Kroll Fraud Solutions Blog – A Dialogue on Data Security

It is estimated there are over 5 billion mobile phones in use around the world. A staggering number considering a world population of roughly 7 billion people!

With the prevalence of mobile devices around the globe, securing the data contained on them has become an increasingly common challenge encountered by Kroll’s information assurance experts. Added to this is a company’s struggle to ensure that their security procedures keep pace with the dizzying array of new devices introduced into the corporate environment. Although many companies have implemented end-point security measures such as encryption on laptop computers, similar protection for other devices that leave the corporate environment are lagging behind. At conferences and meetings, we’ll often ask attendees: “Is the mobile device in your possession encrypted or, at a minimum, password protected?” On a good day, we may see 25-30 percent of the audience positively respond.

In my experience as a forensic and cyber-security practitioner, I am often engaged to advise clients on a wide range of issues when they are faced with a possible data breach: Validation of breach occurrence, confirmation of the breach population, whether records were accessed or acquired, and assistance  with remediating the vulnerability that may have led to the breach in the first place.

After conducting cyber investigations for the last eight years, approximately seven of which were in various locations around the United States with the FBI, it is amazing to me how frequently zombie attacks, or botnets, are used as the minions of hackers to accomplish their criminal intent. I have conducted investigations in which botnets were the conduit used in successful attempts to send mass quantities of pharmaceutical spam, run pornography trading sites, and drain corporate bank accounts.

As IT security professionals we often focus on network security, workstation hardening, and other preventative measures to keep unwanted intruders at bay. We sometimes forget that the computers we are trying to protect can be compromised by simple physical access. A couple of recent cases bring this to light:

1. A large educational organization that has many public computers recently discovered that many of its computers had been compromised. The intruder used these compromised computers to penetrate deeper into their network.
2. An executive at a large company discovered a keylogger plugged into the back of his computer.