Last month, Romanucci & Blandin recently hosted a Continuing Legal Education seminar that was attended by referring attorneys. The event, “Easiest Catch: Don’t Be Another Fish in the Dark ‘Net’” was presented by Mark Lanterman, Chief Technology Officer of Computer Forensic Service, via Zoom. A former member of the U.S. Secret Service Electronic Crimes Taskforce, Mark spoke on common techniques employed by hackers, common misconceptions regarding online security, and preventative measures to maintain both personal and professional digital information. Read on to learn tips and tricks from Mark:
Hackers need our help!
Oftentimes, a hacker will trick a victim into helping (phishing), but sometimes we give them help without them even asking. A frequent practice of offices using shared computers is the convenient posting of a username and password. Something as simple as a sticker on a shared laptop indicating the login information can give a diligent eye everything necessary to get into your system. By taking measures to keep credentials out of sight, you can easily prevent unwanted entry into both computers and servers.
While inadvertently sharing information with a potential hacker is possible, it is much more likely that you will be conned into helping. The most frequently used method of attack comes via email, either one containing a link or an attachment, which upon clicking or opening will in turn download malicious software, known as malware. A commonly seen example of this is an email that appears to be from a known entity, such as Google, requesting the recipient change his or her password due to a fake data breach. By clicking this link, malware can automatically begin installation on the host computer without the user’s knowledge. A second common example could be an email from a seemingly trustworthy source requesting the recipient review an attached document, the opening of which can, again, install a malicious program in the background, never alerting the user of the attack.
End-to-End Encryption is not as safe as you might think!
Many commonly used messaging apps market a safety feature known as end-to-end encryption. Users may employ these apps with the assumption that messages sent and received can and will only ever been seen by the communicating parties, and while encryption is a trusted tool in the transmission of sensitive information, it is important to understand when that information is being protected.
During end-to-end encryption, a message traveling from sender to receiver is converted into code, ensuring no hacker can intercept what is being sent. However, if someone obtains access to either device, those messages are not encrypted and thus can be easily recovered – even if they have been deleted from the messaging app. Commonly, a hacker might not even attempt to intercept a desired message if they can obtain access to the receiving device, easily viewing the thought-to-be hidden information. Additionally, forensic experts are able to employ this same technique when searching for evidence, a commonly used practice in many lawsuits and one that practitioners should know to use.
Discovery – Know the difference between Native and TIFF
Last, when engaging in electronic discovery, it is important to know not only what you are looking for in a request, but in what digital form you want it. Many might assume that the same document in two different formats would be equal, however the information stored within Native and TIFF files can differ greatly. One of the most important differences to keep in mind is the metadata stored within the Native file; something that would be removed upon conversion to TIFF or PDF. As Mark explained, metadata can make or break a case with the information it can provide. Companies like Computer Forensic Services can help review cases and give guidance on requests, but attorneys also play a critical role in getting what they need by understanding the technical methods with which materials are saved and how to request them.
All of this and more was covered by Mark Lanterman during his informational presentation through Romanucci & Blandin, LLC. If you are interested in attending future Continuing Legal Education programs presented by Romanucci & Blandin, we encourage you to visit our website for upcoming opportunities.
Categories
Contributors
Recent Posts
- The Devastating Impact of Backpage.com: Human Trafficking and Resources for Survivors
- Will Medical Residents Unionizing Also Improve Outcomes for Patients?
- Private equity purchases of hospitals increase risks for patients
- Gun Violence Now Leading Cause of Death for Kids: What We Can Do About It
- A Positive Change to the Illinois Wrongful Death Act
- Athletic Hazing: Schools Need to Put Athlete Wellness Over Winning at Any Cost
- Reflections from a Mass Shooting Survivor: The Time to Act is Now
- Eye in the Sky: Drones Will Allow for More Safety and Security at Illinois Public Events
- Los Trabajadores Tienen Derechos Cuando se Lesionan en el Trabajo: sin Importar su Estatus Migratorio
- Workers Have Rights When Injured on the Job: No Matter Your Residency Status
Archives
- December 2024
- June 2024
- February 2024
- October 2023
- August 2023
- July 2023
- June 2023
- May 2023
- March 2023
- February 2023
- September 2022
- July 2022
- June 2022
- May 2022
- March 2022
- February 2022
- January 2022
- November 2021
- October 2021
- September 2021
- July 2021
- May 2021
- March 2021
- February 2021
- January 2021
- December 2020
- October 2020
- September 2020
- August 2020
- May 2020
- April 2020
- March 2020
- February 2020
- June 2019
- November 2018
- May 2018
- March 2018
- October 2015