fla. July 29 2017- A Sanford security company said it has come up with a solution to stop thieves from trying to rip people off at the gas station with skimmers, devices used to steal credit and debit card numbers.

Chris Gilpin with SignalVault told Channel 9 anchor Jamie Holmes that he’s developed a device that will sound an alarm if a gas pump is opened.

The alarm alerts gas station owners when someone opens the door on a gas pump to install a skimmer device.

The system also sends out an alert through an app to let the gas station owner know that a particular pump has been compromised.

“The pump can be inspected immediately afterwards and the skimmer can be removed from the gas pump before any credit or debit card numbers are stolen,” Gilpin said.

State investigators announced Wednesday that they’ve seen an increase in the number of skimmers found at gas pumps. Nearly 300 devices have been found in Florida this year, but that number is deceiving, investigators said.

“That doesn’t really cover the scope of how bad it actually is because the gas pumps are only inspected every 12 – 16 months, so there are hundreds more skimmers,” Gilpin said.

Gilpin said the bigger problem is the law. Florida only requires gas station owners to put red tape around the pump access panel and the tape is hardly a real deterrent for a thief.

Gilpin said his device constantly monitors skimming activity and although he’s still in the testing phase, he hopes the state eventually does more to really pump the brakes on this crime.

“We can’t stop these criminals from installing gas station skimmers. However, we can stop those skimmers from stealing credit and debit card numbers,” Gilpin said.

Gilpin will meet with state agriculture officials in a couple of weeks to show off his product.

He’s been on the ABC show “Shark Tank,” and has a similar consumer protection product used by a 500,000 people worldwide.

View Source

Congress sent proposed legislation to President Donald Trump on Tuesday that wipes away landmark online privacy protections, the first salvo in what is likely to become a significant reworking of the rules governing internet access in an era of Republican dominance.

In a party-line vote, House Republicans freed internet service providers such as Verizon, AT&T and Comcast of protections approved just last year that had sought to limit what companies could do with information such as customer browsing habits, app usage history, location data and Social Security numbers. The rules had also required providers to strengthen safeguards for customer data against hackers and thieves.

The Senate has already voted to nullify those measures, which were set to take effect at the end of this year. If Trump signs the legislation, as expected, providers will be able to monitor their customers’ behavior online and, without their permission, use their personal and financial information to sell highly targeted ads — making them rivals to Google and Facebook in the $83 billion online advertising market.

The providers could also sell their users’ information directly to marketers, financial firms and other companies that mine personal data — all of whom could use the data without consumers’ consent. In addition, the Federal Communications Commission, which initially drafted the protections, will be forbidden from issuing similar rules in the future.

Search engines and streaming video sites already collect usage data on consumers. But consumer activists claim that internet providers may know much more about a person’s activities because they can see all of the sites a customer visits.

And while consumers can easily abandon sites whose privacy practices they don’t agree with, it is far more difficult to choose a different internet provider, the activists said. Many Americans have a choice of only one or two broadband companies in their area, according to federal statistics.

Advocates for tough privacy protections online called Tuesday’s vote “a tremendous setback for America.”

“Today’s vote means that Americans will never be safe online from having their most personal details stealthily scrutinized and sold to the highest bidder,” said Jeffrey Chester, executive director of the Center for Digital Democracy.

Read More

THIS WEEK, VIZIO, which makes popular, high-quality, affordable TV sets, agreed to pay a $2.2 million fine to the FTC. As it turns out, those same TVs were also busily tracking what their owners were watching, and shuttling that data back to the company’s servers, where it would be sold to eager advertisers.

That’s every bit as gross as it sounds, but Vizio’s offense was one of degree, not of kind. While other smart TV platforms don’t sell your viewing data at the IP level to the highest bidder without consent, like Vizio did, many do track your habits on at least some level. And even the companies that have moved on from ACR—like LG when it embraced webOS—have older models that liberally snoop.

But good news! There are ways to keep your smart TV from the prying eyes of the company that made it. In fact, there’s one absurdly easy way that will work for any television you can buy. Let’s start there.

Dumb It Down
The single most foolproof way to keep an internet-connected TV from sending data to far-flung ad tech servers around the globe? Disconnect it from the internet. And honestly, you should be doing that anyway.

Think about what you’re really getting from the “smart” part of your high-tech television. A shoddy interface? Voice commands that work half the time, if you’re lucky? A few bonus ads popping up in unexpected places? No thank you! Go to Settings, find the Wi-Fi On/Off toggle, and shut it down.

Read More

Every year, hundreds of volunteers and thousands of recipients convene at the Spokane County Fair and Expo Center for the bureau, which provides assistance to those less fortunate during the holidays.

Other than some relatively minor medical emergencies – including women going into labor – there haven’t been any crises at the bureau, now in its 71st year.

“I feel blessed that we have not had any serious problems,” said Special Event Coordinator Judy Lee, with Catholic Charities Spokane.

Regardless, organizers provide training to volunteers on what to do in case of an emergency. And if anything does happen, they have a trusted security officer they know they can rely on.

Rashad Salah, 32, has worked the Christmas Bureau for several years. He says it’s one of his favorite jobs.

Read More

Attorney General Mark Brnovich announced today a judge sentenced Chalice Zeitner to more than 25 years in prison after Zeitner faked cancer to qualify for a taxpayer funded abortion and scammed veterans charities out of more than $15,000. Zeitner was convicted of 17 felonies at two separate trials. The Attorney General’s Office prosecuted this case after an investigation by the Federal Bureau of Investigation Phoenix Field Office and AHCCCS.

“Zeitner is a con-artist who brazenly stole money from veterans and the taxpayers of Arizona,” said Attorney General Mark Brnovich. “Our office has built a strong partnership with the FBI to investigate and prosecute complex fraud cases like Zeitner’s and seek justice for the victims.”

“The crimes for which Ms. Zeitner has been convicted are particularly offensive, from defrauding veterans’ charities to faking cancer in order to receive a government-funded, late-term abortion. The FBI is committed to protecting the public from frauds and is well-situated to investigate frauds occurring in multiple states and jurisdictions,” said Special Agent in Charge Michael DeLeon. “I would like to thank Arizona Attorney General Mark Brnovich for dedicating the resources necessary to prosecute Ms. Zeitner.”

In April 2016, a jury convicted Zeitner of fraud and other charges for faking a cancer diagnosis to get the state to pay for a late-term abortion. In August 2016 after a separate trial, a jury convicted Zeitner of Fraudulent Schemes and Artifices and Theft for scamming veterans charities out of $15,000 and charging more than $25,000 to a fraudulently obtained credit card associated with a family member of an owner of a veterans charity.”

Read Source

“We leave behind trace chemicals, molecules and microbes on every object we touch. By sampling the molecules on cell phones, researchers at University of California San Diego School of Medicine and Skaggs School of Pharmacy and Pharmaceutical Sciences were able to construct lifestyle sketches for each phone’s owner, including diet, preferred hygiene products, health status and locations visited. This proof-of-concept study, published November 14 by Proceedings of the National Academy of Sciences, could have a number of applications, including criminal profiling, airport screening, medication adherence monitoring, clinical trial participant stratification and environmental exposure studies.

“You can imagine a scenario where a crime scene investigator comes across a personal object — like a phone, pen or key — without fingerprints or DNA, or with prints or DNA not found in the database. They would have nothing to go on to determine who that belongs to,” said senior author Pieter Dorrestein, PhD, professor in UC San Diego School of Medicine and Skaggs School of Pharmacy and Pharmaceutical Sciences. “So we thought — what if we take advantage of left-behind skin chemistry to tell us what kind of lifestyle this person has?”

In a 2015 study , Dorrestein’s team constructed 3D models to illustrate the molecules and microbes found at hundreds of locations on the bodies of two healthy adult volunteers. Despite a three-day moratorium on personal hygiene products before the samples were collected, the researchers were surprised to find that the most abundant molecular features in the skin swabs still came from hygiene and beauty products, such as sunscreen.

“All of these chemical traces on our bodies can transfer to objects,” Dorrestein said. “So we realized we could probably come up with a profile of a person’s lifestyle based on chemistries we can detect on objects they frequently use.”

Read More

Starting January, you may have a little trouble getting into a federal building – and you may eventually face some added headaches at airport security.

That’s because effective Jan. 30, 2017, Pennsylvania-issued driver’s licenses and IDs will be out of compliance with new federal requirements.

The federal Department of Homeland Security has notified Pennsylvania that state residents will face new restrictions when they attempt to enter federal facilities in January as a result of the failure of those state-issued documents to meet federal so-called REAL ID requirements.

Effective Jan. 30, Pennsylvania residents will need an alternative, secure form of identification to gain admittance to all federal facilities, military bases and nuclear power plants. The only exception is admittance to federal facilities for the purpose of applying for or receiving federal benefits. Each federal agency determines which secure identification it will accept.

Pennsylvania is prohibited from developing new identification by the state’s 2012 Act 38, which restricts the commonwealth from participation in the Real ID Act. Pennsylvania is one of about two dozen states that haven’t complied with the federal guideline.

The Real ID Act, passed in 2013, is intended to improve accuracy of state-issued identification documents to help inhibit terrorists’ ability to evade detection by using fraudulent identification.

The law has been phased in over three years. The last phase, which applies to boarding federally regulated commercial aircraft, is supposed to be enforced “no sooner than 2016,” according to the Department of Homeland Security’s web site.

The Department of Homeland Security had been granting states not in compliance a series of extensions. In a letter dated Oct. 11, the department informed PennDOT that no further extensions will be granted unless there are new developments or information provided on why standards remain unmet and the reasons for continued noncompliance.

DHS also pointed out that if Pennsylvania does not come into compliance by Jan. 22, 2018 (or is not granted an extension), Pennsylvania residents will need to present an alternative form of identification acceptable to the Transportation Security Administration to board a commercial flight.

Read More

William Santana Li imagines a future where robots will keep Americans safe.

Communities, he dreams, will take security into their own hands by investing in wheeled machines that patrol streets, sidewalks and schools — instantly alerting residents via a mobile app of intruders or criminal behavior.

“What if we could crowd-source security?” said Li, co-founder and chief executive of a robotics company, Knightscope, that hopes to eventually do just that.

His question is like many posed by Silicon Valley entrepreneurs seeking to modernize, privatize and monetize services once entrusted to the government — and it’s one that has intrigued venture capitalists who have pumped $14 million into his start-up.

Already, Knightscope robots are edging into the private security industry, patrolling parking lots, a shopping center and corporate campuses in California. The company’s ambitions, though, are much bigger.

Knightscope manufactures two robots — the five-foot tall K5 and the four-foot K3. Both weigh a hefty 300 pounds (they were designed to make it hard to tip over). Customers such as the Stanford Shopping Center, Qualcomm and Uber rent them starting at about $7 an hour (Knightscope, based in Mountain View, Calif., charges more if companies want extra services, such as more than two weeks of data storage).

The robots — which resemble a cross between R2D2 and a Dalek from “Doctor Who” — can record, stream, send and store video; provide thermal imaging; read license plates; track parked cars; serve as a two-way intercom; play a pre-recorded message; and detect humans in places they’re not supposed to be.

Read More

“The UK has just introduced plastic banknotes, almost 30 years after they were used for the first time in Australia. The polymer notes are designed to last longer and be harder to forge. But the new notes, which will replace the old cotton paper ones entirely by 2020, come with a challenge for police detectives and forensic scientists.

The existing techniques for obtaining fingerprints from paper notes won’t necessarily work for the new plastic money. However, our team at the chemistry department of Loughborough University has developed a potential solution.

The use of fingerprints in forensic science may date back to the 19th century, but in the UK alone it still plays a key role in bringing charges in some 27,000 crimes a year, according to Home Office data we obtained. But new materials can pose significant challenges for fingerprinting. We’re forever trying to make things biodegradable, or handling devices that simply didn’t exist a decade or two ago.

The issue is that the new notes have been fashioned from “biaxially oriented” polypropylene, a type of plastic that has been strengthened by stretching it in two directions. They are also, as with all notes, deliberately fiddly in design. Illustrations and security features such as foil and transparent sections make it harder to develop a perfect print.

The key is to try to find a method that will make the design of the note invisible and just highlight the print. Conventional techniques, such as exposing the fingerprint to cyanoacrylate (“superglue”) fumes that stick to the moisture in the ridges of the print and turn them white, can struggle in such circumstances. The developed print simply appears white and so is harder to see against the background, and it leaves an indelible mark or stain that means the note can’t be returned to circulation.”

Read More