University of Warwick Wins Veracode’s First-Ever Hacker Games

Next Generation of Developers Establish Secure Coding Skills Through Two-Week Competition

BURLINGTON, Mass. – March 31, 2021 – Veracode, the largest global provider of application security testing (AST) solutions, announced today the winner of its first-ever Hacker Games competition, which challenged students to hack and patch real-life apps online. WMG Cyber Security Centre at the University of Warwick was crowned the winner and awarded a $10,000 charitable donation after successfully completing 1,854 challenges over the course of two weeks, while Tufts University took second place and a $5,000 donation. In addition, each individual player from the winning teams and overall top scorers won prize money.

Professor Tim Watson, Director of the WMG Cyber Security Centre at the University of Warwick, said, “The Hacker Games were a fantastic way to promote secure software development and provided our students with a highly challenging experience. The labs are tremendous resources and we will be encouraging our students to take advantage of them to further their skills and experience. We are very grateful to Veracode for creating such a wonderful environment and competition.”

Setting Future Software Developers Up for Success

By empowering the next generation of software developers to write secure code, the Veracode Hacker Games aim to help plug the cybersecurity skills gap. The two-week collegiate competition saw nearly 90 computer science and cybersecurity students from leading universities across the U.S. and U.K. complete hands-on challenges in Veracode Security Labs. Altogether, participants solved a total of 8,500 labs and accumulated nearly 100,000 points.

Chris Wysopal, Founder and Chief Technology Officer at Veracode, said: “The cybersecurity skills gap is proving costly to corporations worldwide. The Hacker Games are a way for us to demonstrate the importance of secure coding to the next generation of software developers. The passion, competitive spirit and commitment from each participating university was impressive and we’re excited to work with each of these schools to make software security a more regular part of their curriculum.”

All participating universities in the Hacker Games will be given complimentary Veracode software for a year. For more information about the universities and teams, visit www.hackergames.io.

About Veracode

Veracode is the leading independent AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities. 

Veracode serves 2,500 customers worldwide across a wide range of industries. The Veracode solution has assessed more than 25 trillion lines of code and helped companies fix more than 59 million security flaws. Learn more at www.veracode.com, on the Veracode blog, and on Twitter.

(260)

Share

UK Cyber Security Council Begins As Independent Body

The Cyber Security Alliance-led Formation Project has created an umbrella body that will grow to champion cyber security education, training and skills

LONDON – March 31st 2021 – The UK Cyber Security Council – the self-regulatory body for the cyber security education and skills sector – today announced that the Formation Project to create the Council has completed, allowing the Government-mandated Council to officially become an independent entity, fully and only accountable to its Trustees.

The Council will champion the cyber security profession across the UK, providing broad representation for the industry, accelerating awareness and promoting excellence in the profession. It will do this by delivering thought leadership, career tools and education resources to the cyber security sector and those seeking a career in the industry, alongside helping influence government, industry and academia with the aim of developing and promoting UK cyber security excellence globally and growing the skills base.

Dr Claudia Natanson, chair of the Council’s Board of Trustees, said: “The Formation Project has put down solid foundations on which the Council can build, and that is what the Council is able to, and will do, from today. The next few months will be especially busy; we are now able to hire and start work on gaining traction and momentum across and beyond the profession. We’ll also be engaging with Government to ensure the delivery of the standards and governance needed to ensure a strong cyber security profession now and in the future. The trustees assure all those involved in the Council to date of our maximum efforts to take their work forward.”

Near-term tasks for the Council include:

  • the appointment of a permanent leadership team, who will work with the Board of Trustees to establish the Council as a leader in the profession, influencing its standing and reputation within the UK and globally; and
  • the recruitment of personnel to take forward the work of the Formation Project on elements of the Council’s remit, including recognition for cyber security practitioners, professional ethics, diversity and inclusivity in the profession and thought leadership

Dr Natanson also thanked the Cyber Security Alliance and the member organisations that supported the Formation Project. “For twenty months, scores of volunteers from the 16 forward-thinking organisations of the Cyber Security Alliance have devoted countless hours to getting the Council to this date. We cannot thank them enough, because without them there would be no Council. In the teeth of a pandemic, to reach this date with the Council on schedule is remarkable,” she said.

Dr Budgie Dhanda, managing director of 3BDA and co-chair of UK Cyber Security Council Formation Project, said: “The volunteers from the members of the Cyber Security Alliance have put heart and soul into the Formation Project, and the members of the Alliance itself have supported their staff all the way. We’re all very proud of what we’re handing over today and look forward to its evolution into a fully functioning, effective Council to represent our profession through the changes ahead.”

Dr Bill Mitchell OBE, chair of the Cyber Security Alliance, “Today marks a significant milestone for the many people who are today and will be in the future handed the enormously important task of protecting the United Kingdom and its economy from cyber threats that undermine the foundations of modern society.  Handing over the Council to its trustees is the culmination of over four years of commitment to a shared vision and shared values of public benefit from 16 organisations that came together in recognition of the breadth of skills and disciplines that go into this task. Now a new profession for the UK can be officially recognised and supported. The Alliance remains fully committed to supporting the new Council and ensuring it succeeds at the pace and with the reach the UK needs as we recover from the pandemic and find our place outside the EU.”

The Council has been invited by the NCSC to participate at CYBERUK, the UK government’s flagship cyber security conference in May. It will outline some initial plans at the event.

History of the Council to date

  • In November 2016, the UK Government’s National Cyber Security Strategy 2016-2021 set out “the UK Government’s plan to make Britain secure and resilient in cyberspace”.
    It included ambitions to develop and accredit the cyber security profession by: “…reinforcing the recognised body of cyber security excellence within the industry and providing a focal point which can advise, shape and inform national policy.”
  • In December 2018, the Government’s Initial National Cyber Security Skills Strategy policy paper specifically prescribed a new, independent body: the UK Cyber Security Council.
    The policy stated that: “Our ambition is for there to be a new, independent UK Cyber Security Council that will embolden the profession to structure and develop itself in a way that meets current and future demands. The Council will be charged with the development of a framework that speaks across the different specialisms, setting out a comprehensive alignment of career pathways, including the certifications and qualifications required within certain levels. The Council will lay the structural foundations of the cyber security profession that will enable it to respond to the evolving needs of industry and the wider economy.”
  • In August 2019, the Department for Digital, Culture, Media and Sport (DCMS) appointed the Cyber Security Alliance following a competitive tender process, with the  Institution of Engineering and Technology (IET)serving as the lead organisation, to design and deliver the UK Cyber Security Council.

The Cyber Security Alliance
The Cyber Security Alliance brings together a range of established knowledge and disciplines, each of which currently has a leadership role in underpinning UK expertise in the digital environment.  With an overall aim to provide clarity around the skills, competences and career pathways within this fast-moving area of cyber security, the initial objective is to support commitments expressed within the UK National Cyber Security Strategy, including the stated intent to recognise professionals through Chartered status. Members include:

About the UK Cyber Security Council
The UK Cyber Security Council is the regulatory body, and voice, for UK cyber security education, training and skills. It drives progress towards meeting the key challenges the profession faces and develops, promotes and stewards nationally recognised standards for cyber security qualification and learning. The Council, working closely with the National Cyber Security Centre (NCSC), the UK’s national technical authority for cyber security, supports the UK Government’s National Cyber Security Strategy to make the UK the safest place to live and work online.

The establishment of the Council by the Cyber Security Alliance consortium of cyber security professional bodies was commissioned by the Department for Digital, Culture, Media and Sport (DCMS) in September 2019.

(182)

Share

British Army Digital Forensic Specialists Win Two Top International Awards

A British Army Sergeant and digital forensics expert and a forensics team from the British Army’s Royal Military Police (RMP) have proved they are the best in their field, having won two top awards the International Digital Investigation Awards 2020. The IDIA celebrates innovative action by law enforcement agencies from around the world.

The virtual ceremony hosted nominations from world renowned organisations including the Federal Bureau of Investigation (FBI) and the Metropolitan Police in categories including digital forensic techniques, collaborative investigation and digital investigator of the year, to name a few.

Use of Advanced Digital Forensic Techniques Award

Sergeant James Stubbs, of the Service Police Cyber Crime Centre (SP3C) scooped the Exceptional Use of Advanced Digital Forensic Techniques Award, beating other highly skilled specialists and team finalists from the Metropolitan Police Service Cybercrime Unit and Leicestershire Police’s Digital Media Intelligence unit.

On receiving the award, Sgt Stubbs said: “I’m delighted to have been nominated and to have won the award for what was a challenging and rewarding investigation. Details of the techniques I used have been requested by INTERPOL Cyber Crime, raising SP3C’s profile internationally.

“I am also proud of SP3C, SPCB, FIIU and FIB for receiving the award for Collaborative Investigation, both awards have provided positive exposure of the Service Police and its efforts to our international counterparts,” he said.

Sgt Stubbs was nominated for his ground-breaking work and carrying out digital forensic investigations to support a US Service Police CID investigation into a sudden death in Iraq in 2019. He was able to retrieve the data from the deceased’s very damaged fitness watch, despite the fact that there was no forensic support for this type of device at the time.

RMP digital forensic investigator at work.

This was of immense importance for the investigation, meaning that time and place of death could be established, enabling the investigators to determine whether any criminal activity had occurred.

More broadly, Sgt Stubbs’s work will also benefit the wider law enforcement community as his work has significantly enhanced understanding of how to forensically analyse such devices, so could be used in future cases to determine time of death and posthumous movements in sudden death or murder cases.

Team Collaborative Award

The RMP Specialist Operations Regiment was recognised in the Team Collaborative Award for their work alongside members of the Royal Navy Police Special Investigation Branch (RNP SIB) for their work in extracting, decoding and interpreting electronic information from a number of devices seized as part of an investigation into alleged possession of indecent images of children.

Corporal Sam Ward, Royal Military Police, and Chief Petty Officer (Master at Arms) Jason Briant, Royal Naval Police, both of Spec Ops Regiment RMP.

Spec Ops Regt continued to support the investigation when jurisdiction was passed to Northumbria Police. As a result, a former serviceman was sentenced to 14 years in jail, made subject to a sexual harm prevention order, a restraining order for life and is on the sexual offender’s register for life.

The team was shortlisted alongside Op BLEAK (a collaboration between North West Regional Organised Crime Unit, the National Cyber Crime Unit and the Australian Federal Police), and National Undercover Online.

‘Best of the best’

Brigadier Viv Buck, Provost Marshal (Army) said: “I am incredibly proud that the RMP has won two awards in the International Digital Investigation Awards 2020, particularly against such high-quality competition from other UK and international law enforcement agencies.

“This is a true reflection of the credibility, competency and excellence of the Service Police team working in digital forensics; they truly are among the best of the best.”

(199)

Share

UK Government Announces New UK Cyber Security Council

The UK Government announces new UK Cyber Security Council “to boost career opportunities and professional standards for the UK’s booming cyber security sector”.

The new UK Cyber Security Council announced today by the UK Government follows an initiative started in the 2015 UK National Cyber Security Strategy “developing the cyber security profession, including through achieving Royal Chartered status by 2020, reinforcing the recognised body of cyber security excellence within the industry and providing a focal point which can advise, shape and inform national policy”. Though the aim for the Council to achieve Royal Chartered status by 2020 has not been met, the achievement of establishing the Council is certainly a major step forward.

Following the publication of the 2015 National Strategy in early 2016 the WCIT and BCS worked to bring together a group of 17 organisations to form the Cyber Security Alliance.

The Cyber Security Alliance Members

This Alliance recognised that the establishment of the council, whilst much needed, could also be significantly disruptive if full engagement with industry professionals and academia was not carried. The Alliance set out to engage with DCMS and NCSC as discussions and public consultations were carried out. The result was the Alliance being awarded a grant and contract in August 2019 to establish the UK Cyber Security Council through its lead member the IET following an open competition process.

The significant amount of time and effort by individuals from both Alliance member and non Alliance member organisations is hard to quantify, but is significantly greater than the amount of grant funding awarded and that the council development has reached such an advanced stage within the contracted timeframe is a testament to their professionalism and commitment.

The Council is to be formally launched on the 31st March 2021

Work continues to prepare for the launch. The launch is but the end of the project to deliver the council, the real work then begins to establish the Council as a credible professional body that will represent those that work in the cyber security industry. DFM wish the new trustees charged with firmly establishing the council and moving it forward, good luck in their endeavours.

(144)

Share

Digital Forensics Specialist (Video)

Digital Forensic Specialist (Video)

SALARY – Circa £37,305 plus £3,406 location allowance

You will receive £37,305 the band minimum. Progress to the band maximum of £41,811 will be via incremental progression. 
LOCATION –   London, SE1

The Digital, Cyber and Communications (DCC) department is undergoing significant changes. It’s all to improve the way we deliver digital forensics services to the MPS and the Criminal Justice System. We’re aiming to offer three different levels of service. As part of this, we’re introducing digital forensic kiosks into custody suites and opening small labs across London. This is a rare chance to be part of the Central Digital Forensics laboratory and help bring criminals to justice – all while developing a unique skill-set.

You’ll be crucial to our vision, as you’ll help us to enable complex investigations, and develop new tools to meet the needs of future technologies. An expert in your field, you’ll be a valuable member of the Forensic Video department, able to interpret digital forensic submissions and provide detailed reports. Confident in the recovery of deleted or corrupted video material, you’ll reverse engineer everything from CCTV recorders to phones – creating compilations for court presentation. With outstanding communication skills, you’ll also oversee a small team and provide peer reviews against ISO 17025 standards.

To join us, you need to be confident with all types of video technology and forensics techniques. With second-to-none expertise, you’ll have proven experience in presenting evidence, working on criminal investigations and attending court. And committed to constantly improving technical practices and procedures, you’ll be dedicated to keeping track of emerging trends.

To apply, please visit our website to download a role specific information pack and application form.

Completed applications must be returned by 17 March 2017.

Please note we are only able to review the first 50 applications received.

We view diversity as fundamental to our success. To tackle today’s complex policing challenges, we need a workforce made up from all of London’s communities. Applications from across the community are therefore essential.

www.metpolicecareers.co.uk

(166)

Share

Beebone takedown is only half the battle, warns OpenDNS

Following confirmation that the BeeBone botnet had been sinkholed last week, OpenDNS IT Pro – Owen Lystrup warns that this is just the first step in stopping these infected machines:

“While the difficult effort of stopping the botnet is complete, it is only the first step to ensuring security for those affected. The next, and perhaps more crucial, steps are to shutdown the servers involved and clean the infected endpoints. As we’ve seen before with cases like Kelihos, botnets can resurface after a dormant period.
“The interagency sinkhole essentially chops the botnet’s capability at its knees. However, unless they have been thoroughly cleaned, the endpoints compromised are still very much infected. The sinkhole merely means outbound traffic intended for what were formerly command and control (C&C) IPs will now get dropped. This result is positive. It means those infected machines will no longer receive instructions from a malicious server – for now.”

Dhia Mahjoub, senior security researcher at OpenDNS, has spent a great amount of time researching botnets – like Kelihos and Zbot, which have similar characteristics to Beebone. And he’s fully aware of the challenges involved with stopping them. “Sinkholes are good for telemetry, which will measure the extent of the threat,” he said. “Step two is for law enforcement to actually take down the involved servers, and to clean the endpoint machines.”

After the press release announcing the takedown, the OpenDNS security research team used the preliminary data to map the known infrastructure and compare it using its own unique view of DNS traffic on the internet. Analysis from OpenDNS shows traffic requests to these formerly malicious domains are still at very high levels. The continued significant traffic to these domains suggests that cleanup efforts have not been effective yet.

In conclusion, Dhia said, “Cleanup is incredibly difficult because the burden lies on the individuals using infected machines, or their ISPs. It’s a huge effort and very expensive. But without it, botnets can potentially pick up where they left off.”

A graph visualising this traffic is available here:

(342)

Share

Malware Statistics Tool Lists Top 100 Searched for Threats

OPSWAT, provider of solutions to secure and manage IT infrastructure, announced the release of a new statistics feature for their free anti-malware multi-scanning service, Metascan® Online. The newly-released malware statistics page provides a list of the 100 most searched for threats from the past week, including detailed scan results. The statistics page is updated daily and provides the ability to track the scan history of a given threat, giving researchers insight into the growth rate of malware detection rates.

 

The Metascan Online data can be used to investigate the current threats generating the most searches, as well as to monitor the detection rate of new threats. OPSWAT CEO Benny Czarny expressed excitement over the research and data analysis possibilities created by the new technology, stating that “the Metascan statistics tool provides information about the malware samples in our database, giving malware researchers the ability to dig into the types of threats that are currently circulating as well as track how the detection of new threats changes over time.”

 

To reduce the risk of false positives at least five of Metascan Online’s 40+ anti-malware engines must flag the file as a threat for it to be included. According to Product Manager for Metascan Online, Ronald Melencio, five engines seemed to be the “sweet spot” for detection. He went on to say that “we were concerned about false positives, but if the minimum is set too high we could eliminate real, new, interesting threats.”

 

The statistics page provides a nearly real-time visualization of the value of multi-scanning. No single anti-malware engine detects 100% of threats 100% of the time, but using multiple engines to scan for threats allows users to take advantage of the strengths of each individual engine and to guarantee the earliest possible detection. While the data included on the statistics page shows only a subset of the most common threats in the wild and utilizes only the Windows-based anti-malware engines in Metascan Online, it provides an indication of the variability of detection rates of common malware by the anti-malware community.

 

OPSWAT elicited feedback from their partners within the anti-malware and malware research community as they developed this new feature in the hopes that it would provide information that was interesting, but not misleading for consumers. It is important to note that the detection data comes from static analysis performed by Software Development Kit (SDK) and Command Line Interface (CLI) package versions of the anti-malware engines included in Metascan Online and not from endpoint desktop applications which may be capable of enhanced behavioral and other dynamic analysis. Detection rates, therefore, may differ significantly from commercial endpoint performance. Therefore the data should not be used for comparative analysis of desktop or server anti-malware application. To discourage such comparisons, OPSWAT has chosen to anonymize the scan engine names.

 

About Metascan Online

Powered by OPSWAT’s Metascan technology, Metascan Online is a free online scanner that scans files for malware using more than 40 commercial anti-malware engines from leading security vendors such as Kaspersky Lab, McAfee, AVG, Avira and many others. The Metascan Online API allows users to programmatically upload and scan files or to search for previous scan results using a file’s hash (MD5, SHA1 or SHA256). By utilizing the hash lookup functionality, users can easily see if the file has previously been scanned by Metascan Online and get the scan results without sending the file over the Internet to be scanned.

(529)

Share

Altium releases its TASKING ARM Cortex-M Embedded Development Tools for the Mac

Sydney, Australia – 2 October 2014 – Altium Limited, a global leader in Smart System Design Automation, 3D PCB design (Altium Designer) and embedded software development (TASKING) announces the release of its TASKING VX-toolset for ARM Cortex-M for Apple Mac computers running OS X.

web--PR_Image-_TASKING_MAC_Port_for_ARM_CompilerTraditionally embedded software development tools have been available exclusively for the Windows operating system and Altium has a long history in providing its TASKING cross compilers and debuggers for running on Windows, including its TASKING VX-toolset for ARM Cortex-M. With ARM Cortex-M based microcontrollers becoming popular in broad market consumer applications, especially with wearable electronics and electronic systems that can be controlled from the iPhone, it is apparent that embedded software engineers want to use the Mac as their development platform.

To serve this development community, Altium has developed a native OS X port of release v5.1r1 of its TASKING VX-toolset for ARM Cortex-M, bringing its C compiler suite with Eclipse based IDE and debugger to Mac computers.

“Given the growing popularity of Mac OS X and the development of ARM Cortex-M based embedded applications connecting to applications on the iPhone and iPad platforms, we’re excited to offer our TASKING Embedded Development Tools to Mac users,” said Harm-Andre Verhoef, Product Manager TASKING. “Altium’s product offering will empower embedded ARM based developments and provide Mac users with the tools to bring their embedded applications to life.”

Previously, embedded-application developers that preferred Mac computers relied on virtual machines hosting the Windows operating system within OS X in order to run an embedded cross compiler. This led to an inefficient workflow and a variety of challenges, including problems connecting a debug probe reliably to the debugger running inside the virtual machine. The native port to OS X of the TASKING compiler breaks down the barriers for developing embedded applications for Mac users, while allowing them to work efficiently in their platform of choice. Cooperation with STMicroelectronics made it possible to offer in-circuit debug capabilities with the Eclipse integrated TASKING debugger, using the USB port on the Mac to connect to the ST-LINK/V2 debug probe.

TASKING’s Viper compiler technology used in the ARM compiler ensures platform compatibility for developers on OS X and their colleagues using Windows, allowing for easy migration and collaboration. The Viper technology has an industry proven reputation of generating highly efficient and robust code for automotive applications like power train, body control, chassis control and safety critical applications, benefiting developments for broad market and industrial applications.

Key features of the TASKING VX-toolset for ARM Cortex-M for Mac OS X include:

  • Eclipse based IDE with integrated compiler and debugger
  • Highly efficient code generation, allowing for fast and compact applications
  • Support for a wide range of Cortex-M based microcontrollers from different vendors, such as STMicroelectronics, Freescale, Infineon Technologies, Silicon Labs, Spansion, Atmel and Texas Instruments
  • Integrated code analyzers for:
    • MISRA-C:1998, C:2004 and C:2012 guideline
    • CERT C secure coding standard
  • Fast and easy application development through TASKING’s award winning Software Platform technology, bringing:
    • an industry standard RTOS
    • a wide range of ready to use middleware components, such as support for CAN, USB, I2C, TCP/IP, HTTP(S), Bluetooth, file systems, graphical user interface, and touch panel control
  • Eclipse integrated Pin Mapper for assigning signals to microcontroller pins
  • In-circuit debug and programming support through ST-LINK/V2 probe (including on-board probes on starter-kits from STMicroelectronics)
  • Native support for 64-bit Intel-based Macs with Mac OS X

Developers using OS X that require certification of their embedded application for functional safety standards such as IEC 61508 and ISO 26262, benefit from TASKING’s ISO 26262 Support Program for its new ARM toolset on OS X. A manufacturer of an electronic (sub) system is responsible for obtaining certification credit and as part of the process has to assess the required level of confidence in the utilized software tools. Altium supports this through the availability of a Compiler Qualification Kit as well as optional Compiler Qualification Services.

The VX-toolset for ARM release v5.1 is available now on OS X Mavericks, and on OS X Yosemite once it is widely available. Pricing starts at USD 1,995 (€ 1,595) for the TASKING VX-toolset Standard Edition and USD 2,995 (€ 2,395) for the Premium Edition with the award winning Software Platform. Hardware debug support is available in the Professional and Premium Editions through the ST-LINK/V2 debug probe from STMicroelectronics.

(2174)

Share

Offender profiling is taking a different shape, as investigators grapple with increasingly ‘social’ criminal activity

Mobile forensics has changed the methodology when it comes to offender profiling. The frequent use of mobile devices has provided investigators with another source for profiling criminal suspects, as well as an insight into their habits and personalities.

This is not just because of the volume of user voice calls and SMS texts; the amount of rich data that can be extracted from Instant Messaging (IM) and social media applications gives forensic investigators the paint and brushes to develop a detailed picture of a suspect and a criminal case. A suspect’s social media personality can offer a more tailored overview of the character, his or her likes and dislikes and a reflection of ‘who’ they really are, beyond their alleged actions. A victim’s presence on social media can also be used to find a common link to possible suspects.

Recent research from Cellebrite found that 77 per cent of respondents believed that mobile apps were a critical data source in criminal investigations. While this clearly indicates that mobile apps offer a vital source of evidence, it’s not a suggestion that investigators should solely look at mobile-based apps when building the investigative picture – evidence should be extracted from all other items of phone-based data as well.

The widespread use of mobile apps makes them a critical data source for law enforcement, both in terms of evidence and investigative leads. The value to both prosecuting and defence counsels, in a court of law, makes the neglect of such data a potentially severe barrier to solving a case.

People now more frequently use mobile devices to access social media apps, rather than using a traditional PC or laptop. Moreover, social media data that is extracted from a suspect’s mobile device provides additional characteristics such as more accurate location-based data and time proximity to another event or situation. For example, by connecting to a specific Wi-Fi network investigators can establish presence in a certain place and at a certain time correlating it with another action, possibly, on social a network.

Criminals will use various communication channels in the course of their mobile activity. For example, a suspect could use an IM app to organise a meeting, but use SMS to contact the victim. Investigators must operate a flexible forensic practice when sourcing evidential data from mobile devices, because the various channels that criminals communicate through means that a one dimensional approach to forensic evidence gathering could lead to the omission of valuable data.

While data points such as SMS text messages and GPS locations may result in an immediate lead in a criminal case, the ‘online social identity’ of a suspect will allow investigators to delve into the personality of the suspect, which in turn could help build out the case.

This social data can be extracted through the social media apps that the suspect has downloaded on their device. Facebook posts, Tweets, ‘shares’ and ‘likes’ can all give critical information to investigators hoping to build the profile of a suspect.

A suspect’s social media identity goes beyond their ‘likes’ and ‘shares’ though; it can also include immediate locational data, such as a recent ‘check-in’ at a restaurant or a shop. Even if this locational data isn’t completely current, it will still help to paint the forensic picture of a suspect in terms of where they regularly go, who they meet with, and what they do when they’re there.

In court, social data retrieved from mobile apps is fast-becoming a major source of evidence in not only building up the profile of the suspect, but also in establishing or demolishing a witness’ credibility. While social or app-based data has become a crucial evidential component to an investigator’s case, it can also act as an important part of the prosecution or defence process in court.

Offender profiling is changing as people use more social applications to communicate with one another. This is providing investigators with another source of information to build up a complete profile of a suspected criminal, which in turn offers a more comprehensive picture of a suspect in a court of law.

The amount of data that is now being consumed and shared is opening up a number of different opportunities for mobile forensic investigators, who are in a constant battle to stay one step ahead of the increasingly connected criminal.

Yuval Ben Moshe Yuval Ben-Moshe, senior forensics technical director at Cellebrite

(980)

Share

Waking Shark II & Barclays

Last week, one agency was kind enough to print my controversial opinions on Waking Shark II, which were based on knowledge of standing deficiencies with the security cultures and infrastructures of banking. Many of which have been notified, but those in question have failed to act, or indeed acknowledge!

The recent Barclays breach is interesting, but I would add that this is only known as an insider blew the whistle, otherwise it would be unknown, and the subject public at large would have been none the wiser, and at risk. However, I am aware of many cases of such breaches which did not go public, one of which was the loss of 37,000 Barclays Client record’s, in clear (not encrypted) around 2007, which was not reported, notwithstanding the CISO, and all Executive IT Directors were aware, including one Main Board Member.

By main criticism and observation around Waking Shark II was its real value to serving security – if there were/are so many tolerated holes in place that support insecurity, then those in the security profession who support this situation, by association become part of the problem – in the name of security associations and bodies!

My conclusion is, we are not at a well trodden juncture of insecurity and public/business exposure which, in my opinion needs much more than to just pay lip service to the known, but which demands tangible action to secure the National and Global Economies.

We also need to be aware that the cultures which tolerated the unreported breach, have moved on, in some cases to the world of Outsourcing and Service Management (e.g. First Data), so sadly one may conclude that such attitudes for survival may have evolved into the unknown.
John Walker

John Walker
SBLTD
www.sbltd.eu

Professor John Walker is a Visiting Professor at the School of Computing and Informatics, Nottingham Trent University (NTU), owner and CTO of SBLTD, a specialist Contracting/Consultancy in the arena of IT Security and Forensics, and Security Analytics, the Director of Cyber Research at the Ascot Barclay Group.

(1467)

Share