The Techno-Crime Newsletter 07/03/2023

Compiled by Walt Manning
CEO, Techno-Crime Institute

This newsletter is distributed to everyone on our mailing list and provides links and insights regarding techno-crimes, investigations, security, and privacy.

Contents in this issue:


  1. Thousands of realistic but fake AI child sex images found online, report says
  2. British law firms warned to upgrade cyberdefenses against ransomware attacks
  3. Mind-control robots a reality
  4. There’s a new gen AI tool to help workers spot malicious emails
  5. Meta lowered the age limit for Quest accounts. Are these kids too young for exploring VR?
  6. Cybercriminals target C-suite, family members with sophisticated attacks
  7. Banks Have Come to the Metaverse
  8. Case against ex-CIA officer accused of abusing women may collapse because of how federal agents searched his phones
  9. Amazon must pay over $30 million over claims it invaded privacy with Ring and Alexa
  10. Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace
  11. Scheduled Speaking Engagements


Thousands of realistic but fake AI child sex images found online, report says

(Jun. 20, 2023)

New uses for generative artificial intelligence are appearing every day, with increasing trends to use this technology for sextortion and other types of techno-crime.

But one disturbing and growing trend is to adapt AI to produce altered but fake child sex images.

Many tools already exist to detect child sexual abuse materials or CSAM. Law enforcement has long used hashing technology to detect child pornography, as many of these images have been circulated for years.

But AI is creating dramatic new challenges.

From the article:

“Finding victims depicted in child sexual abuse materials is already a ‘needle in a haystack problem,’ Rebecca Portnoff, the director of data science at the nonprofit child-safety group Thorn, told the Post. Now, law enforcement will be further delayed in investigations by efforts to determine if materials are real or not.”


“Normally, content of known victims can be blocked by child safety tools that hash reported images and detect when they are reshared to block uploads on online platforms. But that technology only works to detect previously reported images, not newly AI-generated images. Both law enforcement and child-safety experts report these AI images are increasingly being popularized on dark web pedophile forums, with many Internet users ‘wrongly’ viewing this content as a legally gray alternative to trading illegal child sexual abuse materials (CSAM).


‘Roughly 80 percent of respondents’ to a poll posted in a dark web forum with 3,000 members said that ‘they had used or intended to use AI tools to create child sexual abuse images,’ ActiveFence, which builds trust and safety tools for online platforms and streaming sites, reported in May.”


“These images aren’t just spreading on the dark web, either, but on ‘social media, public forums, or pornographic websites,’ the FBI warned.”

AI continues to develop exponentially. Tools for investigations and new legislation regarding artificial intelligence will also need to develop more rapidly to protect current and potential future victims.


British law firms warned to upgrade cyberdefenses against ransomware attacks

(Jun. 22, 2023)

We have already seen several large law firms experience data breaches, and there will likely be more in the future.

But this also raises the question of cybersecurity and data protection for anyone conducting investigations, including people in law enforcement, private investigators, auditors, and accountants.

From the linked article:

“Law firms in Britain were warned on Thursday to upgrade their cyberdefenses in the wake of a number of ransomware attacks that led to sensitive and potentially legally privileged information being stolen by criminals and published online.


In a threat report for the British legal sector, the National Cyber Security Centre (NCSC) warned that financially motivated extortion incidents as well as intellectual property theft by state-sponsored hackers were having significant impacts on the sector.


Among the case studies highlighted in the report was a ransomware attack on Tuckers Solicitors in 2020. ‘The attacker … managed to exfiltrate data relating to 60 court cases, some of which were live, and published them on the dark web,’ the agency reported.”


“The ICO particularly criticized the firm for its lack of multifactor authentication and the failure to encrypt stored personal data and legal bundles, as well as for running Windows 7 past its support date, all of which were deemed to be a breach of Tuckers’ legal obligations to protect personal data.”

Other breaches of law firms in the United States show that these types of businesses have become larger targets due to the confidential and sensitive information they store.

Law firm fined $200,000 over ‘poor data security’ that led to ransomware attack

Snack food company Mondelez warns employees of data theft

Two Law Firm Data Breaches and New Breach Stats

Are your investigations or work-related data at risk?

Have you given any thought to the possible impacts of a data breach?

This type of confidential data should be encrypted. That way, the information is protected from exposure if you experience a data breach.

I expect a lot more scrutiny and possible regulations in the future. Act now to upgrade the protection for your investigative and client data.


Mind-control robots a reality

(Mar. 20, 2023)

In my book, Techno-Crimes and the Evolution of Investigations, I write about the potential risk from brain implants (along with other vulnerable connected medical devices). In Chapter Nine of the book, “Technologies That Will Create Crimes You Haven’t Imagined,” I talk about brainwave hacking. I even included a story before Chapter Ten titled “Brainwave Hacking — A New Way to Steal Intellectual Property?”

But these technologies create a lot of benefits for many disabled people as well. As with any technology, it can be used for both good and evil.

What may have sounded like science fiction is now closer to reality:

“Researchers from the University of Technology Sydney (UTS) have developed biosensor technology that will allow you to operate devices, such as robots and machines, solely through thought control.”


“The advanced brain-computer interface was developed by Distinguished Professor Chin-Teng Lin and Professor Francesca Iacopi, from the UTS Faculty of Engineering and IT, in collaboration with the Australian Army and Defence Innovation Hub.”


‘The hands-free, voice-free technology works outside laboratory settings, anytime, anywhere. It makes interfaces such as consoles, keyboards, touchscreens and hand-gesture recognition redundant,’ said Professor Iacopi.”


“The technology was recently demonstrated by the Australian Army, where soldiers operated a Ghost Robotics quadruped robot using the brain-machine interface. The device allowed hands-free command of the robotic dog with up to 94% accuracy.”


‘Our technology can issue at least nine commands in two seconds. This means we have nine different kinds of commands and the operator can select one from those nine within that time period,’ Professor Lin said.”

My book also includes a story titled “Could You Investigate ‘Murder by Robot’”?

Does the technology described in this article get us closer to these types of future crimes?

I’ll let you think about it.


There’s a new gen AI tool to help workers spot malicious emails

(Jun. 21, 2023)

As much as I talk about how artificial intelligence creates new tools to commit techno-crime, we also can’t ignore the potential to use AI for good.

Business email compromise (BEC) is one of the most significant cybersecurity risks today and contributes to most data breaches.

BEC involves users clicking on attachments containing malware or links to malicious websites. You may also have seen it referred to as “phishing” and “domain spoofing.”

But AI is also giving us new tools to help prevent BEC:

“Now available in beta, Themis Co-pilot makes use of OpenAI’s GPT models to provide chat assistance for self-service threat reporting. The Large Language Model (LLM) behind it is called PhishLLM and is hosted within the IRONSCALES infrastructure.


The firm notes that Business Email Compromise (BEC) and phishing attacks are on the rise, and ‘expose vulnerabilities in traditional email security solutions with social engineering tactics.’ It also cites its own research that organizations are expecting BEC attacks to increase by 43% over the course of this year.”


“Themis Co-pilot, therefore, is designed to give all workers powers of detecting fake and malicious emails, regardless of their role or security skills. Users can query suspicious emails with the AI, giving them real-time insights and allowing to confidentially report threats.”

I’m not explicitly endorsing the Themis product, but it’s good to see AI being used to improve our cybersecurity and make it easier for users to help prevent data breaches.


Meta lowered the age limit for Quest accounts. Are these kids too young for exploring VR?

(Jun. 20, 2023)

Should we trust Meta with our kids’ data?

Surveillance capitalism is the business model for all of Meta’s products: Facebook, Instagram, etc.

From the linked article:

“Last week, Meta announced that parents could create Meta Quest accounts for their children aged 10 to 12, ditching the previous 13 and up age requirement. Meta says these parent-managed accounts will require preteens to obtain a parent’s permission before downloading apps and accepting follow requests.”


“Still, Meta collects data on 10- to 12-year-old children, such as their geolocation and any photos or audio content the company receives from a child’s device. Parents must consent to Meta collecting this information to comply with US child privacy laws.”


“Last month, the US Surgeon General released an advisory that detailed how prolonged social media use can affect a preteen’s mental health and social development. The same advisory stated that prolonged smartphone use could affect a preteen’s physical health, presenting a ‘profound risk’ to this age group.


The advisory acknowledged that the data to fully understand how social media and smartphone use can negatively impact preteens is insufficient, and even less research exists about the possible harm extensive VR use could cause.”

If you use any of their platforms (yes, including WhatsApp), then YOU and your data are the product that produces their revenue.

I refuse to use any product or platform from Meta, but I understand that many of you choose to give up your privacy in return for the benefits you feel you gain from the experience.

That is your choice as responsible adults.

But what about children? And this includes teenagers whose brains have not fully developed rational judgment capability.

Are you willing to trust Meta with their data?

Do they have the ability to make sound judgments about what’s appropriate to disclose and discuss on social media?

I agree that virtual reality can be a game-changer for education and other applications.

But do I trust Meta to provide that platform for kids?

Not even close.


Cybercriminals target C-suite, family members with sophisticated attacks

(Jun. 5, 2023)

The risks of executives and senior management being specifically targeted by techno-criminals are increasing.

But now, it might also involve family members, so cybersecurity education and awareness are topics you must take home with you.

“Senior level corporate executives are increasingly being targeted by sophisticated cyberattacks that target their corporate and home office environments and even extend to family members, according to a study released Monday from BlackCloak and Ponemon Institute.


About 42% of organizations surveyed had a senior executive or an executive’s family member attacked over the past two years. The study is based on a survey of more than 550 IT security leaders.


These attacks often lead to the theft of sensitive company data, including financial information, intellectual property or other information. In one-third of these cases, hackers are reaching these executives through insecure home-office networks used during remote work.”

As the article says, remember to pay attention to cybersecurity even more when working remotely or from home. Your smart home devices may not have any built-in security, making them an easy entry point into a home network.


Banks Have Come to the Metaverse

(Jun. 8, 2023)

Virtual worlds and the metaverse have received a lot of hype over the past two years, but businesses moving to these virtual platforms have been slow to act.

Some of this is due to the expense of virtual reality headsets. Still, there need to be more people using this technology to provide enough services and incentives to use it regularly.

But this technology will continue to develop, and more businesses are establishing a presence and even offering services in the metaverse.

“Leading institutions in TradFi from different parts of the world have begun to set up shop in the metaverse. JPMorgan arrived in Decentraland under the brand Onyx, which, according to the company, is ‘a blockchain-based platform for wholesale payment transactions.’ In March last year, HSBC announced the purchase of land on The Sandbox to engage with clients and offer them novel experiences through emerging platforms.


Kookmin and DBS, two banking giants from Asia, have also entered the metaverse and begun offering various services. South Korea’s Kookmin Bank has its own native metaverse-based financial services as well as one-on-one customer service. It also plans to include employee training and financial education for young consumers. As for DBS, Singapore’s biggest bank, it purchased a large plot of land on The Sandbox to develop interactive experiences aimed at promoting a more sustainable world. According to the bank, the partnership is part of efforts to explore the potential of Web3 opportunities and spread awareness on important ESG issues.


In Canada, incumbent financial institutions TD and RBC are conducting metaverse pilot programs to understand the technology and stay ahead of the game to be able to offer immersive services effectively to their customers. TD’s program this year ran from January to April, which included pilots in customer experience.”


“The impact of the metaverse on the financial services sector is a representation of the next evolutionary stage in banking and capital markets. This is manifesting as advisors taking measures to educate themselves about a wide range of cryptocurrencies beyond the two most influential assets: bitcoin and ether. Many advisors feel the need to educate themselves to provide access to this new asset class, and the industry is adapting to serve this need with the development of digital asset education and curricula.”

This will create new opportunities for techno-crime, along with challenges for cybersecurity.

It would be too much to expect law enforcement agencies to have the resources or expertise to investigate crimes in virtual environments.

Investigators prepared to help with future crimes in the metaverse will have business prospects that others won’t.


Case against ex-CIA officer accused of abusing women may collapse because of how federal agents searched his phones

(May 31, 2023)

I have been involved with digital forensics since almost the beginning of the profession. Back then, we called it “computer forensics” because that was before the technology explosion involving cloud computing, mobile devices, and the Internet of Things.

But fundamental legal issues and procedures are now well-established regarding how digital evidence must be identified, seized, preserved, and analyzed.

Even if you are not in law enforcement, you must be very careful in processing devices and data related to your investigations.

In the case described in the linked article, new defense attorneys have asked the judge to consider disallowing all the digital evidence.

“The judge agreed in a ruling that ‘there are viable concerns regarding the manner in which the warrant was executed’ and ‘troubling’ actions by law enforcement agents stemming from their ‘admitted technological ineptitude’ and their failure to plan. Now she will have to decide whether those concerns amounted to impermissible constitutional violations.”

Cellubrite, a digital forensics firm, recently published its “2022 Industry Trends Survey” for law enforcement. They surveyed over 2000 chiefs of police, government agency managers, investigators, and prosecutors in 119 countries.

Here is my summary of just a few of the survey results:

The respondents said that 63% of all criminal cases now involve a digital component.


72% of law enforcement agency managers believe that the bar for prosecution is now higher (and more complex) because of technology.


88% of these same managers believe digital evidence increases the chances of solving a criminal case.


52% of the chiefs of police or agency managers said that they don’t believe officers have the skills to investigate digital crimes.


52% said that they don’t have the proper tools to investigate techno-crimes.


The most surprising result from this survey was that today, 61% of the respondents said digital evidence is more important than DNA.


66% say that digital evidence has now surpassed physical evidence in importance to help solve criminal cases.

If you are dealing with devices or electronic evidence in an investigation, ensure that everyone involved has the proper training related to digital investigations so as to not put your case at risk.


Amazon must pay over $30 million over claims it invaded privacy with Ring and Alexa

(Jun. 1, 2023)

How sure are you that your smart home and office devices aren’t listening?

From the linked article:

“Amazon will pay more than $30 million in fines to settle alleged privacy violations involving its voice assistant Alexa and doorbell camera Ring, according to federal filings.


In one lawsuit, the Federal Trade Commission claims the tech company violated privacy laws by keeping recordings of children’s conversations with its voice assistant Alexa, and in another that its employees have monitored customers’ Ring camera recordings without their consent.


The FTC alleges Amazon held onto children’s voice and geolocation data indefinitely, illegally used it to improve its algorithm and kept transcripts of their interactions with Alexa despite parents’ requests to delete them.”


“Amazon’s history of misleading parents, keeping children’s recordings indefinitely, and flouting parents’ deletion requests violated COPPA and sacrificed privacy for profits,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, in a statement. “COPPA does not allow companies to keep children’s data forever for any reason, and certainly not to train their algorithms.”


“More than 800,000 children under age 13 have their own Alexa accounts, according to the complaint.”


“In a separate lawsuit, the FTC seeks a $5.8 million fine for Amazon over claims employees and contractors at Ring — a home surveillance company Amazon bought in 2018 — had full access to customers’ videos.”


“Amazon is also accused of not taking its security protections seriously, as hackers were able to break into two-way video streams to sexually proposition people, call children racial slurs and physically threaten families for ransom.”

If you are currently using Internet of Things devices like Amazon Echo or Ring doorbells, make sure that you are aware of the security and privacy risks and that the benefits you receive from this technology are worth this type of abuse.


Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace

(Jun. 31, 2023)

Many people use products like Gmail or Google Drive because they are free and convenient.

But Google’s business model is focused on something other than the security of your data or privacy, especially if you use only their free services.

From the linked article:

“A lack of event logging in the free-subscription version of Google Workspace can allow attackers to download data from Google Drive without leaving behind a trace of their illicit activity.


Researchers on a team from Mitiga discovered what they call a key ‘forensic security deficiency’ in the popular hosted productivity app, which arises due to the lack of log generation for users who don’t have a paid enterprise license for Workspace. In a Mitiga blog post published May 30, the team noted that the situation leaves enterprises open to insider threats and other potential data leaks.”


“Overall, organizations ‘need to understand that if there is a user with a free license, that user can download or copy data from the organization’s private Google Drive and there will be no log of the activity,’ Aspir says. ‘Be very careful of users inside of the enterprise who do not have a paid license.’”

As more businesses and individuals use cloud-based services, everyone needs to understand what security and privacy protocols are in place. Also, if a data breach of confidential information is hosted by a cloud provider, ensure you know who is liable for any resulting damages.


Scheduled Speaking Engagements

As always, it was great to speak last month at the 34th ACFE Global Fraud Conference in Seattle, Washington. The presentation title was “Digital Alibis: Will You Be Able to Extract the Truth from a Digital Mirage?”

Here are just a few of the great comments received by the ACFE from the session:

  • “Amazing presentation – fake scenario or not the presentation and information provided was amazing.”
  • “Possibly the best session of the conference. Mr. Manning carefully told a story with a hypothetical model that was not far-fetched and then he peppered it with insights on various technology tools of the trade that fraudsters use today to cover their tracks.”
  • “Detailed material was amazing. Best session thus far by exponential factor.”
  • “The information speaker provided was amazing. I learned a lot about crypto currency and the ways individuals can hide their tracks. This was the most profound class I ever been to. Keep this guy coming to these conferences. He was amazing!!”
  • “This session was incredible! So informative and thought provoking (even if a bit terrifying!) I loved this session!”

I’m scheduled to give an all-day training seminar about various aspects of techno-crime investigations on Wednesday, September 20th, for the ACFE Las Vegas Chapter in Las Vegas, Nevada. Contact me if you would like more details regarding the specific topics.


The Techno-Crime Newsletter is a free monthly newsletter providing information and opinions about techno-crimes, cybersecurity tools and techniques, privacy, and operational security for investigators. To subscribe or to read past issues, see The Techno-Crime Newsletter Archive web page.

Please feel free to forward this newsletter to anyone who will find the information interesting or useful. You also have our permission to reprint The Techno-Crime Newsletter, as long the entire newsletter is reprinted.


Walt Manning is an investigations futurist who researches how technology is transforming crime and how governments, legal systems, law enforcement, and investigations will need to evolve to meet these new challenges. Walt started his career in law enforcement with the Dallas Police Department and then went on to manage e-discovery and digital forensics services for major criminal and civil litigation matters worldwide. He is the author of the thought-provoking book Techno-Crimes and the Evolution of Investigations, where he explains why technology will force investigations to evolve. Walt is an internationally recognized speaker and author known for his ability to identify current and impending threats from technology and advise his clients and audiences about ways to minimize their risk. In addition to many published articles, he has been interviewed and widely quoted in the media as an expert on topics related to technology crime and investigations.

Copyright © 2023 by The Techno-Crime Institute Ltd.

If you are not currently subscribed to our mailing list, and would like to receive The Techno-Crime Newsletter in the future, fill out the form below...