Forumite

Fooling Cyber-Investigators

HOME Forums Tech Security Talk Fooling Cyber-Investigators

  • Creator
    Topic
  • #38720
    Participant
    Ed P
    @edps

    El Reg picks up on a Black Hat Europe presentation that detailed some of the ways used to mislead cyber-Investigators. Interestingly the presentation mentioned the malware Olympic Destroyer which was finally laid at the door of Russia. The investigation of this was the subject of a full Wired Article that is itself an interesting read.

    What both these articles show is that hackers are fully aware that their activities will be investigated, and they now cover their trail with a plethora of false evidence.

    So next time you read an authoritative statement saying ‘It was XYZ that did it’, step back and consider the first rule of investigation – Motive! Although Script Kiddies often have unfathomable motives, that is not the case with State Actors, who love to pin the blame on other State Actors.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Author
    Replies
  • #38726
    Participant
    dwynnehugh
    @dwynnehugh
    Forumite Points: 2,133

    I would have thought personally that the first rule of investigation might well have been evidence.

    The more you meet people the more you understand why Noah took animals instead of humans

    0
    0
    #38729
    Moderator
    Dave Rice
    @ricedg
    Forumite Points: 7,570

    That just gets in the way of a good story these days.

    0
    0
    #38730
    Participant
    Ed P
    @edps
    Forumite Points: 13,425

    I would have thought personally that the first rule of investigation might well have been evidence.

    If you read the links, you would see that there is too much contradictory evidence. In fact it appears the biggest challenge of the Cyber-criminals is to figure out just how hard they should make it to uncover their spurious  evidence. Unlike physical evidence it appears that the world of bits and bytes is fairly easy to manipulate without leaving any traces, and even the potentially traceable origins of the initial foray onto the Internet is an anonymous site(s) hosted by an unfriendly Government and paid for in Bitcoin.

    0
    0
Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.