How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab

May 31, 2007 — CSO — Forensic investigations start at the end. Think of it: You wouldn’t start using science and technology to establish facts (that’s the dictionary definition of forensics) unless you had some reason to establish facts in the first place. But by that time, the crime has already happened. So while requisite, forensics is ultimately unrewarding.

A clear illustration of this fact comes from the field investigations manager for a major credit services company. Sometime last year, he noticed a clutch of fraudulent purchases on cards that all traced back to the same aquarium. He learned quite a bit through forensics. He learned, for example, that an aquarium employee had downloaded an audio file while eating a sandwich on her lunch break. He learned that when she played the song, a rootkit hidden inside the song installed itself on her computer. That rootkit allowed the hacker who’d planted it to establish a secure tunnel so he could work undetected and “get root”—administrator’s access to the aquarium network.

Sounds like a successful investigation. But the investigator was underwhelmed by the results. Why? Because he hadn’t caught the perpetrator and he knew he never would. What’s worse, that lunch break with the sandwich and the song download had occurred some time before he got there. In fact, the hacker had captured every card transaction at the aquarium for two years.

The investigator (who could only speak anonymously) wonders aloud what other networks are right now being controlled by criminal enterprises whose presence is entirely concealed. Computer crime has shifted from a game of disruption to one of access. The hacker’s focus has shifted too, from developing destructive payloads to circumventing detection. Now, for every tool forensic investigators have come to rely on to discover and prosecute electronic crimes, criminals have a corresponding tool to baffle the investigation.

This is antiforensics. It is more than technology. It is an approach to criminal hacking that can be summed up like this: Make it hard for them to find you and impossible for them to prove they found you.

Original Article: http://www.cio.com/author/107204/Scott+Berinato

 

 

"We looked at a number of companies and found LifeLock had the best product for protecting people from ID theft plus much more. I wish we had found them before my wife and I recently became victims."

Bobby Joe Harris
Retired Chandler (AZ) Police Chief

"I urge everyone to consider employing LifeLock to protect his or her Identity. I am grateful the thieves that tried to get to me were not able to succeed even though they have tried repeated times. LifeLock stopped them!"

Aaron Freeman
Scottsdale, Arizona

"I took all the precautions to fight ID Theft but never once thought about my son becoming a victim until he became one. Criminals don't care if you're 2 or 102, as long as they get what they want. I have now turned to LifeLock to protect my children and only wish I would've known about Lifelock before this happened to my son."

Lisa Terwillegar
Hickory, North Carolina

"Trying to solve the problems from ID Theft is more frustrating than returning unwanted presents the day after Christmas. I'll never go through that again because of LifeLock."

Sean Simpson
Oklahoma City, Oklahoma

"I have dealt with the results of ID theft for more than three years and read about all the so-called solutions. Until LifeLock came along, I never thought I would see an answer to the problem. LifeLock can stop this crime!"

Paul Fairchild
Edmond, Oklahoma

"I had seen a news report about LifeLock. The CEO gave out his social security number on TV! The reporter tried to use it to open new accounts and couldn't. That when I signed up. Later, I heard from the Navy and the VA that they had lost my private information. Then someone tried to open two credit card account under my name. They tried to steal my identity, but LifeLock came through. LifeLock saved me at least $30,000 and years of frustration, along with my good credit."

Earl Laurie
Colorado Springs, Colorado

"I saw in the news about a company called LifeLock that protects families from identity theft. My husband was skeptical, but I signed us up, and forgot about it. A couple of months later, on a family vacation, my husband received a phone call asking if he was applying for a new credit card. Someone was trying to steal his identity. LifeLock had stopped the thief cold. We continued on with our vacation knowing we were safe."

Kim Barnes
Austin, Texas