Techno-Crime Institute

Driving and Inspiring The Evolution of Investigations

  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Techno-Crime Newsletter Archive
  • Contact
  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Techno-Crime Newsletter Archive
  • Contact
You are here: Home / Archives for Walt Manning

Protect Yourself from Ransomware Risks: Expert Tips

April 6, 2023 by Walt Manning Leave a Comment

As technology continues to advance, so do the risks.

One of the most significant threats facing businesses and individuals today is ransomware.

Ransomware is a type of malware that locks you out of your systems and data until you pay a ransom. It’s a growing problem, and the numbers are staggering.

In this post, I’ll discuss the latest ransomware statistics, steps you can take to protect yourself, and resources you can use to safeguard your data.

The Latest Ransomware Statistics

According to the 2022 “Verizon Data Breach Investigations Report,” ransomware attacks surged dramatically in 2022; ransomware was involved in 25% of all breaches.

Check Point revealed a 42% global increase in cyber-attacks with ransomware the number one threat, as of mid-2022.

The average cost of a ransomware attack was $1.85 million.

Statistics reveal that a ransomware attack will occur every 2 seconds by 2031.

In the 2022 Small and Medium-Sized Business Ransomware Survey released by CyberCatch, 75 percent of small- and midsize businesses would fail within a week if they were victims of ransomware.

The consequences of a ransomware attack can be devastating. In addition to the financial loss, there’s also the loss of data, reputation, and customer trust.

Steps You Can Take to Protect Yourself

The good news is that there are steps you can take to protect yourself from ransomware risks. Here are some tips to help you safeguard your systems and data:

1.  Back up your data regularly

Backing up your data regularly is one of the most critical steps you can take to protect yourself from ransomware. If your data is backed up, you can restore it without paying the ransom.

Make sure you back up your data to an external hard drive, cloud storage, or other secure location.

I would even suggest that you have multiple backups in different locations. That way, if something happens to your original data, you have more than one backup plan to restore your access.

2.  Keep your software up to date

Outdated software is a common entry point for ransomware. Make sure you keep your operating system, applications, and antivirus software up to date.

Turn on automatic updates so you don’t have to worry about it.

3.  Use strong passwords and two-factor authentication

Weak passwords are easy to crack, and two-factor authentication adds an extra layer of security to your accounts.

Use strong, unique passwords for each account, and enable two-factor authentication whenever possible.

4.  Be cautious of suspicious emails and links

Phishing emails are a common way for ransomware to enter your system. Be cautious of any suspicious emails, links, or attachments. Don’t click on anything you’re not sure of and report any suspicious activity to your IT department.

5.  Train your employees and family

Human error is also a common entry point for ransomware. If you are a business owner or manager, make sure you train your employees on best practices for cybersecurity, including how to recognize and report suspicious activity.

But don’t stop there. Also train your family to make sure you protect your home network against ransomware and other malware.

Home networks are usually softer targets, because most users don’t deploy the same anti-malware protection at home that they might have at the office.

Resources for Ransomware Protection

In addition to the steps above, there are also resources you can use to protect yourself from ransomware risks.

Here are some of the most helpful:

1.  Antivirus software

Antivirus software is your first line of defense against ransomware. Make sure you have a reputable antivirus program installed and keep it up to date.

This includes antivirus software on all of your mobile devices as well.

 2. Ransomware decryptors

If you do fall victim to a ransomware attack, there are sometimes decryptors available that can help you recover your data without paying the ransom.

Check out the No More Ransom Project for a list of available decryptors.

3.  Cybersecurity insurance

Consider investing in cybersecurity insurance to protect yourself in case of a ransomware attack.

Make sure you read the policy carefully and understand what’s covered.

Some policies will refuse to pay if your don’t have an acceptable level of cybersecurity in place.

4.  Cybersecurity training

Invest in cybersecurity training for yourself and your employees.

This can include online courses, workshops, and seminars.

Join our mailing list. We plan to include links to some recommended training resources in future newsletters.

Conclusion

Ransomware risks are a growing problem, but you don’t have to be held hostage.

By following the expert tips above and using the resources available, you can protect yourself from these attacks.

Remember to back up your data regularly, keep your software up to date, use strong passwords and two-factor authentication, be cautious of suspicious emails and links, train your employees, and use antivirus software and other resources to safeguard your data.

With these steps in place, you’ll be well on your way to protecting yourself from ransomware risks.

Filed Under: Techno-crime Tagged With: Cybercrime, Ransomware

Do You Know Enough to Investigate Techno-Crimes?

March 10, 2022 by Walt Manning Leave a Comment

Techno-Crime Investigations

Let me give you several case scenarios and then ask you to think about each as if you were assigned the investigation. What would you do?

  • A murder has been committed by an invisible darknet bio-assassin for hire who was paid with cryptocurrency. She then exchanges her payment into multiple  cryptocurrencies and transfers these funds to several cryptocurrency wallets and exchanges to cover her tracks. How would you find her or determine who hired her?
  • A spider-like robot with a USB connection crawls under an office door and connects to an unattended laptop. The robot contains hacking software, which is used to steal valuable intellectual property from your client while also planting malware on their network.
  • A young woman has been kidnapped and sold to a human trafficking ring. Her car and cell phone are never found. Where will you look for clues that might help you find her?
  • The new and decentralized version of the internet where communications are untraceable is being used by the kidnappers of your client’s CEO to communicate their ransom demand, payable in untraceable cryptocurrency.
  • A senior manager is under investigation after authorizing an electronic funds transfer. The employee swears that he received a video call on the company’s proprietary communications app from his VP of Finance, instructing him to wire the funds. The VP now denies that she made any such call, and there’s no electronic evidence to back up the manager’s story. The desperate manager wonders whether the video call could have been somehow faked and all traces removed from the company’s system.
  • A friend uses virtual reality and a remotely-controlled robot to tour Paris, France. Someone intercepts control of the robot to commit a murder in Paris, and then returns control to the original user. Who has legal jurisdiction to investigate the crime? How could you prove that your friend is innocent?

Some of the scenarios are possible with the technology that exists today, and the others might happen sooner than you think.

The way we have investigated techno-crimes in the past is no longer working.

Technology is growing at an exponential rate, and cybercrime, ransomware, and data breaches continue to explode in growth.

We don’t have enough technology crime investigators to satisfy the needs we have today.

What will we do tomorrow?

Could you find the experts you would need to help you investigate the scenarios I described? If you can find experts, what will happen with your investigation if they’re not available? Do you have a backup plan?

Many investigators tell me that they don’t feel ready to investigate techno-crimes, and they aren’t sure where to start.

The first step is to educate yourself about techno-crime, and then think about how to develop an investigative strategy.

If you’re interested in learning more about techno-crimes, then follow the link to get more information about my book, Techno-Crimes and the Evolution of Investigations.

The book will make you think about the following topics:

  • What you need to know about hidden darknets crime and investigations
  • How the next version of the Internet will make finding digital evidence harder
  • Why investigators may not always be able to find digital evidence in the cloud or on user devices
  • Whether billions of new connected Internet of Things devices will create new ways to break into home and office networks
  • How the crooks are using technology to hide their activities from investigators
  • Why investigators will need to be able to handle cases involving cryptocurrencies, blockchains, or crypto tokens
  • How deepfake technology and data poisoning will make it harder for everyone to know what evidence they can believe
  • Why new technologies will create crimes never before seen

You’ll also receive a link to a Bonus Resources web page that will give you even more information than I could cover in the book!

Here’s a sampling of what’s included in these extra resources:

  • Images of information and illegal items currently for sale by darknet vendors
  • Links to darknet vendors, markets, and other resources
  • A downloadable Smart Home and Mobile Device Security Checklist
  • Links to encryption hardware and software products, as well as encrypted cloud-based resources
  • Information about and links to secure email providers
  • Links with additional information about cryptocurrencies, blockchains, and crypto tokens
  • Examples of deepfake audios and videos, and links to other resources
  • Even more information about new technologies that may create new types of crime, along with challenges for your investigations

Click on the link or the image of the book cover below to see more details about Techno-Crimes and the Evolution of Investigations.


If you’re still not sure if the book is right for you, here are several reviews:

I consider Walt Manning to be one of the leading experts in the field of techno-crime investigations. His new book, Techno-Crimes and the Evolution of Investigations, may be one of the most important and timely books for every law enforcement and investigations professional to read. His many years of experience in both law enforcement and the private sector have given him a unique perspective on the development of techno-crimes, along with potential solutions to help us all evolve into what will be needed for the future of investigations. Every investigator needs to read this!

James D. Ratley — President Emeritus, Association of Certified Fraud Examiners.

———————————————————

Walt Manning has been studying crimes using technology since they first began. He has seen first hand how the advancement of technology has led to the techno-crime revolution. Techno-crimes are not the crimes of the future. They are the crimes of today. It’s vitally important that you understand how they work, and what we can do to investigate and prevent them.

Bruce Dorris, J.D., CFE, President and CEO, Association of Certified Fraud Examiners

———————————————————

In addition to being essential reading for investigators, Techno-Crimes and the Evolution of Investigations provides for all of us invaluable insight into the evolution of technology and the impact upon our own privacy and security.

Peter Warmka — former Senior CIA Intelligence Officer, Cybersecurity Consultant/Educator, and author of Confessions of a CIA Spy – The Art of Human Hacking

———————————————————

Techno-Crimes and the Evolution of Investigations emerges the reader into a dark digital world that some might think is science fiction technology, but chapter after chapter, the reader learns in clear and simplistic terms not only about the various techno-crimes, but also what challenges those investigating may face.

Tom Caulfield, Chief Operations Office, Procurement Integrity Consulting Services.

———————————————————

This book is a goldmine of all things techno-crime and should be on every investigator’s bookshelf as the go-to reference for their investigations.

Ryan Duquette — Cybersecurity and Cyber Incident Response Expert, Keynote Speaker

———————————————————

Digital forensics expert Walt Manning in Techno-Crimes and the Evolution of Investigations has put a huge spotlight on the growing gap between current investigation protocols and the ever-expanding universe of cybercrime. READ THIS BOOK to know what you’re up against.

Donn LeVie, Jr. — President, Donn LeVie Jr. STRATEGIES, LLC, author of Strategic Career Engagement: The Definitive Guide for Getting Hired and Promoted


Evolve with me to be better prepared to investigate techno-crimes!

Filed Under: Techno-crime

Stolen Data is Spreading Faster on Darknets

November 1, 2021 by Walt Manning Leave a Comment

Darknets

Earlier this week I saw an article by Shannon Williams published in “IT Brief: New Zealand” that quoted some interesting findings about stolen data on the darknets.

The report is titled The 2021 “Where’s Your Data?” Experiment, and was issued by Bitglass.

To conduct the study, Bitglass created some fictitious lists of login credentials that supposedly came from known data breaches. The researchers posted links to these files on various darknet markets and other sites.

However, Bitglass embedded proprietary “watermarks” in the files, so they could track the following:

  • The IP address of any person accessing the files
  • Their country
  • How many views each darknet post received
  • How many times each link was clicked
  • The number of times each file was downloaded

The results from a similar study conducted in 2015 were then compared to the data from 2021, which produced some interesting findings.

The number of “views” of the data increased from 1,110 in 2015 to 13,200 in 2021, leading Bitglass to believe that the number of anonymous users on the darknets has increased significantly.

The watermarked files were downloaded by people across 5 different continents, with the highest percentage of IP addresses for the people who downloaded the files coming from the U.S. (34.6%), followed closely by Kenya (32.6%).

As the report states: “Cybercriminals are closer than you think.”

Interest in retail and government data has grown, and the techno-criminals are getting “better at covering their tracks and taking steps to evade law enforcement efforts to prosecute cybercrime.”

The Williams article quotes Mike Schuricht, from the Bitglass Threat Research Group, who said “We expect that the increasing volume of data breaches as well as more avenues for cybercriminals to monetise exfiltrated data has led to this increased interest and activity surrounding stolen data on the dark web.”

The Bitglass study concludes that “stolen data has a wider reach and moves more quickly” on the darknets – up to 11 times faster in 2021 than in 2015.

Their key takeaway?

“The volume of views and the velocity of the data as it traveled through the Dark Web compared to 6 years ago has made it clear that the usage of the Dark Web has grown. These are likely a confluence of several factors that range from an increasing number of breaches occurring, to more avenues to monetize exfiltrated data. These economics are likely going to embolden hackers and cybercriminals even further to continue their efforts to steal data, which can lead to monetary gain or notoriety.”

Why is this important today?

Many investigators know very little about the darknets (TOR is not the only one), and receive very little training about these networks.

This is in addition to the fact that law enforcement typically doesn’t have extra resources to allocate to this aspect of techno-crime – either for training or related to actual investigations.

This means that the odds increasingly favor the techno-crooks, and increase their chances of getting away with the crimes facilitated by data stolen in the exploding number of data breaches.

Once again as I’ve said many times, law enforcement and investigations professionals need a different mindset than “this is the way we’ve always done it” to be successful.

Evolve with us.

Filed Under: Techno-crime Tagged With: Darknets

Could Deepfake Technology Fool You?

September 21, 2020 by Walt Manning Leave a Comment

Deepfake Technology

Every day, most of us use multiple screens to get our news, keep in touch with other people, learn something new, or be entertained.

How many screens do you look at during a day, and for how long?

Now for the critical question:

How much of the information that you see on these screens can you believe?

You’ve probably heard about deepfakes or “fake news” recently. Still, have you seen or heard what this technology can actually do?

Imagine viewing a video of a Fortune 100 company’s CEO posted online announcing significant layoffs or a disastrous financial report.

What would that do to the employees’ morale and productivity?

If it were a publicly-traded company, what would happen to the stock price?

For a different example, think about the potential reaction if a video of Iran’s leader were published on the Internet threatening immediate nuclear war?

What could the possible outcomes be?

Later, you discover that both of these examples were fakes using artificial intelligence and that the videos’ messages weren’t real.

How much damage could be done from the moment when the video is published until it’s found to be fake?

Now let me give you another example.

Imagine a scenario where an employee receives a call from her boss or even the CFO.

She recognizes the voice, which instructs her to immediately wire funds to an important client, after providing detailed wiring instructions.

Except the caller isn’t actually the person they claim to be, and by the time the truth is discovered, the funds have disappeared.

All of these examples are possible today with what is known as deepfake technology.

What Is It?

The data you see on screens every day is already manipulated more than you know, but new technologies have taken the potential for crime and even more dangerous uses to a new level.

Some of the first deepfake videos were pornography, where a celebrity’s head replaced an actor’s head.

There have been several deepfake videos of politicians, and I’ll show you some examples.

There are many new ways that this technology can be integrated with artificial intelligence to do other things. One example is to create a digital clone of your voice and then editing “your” voice to make it say almost anything.

Artificial intelligence is being used to create human-like digital “people.” This technology can simulate customer service agents, teachers, or digital spokespersons.

Several of these systems can use your device’s camera and microphone to interact with you directly and change their response based on your facial expression, voice tone, and soon, perhaps even your emotions.

But showing you what’s already possible is better than telling you, so let’s get started.

To see the entire videos in the examples below, just click on the image and you’ll be able to see the video.

Face2Face

Face2Face

Face2Face is a research program from the Technical University of Munich. Researchers using a consumer webcam can manipulate facial expressions of a target speaking in a YouTube video. The software then renders a new synthesized face of the target, showing the altered video.

The lab is also working on algorithms to help detect fake videos.

You can find more information on the lab’s website at https://www.tum.de/nc/en/about-tum/news/press-releases/details/35502/.

Talking Head Models from Still Photos

Face2Face

Other research from Cornell University uses artificial intelligence to create realistic “talking heads” from still photos. The video demonstrates several examples of videos generated from a variety of images, and even brings the Mona Lisa painting “to life.”

See more details about their research at https://arxiv.org/abs/1905.08233v1

Text-based Editing of Talking-head Video

Text-based Editing of Talking-head Video

This project shows examples of manipulating text from a video to alter the words that appear to be spoken by the subject in the video.

For more information to to the project’s webpage at https://www.ohadf.com/projects/text-based-editing/

Lyrebird AI

Lyrebird AI

Lyrebird is a division of Descript and uses artificial intelligence to take a small audio clip of a person’s voice. Using the clone allows anyone using a text editor to create a statement that sounds like the target’s voice.

There is also a “do-it-yourself” demo to change the sample text and hear the altered output.

Learn more about Lyrebird and see the demonstrations on Lyrebird’s website at https://www.descript.com/lyrebird.

CereProc

CereProc

CereProc is a very advanced text-to-speech service that allows the user to select from a wide variety of voices or clone your own. The website has a fascinating demo where you can type in your text and choose the voice you wish to hear speaking.

Another of the company’s products named “CereVoiceMe” uses artificial intelligence to create a clone of any person’s voice that can then be used to convert text into speech that sounds just like the original subject. One example on the website is a former radio host who suffered the loss of his speech due to illness. CereProc’s technology allowed him to clone his voice.

Jordan Peele Manipulates Video of Former President Obama

President Obama and Fake News

A YouTube clip from a Good Morning America broadcast in 2018 demonstrates how artificial intelligence can be misused. In the clip, comedian Jordan Peele manipulates the voice of former President Barack Obama and provides a warning about this technology.

This Person Does Not Exist

This Person Does Not Exist

This website displays a different realistic photo of a non-existent person every time you visit the site. Artificial intelligence takes features from their image database and combines them to create new faces of any age, gender, and ethnicity. Visit the website five times, and you will see five different faces…of people who don’t exist.

Soul Machines

Soul Machines - Sam

Soul Machines, a New Zealand firm, has created what they describe as a “Digital Brain,” which uses “Embodied Cognitive User Experience” to create a “Digital Person.”

To demo their product, they’ll ask your permission to access your computer’s camera and microphone. You then have a choice to speak to either “Sam” or “Roman,” and provide your email address. You’ll then receive an invitation to carry on a conversation with whichever digital person you choose.

The AI is capable of using your device’s camera and microphone to not only converse with you but also to read your facial expressions and interpret your tone of voice in order to change how it responds.

Yes, there are times when the voice still sounds too much like a machine. You can throw the AI off with random questions or statements. Still, I think you’ll be surprised at how capable the technology already is.

The image above is from one of my previous conversations with “Sam.”

What’s Coming Next?

So now you can see how technology can be used to change reality…or at least what you perceive the truth to be.

Think about how each of these examples might be used to change your perception of what actually happened.

What evidence can you believe?

If someone alters a video or audio record, how would you know?

For example, could this technology be used to create a fake of an emergency alert warning?

What about destroying someone’s marriage or reputation with a fake sex video?

Can you imagine the possible scandal over a fake video or audio recording of a political candidate shortly before an election?

When you consider how something like this could quickly go viral on social media, you can appreciate how dangerous this technology can be.

You’ve all heard the old saying that “Seeing is believing,” but the truth is that believing is seeing.

Studies have shown that humans tend to seek out information that supports what we want to believe and to ignore the rest.

With audio, it’s an even more difficult problem.

Research says that our brains have a hard time detecting the differences between real and artificial voices.

It’s easier for us to pick up on a fake image than to recognize an artificial voice.

Hacking that human tendency gives malicious people, criminals, and even nation-states a lot of power to control what we believe to be true.

What Can We Do?

First of all, we need to ask whether deep fakes are legal.

Certainly, if someone uses deepfake technology to commit a crime, then existing law can apply. But what about just the act of creating a deepfake?

It’s an interesting and problematic question currently unresolved in law, at least in the United States.

We need to consider the First Amendment of the U.S. Constitution, intellectual property law, privacy law, and the new revenge porn statutes many states across the United States have enacted of late.

Now complicate the possibilities with deepfake “diplomacy manipulation.”

Think about the damage that could be done to a nation’s foreign policy or ongoing trade negotiations.

Many organizations are working on ways to detect deepfake videos, photos, and audio.

Some of these involve a highly technical analysis of the data. Still, it might be challenging to conduct this type of analysis in realtime.

And, as we mentioned before, a lot can go wrong during the time between the production of a deepfake and the time when it’s found to be false.

Another possible answer to countering deepfakes would be to use blockchain technology to validate the original if it’s a photograph, a video, or a recorded audio.

But what about a live-streaming video, a live telephone call, or the person you think you see on a screen?

Justin Hendrix, the executive director of NYC Media Lab, says: “In the next two, three, four years we’re going to have to plan for hobbyist propagandists who can make a fortune by creating highly realistic, photo-realistic simulations. And should those attempts work, and people come to suspect that there’s no underlying reality to media artifacts of any kind, then we’re in a really difficult place. It’ll only take a couple of big hoaxes to really convince the public that nothing’s real.”

Could you be fooled?

Filed Under: Uncategorized

Deepfakes — Were You Fooled By This One?

June 17, 2020 by Walt Manning Leave a Comment

 

Our world is under a lot of pressure today.

  • COVID-19 and the uncertainty of a second wave.
  • Tragic deaths and widespread protests.
  • Great tension and debate over law enforcement practices.
  • Unemployment and wondering whether businesses will be able to come back.
  • Volatility in the financial markets.
  • Politics that may be more polarized than I can ever remember.

Unfortunately there seem to be lots of people who are doing anything and everything to make these problems worse instead of talking about how we can work together to make the world better.

A couple of days ago, some people sent a video out to everyone on their mailing list that supposedly showed an interview with Joe Biden on the television show The View.

This caused a lot of reactions, and many of the people who received the video forwarded it along to others, who probably forwarded it to even more people and more people.

And shortly thereafter, someone else responded with a link to the real and unedited interview on YouTube.

I’ve given talks about the capabilities of Deepfake technology and how dangerous it can be.

It’s time for everyone to be very careful, especially with an upcoming election in the United States.

First, here’s the very much edited and controversial video. As you watch it, please notice the watermark in the upper right-hand corner…

https://technocrime.com/wp-content/uploads/2020/06/VIDEO-2020-05-28-12-31-34.mp4

Were you fooled?

Did you see the text “Daily Caller News Foundation Comedy”?

Apparently many people didn’t, and even if they did, they didn’t take the time to check the source.

Here is the real interview on YouTube:

It’s not my intention to be political, or to take one side over the other.

But we all need to understand the dangers that can come when it’s so easy to edit video, audio, and photos.

Please think before you react.

Please verify before you post.

Let’s all do what we can to lower the pressures and tensions we all feel right now, and do the right things for the world.

Filed Under: Uncategorized

  • 1
  • 2
  • 3
  • …
  • 5
  • Next Page »

Evolve With Us to Fight Techno-Crimes!

Join our mailing list and you will receive:

  • Immediate access to our mini-course!
  • Updates about new types of techno-crimes
  • Information about security tools and techniques to protect your data
  • Ways to increase your personal privacy
  • Information about our live and virtual keynote speeches and training opportunities

 

Click here to subscribe!

  • Home
  • About
  • Speaking
  • For Investigators
  • Blog
  • Free Content Library
  • Techno-Crime Newsletter Archive
  • Contact

2020 Techno-Crime Institute