Techno-Crime Institute

Driving and Inspiring The Evolution of Investigations

  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Contact
  • Home
  • About
  • Speaking
    • Meet Walt Manning
    • Speaking Topics
  • For Investigators
  • Blog
  • Free Content Library
  • Contact
You are here: Home / Archives for Walt Manning

Do You Know Enough to Investigate Techno-Crimes?

March 10, 2022 by Walt Manning Leave a Comment

Techno-Crime Investigations

Let me give you several case scenarios and then ask you to think about each as if you were assigned the investigation. What would you do?

  • A murder has been committed by an invisible darknet bio-assassin for hire who was paid with cryptocurrency. She then exchanges her payment into multiple  cryptocurrencies and transfers these funds to several cryptocurrency wallets and exchanges to cover her tracks. How would you find her or determine who hired her?
  • A spider-like robot with a USB connection crawls under an office door and connects to an unattended laptop. The robot contains hacking software, which is used to steal valuable intellectual property from your client while also planting malware on their network.
  • A young woman has been kidnapped and sold to a human trafficking ring. Her car and cell phone are never found. Where will you look for clues that might help you find her?
  • The new and decentralized version of the internet where communications are untraceable is being used by the kidnappers of your client’s CEO to communicate their ransom demand, payable in untraceable cryptocurrency.
  • A senior manager is under investigation after authorizing an electronic funds transfer. The employee swears that he received a video call on the company’s proprietary communications app from his VP of Finance, instructing him to wire the funds. The VP now denies that she made any such call, and there’s no electronic evidence to back up the manager’s story. The desperate manager wonders whether the video call could have been somehow faked and all traces removed from the company’s system.
  • A friend uses virtual reality and a remotely-controlled robot to tour Paris, France. Someone intercepts control of the robot to commit a murder in Paris, and then returns control to the original user. Who has legal jurisdiction to investigate the crime? How could you prove that your friend is innocent?

Some of the scenarios are possible with the technology that exists today, and the others might happen sooner than you think.

The way we have investigated techno-crimes in the past is no longer working.

Technology is growing at an exponential rate, and cybercrime, ransomware, and data breaches continue to explode in growth.

We don’t have enough technology crime investigators to satisfy the needs we have today.

What will we do tomorrow?

Could you find the experts you would need to help you investigate the scenarios I described? If you can find experts, what will happen with your investigation if they’re not available? Do you have a backup plan?

Many investigators tell me that they don’t feel ready to investigate techno-crimes, and they aren’t sure where to start.

The first step is to educate yourself about techno-crime, and then think about how to develop an investigative strategy.

If you’re interested in learning more about techno-crimes, then follow the link to get more information about my book, Techno-Crimes and the Evolution of Investigations.

The book will make you think about the following topics:

  • What you need to know about hidden darknets crime and investigations
  • How the next version of the Internet will make finding digital evidence harder
  • Why investigators may not always be able to find digital evidence in the cloud or on user devices
  • Whether billions of new connected Internet of Things devices will create new ways to break into home and office networks
  • How the crooks are using technology to hide their activities from investigators
  • Why investigators will need to be able to handle cases involving cryptocurrencies, blockchains, or crypto tokens
  • How deepfake technology and data poisoning will make it harder for everyone to know what evidence they can believe
  • Why new technologies will create crimes never before seen

You’ll also receive a link to a Bonus Resources web page that will give you even more information than I could cover in the book!

Here’s a sampling of what’s included in these extra resources:

  • Images of information and illegal items currently for sale by darknet vendors
  • Links to darknet vendors, markets, and other resources
  • A downloadable Smart Home and Mobile Device Security Checklist
  • Links to encryption hardware and software products, as well as encrypted cloud-based resources
  • Information about and links to secure email providers
  • Links with additional information about cryptocurrencies, blockchains, and crypto tokens
  • Examples of deepfake audios and videos, and links to other resources
  • Even more information about new technologies that may create new types of crime, along with challenges for your investigations

Click on the link or the image of the book cover below to see more details about Techno-Crimes and the Evolution of Investigations.


If you’re still not sure if the book is right for you, here are several reviews:

I consider Walt Manning to be one of the leading experts in the field of techno-crime investigations. His new book, Techno-Crimes and the Evolution of Investigations, may be one of the most important and timely books for every law enforcement and investigations professional to read. His many years of experience in both law enforcement and the private sector have given him a unique perspective on the development of techno-crimes, along with potential solutions to help us all evolve into what will be needed for the future of investigations. Every investigator needs to read this!

James D. Ratley — President Emeritus, Association of Certified Fraud Examiners.

———————————————————

Walt Manning has been studying crimes using technology since they first began. He has seen first hand how the advancement of technology has led to the techno-crime revolution. Techno-crimes are not the crimes of the future. They are the crimes of today. It’s vitally important that you understand how they work, and what we can do to investigate and prevent them.

Bruce Dorris, J.D., CFE, President and CEO, Association of Certified Fraud Examiners

———————————————————

In addition to being essential reading for investigators, Techno-Crimes and the Evolution of Investigations provides for all of us invaluable insight into the evolution of technology and the impact upon our own privacy and security.

Peter Warmka — former Senior CIA Intelligence Officer, Cybersecurity Consultant/Educator, and author of Confessions of a CIA Spy – The Art of Human Hacking

———————————————————

Techno-Crimes and the Evolution of Investigations emerges the reader into a dark digital world that some might think is science fiction technology, but chapter after chapter, the reader learns in clear and simplistic terms not only about the various techno-crimes, but also what challenges those investigating may face.

Tom Caulfield, Chief Operations Office, Procurement Integrity Consulting Services.

———————————————————

This book is a goldmine of all things techno-crime and should be on every investigator’s bookshelf as the go-to reference for their investigations.

Ryan Duquette — Cybersecurity and Cyber Incident Response Expert, Keynote Speaker

———————————————————

Digital forensics expert Walt Manning in Techno-Crimes and the Evolution of Investigations has put a huge spotlight on the growing gap between current investigation protocols and the ever-expanding universe of cybercrime. READ THIS BOOK to know what you’re up against.

Donn LeVie, Jr. — President, Donn LeVie Jr. STRATEGIES, LLC, author of Strategic Career Engagement: The Definitive Guide for Getting Hired and Promoted


Evolve with me to be better prepared to investigate techno-crimes!

Filed Under: Techno-crime

Stolen Data is Spreading Faster on Darknets

November 1, 2021 by Walt Manning Leave a Comment

Darknets

Earlier this week I saw an article by Shannon Williams published in “IT Brief: New Zealand” that quoted some interesting findings about stolen data on the darknets.

The report is titled The 2021 “Where’s Your Data?” Experiment, and was issued by Bitglass.

To conduct the study, Bitglass created some fictitious lists of login credentials that supposedly came from known data breaches. The researchers posted links to these files on various darknet markets and other sites.

However, Bitglass embedded proprietary “watermarks” in the files, so they could track the following:

  • The IP address of any person accessing the files
  • Their country
  • How many views each darknet post received
  • How many times each link was clicked
  • The number of times each file was downloaded

The results from a similar study conducted in 2015 were then compared to the data from 2021, which produced some interesting findings.

The number of “views” of the data increased from 1,110 in 2015 to 13,200 in 2021, leading Bitglass to believe that the number of anonymous users on the darknets has increased significantly.

The watermarked files were downloaded by people across 5 different continents, with the highest percentage of IP addresses for the people who downloaded the files coming from the U.S. (34.6%), followed closely by Kenya (32.6%).

As the report states: “Cybercriminals are closer than you think.”

Interest in retail and government data has grown, and the techno-criminals are getting “better at covering their tracks and taking steps to evade law enforcement efforts to prosecute cybercrime.”

The Williams article quotes Mike Schuricht, from the Bitglass Threat Research Group, who said “We expect that the increasing volume of data breaches as well as more avenues for cybercriminals to monetise exfiltrated data has led to this increased interest and activity surrounding stolen data on the dark web.”

The Bitglass study concludes that “stolen data has a wider reach and moves more quickly” on the darknets – up to 11 times faster in 2021 than in 2015.

Their key takeaway?

“The volume of views and the velocity of the data as it traveled through the Dark Web compared to 6 years ago has made it clear that the usage of the Dark Web has grown. These are likely a confluence of several factors that range from an increasing number of breaches occurring, to more avenues to monetize exfiltrated data. These economics are likely going to embolden hackers and cybercriminals even further to continue their efforts to steal data, which can lead to monetary gain or notoriety.”

Why is this important today?

Many investigators know very little about the darknets (TOR is not the only one), and receive very little training about these networks.

This is in addition to the fact that law enforcement typically doesn’t have extra resources to allocate to this aspect of techno-crime – either for training or related to actual investigations.

This means that the odds increasingly favor the techno-crooks, and increase their chances of getting away with the crimes facilitated by data stolen in the exploding number of data breaches.

Once again as I’ve said many times, law enforcement and investigations professionals need a different mindset than “this is the way we’ve always done it” to be successful.

Evolve with us.

Filed Under: Techno-crime Tagged With: Darknets

Could Deepfake Technology Fool You?

September 21, 2020 by Walt Manning Leave a Comment

Deepfake Technology

Every day, most of us use multiple screens to get our news, keep in touch with other people, learn something new, or be entertained.

How many screens do you look at during a day, and for how long?

Now for the critical question:

How much of the information that you see on these screens can you believe?

You’ve probably heard about deepfakes or “fake news” recently. Still, have you seen or heard what this technology can actually do?

Imagine viewing a video of a Fortune 100 company’s CEO posted online announcing significant layoffs or a disastrous financial report.

What would that do to the employees’ morale and productivity?

If it were a publicly-traded company, what would happen to the stock price?

For a different example, think about the potential reaction if a video of Iran’s leader were published on the Internet threatening immediate nuclear war?

What could the possible outcomes be?

Later, you discover that both of these examples were fakes using artificial intelligence and that the videos’ messages weren’t real.

How much damage could be done from the moment when the video is published until it’s found to be fake?

Now let me give you another example.

Imagine a scenario where an employee receives a call from her boss or even the CFO.

She recognizes the voice, which instructs her to immediately wire funds to an important client, after providing detailed wiring instructions.

Except the caller isn’t actually the person they claim to be, and by the time the truth is discovered, the funds have disappeared.

All of these examples are possible today with what is known as deepfake technology.

What Is It?

The data you see on screens every day is already manipulated more than you know, but new technologies have taken the potential for crime and even more dangerous uses to a new level.

Some of the first deepfake videos were pornography, where a celebrity’s head replaced an actor’s head.

There have been several deepfake videos of politicians, and I’ll show you some examples.

There are many new ways that this technology can be integrated with artificial intelligence to do other things. One example is to create a digital clone of your voice and then editing “your” voice to make it say almost anything.

Artificial intelligence is being used to create human-like digital “people.” This technology can simulate customer service agents, teachers, or digital spokespersons.

Several of these systems can use your device’s camera and microphone to interact with you directly and change their response based on your facial expression, voice tone, and soon, perhaps even your emotions.

But showing you what’s already possible is better than telling you, so let’s get started.

To see the entire videos in the examples below, just click on the image and you’ll be able to see the video.

Face2Face

Face2Face

Face2Face is a research program from the Technical University of Munich. Researchers using a consumer webcam can manipulate facial expressions of a target speaking in a YouTube video. The software then renders a new synthesized face of the target, showing the altered video.

The lab is also working on algorithms to help detect fake videos.

You can find more information on the lab’s website at https://www.tum.de/nc/en/about-tum/news/press-releases/details/35502/.

Talking Head Models from Still Photos

Face2Face

Other research from Cornell University uses artificial intelligence to create realistic “talking heads” from still photos. The video demonstrates several examples of videos generated from a variety of images, and even brings the Mona Lisa painting “to life.”

See more details about their research at https://arxiv.org/abs/1905.08233v1

Text-based Editing of Talking-head Video

Text-based Editing of Talking-head Video

This project shows examples of manipulating text from a video to alter the words that appear to be spoken by the subject in the video.

For more information to to the project’s webpage at https://www.ohadf.com/projects/text-based-editing/

Lyrebird AI

Lyrebird AI

Lyrebird is a division of Descript and uses artificial intelligence to take a small audio clip of a person’s voice. Using the clone allows anyone using a text editor to create a statement that sounds like the target’s voice.

There is also a “do-it-yourself” demo to change the sample text and hear the altered output.

Learn more about Lyrebird and see the demonstrations on Lyrebird’s website at https://www.descript.com/lyrebird.

CereProc

CereProc

CereProc is a very advanced text-to-speech service that allows the user to select from a wide variety of voices or clone your own. The website has a fascinating demo where you can type in your text and choose the voice you wish to hear speaking.

Another of the company’s products named “CereVoiceMe” uses artificial intelligence to create a clone of any person’s voice that can then be used to convert text into speech that sounds just like the original subject. One example on the website is a former radio host who suffered the loss of his speech due to illness. CereProc’s technology allowed him to clone his voice.

Jordan Peele Manipulates Video of Former President Obama

President Obama and Fake News

A YouTube clip from a Good Morning America broadcast in 2018 demonstrates how artificial intelligence can be misused. In the clip, comedian Jordan Peele manipulates the voice of former President Barack Obama and provides a warning about this technology.

This Person Does Not Exist

This Person Does Not Exist

This website displays a different realistic photo of a non-existent person every time you visit the site. Artificial intelligence takes features from their image database and combines them to create new faces of any age, gender, and ethnicity. Visit the website five times, and you will see five different faces…of people who don’t exist.

Soul Machines

Soul Machines - Sam

Soul Machines, a New Zealand firm, has created what they describe as a “Digital Brain,” which uses “Embodied Cognitive User Experience” to create a “Digital Person.”

To demo their product, they’ll ask your permission to access your computer’s camera and microphone. You then have a choice to speak to either “Sam” or “Roman,” and provide your email address. You’ll then receive an invitation to carry on a conversation with whichever digital person you choose.

The AI is capable of using your device’s camera and microphone to not only converse with you but also to read your facial expressions and interpret your tone of voice in order to change how it responds.

Yes, there are times when the voice still sounds too much like a machine. You can throw the AI off with random questions or statements. Still, I think you’ll be surprised at how capable the technology already is.

The image above is from one of my previous conversations with “Sam.”

What’s Coming Next?

So now you can see how technology can be used to change reality…or at least what you perceive the truth to be.

Think about how each of these examples might be used to change your perception of what actually happened.

What evidence can you believe?

If someone alters a video or audio record, how would you know?

For example, could this technology be used to create a fake of an emergency alert warning?

What about destroying someone’s marriage or reputation with a fake sex video?

Can you imagine the possible scandal over a fake video or audio recording of a political candidate shortly before an election?

When you consider how something like this could quickly go viral on social media, you can appreciate how dangerous this technology can be.

You’ve all heard the old saying that “Seeing is believing,” but the truth is that believing is seeing.

Studies have shown that humans tend to seek out information that supports what we want to believe and to ignore the rest.

With audio, it’s an even more difficult problem.

Research says that our brains have a hard time detecting the differences between real and artificial voices.

It’s easier for us to pick up on a fake image than to recognize an artificial voice.

Hacking that human tendency gives malicious people, criminals, and even nation-states a lot of power to control what we believe to be true.

What Can We Do?

First of all, we need to ask whether deep fakes are legal.

Certainly, if someone uses deepfake technology to commit a crime, then existing law can apply. But what about just the act of creating a deepfake?

It’s an interesting and problematic question currently unresolved in law, at least in the United States.

We need to consider the First Amendment of the U.S. Constitution, intellectual property law, privacy law, and the new revenge porn statutes many states across the United States have enacted of late.

Now complicate the possibilities with deepfake “diplomacy manipulation.”

Think about the damage that could be done to a nation’s foreign policy or ongoing trade negotiations.

Many organizations are working on ways to detect deepfake videos, photos, and audio.

Some of these involve a highly technical analysis of the data. Still, it might be challenging to conduct this type of analysis in realtime.

And, as we mentioned before, a lot can go wrong during the time between the production of a deepfake and the time when it’s found to be false.

Another possible answer to countering deepfakes would be to use blockchain technology to validate the original if it’s a photograph, a video, or a recorded audio.

But what about a live-streaming video, a live telephone call, or the person you think you see on a screen?

Justin Hendrix, the executive director of NYC Media Lab, says: “In the next two, three, four years we’re going to have to plan for hobbyist propagandists who can make a fortune by creating highly realistic, photo-realistic simulations. And should those attempts work, and people come to suspect that there’s no underlying reality to media artifacts of any kind, then we’re in a really difficult place. It’ll only take a couple of big hoaxes to really convince the public that nothing’s real.”

Could you be fooled?

Filed Under: Uncategorized

Deepfakes — Were You Fooled By This One?

June 17, 2020 by Walt Manning Leave a Comment

 

Our world is under a lot of pressure today.

  • COVID-19 and the uncertainty of a second wave.
  • Tragic deaths and widespread protests.
  • Great tension and debate over law enforcement practices.
  • Unemployment and wondering whether businesses will be able to come back.
  • Volatility in the financial markets.
  • Politics that may be more polarized than I can ever remember.

Unfortunately there seem to be lots of people who are doing anything and everything to make these problems worse instead of talking about how we can work together to make the world better.

A couple of days ago, some people sent a video out to everyone on their mailing list that supposedly showed an interview with Joe Biden on the television show The View.

This caused a lot of reactions, and many of the people who received the video forwarded it along to others, who probably forwarded it to even more people and more people.

And shortly thereafter, someone else responded with a link to the real and unedited interview on YouTube.

I’ve given talks about the capabilities of Deepfake technology and how dangerous it can be.

It’s time for everyone to be very careful, especially with an upcoming election in the United States.

First, here’s the very much edited and controversial video. As you watch it, please notice the watermark in the upper right-hand corner…

https://technocrime.com/wp-content/uploads/2020/06/VIDEO-2020-05-28-12-31-34.mp4

Were you fooled?

Did you see the text “Daily Caller News Foundation Comedy”?

Apparently many people didn’t, and even if they did, they didn’t take the time to check the source.

Here is the real interview on YouTube:

It’s not my intention to be political, or to take one side over the other.

But we all need to understand the dangers that can come when it’s so easy to edit video, audio, and photos.

Please think before you react.

Please verify before you post.

Let’s all do what we can to lower the pressures and tensions we all feel right now, and do the right things for the world.

Filed Under: Uncategorized

Are You Planning for Post-Pandemic Investigations?

May 22, 2020 by Walt Manning Leave a Comment

Old Way or New Way?

Have you given any thought to what the “new normal” might be after the pandemic has completed its course?

We’ve all heard predictions by experts who all seem to have different opinions about how things will play out in the coming months and years.

The bottom line is that nobody knows what will happen.

Will the gradual re-opening of society and business cause a new wave of infections with re-imposing restrictions for the economy?

Or have we lived through the worst, with the possibility of long-lasting changes to our business and personal lives that may never return to what they were before the coronavirus?

Has the Pandemic Created New Crime Trends?

Several organizations believe that the pandemic has increased opportunities for criminals:

Coronavirus Pandemic Is a Perfect Storm for Fraud

Mitigating Fraud and Corruption Risks During the COVID-19 Crisis

How cybercriminals are taking advantage of COVID-19: Scams, fraud, and misinformation

COVID-19 Operating in the ‘new normal’ – A backdoor to increased fraud risk?

Other side-effects that are being discussed include:

  • Increased domestic & child abuse
  • Higher use of alcohol & drugs
  • A decrease in home burglaries, but increases in shuttered business break-ins

What Trends Might Survive the Pandemic?

I don’t claim to know the future, but let me suggest a couple of trends that may change your investigations in the foreseeable future.

Will Business Priorities Change?

Cutbacks to IT security, investigations, and auditing staff could mean fewer resources to prevent, detect, and investigate fraud and other matters.

I have read about companies who are temporarily transferring staff to other operational roles to fill in for employees who have been furloughed or laid off.

Security staff is feeling the pressure to support more remote employees while ensuring that their home offices provide adequate security. Due to these increased demands, they may not be able to keep up with software patches, upgrades, and reviews of digital logs that might indicate hacking or system abuse.

Investigators may find it challenging to identify, collect, preserve, and analyze the digital evidence in their investigations.

Audit staff may find it harder to ensure compliance and may need to pay more attention to technology use and activities related to cloud-based platforms.

When criminals can take advantage of making it more time-consuming or expensive to conduct investigations, they shift the odds in their favor that you may not catch them.

Virtual meetings vs. in-person

The number of virtual online meetings using services such as Zoom and Skype has soared in the past two months.

The trend of working from home has exploded, and many organizations, including their employees, may be reluctant to return to the office environments that currently exist.

As this situation develops, how could this impact your investigations?

Will you conduct virtual interviews in your investigations?

Will the quality of your interview suffer due to a lack of body language clues or a lowered ability to detect the mental or physical state of your subject?

In-person interviews can frequently provide micro-expression cues that experienced and intuitive investigators can sense. Could this be a disadvantage in a video or telephonic interview?

Does the interview environment make a difference? Would an interview subject feel and react differently in a location where they feel comfortable instead of in an office environment?

Bring Your Own Device & Cloud Computing

When working from home, the use of employee-owned devices is already complicating the responsibilities of IT teams in organizations of all sizes.

Employees not used to a higher level of security for their devices in a home environment may be increasing the chance for data breaches and theft of proprietary information.

At the same time, pandemic restrictions may not allow time to deploy new security guidelines and training to remote employees.

Things like the security of a home or small office routers, the proper selection and use of Virtual Private Networks, deploying consistent anti-malware solutions, and even the use of encryption can help minimize the risks for work-at-home employees.

How many organizations are deploying resources to address these issues?

From an investigative perspective, the subjects involved in your investigations may continue to be widely scattered geographically, making your efforts more time-consuming and costly.

If the employee needs access to their devices and home office networks to do their jobs, how will you be able to identify potential digital evidence, and then collect and preserve that data?

The use of cloud-based services has also exploded in the past two months. Even if you can arrange to collect data from employee-owned devices, how will you deal with applications and data stored in the cloud?

Shifting Workforce

There have been lots of recent articles predicting how the pandemic will change how companies view their workforce.

Many people who have previously lived in densely-populated cities may be rethinking that lifestyle after living through the pandemic restrictions. Polls show that they are thinking about relocating to different countries, smaller towns, or rural areas that may be less risky.

This migration could contribute to a more fragmented and scattered workforce, which could change how you conduct investigations.

If organizations are now seeing the benefits of working remotely, they may also consider changes in how they recruit future employees.

Instead of hiring their talent and requiring new employees to move close to an office, organizations might think about recruiting the best talent, regardless of the location of the prospective employees.

With a workforce now scattered even more geographically, new policies and procedures may be necessary regarding investigative access to electronic data.

Investigators may also need to be more aware of the different privacy laws that could impact their ability to access and analyze data, depending on the jurisdiction where the data is stored.

Have You Given This Enough Thought?

Should you be planning for post-pandemic changes in how you conduct investigations?

Can the security, investigations, and auditing staff keep up with a more widely-dispersed workforce that may be using insecure devices and cloud-based services?

Are your employees being given the training and resources to improve their security? If not, could this increase the number of investigations required in the future?

We all hope for a complete return to our “normal” world, with all of the associated activities.

But we may need to think about a “new normal” and what that could mean to your investigations.

Are there any other trends that you think may continue after the pandemic?

Please let me know your thoughts so I can share them in future messages and blog posts.

The more we can educate people about these issues, the better we’ll be prepared for the post-pandemic world, if and when that day arrives.

Filed Under: Uncategorized

  • 1
  • 2
  • 3
  • …
  • 5
  • Next Page »

Evolve With Us to Fight Techno-Crimes!

Join our mailing list and you will receive:

  • Immediate access to our mini-course!
  • Updates about new types of techno-crimes
  • Information about security tools and techniques to protect your data
  • Ways to increase your personal privacy
  • Information about our live and virtual keynote speeches and training opportunities

 

Click here to subscribe!

  • Home
  • About
  • Speaking
  • For Investigators
  • Blog
  • Free Content Library
  • Contact

2020 Techno-Crime Institute