Category Archives: Law and Enforcement

We could be doing more

There is a mostly unreported and unrecognised ongoing attack on our research institutes, commerce and infrastructure, massively damaging our successes in the western world.

UC Cert, the United States Computer Emergency Team released an update (TA17-117A) last week from the The (US) National Cybersecurity and Communications Integration Center (NCCIC) “Intrusions Affecting Multiple Victims Across Multiple Sectors“, this recent one details an ongoing sophisticated attack on wide ranging industries. These attacks do not end in the male enhancement spamming campaigns, website sites defaced with ads for fake designer goods or stolen credit cards that all become apparent soon after the attack.

They are silent, deeply embedded thefts of intellectual property, of which the victims are unaware for maybe years if at all.

They do not identify the likely bad actors in the TA17-117A, which they rate as “Medium Risk”, but I would hazard a guess that they all have the same source as this attack that devastated the National Research Council a few years ago, the repercussions are still ongoing. I don’t know the reliability of Newt Gingrich figure of the losses being $360 Billion per annum last year, Trump alluded to the threat from China during his campaign, but the rhetoric has always been more about political controls, “we’ll send Governor Branstad over to tell them to stop”.

The summary of the TA17-117A update could simply be, they are deeply embedded in your networks, it’s very difficult to identify how and where, even more difficult to remove them. And some broad recommendations on how to prevent reinfection.
Unfortunately while TA17-117A gives detailed advice on what to look for, they do not give much advice on how to look for it, which I believe the majority of network and server administrators on the frontline would need guidance on, there are a large number of suites of computer forensics would be useful. But none as simple and complete as Microsoft COFEE (I would provide an official link, but there isn’t one), this is only available to law enforcement “from NW3C at www.nw3c.org or by contacting INTERPOL at COFEE@interpol.int”. Like WikiLeaks I am not to happy about this withholding of such a useful tool, It would probably be very simple to write further tools that could analyze the data collected by COFEE to flag any intrusion related to this and other advisories.

While the advisories themselves are great, in many cases they will be too little too late, it would be great if network and server admins had access to better tools without having to get as far as needing to report a crime.

Actually blocking these attacks, the advisory points you in the right direction, and methods will differ vastly depending on the environment, costs associated with risk would have to be taken into account so would also vary what controls can be put in place, but at a time when we are still having trouble getting users to encrypt their data and devices, and to use a password manager, we could all be doing more with general cyber security education, the potential damage to our economies from these attacks are really astronomic. $360bn p/a is just the cost to the US economy, that’s 60 times the amount of the funding provided to the National Cancer Institute, which fit the typical profile of the targets of these attacks, or half the amount spent by the US military as a whole annually.

Others have told me that the greatest risk to business today is ransomware, while the effects are horrid (seen it too many times) if you are unprotected, they are generally quite limited in the damage that they cause, and very easy to mitigate by never clicking on unknown links, having a script blocker, and keeping regular backups.

 

Local man tricks upto 2000 boys into exposing themselves online

I don’t think kids are getting the message, allowing anything that you would not be comfortable for your mother to see, should never be allowed onto any digital device, from explicit text messages to embarrassing pictures, never, I don’t know if the effect on this preditors victims has been so fatal as this previous story where a number of kids lost their lives.

The Local RCMP have issued this video calling for victims to come forward.

 

 

From the RCMP Website here

The New Brunswick RCMP’s Internet Child Exploitation Unit is seeking the public’s help to identify victims of a man who had been sexually exploiting boys online from at least January 2012 until the fall of 2014.

Investigators have determined that this man was luring boys online by pretending to be a teenaged girl. The investigation indicates the possible victims are as young as 10 and up to 16 years old and may not even be aware they have been victimized. Police have charged a 24-year-old Moncton man, who cannot be named because of a court ordered publication ban, with several sex offences.

In addition to those offences, the investigation has shown the man contacted boys through live video chats on various social media sites. He used a video of a teenaged girl that appeared to be live and convinced the boys to undress and initiate sex acts which he then taped and distributed via the Internet. One chat website he used frequently was Omegle.com, a site that requires no username where people can chat with strangers from all over the world.

Investigators have determined that there could be as many as 2000 victims living in Canada, the United States, United Kingdom, the Netherlands, Australia and Russia and possibly elsewhere.  Police are asking anyone who may have been in contact with this man via video chat or email to contact their local police or call the Royal Canadian Mounted Police in New Brunswick at 1-506-452-3405 or by email at jdivice.divjueei@rcmp-grc.gc.ca

This man’s known online user names and email addresses are listed below.

Video Chat Names

  • Skype: Veronika.Maylae
  • Vichatter: Veronika69

Facebook Account

  • Vero May (www.facebook.com/vero.may.3950)

Email Addresses

  • boiyavi@hotmail.com
  • revolboy@hotmail.com
  • tigerjack@hotmail.com

“We know it may be difficult for victims and/or their families to come forward but their information is very important to the investigation and could help prevent similar crimes by online predators,” says Sgt. Jean Marc Paré of the New Brunswick RCMP.  “Police want to be able to speak to as many victims as possible to assist with the investigation.”

The RCMP investigation into this case in New Brunswick started in the fall of 2014 as the result of information uncovered by York Regional Police during an investigation entitled Project Hydra.

The RCMP in New Brunswick has released a video about this investigation on social media and is asking the public to view it and then share it via their social media channels in order to reach as many potential victims as possible.

Anyone with information on these crimes can report their information anonymously through Crime Stoppers at www.crimenb.ca or by calling 1-800-222-TIPS (8477).

Contact Information

Cst. Jullie Rogers-Marsh
Media Relations Officers
RCMP in New Brunswick
506-452-4252

 

 

 

Personal privacy is now being taken seriously

In these very sad cases of malicious sharing of embarrassing images and video. In Canada, Rehtaeh’s law is being proposed and now in Israel revenge porn is punishable with 5 years imprisonment, “putting an end to virtual rape, in which someone is turned into a porn star against their will”.

bullying_conference

This is a long time coming, and I would have expected that criminal law would have been able to prosecute abusers of privacy under existing criminal law, it seems not, as many victims have found out, even when they have had the courage to come forward, law enforcement have been unable or unwilling to help.

The damage is 2 fold, there is the initial shock and repercussions that the disclosure has, which may be followed by internet trolls picking up on the vulnerability which leads to the disclosure going viral. The second effect might not be realized for years, when the victim is being screened for a job opportunity, with human resource departments simply doing a google search on the victim’s name. This damning “digital dirt” is removable or easily negated with a little technical knowledge, but victims are usually too embarrassed to speak to anyone to ask for the help it requires, unnecessarily suffering in silence worried their employment opportunities are being harmed.

While I don’t believe that these legislative changes would directly help the cases I mentioned here where 8 boys in the UK have taken their own lives, as the motive of the abuse (threats to disclose embarrassing images) is financial not malicious, it will serve to educate potential victims of the vulnerability they create by allowing the imagery to be taken in the first place.

The intention of the abuser is the same as any other cowardly bully, and it’s only right that criminal law should be used against it, don’t suffer in silence, report it and ask for help.