Home|Cyber Beat Blog|Incident Reporting

Category: Incident Reporting

The Real Cost of Free WiFi

June 17, 2016

As warmer weather approaches, millions of Americans will be traveling on summer getaways. Regardless of where you are heading on your vacation, chances are that you will pack connected mobile devices like smartphones and tablets. Once on vacation, most travelers will connect to Wi-Fi to find local hotspots, navigate new cities and countries, and share photos of their trips with family and friends back home.

Public Wi-Fi networks can now be found almost everywhere and make it easy for anyone to connect to the Internet no matter where they are.

 » Read more

Bots in the Court of Law

What are bots, and why should lawyers be concerned about them? For this blog topic of discussion, bots are considered “a device or piece of software that can execute commands, reply to messages, or perform routine tasks, as online searches, either automatically or with minimal human intervention.”  For law enforcement, such bots are an emerging threat because they are being programmed to carry out online tasks that sometimes can cross the line into illegal activities.

 » Read more

Catphishing

You may have heard of the terms “phishing” or even “spearphishing”—they both refer to attempts by bad actors to gain personal information to pilfer bank accounts or damage reputation.  Phishing is a broader term for wide-reaching untargeted solicitations, whereas spearphishing concerns attempts to target a particular population set like veterans, the elderly, or employees of a particular company for example.

This type of targeting will be familiar with law enforcement, but what you may not know is that early hacking routines were known as “phone phreaking” and the word usage stuck. 

 » Read more

Emerging Threats: Cryptolocker

Cryptolocker is financially-motivated ransomware that encrypts a user’s computer files and demands payment in either an anonymous currency (Bitcoin), or Moneypak payment cards. Propagation & Exploit is typically via spam email purporting to come from shipping companies or regarding business processes, dropped by other malware, thumb drives, and Yahoo! Messenger. Upon infection, Cryptolocker contacts the command and control (C2) server for a public RSA-2048 encryption key, which is downloaded and used to encrypt typical enterprise files types,

 » Read more

Emerging threat: CryptoWall

Crypto

CryptoWall is a digital ransomware that encrypts files on the infected machine and any connected file shares or drives. CryptoWall is distributed through phishing emails, malicious advertisements, compromised web sites, and as fake updates for applications such as Adobe Reader, Adobe Flash, and Java. In June 2014, this malware spread through the RIG exploit kit. Malicious actors use compromised websites to host the RIG exploit kit, which then exploits vulnerabilities in Java, Silverlight, and Flash to deliver the CryptoWall payload to the victim.

 » Read more

Emerging Threat: Telephone Denial of Service (TDoS)

ddos

TDoS attacks overload the telephone network, preventing legitimate telephone calls from being placed or received. Attacks against SLTT emergency lines, primarily at public safety answering points (PSAP) such as 9-1-1 centers, but also including utility department emergency numbers and other emergency numbers, remain a continuing threat. There is a relatively low risk of TDOSes occurring, however an attack against a PSAP could endanger emergency responders and citizens if the TDOS prevents them from contacting the PSAP.

 » Read more

Emerging Threats: Point of sale (POS)

pos

POS compromises are increasingly common in the commercial sector but remain rare in the government sector. The POS is the location where money transfers from the buyer to the seller at a retail store. Compromises can include physical tampering with pinpads or cash registers, complicit employees, or computer viruses. The compromise may affect the cash register or the computer that processes the credit card payments, and may target debit cards and pin numbers or credit card information.

 » Read more

Emerging Threat: Doxing

dox

“Doxing” is the publication of personally identifiable information (PII) of someone to the internet, generally for malicious purposes. The kinds of information disclosed may include the victim’s home addresses, family members’ information, and financial information.

Hacktivist groups dox government officials in response to perceived injustices with the objective of embarrassing the victim, or providing the information so others may target the victim for malicious activity. In some cases, organized cyber criminal groups and criminals may take advantage of information released during doxing incidents but are not known to conduct the activity themselves.

 » Read more

Emerging Threat: Internet of Things (IoT)

iot

IoT refers to internet-enabled electronic devices which are not computers, smartphones, or tablets. These may include lightbulbs, refrigerators, coffee makers, and toys, and are internet-enabled to facilitate ease of use for owners. For instance, with a light bulb connected to the internet, it is possible for the owner to use a smartphone application to remotely turn it off and to monitor its power usage. Unfortunately, these devices frequently do not contain security components, so it may be possible for a remote attacker to use such a device to start a fire (e.g.

 » Read more

IACP Conference