Fooling Cyber-Investigators

Forumite Members General Topics Tech Security Talk Fooling Cyber-Investigators

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • December 7, 2019 at 11:17 am #38720
    Ed PEd P
    Participant
      @edps
      Forumite Points: 39

      El Reg picks up on a Black Hat Europe presentation that detailed some of the ways used to mislead cyber-Investigators. Interestingly the presentation mentioned the malware Olympic Destroyer which was finally laid at the door of Russia. The investigation of this was the subject of a full Wired Article that is itself an interesting read.

      What both these articles show is that hackers are fully aware that their activities will be investigated, and they now cover their trail with a plethora of false evidence.

      So next time you read an authoritative statement saying ‘It was XYZ that did it’, step back and consider the first rule of investigation – Motive! Although Script Kiddies often have unfathomable motives, that is not the case with State Actors, who love to pin the blame on other State Actors.

      December 7, 2019 at 5:00 pm #38726
      dwynnehughdwynnehugh
      Participant
        @dwynnehugh
        Forumite Points: 0

        I would have thought personally that the first rule of investigation might well have been evidence.

        The more you meet people the more you understand why Noah took animals instead of humans

        December 7, 2019 at 6:22 pm #38729
        Dave RiceDave Rice
        Participant
          @ricedg
          Forumite Points: 7

          That just gets in the way of a good story these days.

          December 7, 2019 at 11:21 pm #38730
          Ed PEd P
          Participant
            @edps
            Forumite Points: 39
            dwynnehugh wrote:

            I would have thought personally that the first rule of investigation might well have been evidence.

            If you read the links, you would see that there is too much contradictory evidence. In fact it appears the biggest challenge of the Cyber-criminals is to figure out just how hard they should make it to uncover their spurious  evidence. Unlike physical evidence it appears that the world of bits and bytes is fairly easy to manipulate without leaving any traces, and even the potentially traceable origins of the initial foray onto the Internet is an anonymous site(s) hosted by an unfriendly Government and paid for in Bitcoin.

          • Author
            Posts
          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.