Techno-Crime Institute

Driving and Inspiring The Evolution of Investigations

You are here: Home / Archives for Techno-crime

Protect Yourself from Ransomware Risks: Expert Tips

by Leave a Comment

As technology continues to advance, so do the risks.

One of the most significant threats facing businesses and individuals today is ransomware.

Ransomware is a type of malware that locks you out of your systems and data until you pay a ransom. It’s a growing problem, and the numbers are staggering.

In this post, I’ll discuss the latest ransomware statistics, steps you can take to protect yourself, and resources you can use to safeguard your data.

The Latest Ransomware Statistics

According to the 2022 “Verizon Data Breach Investigations Report,” ransomware attacks surged dramatically in 2022; ransomware was involved in 25% of all breaches.

Check Point revealed a 42% global increase in cyber-attacks with ransomware the number one threat, as of mid-2022.

The average cost of a ransomware attack was $1.85 million.

Statistics reveal that a ransomware attack will occur every 2 seconds by 2031.

In the 2022 Small and Medium-Sized Business Ransomware Survey released by CyberCatch, 75 percent of small- and midsize businesses would fail within a week if they were victims of ransomware.

The consequences of a ransomware attack can be devastating. In addition to the financial loss, there’s also the loss of data, reputation, and customer trust.

Steps You Can Take to Protect Yourself

The good news is that there are steps you can take to protect yourself from ransomware risks. Here are some tips to help you safeguard your systems and data:

1.  Back up your data regularly

Backing up your data regularly is one of the most critical steps you can take to protect yourself from ransomware. If your data is backed up, you can restore it without paying the ransom.

Make sure you back up your data to an external hard drive, cloud storage, or other secure location.

I would even suggest that you have multiple backups in different locations. That way, if something happens to your original data, you have more than one backup plan to restore your access.

2.  Keep your software up to date

Outdated software is a common entry point for ransomware. Make sure you keep your operating system, applications, and antivirus software up to date.

Turn on automatic updates so you don’t have to worry about it.

3.  Use strong passwords and two-factor authentication

Weak passwords are easy to crack, and two-factor authentication adds an extra layer of security to your accounts.

Use strong, unique passwords for each account, and enable two-factor authentication whenever possible.

4.  Be cautious of suspicious emails and links

Phishing emails are a common way for ransomware to enter your system. Be cautious of any suspicious emails, links, or attachments. Don’t click on anything you’re not sure of and report any suspicious activity to your IT department.

5.  Train your employees and family

Human error is also a common entry point for ransomware. If you are a business owner or manager, make sure you train your employees on best practices for cybersecurity, including how to recognize and report suspicious activity.

But don’t stop there. Also train your family to make sure you protect your home network against ransomware and other malware.

Home networks are usually softer targets, because most users don’t deploy the same anti-malware protection at home that they might have at the office.

Resources for Ransomware Protection

In addition to the steps above, there are also resources you can use to protect yourself from ransomware risks.

Here are some of the most helpful:

1.  Antivirus software

Antivirus software is your first line of defense against ransomware. Make sure you have a reputable antivirus program installed and keep it up to date.

This includes antivirus software on all of your mobile devices as well.

 2. Ransomware decryptors

If you do fall victim to a ransomware attack, there are sometimes decryptors available that can help you recover your data without paying the ransom.

Check out the No More Ransom Project for a list of available decryptors.

3.  Cybersecurity insurance

Consider investing in cybersecurity insurance to protect yourself in case of a ransomware attack.

Make sure you read the policy carefully and understand what’s covered.

Some policies will refuse to pay if your don’t have an acceptable level of cybersecurity in place.

4.  Cybersecurity training

Invest in cybersecurity training for yourself and your employees.

This can include online courses, workshops, and seminars.

Join our mailing list. We plan to include links to some recommended training resources in future newsletters.

Conclusion

Ransomware risks are a growing problem, but you don’t have to be held hostage.

By following the expert tips above and using the resources available, you can protect yourself from these attacks.

Remember to back up your data regularly, keep your software up to date, use strong passwords and two-factor authentication, be cautious of suspicious emails and links, train your employees, and use antivirus software and other resources to safeguard your data.

With these steps in place, you’ll be well on your way to protecting yourself from ransomware risks.

Do You Know Enough to Investigate Techno-Crimes?

by Leave a Comment

Techno-Crime Investigations

Let me give you several case scenarios and then ask you to think about each as if you were assigned the investigation. What would you do?

  • A murder has been committed by an invisible darknet bio-assassin for hire who was paid with cryptocurrency. She then exchanges her payment into multiple  cryptocurrencies and transfers these funds to several cryptocurrency wallets and exchanges to cover her tracks. How would you find her or determine who hired her?
  • A spider-like robot with a USB connection crawls under an office door and connects to an unattended laptop. The robot contains hacking software, which is used to steal valuable intellectual property from your client while also planting malware on their network.
  • A young woman has been kidnapped and sold to a human trafficking ring. Her car and cell phone are never found. Where will you look for clues that might help you find her?
  • The new and decentralized version of the internet where communications are untraceable is being used by the kidnappers of your client’s CEO to communicate their ransom demand, payable in untraceable cryptocurrency.
  • A senior manager is under investigation after authorizing an electronic funds transfer. The employee swears that he received a video call on the company’s proprietary communications app from his VP of Finance, instructing him to wire the funds. The VP now denies that she made any such call, and there’s no electronic evidence to back up the manager’s story. The desperate manager wonders whether the video call could have been somehow faked and all traces removed from the company’s system.
  • A friend uses virtual reality and a remotely-controlled robot to tour Paris, France. Someone intercepts control of the robot to commit a murder in Paris, and then returns control to the original user. Who has legal jurisdiction to investigate the crime? How could you prove that your friend is innocent?

Some of the scenarios are possible with the technology that exists today, and the others might happen sooner than you think.

The way we have investigated techno-crimes in the past is no longer working.

Technology is growing at an exponential rate, and cybercrime, ransomware, and data breaches continue to explode in growth.

We don’t have enough technology crime investigators to satisfy the needs we have today.

What will we do tomorrow?

Could you find the experts you would need to help you investigate the scenarios I described? If you can find experts, what will happen with your investigation if they’re not available? Do you have a backup plan?

Many investigators tell me that they don’t feel ready to investigate techno-crimes, and they aren’t sure where to start.

The first step is to educate yourself about techno-crime, and then think about how to develop an investigative strategy.

If you’re interested in learning more about techno-crimes, then follow the link to get more information about my book, Techno-Crimes and the Evolution of Investigations.

The book will make you think about the following topics:

  • What you need to know about hidden darknets crime and investigations
  • How the next version of the Internet will make finding digital evidence harder
  • Why investigators may not always be able to find digital evidence in the cloud or on user devices
  • Whether billions of new connected Internet of Things devices will create new ways to break into home and office networks
  • How the crooks are using technology to hide their activities from investigators
  • Why investigators will need to be able to handle cases involving cryptocurrencies, blockchains, or crypto tokens
  • How deepfake technology and data poisoning will make it harder for everyone to know what evidence they can believe
  • Why new technologies will create crimes never before seen

You’ll also receive a link to a Bonus Resources web page that will give you even more information than I could cover in the book!

Here’s a sampling of what’s included in these extra resources:

  • Images of information and illegal items currently for sale by darknet vendors
  • Links to darknet vendors, markets, and other resources
  • A downloadable Smart Home and Mobile Device Security Checklist
  • Links to encryption hardware and software products, as well as encrypted cloud-based resources
  • Information about and links to secure email providers
  • Links with additional information about cryptocurrencies, blockchains, and crypto tokens
  • Examples of deepfake audios and videos, and links to other resources
  • Even more information about new technologies that may create new types of crime, along with challenges for your investigations

Click on the link or the image of the book cover below to see more details about Techno-Crimes and the Evolution of Investigations.

If you’re still not sure if the book is right for you, here are several reviews:

I consider Walt Manning to be one of the leading experts in the field of techno-crime investigations. His new book, Techno-Crimes and the Evolution of Investigations, may be one of the most important and timely books for every law enforcement and investigations professional to read. His many years of experience in both law enforcement and the private sector have given him a unique perspective on the development of techno-crimes, along with potential solutions to help us all evolve into what will be needed for the future of investigations. Every investigator needs to read this!

James D. Ratley — President Emeritus, Association of Certified Fraud Examiners.

———————————————————

Walt Manning has been studying crimes using technology since they first began. He has seen first hand how the advancement of technology has led to the techno-crime revolution. Techno-crimes are not the crimes of the future. They are the crimes of today. It’s vitally important that you understand how they work, and what we can do to investigate and prevent them.

Bruce Dorris, J.D., CFE, President and CEO, Association of Certified Fraud Examiners

———————————————————

In addition to being essential reading for investigators, Techno-Crimes and the Evolution of Investigations provides for all of us invaluable insight into the evolution of technology and the impact upon our own privacy and security.

Peter Warmka — former Senior CIA Intelligence Officer, Cybersecurity Consultant/Educator, and author of Confessions of a CIA Spy – The Art of Human Hacking

———————————————————

Techno-Crimes and the Evolution of Investigations emerges the reader into a dark digital world that some might think is science fiction technology, but chapter after chapter, the reader learns in clear and simplistic terms not only about the various techno-crimes, but also what challenges those investigating may face.

Tom Caulfield, Chief Operations Office, Procurement Integrity Consulting Services.

———————————————————

This book is a goldmine of all things techno-crime and should be on every investigator’s bookshelf as the go-to reference for their investigations.

Ryan Duquette — Cybersecurity and Cyber Incident Response Expert, Keynote Speaker

———————————————————

Digital forensics expert Walt Manning in Techno-Crimes and the Evolution of Investigations has put a huge spotlight on the growing gap between current investigation protocols and the ever-expanding universe of cybercrime. READ THIS BOOK to know what you’re up against.

Donn LeVie, Jr. — President, Donn LeVie Jr. STRATEGIES, LLC, author of Strategic Career Engagement: The Definitive Guide for Getting Hired and Promoted

Evolve with me to be better prepared to investigate techno-crimes!

Stolen Data is Spreading Faster on Darknets

by Leave a Comment

Darknets

Earlier this week I saw an article by Shannon Williams published in “IT Brief: New Zealand” that quoted some interesting findings about stolen data on the darknets.

The report is titled The 2021 “Where’s Your Data?” Experiment, and was issued by Bitglass.

To conduct the study, Bitglass created some fictitious lists of login credentials that supposedly came from known data breaches. The researchers posted links to these files on various darknet markets and other sites.

However, Bitglass embedded proprietary “watermarks” in the files, so they could track the following:

  • The IP address of any person accessing the files
  • Their country
  • How many views each darknet post received
  • How many times each link was clicked
  • The number of times each file was downloaded

The results from a similar study conducted in 2015 were then compared to the data from 2021, which produced some interesting findings.

The number of “views” of the data increased from 1,110 in 2015 to 13,200 in 2021, leading Bitglass to believe that the number of anonymous users on the darknets has increased significantly.

The watermarked files were downloaded by people across 5 different continents, with the highest percentage of IP addresses for the people who downloaded the files coming from the U.S. (34.6%), followed closely by Kenya (32.6%).

As the report states: “Cybercriminals are closer than you think.”

Interest in retail and government data has grown, and the techno-criminals are getting “better at covering their tracks and taking steps to evade law enforcement efforts to prosecute cybercrime.”

The Williams article quotes Mike Schuricht, from the Bitglass Threat Research Group, who said “We expect that the increasing volume of data breaches as well as more avenues for cybercriminals to monetise exfiltrated data has led to this increased interest and activity surrounding stolen data on the dark web.”

The Bitglass study concludes that “stolen data has a wider reach and moves more quickly” on the darknets – up to 11 times faster in 2021 than in 2015.

Their key takeaway?

“The volume of views and the velocity of the data as it traveled through the Dark Web compared to 6 years ago has made it clear that the usage of the Dark Web has grown. These are likely a confluence of several factors that range from an increasing number of breaches occurring, to more avenues to monetize exfiltrated data. These economics are likely going to embolden hackers and cybercriminals even further to continue their efforts to steal data, which can lead to monetary gain or notoriety.”

Why is this important today?

Many investigators know very little about the darknets (TOR is not the only one), and receive very little training about these networks.

This is in addition to the fact that law enforcement typically doesn’t have extra resources to allocate to this aspect of techno-crime – either for training or related to actual investigations.

This means that the odds increasingly favor the techno-crooks, and increase their chances of getting away with the crimes facilitated by data stolen in the exploding number of data breaches.

Once again as I’ve said many times, law enforcement and investigations professionals need a different mindset than “this is the way we’ve always done it” to be successful.

Evolve with us.

Evolve With Us to Fight Techno-Crimes!

Join our mailing list and you will receive:

  • Immediate access to our mini-course!
  • Updates about new types of techno-crimes
  • Information about security tools and techniques to protect your data
  • Ways to increase your personal privacy
  • Information about our live and virtual keynote speeches and training opportunities

 

Click here to subscribe!