EMR or EHR are synonymous. Both are medical records. The electronic medical records or EMR reveal an audit trail of what transpired during a medical or health visit. Each record is unique and tells a story about the patient. We are experts that can assist you to win your case!
Electronic data records are taking the place of the old school hard copy files and completely revolutionizing the way data is gathered and stored. Electronic Health Records (EHR) or Electronic Medical Records (EMR) are synonymous with each other. (EHR) is data that includes the patient’s vital information such as an address, medical history, allergies, immunizations, lab tests results, radiology images, and vital signs, also, personal statistics like age, weight, sexual orientation, and insurance information. (EMR) is an individual’s private health data that is stored in a protected database only accessible to medical personnel in compliance with The Health Insurance Portability and Accountability Act (HIPAA) regulations. EHR’s or EMR’s make patient charting easier and results in fewer errors and keeps this delicate personal information private and secure.
Medical data can be manipulated!
Medical data can be altered and inserted into EMR systems and made to look like it was there all the time or not there at all. Medical malpractice lawyers rely on EMR audit trails to tell the story of either side of a case; the plaintiff or the defendant. Medical records are marked by metadata or raw data. This data is developed separately from the EMR system making manipulation detection visible by reviewing the raw data and the database logs. Metadata can also be described as underlying data, like a digital footprint that creates an audit trail. In order to analyze raw data, you will need to hire Enigma Forensics; we are experts in the field of electronic medical records (EMR) or (EHR).
During a forensic review of EHR’s or EMR’s, we can authenticate or reveal backdating, back charting, data editing, or falsification of records. We have been on both sides of medical malpractice cases and almost always save our client a considerable sum of money. We work closely with the attorneys involved to help with eDiscovery verbiage and assist with what to look for.
Enigma Forensics are experts in collecting and understanding electronic medical records or the EMR audit trail. Check out this blog to view our list of EMR Discovery Questions.
Electronic Medical Records (EMR) can be tricky! In most cases, during eDiscovery, you get what you ask for and only what you ask for! Every Discovery request involving a healthcare provider has unique aspects that need to be considered.
Enigma Forensics is an established Computer Forensic Expert Witness firm that has been involved in many medical malpractice cases and specializes in interpreting electronic medical records (EMR) audit trail or audit logs. Our staff has extensive experience with numerous EMR applications and can assist you with navigating through the challenges of EMR Audit Trails and/or Audit Logs. Electronic Medical Record a.k.a., EMR audit trail or log is the answer to who knew what when, in essence, it tells the story about what took place during the treatment of that patient.
The following is a list of important questions to file for the demand for eDiscovery for Electronic Medical Records, in a medical malpractice case.
Provide the name of all medical software applications utilized to store [Patient Name]’s Electronic Medical Records (EMR).
For each medical software application that contains [Patient Name]’s EMR, please provide the specific version of the software as well as the name of the company that produces the software during the relevant time period beginning on [beginning date] through the present date.
For each medical software application that contains [Patient Name]’s EMR, please indicate if any of the specified software applications were migrated off to a new platform and what the current status is of [Patient Name]’s EMR on the original system.
For each medical software application that contains [Patient Name]’s EMR, please provide the application administrators that have full access to the stored data and audit trails.
For each medical software application that contains [Patient Name]’s EMR, please provide all user and administrator manuals for each of the medical software applications.
For each application that contains [Health Care Provider Name]’s EMR, please provide the current retention settings for the audit trail for all patient’s EMR. Are the privacy log retention settings sent to a secondary audit log (e.g., Fair Warning)? Is the secondary audit log retention configurable within the systems and/or applications?
For each application that contains [Health Care Provider Name]’s EMR, please provide the earliest date that [Patient Name]’s EMR appears in the application’s audit trail.
Please provide the complete EMR audit trail for [Patient Name] detailing any health care provider’s access, review, modification, printing, faxing, or deletion activities in a comma-delimited format with any and all corresponding native files that may relate to the Electronic Medical Record for [Patient Name] as required by the Health Insurance Portability and Accountability Act § 164.312(a)(1). Such an audit trail should include the original values and new values for any alteration of the EMR and shall indicate the user making the change and the date and time of the change.
Please provide the data dictionary for each software application containing [Patient Name]’s EMR. Such dictionary shall include the username key that maps the real names of individuals to their unique user login account IDs for each medical software application containing any EMR for [Patient Name] as required by the Health Insurance Portability and Accountability Act § 164.312(a)(2)(i). Additionally, any lab test, codes, or other short-form identifiers included in [Patient Name]’s EMR Chart or EMR audit trail should be provided as part of the data dictionary production.
Please provide any and all original voice transcription recordings that were made by [Health Care Provider Name], or any other staff that related to [Patient Name].
Please provide any other native electronic files or emails that relate to [Patient Name] in the native format with an index containing the original unmodified metadata for each of the native files or emails produced.
Please provide any DICOM files that were captured as part of [Patient Name]’s treatment by [Health Care Provider].
Please provide electronic records of any outbound faxes and/or other methods of communication that were utilized by [Health Care Provider Name] to [EMR Recipient], in its native form with a corresponding comma file listing containing all available metadata in a delimited format with the corresponding file path to the native file produced for each record.
Please provide the name and title of the person most knowledgeable for the [Health Care Provider Name]’s software/auditing and compliance system.
What customizations and settings were active at the time when the plaintiff was admitted into the hospital? What privacy-related logging is in place for each such system and/or application? Are privacy log retention settings in place for each such system and/or audit log?
Was the COVID-19 Pandemic a wake up call for those businesses who are dependant on the world’s supply chain? Let’s face it everyone is dependent in one way or another on the world’s supply chain. But do we really understand what’s going on? Check out this video blog as experts take a look at the supply chain and the impact of COVID-19.
What’s going on with the world’s supply chain?
Enigma Forensics is wondering about the impact the Coronavirus/COVID-19 pandemic has had on the world’s supply chain. Lee Neubecker sits down (virtually) with Geary Sikich from Logical Management Systems. Both agree the spread of Coronavirus/COVID-19 has been a wake-up call for the world.
First of all, we think it’s safe to say everyone is feeling the impact of COVID-19! It has been devastating for every human being on the planet. What have we learned? Supply chains that carry life-saving products were pinched off and that presented a huge shortage sending the medical professionals and government agencies scrambling to provide much-needed protective medical supplies. Many businesses are dependent on global sourcing and have now found themselves facing hard choices amid the supply chain disruptions.
Both Lee and Geary, agree shipping is an under-reported issue that has been negatively impacted by COVID-19. We all know the story of stranded cruise ships that were quarantined at sea and as a result cruise ships became super-spreaders of the virus. But, what about the shipping industry? Specifically, cargo, oil tankers, and container ships. We know these types of goods transports have limited crews, to begin with, and now we have learned that some of these ships have been quarantined at sea. If they make it into port they are quarantined based on the fact the products they are transporting could possibly be infected. Check out this video to learn more about the COVID-19 impact on the supply chain.
Was COVID-19 pandemic a wake up call?
Lee Neubecker (LN): I am here today with who is that? Geary Sikich, you wore your mask.
Geary Sikich (GS): Yes I’ve been completely protected with this mask.
LN: Is that comfortable?
GS: No, it’s hot and it is made out of rubber. So it’s to kind of a, not the greatest mask in the world if you choose to wear one but it’s good for comedy and it’s almost Halloween so.
LN: So how much did that set you back?
GS: $10 on Amazon
LN: Now how’s the breathability of that thing?
GS: Actually the breathability is pretty good. It actually is pretty good. Then, the biggest issue you face with it is just that you’re going to have body heat kind of contained. If you don’t wear it for a long period of time or you don’t have headphones on you should be okay.
LN: So I had you on the show today. I wanted to ask you some questions about what impact the COVID-19 pandemic is having on our trade environment with imports and exports.
GS: So in general, as the pandemic started to evolve, we saw the impact in a number of different areas. There was a lot of impact on the cessation of imports by countries China, for example, ceased and used force measures to stop oil shipments from coming in. The US has had a big backlog on all their ports, because of concern over making sure that what’s coming into the country is not tainted. The bigger impact and this was one that really is kind of been under-reported if you will, has been that the shipping industry., now take cruise lines out of it ’cause they got a tremendous amount of media coverage with cases there. But what we have is a real issue with shipping, the ships that are container ships, bulk ships, cargo ships of all types, including your large oil carriers. There is a limitation of people who serve on those ships, crews. There’s been a lot of crews that because of Coronavirus/COVID-19 infection on a ship have been quarantined out at sea. And so we’re seeing ships being taken off usage because they’re sitting being quarantined. We’re seeing so a disruption in the supply chain because of a key component of the supply chain, not related to the end products or the originating product.
LN: So all the just in time delivery and assembly is really a parenting problem we say can’t rely on the GPS and calculated travel time.
GS: And actually there’s been another issue that’s come up with, with the systems on ships because of cybersecurity obviously, and in a general way, but they’ve had a tremendous impact in those areas because of that. So shipping has been hit majorly as has air transport because airlines have cut back so tremendously on flights.
LN: All right so in terms of some of the supply chain security programs they have out there, what are you seeing that companies are doing to protect their supply chain implementing these programs?
GS: A lot of what I see right now is that companies are trying to find alternative suppliers so that they can have a broader base of supply chain. So from where we were single-source supply, we’re now looking at moving towards multiple source supply so that they can continually keep a feed of supply coming in.
LN: Yeah because I’d imagine if certain regions experienced the COVID-19 outbreak more, that would disrupt the supply either going to or coming from that region.
GS: Yeah, and you think about things like border closures, you think about things like the inspection process, the concern over whether or not there is going to be contamination coming in in a cargo container you know, may have.
LN: Are they having, in some cases are they having the ships quarantined when they arrive?
GS: In a lot of cases
LN: Before they are unloaded?
GS: Yeah and that impacts tremendously because you got to take a look at the shipping industry and the cargo shipping. They have gone from smaller cargo ships to mega cargo ships. And these mega cargo ships can have, you know, a lot of containers, hundreds of containers if not more. And the problem is when you lock in a ship like that, your shipment may be one of many that gets stuck. And when you take that size ship out of service you can’t replace it very quickly because what happens in the industry is very simple. They’ve gone to larger ships to carry greater amounts. So economy of scale, and they’ve taken the smaller ships and as is now the case with the cruise industry they’re in yards in India and various other countries and shipbreaking yards. So they’re completely being taken apart and they’re no longer part of the service of shipping that’s out there. Now so replenishment of the container, the vessel, is going to have an impact. And if you take one out, you don’t have an easy replacement for it.
LN: Geary well, thanks a bunch for being on the show. I really appreciate it.
GS: Thank you Lee I appreciate your time.
To Learn More About Logistical Management Check out this website
What do bacterial wipes, shields, social distancing, gloves, and safe drop boxes have in common? These are some of the COVID-19 precautionary steps Cook County Clerk Karen Yarbrough has implemented for election day on November 3rd.
Cook County Clerk Karen Yarbrough along with her team has worked hard to make many precautions to each polling place in the City of Chicago to guard against COVID-19. Clerk Yarbrough sits down with CEO Lee Neubecker of Enigma Forensics to discuss the COVID-19 precautionary measures that will be put in place to keep the voters safe on election day.
COVID-19 Precautions by Cook County Clerk Karen Yarbrough
Lee Neubecker(LN): So I’m here today again with Karen Yarbrough Clerk of Cook County. Karen, thanks for being on the show.
Clerk Karen Yarbrough(CY):My pleasure Lee.
LN: And today, we’re going to be talking about election day voting, what you should know what steps the clerk’s taken to help ensure that you’re safe and protected from COVID-19. So Karen, tell us some of the steps you’ve taken to help protect the poll workers and voters for the upcoming election day.
CY: Well Lee, the primary election really gave us a really good bird’s eye view of what we needed to do. What we were unable to do. We had ordered over $30,000 worth of equipment for our poll Watchers and our judges and the public. And it didn’t show up and we get it. They had diverted it to the first responders. So using that as a guidepost, we are prepared for November election. In our warehouse currently, we have gloves we have masks, we have shields, we have the bacterial wipes. We have everything that we need for this election. Additionally, we plan to mark off in the polling places. There’s the six foot we’re going to social distance and the same thing with the machines. We’re going to social distance those. People can feel safe and secure and their vote is going to be the same way.
LN: So what if it rains on election day?
CY: Well, what if it rains? We’re going to do what we always do. We’re going to take an umbrella We’re going to go to the polling place and we’re going to put our umbrella up and we’re going to go and vote.
LN: Well, hopefully enough people early voted, and voted by mails.
CY: We’re hopeful. We’re encouraging people to early vote but what we’re seeing that there’s still some people who want to show up on election day and that’s their right. and we’re going to honor that.
LN: So should people bring their own Sharpie or pen when they come to the polling place?
CY: If they feel more comfortable bringing their own pen by all means, bring it. But I can tell you that we will have a sufficient number of pens. We plan to clean them between each use so that everybody can be safe. I want my workers to be safe as well as the voters.
LN: So what are you doing to help protect people against COVID 19 transmission that comes from being bunched in lines while waiting?
CY: Well, there won’t be any bunching in lines, okay? First of all, they’re going to be socially distance at least six feet apart. So there won’t be any of that bunching that’s…
LN: So you have lines on the floor?
CY: No we’re going to have, we’re going to have yes, absolutely lines on a floor inside the polling place and even outside the polling place even if it rains.
LN: Are they doing temperature checks?
CY: We are not.
LN: So do you think, should we be concerned about a potential spike in cases in Cook County, following election day?
CY: You know we were during the primary, we were concerned about that, but not one person, not one judge and that one person that we know of were affected. And we certainly didn’t have what we’re going to have in November. So I really don’t think so. We’re going to take every precaution to make sure that people are safe. I will be out there all day, election day as I usually am. I go to the polling places, I talk to the judges to see if there are any problems. We have a team of people who will be out there that day to problem solve and troubleshoot. So I fully expect things to go well on election day.
LN: So if people aren’t sure where they vote, how can they find out?
CY: They can go to the best website in the world. And that is cookcountyclerk.com all things election your trusted source.
LN: Great, well thanks so much. This is great, you’ve reassured me, however, I’ll be voting by mail this year, but I’m certainly hopeful that many other people did as well. So that the lines are short and fast for everyone.
CY: We’re suggesting that people come up with their own plan of what you’re going to do. If you’re going to vote early and drop it in the mailbox if you’re going to get your ballot and drop it in one of our safe drop boxes or if you’re going to vote on election day find a plan, make a plan and then exercise your right to vote.
LN: And what should people do before they come in to the election poll?
CY: What should they do? Well, they should wash their hands. They’re going to have to do that. We’re going to have that bacterial stuff that you use on your hands, but we’re going to have gloves too. People are going to be safe. They’re going to feel very very comfortable when they come to the polling place.
LN: And they should wear a mask when they come.
CY: They should absolutely.
LN: And if they forgot their mask?
CY: And if we’re going to give them another one.
LN: So most importantly vote. Thanks for helping keep us safe Karen.
CY: Thank you.
To Learn More about the COVID-19 Precautions Check out Cook County Clerk’s website
How much would you freak out if your Amazon Prime order would take over a week to be delivered? Check out this discussion to find out more about GPS vulnerabilities and related concerns about the impact on international shipping trade.
Global Positioning System (GPS) Vulnerabilities
GPS Cyber Attacks in the shipping industry would cause billions of dollars in damage to the world’s economy. Just how vulnerable are the GPS systems in the shipping industry? Enigma Forensics CEO Lee Neubecker and Geary Sikich, Principal of Logical Management Systems, report on a GPS Cyber Attacks on maritime shipping lanes. Together, they analyze the vulnerability and offer solutions to thwart cyber attacks.
The International shipping supply chain is the main artery feeding the world’s thirst for importing and exporting food and manufactured goods without it the world would starve. According to the International Chamber of Shipping, (see link below) the maritime transportation system transports by sea approximately 95% of the goods internationally traded. With most of the goods and services dependent on maritime trade, it’s easy to see how important it is to safe keep the vulnerabilities of the GPS systems.
Check out this video to view a Realtime GPS Cyberattack
Transcripts of Video Follows
Lee Neubecker (LN): Hi. I’m Lee Neubecker and I’m back here with Geary Sikich on my show, thanks for coming back on Geary.
Geary Sikich (GS): Thanks Lee for having me. I appreciate it.
LN: So, what do you want to talk about today?
GS: Well, we can talk about transportation issues, we can talk about Coronavirus issues related to anything and everything.
LN: How about the cyber attacks that you were talking about earlier that took place in some of the cargo shipping.
GS: Yeah, I was just going to mention that we’ve had a number of incidents over, well, since March that I think would’ve occurred regardless of Coronavirus or not, but we’ve seen more and more shipping being attacked in cyber attacks with ransomware, with other types of interference. So, we’ve seen an uptick and there’s a lot of vulnerability and susceptibility within the shipping industry in that regard. They just had one this week.
LN: Yeah. You know, you brought that up and I remembered there’s a video I want to share with you.
LN: Back when the USS McCain underwent a cyber attack, well, they had a collision, and I speculated that it was a cyber attack. I want to just show you the clip and see if you see what I saw. Hold on just a second, share screen. Okay. Got the screen on. This is an AIS video which is posted, it shows commercial traffic.
LN: And I’m going to jump forward to what we see here at this point in time. This is the USS McCain which is not on the commercial public tracking system, and the blue line here is actually the Alnic which changes course at the last minute and collides. So I’m going to play it real quick. You can see the Alnic.
LN: Okay, what did you notice happen at the precise time of the collision?
GS: Well he went almost directly at the ship. It was like a 90 degree turn.
LN: Yeah, watch it one more time here. And so it was minutes before the course changed. Many of these cargo ships are under, you know, autopilot GPS drive.
LN: Now, I want you to look, I want you to look right here. See this ship here? Run Hang 98?
LN: That’s a Chinese ship. It’s within, it’s within Bluetooth, Wifi, GPS spoofing range of the Alnic. And now watch at the exact time of collision. It disappears. You see that?
GS: Wow. And–Yeah, that’s kind of…
LN: Yeah, so, anyway, I reported this previously to the Department of the Navy at the time but there were a number of incidents happening that made it look like these vessels under autopilot were having, at the last minute they were suddenly changing course and colliding into ships. So this whole GPS hacking is still, you know, still a real risk, and that’s why now, you know, the military said that this was an issue with the men on deck not paying attention to what’s around them, but at the time, I don’t think that the Navy expected friendly cargo ships to suddenly collide towards them.
GS: Yeah, to veer off course like that.
LN: On short notice. So, I suspect now that the Navy has protocols to help anticipate this type of thing happening and to protect our servicemen.
GS: Mm-hm. That kind of goes along with the studies that they’ve done on the utility side of the house with the generation equipment. Your converters, your, you know, the big boxes that essentially transfer power from power plant to the grid system. And they’ve seen that you can take those over via the cyber for, you know, the cyber window if you will.
LN: We even had the issue with the Boeing Max 8’s when they were having all those problems. And the chip that was inside the plane is a combination hybrid chip that’s both electromechanical and digital, and if you, if you direct sound waves at that chip, at the natural frequency of the chip, you can cause the chip to malfunction or even be damaged. So it’s possible that a sonic attack was launched either while the plane was on the ground, to damage that chip, or it could even happen in air. So I suspect that, you know, the Max 8 is undergoing rigorous testing before they bring those back up.
GS: Yeah, I would think that that’s got to be, I mean, just the entire cyber perspective, it’s got to be an area where private sector and public sector need to coordinate and, you know, share information, but also figure out a way to begin to protect. Now, the interesting aspect with this is that I talked to a couple of colleagues recently, former military, and they’re all saying now that there is a developing new strategy where instead of being reactive that the US may become proactive, if you will, and preempt a lot of attacks. So they may become more aggressive in terms of cyber security in an offensive way versus a defensive way. Which is really interesting because at what point does that become so expansive that we find ourselves, you know, locked in a cyber conflict.
LN: Yeah, like let’s take the GPS, the potential for GPS hacking is there.
LN: By having multi-antenna detection systems, you could have on the front of a vessel and the back of the vessel, you could have two antennas attached to a computer, and if it detected a sudden change over in the GPS coordinates that didn’t align with the distance between the two, you could know that that vessel’s in a region where someone’s screwing with GPS. And then, if you have enough vessels with this technology, you could triangulate and locate the source of the emission. And that would be something that could be proactive to identify are there vessels out there on the water that are emitting and trying to overpower the global satellite GPS signals with local signals? And that would be very useful to know because you could track down, you know, the source. And it doesn’t mean that the, the source ship might not even know that their equipment’s compromised. So, it’s a lot more complicated that simply assuming that the vessel generating the signal, that the operators of that vessel are behind the attack.
GS: So, it would be wise to not sync them right away .
LN: That would be good. Well thanks for being on the show. I appreciate it.
GS: Thanks Lee for having me. It’s a great topic. I’m sure that this is going to get much more press over time.
How does voting by mail work? Are you worried about voting mail fraud? Check out this video blog and you will be so much smarter after.
How is voting by mail going to work? Is it safe to vote in-person or should I vote by mail? All of your questions are answered in this video blog with Computer Forensic Expert Lee Neubecker and Cook County Clerk Karen Yarbrough. They will help put your mind at ease!
Lee Neubecker (LN): Hi, I’m here again with Karen Yarbrough, the clerk of Cook County and she’s responsible for administering elections and making sure that your vote counts. Karen, thank you for being on the show again.
Clerk Yarbrough (CY): Again, Lee. Thank you.
LN: So, today we’re going to talk more specifically about voting by mail.
LN: What do you have to do to vote by mail?
CY: Well, the first thing you have to do is be a registered voter. What a concept, right? Be a registered voter and then have a place where you want your ballot to be mailed to.
LN: Okay. So if you want to get that ballot, how can you get a vote by mail ballot?
CY: You apply at the best website in the world cookcountyclerk.com and you apply there. You will be sent a ballot and hopefully you will review your choices, make your choices, you’ll sign the envelope, it’ll be a postage paid envelope for you and mail it in. Or you have the option of if you don’t want to mail it in, we’re going to have over 60 boxes in which… They will be inside of the early voting places. And you’ll be able to drop those in the box. Now, I want to tell you that they’re inside because some people have suggested that, “Oh, if they’re out in the middle of Michigan Avenue, somebody could just cart it off.” We’ll not be in the middle of Michigan Avenue. They will be inside the polling places and they will be attended to by one of our election judges.
LN: Great. So you can either drop it off at the polling place or you can drop it in the mail?
LN: And, what is the deadline on when you can last request a ballot to vote by mail?
CY: Whatever that deadline is, don’t use that deadline to do it today, okay? Today is the day that you should request your ballot. We’ve heard some stories about the post office, although we feel like they’ve been doing a pretty good job and regardless of the noise you’re hearing from Washington, turn it off, fill out your ballot, send it in or drop it off at our locations.
LN: And So as long as it gets postmark stamped by November 4th, it counts, correct?
CY: November 3rd. Yes.
LN: Okay, November 3rd.
CY: Yes, yes.
LN: So as long as it gets stamped by November 3rd, the ballot counts?
CY: That’s absolutely correct.
LN: So drop it off at the post office if you’re concerned, but people should try to drop it off early so there’s time-
CY: We want people to apply now for their ballot. Get their ballot, review their choices, pop it in the mail or else drop it off at one of the drop boxes at our early voting sites.
LN: So, you could also think of voting by mail as doing your part to help control the spread of COVID-19.
CY: I agree. And we’re suggesting, especially to seniors, seniors are very… They want to be social and that’s what many of them have told me. They like showing up on election day. So I’m suggesting to them to use my website, cookcountyclerk.com order your ballot, review your choices and either mail it in and if you want to be social, drop it off at one of our drop boxes. You’ll be able to wait to our judges that you’re used to seeing on election day, but you’ll be able to not stand in line and pop it in our dropbox.
LN: Good. So, let’s say that someone’s at a situation where they got the ballot, they have it at home, but it’s election day. Is it better for them to drop that vote by mail ballot at a poll box or is it better to go in and vote in person?
CY: They should go ahead and vote in person. Even though that ballot, we know that ballot, they have that ballot and the fact that they lost it or they don’t have it, that’s okay. Come in, vote, but there’ll be voting provisionally. And what we do is that spoiled ballot, as far as we’re concerned, that ballot is spoiled because they’ve already voted. Each and every voter in Cook County has a unique voter code that is you. And anytime it shows up, that’s where you get the one person, one vote. We’re not again, having Mickey Mouse to vote in these elections, okay?
LN: So, you think that there’s any truth to voting by mail leading to a fraudulent outcome of the election?
CY: There’ve been countless studies done on fraudulent voting and elections. And I don’t know why this year this is such a focal point. These studies have suggested that less than one point, whatever percent, it’s just not happening, it’s red herring, it’s not happening. So we’re not going to… Although we’re going to prepare for anything like that, it’s just not true.
LN: All right. And one last thing, can you tell everyone again what the website is they need to go to, to request the vote by mail-
CY: cookcountyclerk.com the best website in the world that you can use to get the real deal. No fake news there.
Cook County Deputy Clerk John Murkovic has worked hard to secure the electronic voting system. He’s made it hard for cyber hackers to throw a wrench in our election process. Learn what measures he has implemented against election hacking.
Cook County Deputy Clerk John Mirkovic focuses on securing the electronic voting systems from election hacking
Enigma Forensics, CEO Lee Neubecker and Cook County Deputy Clerk John Mirkovic discuss election hacking and measures that have been taken to help secure Cook County for the upcoming 2020 Election scheduled for November 3rd, 2020. The two discuss past hacking attempts during to 2016 election cycle on the Democratic National Committee, including phishing attacks that compromised numerous campaign workers.
Lee Neubecker (LN): Hello, today I have John Mirkovic from the Cook County Clerk’s Office. He’s the deputy clerk and he oversees all the technology and communications working with Karen Yarbrough, and today I’m going to be talking to him about protecting the vote from cyber attacks. First, I wanted to start off by recapping what happened in 2016. Hillary Clinton’s Campaign Chairman, John Podesta, was phished with an email on March 19, 2016. And what had happened is he forwarded an email to a staffer that had replied with a typo. The staffer said this is a legitimate email versus what the staffer should have said is this is an illegitimate email. So he did the right thing by checking first, but he probably should have picked up the phone and not relied on email. So then he went and he clicked through and reset his password. And the type of attacks that are happening right now is such that when you click a link, sometimes it will pretend to be Office365 or Google, and it will want you to put your username and password in so that you can see the document. Well, in fact, those sites are getting your credentials for later cyber attacks, or they’re trying to put malware on your computing device. So what happened after that? In April 2016, hackers created a fake email account and spearfished 30 Clinton staffers. They sent a spreadsheet that had the name Hillary-Clinton-favorable-rating.xlsx and that attachment was designed to make the staffer want to click. So these are social engineering attacks on campaign staff. And then later DCLeaks was registered, and all these emails were published and put out there, which was very damaging and probably changed the outcome of the election in 2016. So I have John here, and John, I want to ask you, what steps has the Cook County Clerk taken to prevent similar attacks here in Cook County?
Securing Electronic Voting
John Mirkovic (JM): Well, I think one is that we don’t make it so easy that you can change credentials via one email that way. So, what happened to Mr. Podesta, it would have required a few more steps in our agency, which is usually good, I guess, but it was such a clever attack. There’s almost no way to stop something that clever, and that relies on someone’s sense of urgency and emotion. So we, in our office, we work with Cook County on our email servers, so we would reach out to a different office to work with that. So the ability to make it hard to change emails, for example, you know, it can be frustrating sometimes but you know, you realize when you build those layers up if they frustrate you that means they’re going to frustrate an attacker as well so that’s one way.
LN: So deployment of frustration, a government staple, right?
JM: Yeah, the old help desk.
LN: Well, having these processes in place though, by design they help protect people and make it more difficult for hackers to get in. So that’s great. There’s been a lot of talks about potential hacks coming on election day, should voters be concerned that their vote’s going to be hacked on election day?
JM: I think they should be more concerned about the disinformation campaign that is going on about hacking voting machines in Illinois, and that we have the misinformation from nebulous foreign state actors, but they’re actually people in this country who are being paid. You know, they think they’re working for a news agency, but it’s some shell and all they’re doing is spreading misinformation, especially in Illinois. You know, we’ve had to refute notions that our ballot marking devices are connected to the internet and that anybody can get in there. So to answer your question, we use a lot of layers of security and some of them, and the main one is we don’t even give ourselves the ability to update these machines on election day or in the field, which again that frustrates us, but we also know that if there’s no way to communicate with those machines by us even, then no one else can, so.
LN: Isn’t there also a simultaneous paper audit trail for the voting machines?
JM: Yeah, so voters in suburban Cook County should be really happy with the system we have in Illinois, which requires a paper backup of every vote. So voters in the suburbs may remember, I don’t know if they had them in the city, but they may remember the sort of receipt paper printers that were built into the machines and they would kind of scroll really quick and show you what you voted for, but it really wasn’t user-friendly, so.
LN: John, just finally, should voters be concerned about election equipment being hacked on election day?
JM: Well, you know, depends where they live. If they live in a state that isn’t as committed to security, I think that people should ask questions and these are the right types of questions to ask, and if you live in a state and you find out your ballot marking device or voting machine is connected to the internet, you should be worried about that. In Illinois, that is not the case and we don’t even use the open internet for any transmission of data, we use secure cellular networks that can work one-way communications and send encrypted data that cannot be tampered with in transit. So voters should ask questions and, but they should also be mindful of who’s causing them to ask questions, and if that person is playing on their emotions.
LN: Great. Do you think that early voting and vote by mail will help reduce the potential impact of election day hacking?
JM: Yeah, I believe so. If you think about centralized versus decentralized targets. You know, an election where you have ballots being cast in 400,000 different locations, as opposed to 1,000, that’s a bigger attack vector and harder to, you know, for a foreign adversary to manipulate really. So it’s really, a mail election sort of really makes it hard for a hacker to find a way to get in there, so I think that vote by mail does make election safer.
LN: Great. Well, thanks a bunch for being on the show, I really appreciate you taking the time to come on.
Do you have concerns about voting in person? Cook County Clerk Karen Yarbrough urges everyone to vote early or by mail. Make a plan and plan your vote. It’s easy peasy!
Cook County Clerk Karen Yarbrough sits down with Lee Neubecker, President of Enigma Forensics to discuss the do’s and don’ts of early voting in the Cook County election and how to receive your mail-in ballot.
Early voting begins on October 19.
Lee Neubecker (LN): Hi, so I’m here again today with Karen Yarbrough, the Cook County Clerk, and we’re talking about the election that’s coming up. And today’s topic is specifically about early voting. Karen, thanks for being here.
Clerk Karen Yarbrough (CY): It’s always a pleasure, Lee.
LN: We’re actually seated roughly 12 feet apart from each other, practicing social distancing.
CY: Yes we are.
LN: And we can actually look at each other while we talk, which is nice.
CY: Yes we can.
LN: So tell us a little bit more about why people should consider early voting this election.
CY: You know Lee, I used to always pride myself in voting on election day. There’s something exciting about voting on election day. The camaraderie, seeing people you don’t see, you know, particularly every day. However, I got used to voting by mail because it’s convenient. And so people should, with this particular election, they need to make a plan and then plan their vote. I’ve already made that plan. And I plan to, I’ve already requested my ballot. I expect it in the mail any day now. And I plan to review my choices and I plan to drop it in a dropbox.
LN: Great. So when can you vote early in Cook County and the city of Chicago?
CY: So in Cook County, you can early vote on the 19th of October. There are some dates, October 7th, I believe for somebody who’s not registered to vote, they can actually register and vote on the 7th of October. In the city of Chicago, they will be starting that process on October first.
LN: So is there a website that people can go to if they want to get a–
Where to find more voting information
CY: I’m glad you asked Lee. All the information that you’ll ever want to know is at cookcountyclerk.com. Everything is there. Go to that website, click on elections, and you’ll see an array of information there that can answer each and every question that you ever have for elections for this particular election.
LN: And I know that the last election cycle that you told me about that, I actually did it. It only took less than, it was about a minute time–
CY: If it takes that long.
LN: And the ballot came and it was easy. What was nice is I had time to look up the different races. I could use my computer, I could do my research and be thoughtful with access to more than my smartphone. So I could actually read things while I was voting. So it was a nice experience.
CY: Easy peasy, that’s what I say. And, you know, you can give some time to actually looking at your selections. You can go online and research the candidates and make good solid choices.
LN: Yeah, and just so you know, my daughter voted for the first time in this election and we took her to early voting in person. And I asked could I early vote instead because I was there and he said I could but it would be a provisional ballot that wouldn’t get counted until later. So I thought that it seemed, at least, there was a check and balance. Your team knew that I had already requested a mail-in ballot and they had that checkup. But if I wanted to vote in person, I could have, you know, so like, if I lost my ballot, I could still vote. It’s just the provisional ballots don’t get counted until later.
CY: Yeah, and We want people to understand that process too because I’m suggesting to people to go ahead and order a ballot, go ahead, fill out the application. Like you said, it only takes a minute or so to do that. When your ballot comes, make a determination at that point do I plan to, you know, fill this out and mail it in or do I plan to drop it in our dropbox? Or do I plan to maybe do like some others who have suggested to me that they planned the, planned doing that would be their backup plan, just in case they can’t get to the polling place on election day. So I’m encouraging anybody and everybody to please, you know, order your ballot, get your ballot, do your research and obviously vote.
LN: So you can actually take your mail-in ballot and if you’re concerned that it’s going to be held up at the post office, you can drop by any polling place?
CY: We have, right now, over 60 early voting sites. And so if you’ve gotten your ballot and you want to drop it off at a dropbox, you can do that. You do not have to stand in line and we’ll have one of our election workers standing right there.
LN: So outside there’s actually–
Drop Boxes for Mail-In Ballots
CY: Inside, inside there will be a box that you can put your ballot in and there’ll be somebody right in front of that. You will not have to stand in line.
LN: Okay, so what if someone lives outside of Cook County?
CY: Somebody who lives outside of Cook County, you mean that maybe somebody in the military. That’s what absentee voting is all about. And you know, we’ve been doing that since the Civil War. Complete your ballot, send in for your ballot, complete your ballot and mail it in.
LN: Do you have any concerns about people voting more than the once?
CY: We do not because we put a number of things in place to make sure that kind of thing does not happen. One thing, we have election judges that, you know, they’re sworn in and they review every single signature. You know, you have to sign, so they will do that. Each person has a identification number, okay, that’s only germane to you. So that way we know it’s you. So if Mickey Mouse shows up, Mickey Mouse is not going to be able to vote because Mickey Mouse does not have this voter code that we have. Finally, you know, we have a, we’ve just gone through every idea and had people to kind of test, to make sure that we are ready for the November election to make sure that people, you know, do the right thing. And that’s what we’re telling them to do. Do the right thing. At the end of the day, too, we also do, we check out 5% of the ballots to make sure, you know, after the election, that they’re right on target.
LN: And so finally, when is the last time, the last date that you can request, that you can actually go in and vote early?
CY: The last time that you can go in and vote early actually is November 3rd which is election day, okay, They can vote that day, but the day before. So that would be November 2nd. Don’t wait and do it then. Do it early.
LN: Well, thanks a bunch for being on the show. I look forward to talking to you again soon.
Why doesn’t Divvy Bike Share System use the same GPS technology as Lyft? Isn’t Divvy managed by Lyft? We have more solutions for Divvy Bike Share Security. Check this out!
We were wondering how safe is the Divvy bike-share system security? Enigma Forensics has been following the Divvy bike story. We love the idea of the ease and accessibility to rent a bike but don’t want the criminals to ruin this city-wide opportunity.
Divvy Bike Share System
The Divvy Bike Share System is a great resource that has been open for business 24 hours a day, 7 days a week, and 365 days a year. All different shapes and sizes of people are able to use bike share to commute to work or school, explore the city, attend appointments, meet up with friends, and everything else in between. The beauty of the Divvy bike-share system is that it offers affordable transportation and features bikes that can be unlocked from one station and returned to any other station throughout the city. This all sounds like a great program for the city but the recent looting in Chicago has led to occasional lockdowns on Divvy Bike usage. We thought we would take a deeper dive and discover how safe is the Divvy Bike security.
Divvy Bike Issues
Divvy has been plagued with several issues that not only include difficulty in docking at stations that allow bikes to be obtained when legitimate riders fail to fully dock and lock their bikes. It has also been reported these docking issues lead to a significant amount of stolen bikes used in crimes. To make matters worse, additional ways to obtain access to a Divvy bike can be easily accomplished by using a stolen credit card to unlock a bike. How? There isn’t a two-factor authentication required to unlock a bike and the credit card system doesn’t require the entry of the billing card member’s zipcode. The lack of security allows the ability to use anyone’s credit card which makes it easier for the thief to steal a bike. By adding these two simple changes; a two -factor authentification and zip code requirement Divvy could dramatically improve the situation.
The latest crime that has Divvy in the hot seat with local Chicago Aldermen, happened on the morning of July 27, 2020, when an 82-year-old man was carjacked in Streeterville by a group of Divvy bike riders. After they stole his car they left the Divvy bikes at the scene. We assume these bikes were stolen and if so it makes criminal activity in otherwise safe neighborhoods a lot easier. Additionally, you may have noticed abandoned Divvy bikes while traveling through the city of Chicago. If you see an abandoned Divvy bike, do the last paying rider a favor and dock the bike to prevent racking up hourly charges. These issues have bubbled up to a few Chicago Alderman who has informed Divvy of the complaints brought forth by their constituents.
During our research about current docking station flaws, we found this article from The Chicago Reader. The article’s title, “FOIA’d emails reveal an ongoing citywide epidemic of Divvy thefts.” Chicago Reader wrote the culprit is the hasty decision by Divvy to remove a critical piece of security hardware from Chicago’s docking stations. They reported the security device that was removed had been making it difficult for users to dock bikes at the end of their rides. By removing the device it also made stealing docked bikes easier. https://www.chicagoreader.com/chicago/divvy-bike-thefts-chicago-security-hardware-removed/Content?oid=58659144
Enigma Forensics agrees with a solution to integrate GPS locating technology so that stolen bikes can be disabled remotely. Once the thieves know that are being tracked and the bike will be disabled, it will curtail the problem. Another solution we found that could help improve the situation is alerting users via a phone alarm if they fail to lock their bike properly.
Use GPS Technology
Divvy doesn’t utilize GPS technology to track the bikes down and release the last rider from the costs. Since Divvy Bike Share is supported by Lyft, why can’t they adopt the bikes to include GPS technology and install digital cameras at each station to help record criminal behavior? After all the Lyft drivers use GPS! We urge Divvy to install a better credit card payment system using two-factor authentication and requiring the billing zip code associated with the credit card to be entered. GPS technology will allow remote locating of lost or stolen bikes with remote brake locking technology that would curtail illicit use of bikes and theft. These are potential solutions that we hope our Alderman will be able to move forward to help keep Divvy bikes a program for all Chicagoans.
Phishing, Ransomware, Endpoint Security, IoT Devices and Cloud Jacking. What do they have in common? Top Five Cyber Attacks we are concerned about and you should be too!
The frequency of cyberattacks is growing. The following is Enigma Forensics’ top five cyber attacks that you should be made aware of.
Phishing Attacks are specific forms of email or text messages that are targeting victims to gain access to their personal information. Phishing messages often try to induce the receiver to click a link to a package shipment delivery message or other seemingly legitimate hyperlinks. It acts like a harmless or subtle email designed to get victims to supply login credentials that often become harvested by the attacker for later use in efforts to compromise their target. Sometimes phishing emails spoof the sender to be someone who has already been compromised. Once compromised, often times the compromised user’s mailbox is used to relay other outbound messages to known individuals in their saved contacts. This form of attack earned its name because it masquerades as an email of someone you may know and because you know the sender, you are more likely to nonchalantly open the email and click on the attachment to learn more about the content. With a click of a mouse, BOOM you can be compromised. This is a very easy and effective scam for cybercriminals. Warning: Do not open attachments or forward chain emails!
Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge. The cybercriminal then holds the stolen information for ransom, thus the name! They may ask for a ransom payment in the form of digital currency such as bitcoin. Whether or not the victim pays the ransom depends on what information they have stolen or what criminals have threatened to do with the stolen information. Warning: Do not visit unsecured sites!
Remote Worker Endpoint Cyber attacks are currently the most popular because of the number of employees working from home caused by the Coronavirus. In the month of March, many workers were sent scurrying to their homes without companies placing proper cyber protection protocols. Employees are using their personal devices to conduct work and often are not fully patched, updated, and using encryption to protect their home devices against cybercriminals. Many company executives have been targeted at their homes, where they are much less likely to have commercial-grade firewalls designed to protect endpoints and company trade secrets.
IoT Devices attacks are a popular vehicle used by cybercriminals to establish a beachhead for launching lateral attacks across a home or work network. IoT devices involve extending internet connectivity beyond standard devices, such as desktops, laptops, smartphones, and tablets, to any range of traditionally dumb or non-internet-enabled physical devices and everyday objects. Embedded with technology, these devices can communicate and interact over the internet. They can also be remotely monitored and controlled. IoT Devices should be segmented and on a different network than corporate work from home devices. IoT devices pose a great threat because many of these devices lack automatic update processes and can become a beachhead for cybercriminal attacks in your home.
Cloud Jacking will increase with an estimated growth of cloud computing to be a $266.4 billion dollar industry in 2020. The idea of cloud storage makes one believe it is an improved option rather than the traditional on-premise computing storage. This will and has become a major security concern and has created a strong urgency to increase the creation of cloud security measures. Cybercriminals will up their game and cloud jack data information whenever possible. The race in on to see who does it cloud security better; the good guys or the bad guys. To protect against Cloud Jacking cyber attacks, organizations should enable two-factor authentication options, such as Google authenticator.
Two-factor authentication requires two of the three following means of authentication:
Something you know (A password)
Something you have (A key fob or cell phone authenticator)
Something you are (Retina Scan, Facial recognition, fingerprint)