Last month, Romanucci & Blandin recently hosted a Continuing Legal Education seminar that was attended by referring attorneys. The event, “Easiest Catch: Don’t Be Another Fish in the Dark ‘Net’” was presented by Mark Lanterman, Chief Technology Officer of Computer Forensic Service, via Zoom. A former member of the U.S. Secret Service Electronic Crimes Taskforce, Mark spoke on common techniques employed by hackers, common misconceptions regarding online security, and preventative measures to maintain both personal and professional digital information. Read on to learn tips and tricks from Mark:

Hackers need our help!

Oftentimes, a hacker will trick a victim into helping (phishing), but sometimes we give them help without them even asking. A frequent practice of offices using shared computers is the convenient posting of a username and password. Something as simple as a sticker on a shared laptop indicating the login information can give a diligent eye everything necessary to get into your system. By taking measures to keep credentials out of sight, you can easily prevent unwanted entry into both computers and servers.

While inadvertently sharing information with a potential hacker is possible, it is much more likely that you will be conned into helping. The most frequently used method of attack comes via email, either one containing a link or an attachment, which upon clicking or opening will in turn download malicious software, known as malware. A commonly seen example of this is an email that appears to be from a known entity, such as Google, requesting the recipient change his or her password due to a fake data breach. By clicking this link, malware can automatically begin installation on the host computer without the user’s knowledge. A second common example could be an email from a seemingly trustworthy source requesting the recipient review an attached document, the opening of which can, again, install a malicious program in the background, never alerting the user of the attack.

End-to-End Encryption is not as safe as you might think!

Many commonly used messaging apps market a safety feature known as end-to-end encryption. Users may employ these apps with the assumption that messages sent and received can and will only ever been seen by the communicating parties, and while encryption is a trusted tool in the transmission of sensitive information, it is important to understand when that information is being protected.

During end-to-end encryption, a message traveling from sender to receiver is converted into code, ensuring no hacker can intercept what is being sent. However, if someone obtains access to either device, those messages are not encrypted and thus can be easily recovered – even if they have been deleted from the messaging app. Commonly, a hacker might not even attempt to intercept a desired message if they can obtain access to the receiving device, easily viewing the thought-to-be hidden information. Additionally, forensic experts are able to employ this same technique when searching for evidence, a commonly used practice in many lawsuits and one that practitioners should know to use.

Discovery – Know the difference between Native and TIFF

Last, when engaging in electronic discovery, it is important to know not only what you are looking for in a request, but in what digital form you want it. Many might assume that the same document in two different formats would be equal, however the information stored within Native and TIFF files can differ greatly. One of the most important differences to keep in mind is the metadata stored within the Native file; something that would be removed upon conversion to TIFF or PDF. As Mark explained, metadata can make or break a case with the information it can provide. Companies like Computer Forensic Services can help review cases and give guidance on requests, but attorneys also play a critical role in getting what they need by understanding the technical methods with which materials are saved and how to request them.

All of this and more was covered by Mark Lanterman during his informational presentation through Romanucci & Blandin, LLC. If you are interested in attending future Continuing Legal Education programs presented by Romanucci & Blandin, we encourage you to visit our website for upcoming opportunities.