|
Forensics: Child Porn Planting Spyware - Beware |
|
|
Boom in PC Postmortems as Porn-planting
Spyware Grows
Companies turn to forensic experts to
dissect data and sort
cybercrimes from unwitting infections,
as spyware epidemic continues
Disklabs Data Recovery and Computer Forensic Services has seen demand for
its
forensic services grow by over 70% in the last year, as companies are
increasingly hit by viruses and spyware which can download pornography and other
inappropriate material without users being aware of it.
Incidences of spyware and other
programs capable of changing Internet
favourites and bookmarks, downloading images to hard disks and stealing
information about users’ activities from the PC have mushroomed in 2004.
Research in late 2004 by technology firms
Earthlink and Webroot revealed that 90% of Windows computers harbour an average
of 28 separate, malicious programs. The audit surveyed over 1.5 million PCs,
finding more than 41 million instances of spyware, Trojans and other malicious
programs.
Disklabs Data Recovery and Computer Forensic Services Director Simon
Steggles said: “With so many malicious programs on the Web, organisations are
realising that PCs with inappropriate images or content may not have been
misused by individuals, but unwittingly infected.
Forensics can establish beyond doubt whether this is the case, and also
present
evidence which can be used to support the chosen course of action.”
According to Steggles, many organisations,
especially in the public sector, are turning to
forensics to establish if misuse or an infection is to blame for
inappropriate material found on computers. The rise in computer spyware and
viruses coupled with the often sensitive nature of individual cases means that
an external, expert voice is needed. Companies cannot afford the risk of
adverse publicity and many are now starting with a
forensic examination to establish if the computer has been compromised by
malware.
Steggles said: ”Frequently, in-house IT staff
lack the proper resources and the know-how to get to the root of the problem,
and can actually compromise any evidence present on the system.
Professional forensic analysis provides valuable peace of mind for companies
and the knowledge that their data is being analysed in a professional, objective
and secure manner.”
Forensic technology proved to be invaluable for the head teacher of an
English primary school who discovered web folders with pornographic content on a
PC used by pupils. The history of these folders suggested a creation date
during lesson time and a modified date on a teacher-training day.
The issue was obviously an extremely sensitive
one, with potentially disastrous publicity for the school. Opinion was divided
amongst County ICT staff and the head teachers union as to whether the images
and bookmarks had been made intentionally or if this was due to a malicious
program.
Faced with the potential risk to
pupils, the need to treat the staff fairly and responsibilities to the school
and its governors,
Disklabs was called in to conduct an
independent forensic analysis of the computers in question.
The analysis showed definitively
that the problems were caused by a program from the
well-known spy- and adware family, Istbar Adware. The program downloaded
content to infected PCs without users’ knowledge or agreement, and not
through misuse of resources.
Disklabs’ detailed analysis report cleared the school, staff and pupils of
any doubt, and gave vital independent corroboration of the school’s position.
Disklabs’ approach when conducting a
forensic examination is to first isolate the system. Similar to an actual
crime scene, the computer will contain evidence and an audit trail of user
activity. Specialised forensic tools search hidden folders and unallocated disk
space, verifying exactly how the files arrived and whether this was down to
human intent or a malicious program. Findings are delivered in a complete
procedural report.
Locards
Exchange Principle:
“Anyone
or Anything entering a crime scene TAKES something of the scene
with them and LEAVES something of themselves behind when they depart.”
Find one
thing and we can suspect……Find both and we can be sure.
Issued on behalf of
Disklabs, contact Simon Steggles: 01827 50000 /
news@disklabs.com / http://www.disklabs.com
About Disklabs
Disklabs Data Security and
Computer Forensics Services offer full, in-house data recovery and forensic
services to all storage media, from hard disk drives to digital camera memory,
PDAs, mobile phones, RAID servers, DVDs, CDs, floppy disks, jazz cartridges, zip
cartridge and all tape formats.
"
|
|
|
 |
| "Forensics: Child Porn Planting Spyware - Beware" | Login/Create an Account | 0 comments |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
