SlideShare a Scribd company logo

File000155

Desmond Devendran
Desmond Devendran
Technology
1 of 28
Download to read offline
Module XLII - Investigating Computer Data Breaches
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Hacker Accesses UF Dental Patient Data Source: http://www.gatorsports.com/ By Nathan Crabbe Published: Thursday, November 13, 2008 at 6:01 a.m. A hacker accessed a University of Florida College of Dentistry computer server containing personal information of more than 344,000 current and former dental patients, UF announced Wednesday. The information included names, addresses, birth dates, Social Security numbers and dental procedure information for patients dating back to 1990. College staff members discovered the breach Oct. 3 while upgrading the server, finding that unauthorized software had been installed on it from a location outside the university. UF officials have no evidence at this time that the hacker used the information for fraudulent purposes, said Melanie Fridl Ross, a spokeswoman for UF's Health Science Center. "It's sort of like someone coming home and finding that their door is open, but it's unclear if any valuables have been taken," she said. FBI and University Police officers are investigating. Letters were mailed Monday to alert 336,234 patients about the breach. The university is seeking addresses for another 8,248 patients with data on the server. A hot line, 1-866-783-5883, has been established for patient questions. Patients can call the hot line to find out exactly what information was contained on the server, Ross said. College of Dentistry Dean Teresa Dolan said the college keeps electronic records of dental procedures, but not on medications or chronic illnesses. The breach involved patient information from the college's clinics on the main UF campus, the east side of Gainesville, and in Hialeah and Jacksonville, she said. Medical identity theft is a growing problem, said Paul Stephens, director of policy and advocacy for the San Diego-based nonprofit Privacy Rights Clearinghouse.
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Extortion Used in Prescription Data Breach Source: http://www.washingtonpost.com/ FBI Investigating Threat Against Express Scripts Customers By Brian Krebs Saturday, November 8, 2008; Page D01 One of the nation's largest processors of pharmacy prescriptions said this week that extortionists are threatening to disclose personal and medical information about millions of Americans if the company fails to meet payment demands. St. Louis-based Express Scripts said Thursday that in early October it received a letter that included the names, birth dates, Social Security numbers and, in some cases, prescription data on 75 of its customers. The authors threatened to expose millions of consumer records if the company declined to pay up, Express Scripts said in a statement. Chief executive George Paz said in the statement that Express Scripts has no intention of paying and that his company is working with the FBI to track down those responsible for the scam. Express Scripts is the third-largest U.S. pharmacy benefit management firm, which processes and pays prescription drug claims. Working with more than 1,600 companies, it handles roughly 500 million prescriptions a year for about 50 million Americans. Express Scripts has notified its clients of the threat. Fairfax County Public Schools yesterday sent a letter to employees alerting health-plan participants who use Express Scripts to the breach. "FCPS is deeply concerned about this kind of breach, which could adversely affect our employees," Superintendent Jack D. Dale said in the letter. "We expect and deserve the highest level of security when we entrust our vendors to handle our employees' personal information." The letter was delivered by mail, said company spokesman Steve Littlejohn. He declined to say how much money the extortionists were demanding. He added that the company is trying to determine how the data were stolen. "We know where the data came from by looking at it, but precisely how it was accessed is still part of the investigation," Littlejohn said.
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • How Computer Data Breaches Occur • Investigating the Local Machine • Investigating the Network • Countermeasures This module will familiarize you with:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow How Computer Data Breaches Occur Investigating the Local Machine Investigating the Network Countermeasures
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited How Data Breaches Occur
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using the External Memory Devices Data can be stolen using external memory devices External memory devices are available with a capacity of 64 MB to 250 GB USB ports are used to transfer the data External hard disks can be used to copy the complete hard disk data CD/DVD’s are used to burn the important data
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using the Internet • Sending files through email • Sharing files through webhosting services • Uploading files in FTP servers • Transferring files using IMs Internet is used for the breaches listed below:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using Cell Phones and iPods Mobile phones come with external memory where the data can be stored up to 32GB Data can be carried using such mobile phones iPods are also used to carry important files
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using Malware Malware includes computer viruses, worms, Trojan horses, rootkits, spyware, dishonest adware, and other malicious and unwanted software Trojans and rootkits are used to steal the sensitive data Using malware, attackers can gain access and remotely access the victim’s system
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Others Techniques • These techniques can be used to encrypt the information and hide the communication so that it becomes difficult to detect data leakage Cryptography and Steganography techniques: • Attackers or insiders may change the file extensions so that the data files may appear to be some other type of file, for example a .xls extension may be changed to a .jpg extension to hide the data theft Changing the file extension types:
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Investigating Local Machine
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Registry Editor Registry editor should be checked for any external memory devices used Tools such as USBDeview, MyUSBOnly can be used to check the name, date, and time of external memory devices used
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check For CD/DVD Burning Software Check the local machine for any CD/DVD burning software installed Check for the recent projects in such software Collect the information such as data burnt, time, and user
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check for Browsing History Web browsers are a vital key for interacting with the Internet Check the local machine’s browsing history Cache may contain the temporary web page files Cookies contain stored database session or some other piece of information Tool ‘Cookie Viewer’ discovers the information that web sites store on the user’s computer
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Downloads Check the local machine download history whether the user has downloaded any FTP clients, IMs, or any other software Using the browsing and downloads history, the information regarding the FTP clients, web hosting services, and IMs are known
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Email History Check for suspicious mail in sent mail history Check the attachments for such email Check the trash for the deleted files
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check for Suspicious Software Check the local machine for any mobile drivers installed Check for any data encryption, cryptography, and steganography software Magic Lantern software allows agents to decode the hard to break encrypted data of the criminal suspects
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Investigating Network
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Firewall Check the firewall where individual browsing details are logged • Sites visited • Downloads Check the amount of data transferred from a particular IP address Check the router logs
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Mail Server Check the mail server for all the incoming and outgoing emails Open and check the attachments Collect the email IDs where the data is transferred
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Printers Check the printer for any data has been taken in the form of print outs
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures Create different accounts such as admin, guest, and user to provide limited access Ensure critical data files are backed up and the backups are securely stored in another location Establish policies and procedures for computing and file access Disable the USB ports
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures (cont’d) Install anti-virus and update it regularly Install Email, USB, and IM monitoring software Implement administrative, physical, and technical controls Train employees to safeguard the data
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary Data can be stolen using external memory devices Files can be shared through emails and webhosting services Cryptography and Steganography techniques are used to send the data Cookies contain stored database session or some other piece of information Check the local machine download history whether the user has downloaded any FTP clients, IMs, or any other software Check for any data encryption, cryptography, and steganography software Check the mail server for all the incoming and outgoing mails Create different accounts such as admin, guest, and user to provide limited access
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited

Recommended

File000159
File000159File000159
File000159Desmond Devendran
 
File000154
File000154File000154
File000154Desmond Devendran
 
File000158
File000158File000158
File000158Desmond Devendran
 
File000161
File000161File000161
File000161Desmond Devendran
 
File000165
File000165File000165
File000165Desmond Devendran
 
File000146
File000146File000146
File000146Desmond Devendran
 
File000145
File000145File000145
File000145Desmond Devendran
 
SEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Devang Barot - SEO2India
 

Recommended

File000159
File000159File000159
File000159Desmond Devendran
 
File000154
File000154File000154
File000154Desmond Devendran
 
File000158
File000158File000158
File000158Desmond Devendran
 
File000161
File000161File000161
File000161Desmond Devendran
 
File000165
File000165File000165
File000165Desmond Devendran
 
File000146
File000146File000146
File000146Desmond Devendran
 
File000145
File000145File000145
File000145Desmond Devendran
 
SEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Cyber crime
SEO2India - Cyber crimeSEO2India - Devang Barot - SEO2India
 
Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreofficesolomon24
 
Law of-cybercrime
Law of-cybercrimeLaw of-cybercrime
Law of-cybercrimeshiela mae dupa
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality reportJonan Momo
 
Prosecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebProsecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebDarius Whelan
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal lawZaheer Irshad
 
National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context Bank Alfalah Limited
 
Cybercrime
CybercrimeCybercrime
CybercrimeMayank Garg
 
Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law sohaildanish
 
A Tale of One City
A Tale of One CityA Tale of One City
A Tale of One CityFelicia Nelson
 
Cyber crime in pakistan by zubair
Cyber crime in pakistan by zubairCyber crime in pakistan by zubair
Cyber crime in pakistan by zubairMuhammad Zubair
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz neweyavagal
 
Traditional problem associated with cyber crime
Traditional problem associated with cyber crimeTraditional problem associated with cyber crime
Traditional problem associated with cyber crimevishalgohel12195
 
Chapter14
Chapter14Chapter14
Chapter14SUNY Ulster
 
Computer crime
Computer crimeComputer crime
Computer crimeUc Man
 
Computer crime
Computer crimeComputer crime
Computer crimeVinil Patel
 
Computer crime
Computer crime Computer crime
Computer crimeAnika Rahman Orin
 
Computer Crimes
Computer CrimesComputer Crimes
Computer CrimesIvy Rose Recierdo
 
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Ethisphere
 
Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012armaexen
 
Tech Topic Privacy
Tech Topic PrivacyTech Topic Privacy
Tech Topic Privacynetapprad
 
Hacking
Hacking Hacking
Hacking thajmohammed
 

More Related Content

What's hot

Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreofficesolomon24
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality reportJonan Momo
 
Prosecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebProsecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebDarius Whelan
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal lawZaheer Irshad
 
National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context Bank Alfalah Limited
 
Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law sohaildanish
 
Cyber crime in pakistan by zubair
Cyber crime in pakistan by zubairCyber crime in pakistan by zubair
Cyber crime in pakistan by zubairMuhammad Zubair
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz neweyavagal
 
Traditional problem associated with cyber crime
Traditional problem associated with cyber crimeTraditional problem associated with cyber crime
Traditional problem associated with cyber crimevishalgohel12195
 
Computer crime
Computer crimeComputer crime
Computer crimeUc Man
 
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Ethisphere
 
Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012armaexen
 

What's hot (20)

Cyber crime law libreoffice
Cyber crime law libreofficeCyber crime law libreoffice
Cyber crime law libreoffice
 
Law of-cybercrime
Law of-cybercrimeLaw of-cybercrime
Law of-cybercrime
 
Cybercrime law legality report
Cybercrime law legality reportCybercrime law legality report
Cybercrime law legality report
 
Prosecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the WebProsecuting Cybercrime and Regulating the Web
Prosecuting Cybercrime and Regulating the Web
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of Ghana
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal law
 
National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context National framework for digital forensics bangladesh context
National framework for digital forensics bangladesh context
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law Computer Miss-use and Criminal Law
Computer Miss-use and Criminal Law
 
A Tale of One City
A Tale of One CityA Tale of One City
A Tale of One City
 
Cyber crime in pakistan by zubair
Cyber crime in pakistan by zubairCyber crime in pakistan by zubair
Cyber crime in pakistan by zubair
 
Uop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz newUop ajs 524 week 4 quiz new
Uop ajs 524 week 4 quiz new
 
Traditional problem associated with cyber crime
Traditional problem associated with cyber crimeTraditional problem associated with cyber crime
Traditional problem associated with cyber crime
 
Chapter14
Chapter14Chapter14
Chapter14
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Computer crime
Computer crime Computer crime
Computer crime
 
Computer Crimes
Computer CrimesComputer Crimes
Computer Crimes
 
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
Clash of Compliance: Global Anti-Corruption Considerations When Foreign Laws ...
 
Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012Republic Act 10175 - Cyber Crime Prevention Act of 2012
Republic Act 10175 - Cyber Crime Prevention Act of 2012
 

Similar to File000155

Tech Topic Privacy
Tech Topic PrivacyTech Topic Privacy
Tech Topic Privacynetapprad
 
Cyber crime
Cyber crimeCyber crime
Cyber crimedixitas
 
cyber_crime_investigation_ppt.pdf
cyber_crime_investigation_ppt.pdfcyber_crime_investigation_ppt.pdf
cyber_crime_investigation_ppt.pdfArifAhmad83
 
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...Eric Vanderburg
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Shumail Tariq
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholderskevinwetzel
 
LandscapingA local landscaping company that provides lawn-mowing.docx
LandscapingA local landscaping company that provides lawn-mowing.docxLandscapingA local landscaping company that provides lawn-mowing.docx
LandscapingA local landscaping company that provides lawn-mowing.docxsmile790243
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial CrimesRaj Goel
 
02 fundamental aspects of security
02 fundamental aspects of security02 fundamental aspects of security
02 fundamental aspects of securityGemy Chan
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1anilinvns
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internetdevashishicai
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 

Similar to File000155 (20)

Tech Topic Privacy
Tech Topic PrivacyTech Topic Privacy
Tech Topic Privacy
 
Hacking
Hacking Hacking
Hacking
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
CS6004 Cyber Forensics
CS6004 Cyber ForensicsCS6004 Cyber Forensics
CS6004 Cyber Forensics
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
cyber_crime_investigation_ppt.pdf
cyber_crime_investigation_ppt.pdfcyber_crime_investigation_ppt.pdf
cyber_crime_investigation_ppt.pdf
 
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...
Protecting Law Firms and their Clients: The Role of the Virtual Chief Securit...
 
Types of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsTypes of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security Threats
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
TSCM Overview for Stakeholders
TSCM Overview for StakeholdersTSCM Overview for Stakeholders
TSCM Overview for Stakeholders
 
Mis chapter 9
Mis chapter 9Mis chapter 9
Mis chapter 9
 
LandscapingA local landscaping company that provides lawn-mowing.docx
LandscapingA local landscaping company that provides lawn-mowing.docxLandscapingA local landscaping company that provides lawn-mowing.docx
LandscapingA local landscaping company that provides lawn-mowing.docx
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes
 
02 fundamental aspects of security
02 fundamental aspects of security02 fundamental aspects of security
02 fundamental aspects of security
 
Cyber forensic 1
Cyber forensic 1Cyber forensic 1
Cyber forensic 1
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internet
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometrics
 

More from Desmond Devendran

Siam foundation-process-guides
Siam foundation-process-guidesSiam foundation-process-guides
Siam foundation-process-guidesDesmond Devendran
 
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledgeSiam foundation-body-of-knowledge
Siam foundation-body-of-knowledgeDesmond Devendran
 
Enterprise service-management-essentials
Enterprise service-management-essentialsEnterprise service-management-essentials
Enterprise service-management-essentialsDesmond Devendran
 
Service Integration and Management
Service Integration and Management Service Integration and Management
Service Integration and Management Desmond Devendran
 
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_enDiagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_enDesmond Devendran
 

More from Desmond Devendran (20)

Siam key-facts
Siam key-factsSiam key-facts
Siam key-facts
 
Siam foundation-process-guides
Siam foundation-process-guidesSiam foundation-process-guides
Siam foundation-process-guides
 
Siam foundation-body-of-knowledge
Siam foundation-body-of-knowledgeSiam foundation-body-of-knowledge
Siam foundation-body-of-knowledge
 
Enterprise service-management-essentials
Enterprise service-management-essentialsEnterprise service-management-essentials
Enterprise service-management-essentials
 
Service Integration and Management
Service Integration and Management Service Integration and Management
Service Integration and Management
 
Diagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_enDiagram of iso_22301_implementation_process_en
Diagram of iso_22301_implementation_process_en
 
CHFI 1
CHFI 1CHFI 1
CHFI 1
 
File000176
File000176File000176
File000176
 
File000175
File000175File000175
File000175
 
File000174
File000174File000174
File000174
 
File000173
File000173File000173
File000173
 
File000172
File000172File000172
File000172
 
File000171
File000171File000171
File000171
 
File000170
File000170File000170
File000170
 
File000169
File000169File000169
File000169
 
File000168
File000168File000168
File000168
 
File000167
File000167File000167
File000167
 
File000166
File000166File000166
File000166
 
File000164
File000164File000164
File000164
 
File000163
File000163File000163
File000163
 

Recently uploaded

Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 

Recently uploaded (20)

Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 

File000155

  • 1. Module XLII - Investigating Computer Data Breaches
  • 2. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Hacker Accesses UF Dental Patient Data Source: http://www.gatorsports.com/ By Nathan Crabbe Published: Thursday, November 13, 2008 at 6:01 a.m. A hacker accessed a University of Florida College of Dentistry computer server containing personal information of more than 344,000 current and former dental patients, UF announced Wednesday. The information included names, addresses, birth dates, Social Security numbers and dental procedure information for patients dating back to 1990. College staff members discovered the breach Oct. 3 while upgrading the server, finding that unauthorized software had been installed on it from a location outside the university. UF officials have no evidence at this time that the hacker used the information for fraudulent purposes, said Melanie Fridl Ross, a spokeswoman for UF's Health Science Center. "It's sort of like someone coming home and finding that their door is open, but it's unclear if any valuables have been taken," she said. FBI and University Police officers are investigating. Letters were mailed Monday to alert 336,234 patients about the breach. The university is seeking addresses for another 8,248 patients with data on the server. A hot line, 1-866-783-5883, has been established for patient questions. Patients can call the hot line to find out exactly what information was contained on the server, Ross said. College of Dentistry Dean Teresa Dolan said the college keeps electronic records of dental procedures, but not on medications or chronic illnesses. The breach involved patient information from the college's clinics on the main UF campus, the east side of Gainesville, and in Hialeah and Jacksonville, she said. Medical identity theft is a growing problem, said Paul Stephens, director of policy and advocacy for the San Diego-based nonprofit Privacy Rights Clearinghouse.
  • 3. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News: Extortion Used in Prescription Data Breach Source: http://www.washingtonpost.com/ FBI Investigating Threat Against Express Scripts Customers By Brian Krebs Saturday, November 8, 2008; Page D01 One of the nation's largest processors of pharmacy prescriptions said this week that extortionists are threatening to disclose personal and medical information about millions of Americans if the company fails to meet payment demands. St. Louis-based Express Scripts said Thursday that in early October it received a letter that included the names, birth dates, Social Security numbers and, in some cases, prescription data on 75 of its customers. The authors threatened to expose millions of consumer records if the company declined to pay up, Express Scripts said in a statement. Chief executive George Paz said in the statement that Express Scripts has no intention of paying and that his company is working with the FBI to track down those responsible for the scam. Express Scripts is the third-largest U.S. pharmacy benefit management firm, which processes and pays prescription drug claims. Working with more than 1,600 companies, it handles roughly 500 million prescriptions a year for about 50 million Americans. Express Scripts has notified its clients of the threat. Fairfax County Public Schools yesterday sent a letter to employees alerting health-plan participants who use Express Scripts to the breach. "FCPS is deeply concerned about this kind of breach, which could adversely affect our employees," Superintendent Jack D. Dale said in the letter. "We expect and deserve the highest level of security when we entrust our vendors to handle our employees' personal information." The letter was delivered by mail, said company spokesman Steve Littlejohn. He declined to say how much money the extortionists were demanding. He added that the company is trying to determine how the data were stolen. "We know where the data came from by looking at it, but precisely how it was accessed is still part of the investigation," Littlejohn said.
  • 4. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • How Computer Data Breaches Occur • Investigating the Local Machine • Investigating the Network • Countermeasures This module will familiarize you with:
  • 5. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow How Computer Data Breaches Occur Investigating the Local Machine Investigating the Network Countermeasures
  • 6. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited How Data Breaches Occur
  • 7. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using the External Memory Devices Data can be stolen using external memory devices External memory devices are available with a capacity of 64 MB to 250 GB USB ports are used to transfer the data External hard disks can be used to copy the complete hard disk data CD/DVD’s are used to burn the important data
  • 8. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using the Internet • Sending files through email • Sharing files through webhosting services • Uploading files in FTP servers • Transferring files using IMs Internet is used for the breaches listed below:
  • 9. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using Cell Phones and iPods Mobile phones come with external memory where the data can be stored up to 32GB Data can be carried using such mobile phones iPods are also used to carry important files
  • 10. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Using Malware Malware includes computer viruses, worms, Trojan horses, rootkits, spyware, dishonest adware, and other malicious and unwanted software Trojans and rootkits are used to steal the sensitive data Using malware, attackers can gain access and remotely access the victim’s system
  • 11. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Others Techniques • These techniques can be used to encrypt the information and hide the communication so that it becomes difficult to detect data leakage Cryptography and Steganography techniques: • Attackers or insiders may change the file extensions so that the data files may appear to be some other type of file, for example a .xls extension may be changed to a .jpg extension to hide the data theft Changing the file extension types:
  • 12. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Investigating Local Machine
  • 13. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Registry Editor Registry editor should be checked for any external memory devices used Tools such as USBDeview, MyUSBOnly can be used to check the name, date, and time of external memory devices used
  • 14. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check For CD/DVD Burning Software Check the local machine for any CD/DVD burning software installed Check for the recent projects in such software Collect the information such as data burnt, time, and user
  • 15. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check for Browsing History Web browsers are a vital key for interacting with the Internet Check the local machine’s browsing history Cache may contain the temporary web page files Cookies contain stored database session or some other piece of information Tool ‘Cookie Viewer’ discovers the information that web sites store on the user’s computer
  • 16. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Downloads Check the local machine download history whether the user has downloaded any FTP clients, IMs, or any other software Using the browsing and downloads history, the information regarding the FTP clients, web hosting services, and IMs are known
  • 17. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Email History Check for suspicious mail in sent mail history Check the attachments for such email Check the trash for the deleted files
  • 18. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check for Suspicious Software Check the local machine for any mobile drivers installed Check for any data encryption, cryptography, and steganography software Magic Lantern software allows agents to decode the hard to break encrypted data of the criminal suspects
  • 19. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Investigating Network
  • 20. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Firewall Check the firewall where individual browsing details are logged • Sites visited • Downloads Check the amount of data transferred from a particular IP address Check the router logs
  • 21. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Mail Server Check the mail server for all the incoming and outgoing emails Open and check the attachments Collect the email IDs where the data is transferred
  • 22. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Check the Printers Check the printer for any data has been taken in the form of print outs
  • 23. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures
  • 24. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures Create different accounts such as admin, guest, and user to provide limited access Ensure critical data files are backed up and the backups are securely stored in another location Establish policies and procedures for computing and file access Disable the USB ports
  • 25. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Countermeasures (cont’d) Install anti-virus and update it regularly Install Email, USB, and IM monitoring software Implement administrative, physical, and technical controls Train employees to safeguard the data
  • 26. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Summary Data can be stolen using external memory devices Files can be shared through emails and webhosting services Cryptography and Steganography techniques are used to send the data Cookies contain stored database session or some other piece of information Check the local machine download history whether the user has downloaded any FTP clients, IMs, or any other software Check for any data encryption, cryptography, and steganography software Check the mail server for all the incoming and outgoing mails Create different accounts such as admin, guest, and user to provide limited access
  • 27. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
  • 28. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited