how safe is your data?

I stopped in on this presentation by cyber-crime expert U Rama Mohan @ the International Conference on Information Systems Design & Intelligent Applications, who was quite a hoot.  He was very skeptical about the state of cyber-security, & he’s 1 who should know.  Law enforcement gets phobias-some don’t even know what a gigabyte is.  Don’t trust internet service providers-they watch your transactions.  Don’t bank online-it’s too easy for others to steal your data & money.  He differentiated between 3 types of crimes & their relationships to computers:

1. computer essential crimes where computers are required
2. computer non-essential crimes where no computers are required
3. computer connected crimes which are not used in the actual crime

There are great quality counterfeit notes out there with convincing security features.

His objective is simply to collect/copy data:  images, clones, etc.  He then analyzes data in Windows, Linux, different file formats, etc.  Next he presents the data in hard & soft copy formats.  (It’s not valid to take discreet data-you must image a whole hard drive)   A 2 line program caused a 6 crore fraud @ Satyam.  Up until 2006, it was pretty much only male criminals, but since then women have entered the fray as well, although the internet can still be very anonymous.  Hard copy evidence can be a problem:  1 case resulted in a stack of paper 333 feet high.  Law enforcement prefers hard copy to soft copy, but data is gathered in opposite proportion.  Data can be retrieved from hard drives, flash drives, optical drives, memory cards, etc.  There are internet protocol addresses for every IP packet, but mobile internet messages are difficult to analyze.  Formatting a disk doesn’t get rid of the data on that disk, it just “wipes it clean.”

There are different levels of forensic analysis of :

• active files
• deleted files-even if files are deleted from your computer, they’re not really gone-your system just no longer sees it)
• slack space
• orphaned clusters, etc.

Everything sits in a temporary activity folder, including online e-mail.  New data does overwrite old data.  He put together a suspect matrix which plotted whether they are computer literate or illiterate & what they do & do not know.

Analysis can be done on disks, networks, mobile phones, live servers, e-mail, registries, logs, spools, embedded systems, data, audio, video, images, you name it.

Mohan estimates that 50% of computers in India are robots on botnets intended to attack digital infrastructure.  In sum, information security is a myth, a fantasy.  Only gmail does not provide an origin internet protocol address.  For example, a pen drive analysis delves into the 1st & 3rd levels of analysis.

Q&A

There are a number of 3rd party tools for analysis from abroad which can be helpful.

The State Bank of India has had so many crises, they no longer cooperate with authorities.  HDFC is a superior place to keep your money.