Videos

Cell Phone Privacy: San Bernardino

Computer Forensic Experts Lee Neubecker and Debbie Reynolds discuss the problem that involves government versus cell phone privacy.

Cell phone privacy played an important role in the San Bernardino attacks. On December 2, 2015, Syed Rizwan Farook and his wife, Tashfeen Malik, open fired on San Bernardino County workers at a holiday party killing 14 and injuring 22 others. The FBI wanted Apple to give them access to the perpetrator’s phone.

Apple states, “We built strong security into the iPhone because people carry so much personal information on our phones today, and there are new data breaches every week affecting individuals, companies, and governments.” Apple continued…”We feel strongly that if we were to do what the government has asked of us — to create a backdoor to our products — not only is it unlawful, but it puts the vast majority of good and law-abiding citizens, who rely on iPhone to protect their most personal and important data, at risk.”

Leading computer forensics expert Lee Neubecker, CEO & President of Enigma Forensics discusses the issues relating to cell phone privacy and the government’s desire to have a back door into your smartphone with the Data Diva, Debbie Reynolds of Debbie Reynolds Consulting. These experts have an interesting perspective.

Cell Phone Privacy: Part 2 of 4

The Video Transcript follows.

Lee Neubecker (LN): Hi, I’m back again with Debbie Reynolds. Thanks again for being on the show.

Debbie Reynolds: Thank you, Lee.

LN: So, we’re continuing with this multi-part series talking about cell phone forensics.

DR: Right.

LN: It’s specifically, this section we’re going to talk about the San Bernardino 2015 December attacker that unleashed terror, Syed Farook, and at the time when that happened, the FBI went to Apple and claimed that they needed assistance with unlocking the phone.

DR: Right, so I remember this very well. This was maddening to me, because a lot of the news reports, I don’t think any of them correctly stated how cell phones actually work, and they sort of bungled the information about the cell phone. So, a lot of the articles were trying to say that the only way they could unlock the cell phone is with Apple’s help,

LN: That wasn’t true. We knew that wasn’t true.

DR: No, you know that wasn’t true.

LN: You know, I thought when they were doing that, that they might have said that to put out misinformation so that other people who were communicating with the terrorists might have thought that they were safe. I was wondering if they might have done that on purpose so that people would keep their phones so that they could track and follow other people.

DR: I don’t know, my feeling was that you know, the FBI or whoever was making this request was trying to create a precedent to be able to have people like Apple give them, create vulnerabilities in phones so they don’t have to do this one-on-one unlock feature, but why would Apple or any other company who’s in the business to make money create a vulnerability that possibly could be the antithesis of their invention. I wouldn’t use a cell phone if I thought it was unsafe, right, or insecure.

LN: Well, I just assume they’re all insecure.

DR: Well, as secure as it can be

LN: As secure as it can be, but you know, Microsoft, Apple, they issue patches and updates for security flaws every month, so there are still bugs out there that can be exploited, but when that happened right away, I was wondering why they didn’t call Cellebrite, and ultimately, Cellebrite, Israeli firm, they’re likely the ones who actually got the contract to unlock that phone.

DR: Yeah, right, exactly.

LN: But the whole notion of having a common key that law enforcement can quickly unlock any device without any judicial intervention, it’s a little concerning.

DR: It’s very much concerning. It’s like you’re trying to boil the ocean to solve one problem.

LN: Well, then if you have one key, someone in the FBI leaves, and they take that key with them, then they go and they link it on the Dark Web, and this is the type of thing that’s happened with contractors to various cyber agencies and the government, and these keys get out there, or weapons get out there, and everyone’s getting exploited, and it takes the government a long time to report it to Microsoft, to Apple, and everyone’s getting hacked in the meantime.

DR: Well, and there are a lot of other ways to get stuff off of a phone, so I think of a phone as a gateway to other things. You know, if even you do banking on your phone, if you lose your phone, that doesn’t mean that the information’s lost. You can go to the bank, companies can serve affidavits on different entities that have other information. If a person was communicating with someone else, you may be able to crack their phone, so there are a lot of different ways to solve this problem that don’t require creating a back door for a complete product.

LN: Yeah, and you know to your point about the issue when then-director Comey, James Comey, had testified seeing that they needed help, apparently the FBI’s own remote phone specialization group hadn’t been tasked with trying to get into the phones, so they hadn’t fully explored their own capabilities before they went to ask for Apple, because like you said, they wanted to establish precedent, and they wanted to change how it worked, and I think we’ve consistently seen and heard that the FBI wants full access anytime so that they can protect people, and there are some issues with that because if it’s simply full access, it’s going to make everyone less secure.

DR: Absolutely, absolutely, so I think all of us, there was quite a bit of eye-rolling when these reports were coming out about them not being able to do the cell phone, and it was like a lower version, too, so it wasn’t like the super– With every cell phone they get more secure, the OS–

LN: You know, it’s like give me the cell phone, DR: Exactly! LN: I’ll get into it. DR: Exactly!

DR: You know, even when they were interviewing people in the press, they weren’t really interviewing the forensic people who do this for a living, so I’m like who are they talking to?

LN: All the computer forensic people I know, we talked about this. The best plausible explanation I could think of, again, that they were trying to create a false narrative so that they could break up other people who were collaborating, but in fact, the Inspector General’s report from the FBI revealed that they just hadn’t fully done everything, and it sounds like it was two-part, it was part they wanted the power and the access, but second the operational component. What happens, you know, there’s a more recent case that we’ll talk about in a later series, and the question becomes then, again, have they used that most, their own internal resources fully before they’re going to Apple?

DR: Or even have they leveraged people like Lee, who do this for a living. It was funny, because when they were, when this case was going on, I had another case at the same time, had the same cell phone, and literally I sent it out and got it cracked like within a day. I couldn’t understand what the issue was, exactly.

LN: Hey, what can I say, I’m good.

DR: Exactly!

LN: Well, tune in for our next segment, where we’ll be talking more about some privacy issues related to having a back door, and some better solutions that if, you know, if Congress and Senate if they want to pass legislation, there are some ways that we can still allow the FBI to get in without having a common back door key that doesn’t undermine security.

DR: Exactly.

LN: Thanks for watching. DR: Thank you.

To review the first video in this series please read below.

Cell Phone Forensics
Cell Phone Privacy
FBI Warning: Smart TV’s may be spying on you.
Mobile Phone Forensics
NIST 800-53: Security & Privacy Controls

Click here to view Apple’s comments.

https://www.apple.com/customer-letter/answers/

Cell Phone Privacy

One can’t overstate how much of our personal lives we reveal to our smartphones and that includes criminals too. Watch this three-part series to learn more.

Introduction of our four-part series on Mobile Phone Privacy and Security.

Cell phone privacy is a real concern for both individual users and law enforcement. Literally, everything you do on your smartphone or any other device is vulnerable and completely defenseless against criminals and sometimes the government. Think about what you have on your phone and how it’s used on a daily basis. All of your personal contacts, photos, videos, text messages, emails, online bank or other accounts, GPS locations data, basically, your history of who, what, where, when and how about yourself all exist on your smartphone. We can’t overstate how much of our personal lives are revealed and how much our cell phones are vulnerable if disclosed to unauthorized parties.

Guess what? Criminals have cell phones too, and their information can lead to not only solving a crime but saving lives. Law enforcement agencies continue to call for access to encrypted communications and devices, while tech companies warn that doing this would weaken the protection and allow potential criminals to take advantage of that same access. Leading computer forensics expert Lee Neubecker, CEO & President of Enigma Forensics discusses the issues relating to cell phone privacy and the government’s desire to have a back door into your smartphone with the Data Diva, Debbie Reynolds of Debbie Reynolds Consulting.

Cell Phone Privacy: Part 1 of 4

The video discussion transcript follows.

Lee Neubecker: Hi, it’s Lee Neubecker again, and I have “the Data Diva”, Debbie Reynolds back on my show again.

Debbie Reynolds: Hi!

LN: Thanks for being on.

DR: Thank you, Lee, for having me. I’m happy to be here.

LN: So we’re going to try something new. Instead of doing a big long eight to ten-minute video clip, we’re going to do a multi-part series, and this one’s going to be on the topic of…

DR: Cell phone forensics and recent incidents in the news having to do with the government asking private companies to unlock or create back doors to cell phones.

LN: Yeah, so cell phone privacy is an issue that many people are concerned about There’s a legitimate national interest in being able to investigate when terrorists use cell phones to conduct attacks. But there are also some concerns that every business should be concerned about if there’s a single back door key because we know the government can’t keep their keys in place. At least that’s what happened to the FBI, the NSA, then other agencies that were breached following the OPM breach.

DR: That’s right.

LN: So in the first segment of our four-video series, were going to be talking about what was reported by the Inspector General’s report from the FBI involving the San Bernardino terrorists when they wanted to get into the cell phone.

DR: Right. And next, we are going to talk about the privacy issues related to the FBI or possibly companies creating back doors, the court issues, the key solutions, and also the imperatives of organizations or companies not wanting to create these types of vulnerabilities in their inventions.

LN: Then you’ll get to hear us banter a little bit about what we think should happen

DR: That’s right.

LN: And then finally, in our last segment, the Pensacola Navy Yard station shooting that happened just this week. The FBI again approached Apple wanting help to get into the phone because they haven’t been able to get into the phone, and they’re wanting to know who else was involved, who they were texting with and whatnot so that they can help prevent other such attacks. So, that will be the wrap-up, and we welcome your comments on the website, your likes, and feel free to check out our video and share it.

DR: Thank you.

LN: Thanks a bunch.

Watch the Next Segment on Cell Phone Privacy: Part 2 of 4 continued

More to read about Cell Phone Vulnerabilities

Cell Phone Forensics
FBI Warning: Smart TV’s may be spying on you.
When to Select A Computer Forensic Expert
Trade Secret Theft Litigation
Robocall Legislative Update
Trade Secret Theft

Understanding EMR Audit Trails

Understanding EMR Audit Trails is important to any company dealing with (PHI). They must have all the necessary security measures in place and follow them to ensure HIPAA Compliance.

Understanding EMR Audit Trails is essential to a patient’s medical history In medical malpractice litigation. The Health Insurance Portability and Accountability Act (HIPAA) requires that the Electronic Medical Records (EMR) maintain an audit trail including all of the metadata. This EMR audit trail is a piece of highly relevant evidence as to who accessed what in the record, what entries were made and/or changed, by whom and when. Computer Forensic experts are key to effective electronic discovery during medical malpractice litigation.

How do hospitals record, protect, and store data? HIPAA sets the guidelines for the most highly sought after information by the world’s best technology hackers. Medical records are worth 4 times more than credit card information. Managing Personal Healthcare Information (PHI) places Healthcare facilities at risk of cyber attack 24/7, 365 days a year.

Check out this video with Enigma Forensics, President & CEO, Lee Neubecker, and John Blair, a noted Healthcare Industry Cyber Security Expert where they discuss the importance of protecting Personally Identifiable Information (PII).

Lee Neubecker and John Blair

Understanding EMR Audit Trails video transcript follows:

This is the third of the last video in the three-part series on Health Care Industry Cyber Threats:
Watch Part 1, Watch Part 2

Lee Neubecker: Hi, I have John Blair, a cyber security expert in the field of healthcare, and John is also involved with understanding patient medical, electronic medical record (EMR) audit trails, so I asked him to come on the show and talk a little bit about that with me. John, thanks for coming back on the show.

John Blair: Thanks, Lee. Glad to be back.

LN: So John, can you tell everyone a little bit about what HIPAA requires of healthcare organizations as it relates to tracking data of caregiving and the patients?

JB: Sure. Most of this is obviously directed at hospitals, but HIPAA also has things called business associates, and any interaction from any entity with, or any user with, PHI is going to be subject to these audit logging. Hospitals use systems called EMRs, so generally those, the audit trails are built into the EMRs by default, but obviously entities can turn those off if they so choose or configure them differently. HIPAA requires that you pretty much log any interaction, whether it’s read-only, view-only, edit, whatever that interaction might be. Identify the user, identify the time, what was done to the record, and that has to be maintained for several years. So it doesn’t matter what a user does with the record. Even if they just view it, that counts as a valid interaction and has to be logged and maintained.

LN: In fact, all of these hospital software systems out there have to be HIPAA compliant, or else the hospitals wouldn’t be able to use the software packages. Isn’t that true?

JB: Right, right. There’s a lot of federal regulations regarding that, that the standards that these systems have to meet in order to get refunds or rebates from the government.

LN: So Medicare funding, reimbursement, obviously is important.

JB: All of that stuff. And audit logs of user activity and interactions, or any interaction with PHI, is a critical component of that.

LN: You know, what I’ve seen is sometimes despite the software packages being EMR, audit trail compliant, that there’s the ability for the software that’s deployed to be altered so that the audit trails aren’t retained as long as required by law.

JB: Yeah, sometimes the storage of the audit logs, it can be overwhelming. So oftentimes they are archived offsite or inappropriate access is given to the audit log itself. And then it possibly can be changed, which ruins the integrity of the log, obviously, and that would be a very bad thing should something come up down the road and you needed that log.

LN: Yeah, and certainly, someone who has the master database administrator password to that back-end system, they could do whatever they wanted.

JB: Yup. But there’s supposed to be logs of that activity, as well, and reviews of those logs, but you’re absolutely right. If you’re an administrator, you can do a lot of damage.

LN: Yeah, I’ve assisted clients before involved in litigation, medical malpractice litigation, with just seeking the truth of what’s there in the records. Most of the time, they think many hospitals are compliant and do have those audit trail records.

JB: Absolutely.

LN: But, they don’t necessarily want to make that data readily available.

JB: No, they don’t. And it depends, it’s a case-by-case scenario, under the advice of counsel and things like that, but it’s very, very sensitive information, and obviously, it’s a public relations nightmare to have a breach of patient data, so they take those things very, very seriously.

LN: Absolutely. So can you tell everyone what PHI stands for?

JB: It’s Protected Health Information, as defined by HHS, there are 18 very specific fields that comprise PHI. PHI is a subset of PII, which is Personally Identifiable Information, but with respect to healthcare, it’s primarily PHI that we’re worried about and those 18 identifiable fields.

LN: Why would hackers want to target health care records?

JB: It’s far more valuable now than several years ago, it was credit card information, basically for year after year. Now, the credit card companies and technology with respect to how quickly a card can be replaced and deactivated. And so, just more money in it to steal medical information. And there’s more flexibility, as well. You can go get drugs, you can do a variety of things, whereas, with the credit card, it’s just money.

LN: If people wanted to launch a targeted scam on individuals, certainly having records that would enable them to filter patients that have Alzheimer’s, might give them an unfair advantage at duping people out of their savings.

JB: Absolutely. Because generally if you get someone’s entire record, you’re getting everything about them: their Soc number, their address, phone numbers, relatives, I mean, all this information is now at your disposal. And loans can be taken out in their names, it’s just a disaster waiting to happen.

LN: So Electronic Medical Records, known as EMR, represent an important target that hackers seek, because of the value of that information, and the uniqueness.

JB: Yup. The price of those records, per record, now varies, but I believe it’s in the $150, $200 range per record if it’s a breach now, and laptops can hold hundreds of thousands of records. So it can be very, very expensive.

LN: But it seems that this is a problem, too, that it isn’t just localized to any one area, it’s universal.

JB: Yeah, it’s across the board. Anyone dealing with PHI has this problem.

LN: How does the cost of a patient medical record compare to a credit card record, compare to the black market?

JB: Yeah, for the last several years, medical records have gained in value every year, while financial records, credit card information have devalued. And it’s to the point now where medical information’s worth four times as much as financial information. And that’s only increasing.

LN: So does that mean that people that work in the healthcare sector in IT and security are going to get paid four times as much as the people of the financial sector?

JB: I wish.

LN: Well, thanks again for being on the show, this was a lot of good stuff. I appreciate this.

JB: Thanks, Lee, appreciate it.

Other related stories about EMR Audit Trails

Patient Medical Records: Metadata as Evidence in Litigation
EMR Audit Trails
Computer Forensics in Medical Malpractice
Hospital Data Breached

Other resources to learn more about EMR Audit Trails.

https://www.cdc.gov/phlp/publications/topic/hipaa.html

Keys to a Secure Supply Chain

The world is data-driven. Companies face an overwhelming barrage of big data. Neubecker and Blair discuss the certifications necessary to ensure constant data security.

Cyber Security is Crucial to Supply Chain

Companies face an overwhelming barrage of endless data that contains sensitive information and involves a variety of supply chain vendors. The world is data-driven and securing your supply chain will help minimize your risk of cyberattacks. Here are some keys ways to help you understand more about securing your data beginning with supply chain vendors.

Check out this video with Enigma Forensics, Lee Neubecker, President & CEO, and John Blair, noted Healthcare Industry Cyber Security Expert dissect big data and the certifications needed to understand how to secure your supply chain to help monitor the risks.

2nd video in a three-part series

This is the second video transcript of a three-part series.

Lee Neubecker: Hi, thank you for doing this show, John.

John Blair: No problem.

LN: I appreciate you coming back on.

JB: Thanks Lee, glad to have you here.

LN: So, we’re going to talk today a little bit about what organizations should be doing to monitor the risk associated with their supply chain.

JB: Okay.

LN: And John, if you can, give me an understanding of what are things that you look for when selecting a vendor or city that might be hosting your data.

JB: Right.

LN: Or running parts of your operation.

JB: Well, the world is data-driven, and so your evaluation of vendors is critical and should be focused on their interaction with your data, what their subcontractors are going to do, are you going to allow them to have subcontractors? Where are those subcontractors located? And by all means, get some sort of attestation, that their environment that you’re now relying on, has been audited, you know, the SOC 2’s, those types of things, go a very long way in giving you some level of comfort that they’re operating their controls effectively and that you can rely on ’em.

LN: Great, can you explain to our viewers what essentially a SOC 2 certification is, and why you care about that with a vendor?

JB: That one, the SOC 2, there are multiples ones, but a SOC 2 Type 2 is the standard. There are five Trust Principles associated with it. The biggest one used probably, 75 percent of the time is security. And that’s where you, the vendor would offer, whatever service you’re interested in, the SOC report would be scoped for that service, and then the auditors evaluate that service according to the security principle that’s defined by SOC.

LN: So, typically they’re looking at physical security measures, as well,

JB: Yep.

LN: that extend just beyond data,

JB: Right.

LN: but physical security measures that help to protect your data.

JB: Right, SOC defines objectives, and then the organization defines controls within those objectives, so the objectives are the boundaries, and then the organization defines the controls, but generally speaking, they are the IT basics, chain management, software development, life cycle, physical security, logical security, network security, data storage and security, transmission security, those types of things are almost always covered under the security principle.

LN: Isn’t it true that someone could have all the certs out there and still get compromised?

JB: Oh, absolutely. The certs are not a guarantee, by any stretch. They are just, you know, as we’ve said, they’re meant to give you a level of comfort in the control environment of the people you are now, basically trusting with your data.

LN: And so, as you go out, and you select vendors if you do this diligence and you find vendors that have a certain level of attestation, and various certs that you care about, that might help you if data breach happened, to show that you actually practiced good faith and due diligence, in selecting your vendors.

JB: No, absolutely, and HIPPA requires it, so if you did some sort of due diligence at least, at least you have a story to tell. If you don’t have a story to tell, then that’s where things start going off the rails almost immediately, because you didn’t do anything, and that’s never a good thing.

LN: Well, thanks for being on the show again.

JB: My pleasure, thank you.

More about cybersecurity

NIST 800-53: Security & Privacy Controls
WGN Cyber Security Chicago Conference 2018
Data Breach Response

Information on HIPPA website for security professionals

https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html

Iranian Cyber Threat Readiness

DHS has issued an advisory warning of potential cyber attacks by Iran against the U.S. Organizations should watch this short video detailing the top ways to protect yourself from Iranian Cyber Attacks.

D.H.S. Alert – Iran Cyber Threat Readiness

On January 4, 2020 Department of Homeland Security (DHS) has issued an advisory warning that Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out cyber attacks with temporary disruptive effects against critical infrastructure in the United States. Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.- based targets. The Iranian Cyber Threat is real and warrants proactive measures to ensure cyber threat readiness and minimize the risk of a successful cyber attack.

Check out Enigma Forensics, Lee Neubecker, President & CEO, and John Blair, noted Healthcare Industry Cyber Security Expert to learn more about what can be done to deter such cyber-attacks and maximum readiness to an Iranian originated cyber attack.

Video Discussion on Iran Cyber Threat Readiness

1st Video in a three-part series with John Blair

This is the first video transcript of a three-part series.

Lee Neubecker (LN): So John, thank you for being on the show.

John Blair (JB): Thanks, Lee.

LN: John is a cybersecurity expert that focuses on the healthcare sector. Can you tell us a little bit about what organizations should be doing right now in response to concerns about potential Iranian cyber strikes on U.S. companies?

JB: Sure. I’m a pragmatist, so I think you should execute the basics first. Make sure your devices, it’s a border level of your network, and the devices are patched. You might want to start increasing your network monitoring for the next few weeks, to monitor the activity coming through, check your firewall rule sets, these types of things, just to make sure that you get a comfort level. I’m a firm believer in executing the basics solidly, and then monitoring. Because if you’re a target, and the people know what they’re doing, there’s not much you can do to prevent it anyway.

LN: So one of the things too, that I would add to that is, I think it’s important that people have a command of what’s on their network, which is basic inventory of your digital assets, so you know what your devices are.

JB: Yes, you do need to know your environment.

LN: Like you said, knowing what’s on your network, monitoring your log files and patching your devices, those three things go a very long way.

JB: A very long way. And they’re just good practice anyway. That’ll prevent most things from going bad.

LN: Great, well thanks for being on the show.

JB: Sure, thank you.

Articles & Resources Related to Cyber Threat Readiness

Top Ways to Protect Your Home from Cyber Attacks
Cyber Readiness: Power Grid Outages
FBI Warning: Smart TV’s may be spying on you.

Data Breach Response

Resources on the Internet Related to Cyber Threat Readiness

Click here to view the DHS Iranian Cyber Threat Advisory.

Cyber Essentials: Building a Culture of Cyber Readiness– a guide for leaders of small businesses as well as leaders of small and local government agencies to develop an actionable understanding of where to start implementing organizational cybersecurity practices.
Department of Homeland Security

Cybersecurity for Small Business: The Fundamentals” – a set of training slides and speaker notes to help small business owners educate themselves and their employees about cybersecurity best practices and resources.
National Institute of Standards and Technology

Cyber Readiness Program  – The Cyber Readiness Program is designed to provide practical resources and tools to help organizations like yours take action to become cyber ready. Completing the Program will make your organization safer, more secure, and stronger in the face of cyber threats. (Note: account with login is required.)
Cyber Readiness Institute

Hospital Data Breached

Hospital Data Breach

Hackers will continue to pummel the sector with targeted attacks.

Have you heard the news about the most recent Chicago, Illinois area hospital data breach?  We’re referring to the article in the Chicago Tribune, By Lisa Schencker on December 31, 2019.  “Personal information of nearly 13,000 people may have been exposed in Sinai Health System data breach” Click here to view the article.

After reading this article many questions came to mind.  Who would hack a hospital system?  Are cyber attacks on hospitals becoming more frequent? Could a foreign hacker be targeting hospitals to conduct cyber warfare?  Could it be a disgruntled employee who maliciously wants to obtain patient electronic medical records (EMR) and target a particular patient?

It has been reported that 70% of hospital data breaches include sensitive demographic or financial information of that could lead to identity theft. The Sinai Health System data breach included 13,000 patients’ names, addresses, birth dates, Social Security numbers, health information or health insurance information were potentially exposed. 

One could easily assume that if a hacker was armed with this information, they could sell patient electronic medical records and financial data to the highest bidder. The potential for patient harm is exponential.

Data Breach Incident Response

What happens next? Computer Forensic Experts are called to initiate a data breach response. Experts start with immediately stopping the breach, accessing the damage, notifying those affected, conducting a security audit. Forensic experts create a recovery plan to prepare for future attacks.  Finally, Forensics experts train employees to protect the data and enforce strong passwords.

Computer Forensic Experts A.K.A. Cyber Security sleuths or electronic detectives are really excellent at detecting where and how the breach occurred and accessing the damage.  In cases of litigation due to a data breach or medical malpractice, Computer Forensics Experts are hired by law firms to serve as expert witnesses to help win the litigation. In addition, many hospitals hire Computer Forensic Experts to assist in auditing their records to prove their side of the case. 

Prepare a Data Breach Incident Response Plan

Looking forward to 2020. Cyber Forensic experts agree the entire sector needs to adjust its security approach to keep pace with hackers. The Department of Health and Services and many states may impose fines on those who are not following security guidelines. It’s vitally important to create a Data Breach Incident Response Plan.

Enigma Forensics are experts in Data Breach Incident Response. To learn more about Enigma Forensics read below.

Data Breach Response
If you think you have been breached…contact Enigma Forensics.com
Patient Medical Records: Metadata as Evidence in Litigation

Holiday Tech Gift Ideas

Holiday Tech Gift Ideas For the Technology Geek

Holiday Tech Gadgets for Power Grid Outage Survival

Enigma Forensics CEO & President Lee Neubecker along with Associate Sammy Macrito discuss holiday gift ideas for the tehnology geek on your list. Recently, California has been experiencing massive power grid outages and most people were not prepared because they simply didn’t think about what happens when you loose power. Techno gadgets will help you survive during a power grid outage. No matter how long it is! Tune is as our technology geeks, Lee and Sammy have some fun and share their favorite techno gadgets. These are great gift ideas for the technology geek on your holiday list.

Holiday Gift Ideas for the Technology Geek

The transcript of Holiday Gift Ideas follows:

Lee Neubecker: Hi, so today we’re going to talk a little bit about some of those techno gadgets that you might want to consider buying your loved one who might be concerned about losing power and not having their techno gadgets. So today I’ve got Sammy Macrito on with me, and we’re going to talk about some of those items that you can pick up. Many of them are available for under a $100 or even less online. We’ll have a link on our page that shows items if you’re interested in buying them. So the first one we have here is this flashlight which is a combination, it’s flashlight that you can crank up, you can turn on the light, and it’s powered both by manual energy, so you can get it powered up. It’s got a solar cell, and then it also has a convenient USB charging port so you can, if you had to, you could hand crank and recharge your tablet or smart phone to give you power if you’re in the darkness for a long period of time. And one of the most important things about it is that it’s got a FM/AM band on it, so if there were an emergency or outage you’d be able to get news and find out where resources are.

Sammy Macrito: Right, and something I feel is so important about this one is having the functionality of being able to crank it, as well as the solar, because let’s say the power grid is out, you can leave this outside all day with a phone next to it and get a charged phone at the end of the night.

Lee Neubecker: Or you can crank it all night. Or you can crank it all night.

Lee Neubecker: So we’ve got, speaking of solar, there’s a real neat gadget that if you wanted to make sure that you could power your laptop, this battery power system by Voltaic produces 20 watts, which is enough to charge some of the newer laptops, and there’s a cell that they, a battery pack they sell with this that you can charge up, which can really charge a good number of devices. This can even be strapped, you can tie it to your back when you’re hiking, and pick up…

Sammy Macrito: Exactly, yeah. And it’s super important to have one of these, especially if you have more than just a phone that you’re trying to recover, because you can basically just go with this solo thing and be able to charge not only your laptop, but also your phones. It’s always better to have more wattage, yeah.

Lee Neubecker: Now, those are great devices for the short term, but if the power is out for a while you’re going to want some other things. One of the things that most people are going to want is, they’re going to want the ability to start a fire, to cook food, to sterilize water, and whatnot. This device here is a USB chargeable electric lighter. I thought I hit it the wrong way. It produces an arc flame which is just electricity. And so using the battery cell, the radio, you could recharge it and you basically have unlimited abilities to start fires, and you don’t need matches. It can be, it makes a great torture device too.

Sammy Macrito: Yeah, and it’s windproof.

Lee Neubecker: Yeah, so that’s one, nice device. This is another device that’s pretty handy. It’s a flashlight. It can also be used for signaling. So if you’re trying to get help, it might be useful to be able to do that. It’s got a solar cell here. It also has this handy metal tip that can be used to shatter a car windshield, so it’s not a bad thing to keep hanging around in your glove box.

Sammy Macrito: Yeah, absolutely. And one thing that this is, can be commonly used for, you might ask, why would you want to break your car windshield? Let’s say you went off the road and are now in water, sinking with your car.

Lee Neubecker: Sinking, yup.

Sammy Macrito: You can pull this out of your glove box and be safe.

Lee Neubecker: It’s got some other things too, it’s got a magnetic tip so you can magnetize a paper clip if you needed to, to float it on water and get your direction to the North Pole. It’s also got a handy clip and it’s got a siren so if wildlife is approaching you, that might be enough to scare wildlife off, or an attacker. And this tip too, you could also use it to whack at something if it’s coming towards you.

Sammy Macrito: Absolutely.

Lee Neubecker: Pretty handy device. One of the most important things you probably need if you’re going to survive a long term power outage would be access to water and ability to have purified water. This device here is Portable Aqua Pure, it’s electrolytic water purifier. And how it works is you’re able to hook up hoses to pump water from one source into another source, so you need to have two water bottles with it ideally. But it has a solar cell on it and you add salt to it, and the salt gets converted into chlorine, so you can purify water and get rid of biohazards. So very handy. Pretty handy device.

Sammy Macrito: Awesome.

Lee Neubecker: And again, with your flashlight, or with your radio, you can recharge it and with very little salt you have virtually unlimited ability to purify water for quite a long time.

Sammy Macrito: And what do you do in the case that you don’t have power? How can you purify water without the ability to make fire, without the ability to use that device?

Lee Neubecker: That’s a good question, so if you have a clear bottle like this one, you can actually scoop water up out of a river or stream. Now you can’t do this with salt water. The sun has the ability to sterilize water biohazards, it’s not going to get rid of contaminants, chemical contaminants, but it could purify water. So having clear bottles, laying them out in the sun for a few hours, the sun will purify the water, so that’s another thing that could be useful. Well great, we hope these tech ideas are good last minute shopping gift items for your nerds at home. Talk to you soon.

Sammy Macrito: Thank you.

Holiday Tech Gift for Geeks: links associated with the gifts discussed.

Related Posts about Tech Gadgets & Power Outage Survival

Cyber Readiness: Power Grid Outages
FBI Warning: Smart TV’s may be spying on you.

FBI Warning: Smart TV’s may be spying on you.

Smart TV’s may be recording you or your children without your knowledge.

Enigma Forensics, CEO & President, Lee Neubecker talks about the FBI’s warning about Smart TV’s and other smart home devises that are not secure. Lee adds to that warning that a hacker can actually see through to your living space by using the built in camera on your Smart TV. They can also listen to you and record your conversations, or exploit your TV to show content that is not suitable for your children to watch. In fact, most of our smart devises don’t have any security at all. Fortunately, there are a few things you can do to strengthen your security. Tune in to engimaforensics.com to learn more.

The transcript on FBI Warning on Smart TV’s follows:

Lee Neubecker:

Hi, so all of you should be aware that FBI has issued an advisory and warning to consumers purchasing Smart TV’s for your homes.

Specifically, you should be on the lookout for TV’s that have cameras. It could be recording you or your children without your knowledge. One popular measure they recommend is using black electrical tape to cover the top of the camera. If the camera’s physically covered you can’t record.

However, you have to be aware that many of these TV’s are also listening to you and maybe taking up voice commands, recording your conversations and possibly even retransmitting that information to other parties. It’s also possible that a hacker could get into a TV and exploit your TV display inappropriate content that your children might see.

So for more tips on how to secure your home, check out our website, we have a link that gives advice on this and as it relates to your TV, you want to make sure you know what you’re buying and it’s best to buy a TV that doesn’t have a known camera in it if you’re concerned about not being recorded.

Related articles to keeping your home secure

Cyber Readiness: Power Grid Outages
NIST 800-53: Security & Privacy Controls
Top Ways to Protect Your Home from Cyber Attacks
Cyber Security Summit in Chicago

Cyber Insurance Coverage

Cyber insurance and security protection

Engima Forensics CEO & President Lee Neubecker and Tressler, LLP, Cyber Insurance Coverage Attorney Todd Rowe sit down for a video discussion. These experts stress the importance of understanding the full scope of your data risk in case of a cyber attack. Both agree cyber attacks are getting more and more sophisticated and urge every company no matter the size to take the necessary steps to protect themselves before a date breach occurs. Prepare your company by working with computer forensics experts and legal counsel and create a game plan to lessen the potential threat posed by a cyber attack. Tune in to find out more about cyber insurance and maximizing your potential for coverage when a cyber attack strikes.

Evolution of Cyber Insurance and Security

The transcript on Cyber Insurance Coverage follows:

Lee Neubecker: Hello, today I have Todd Rowe on the show. Todd is a specialist in cyber insurance related litigation and data breach litigation Todd, thanks for being on the show.

Todd Rowe: No, thank you, this is great. I appreciate it.

Lee Neubecker: And so, Todd, can you tell us a little bit about how cyber has evolved over the last five years?

Todd Rowe: It’s wide open, I mean, we’ve seen everything. First, I think, when we look at the threats, and the evolution of a cyber threat or a privacy threat, we’ve seen things from the classic data breach, which would have been the target data breaches move into more of a social engineering component and tricking users that way, by emails and things like that. Getting around the technology safeguards a little bit and getting in there and tricking people is the biggest development I think we’ve seen in the evolution of threats.

Lee Neubecker: And, how has coverage evolved for cyber insurance over the last five years?

Todd Rowe: Yeah, I mean, we’ve seen huge leaps in insurance coverage and what the policies look like and what we would call cyber policies. We’ve seen the developments first in what would be considered first party insurance coverage, which would be actually responding to the damage that happens. And then, the third party liability piece, responding and giving a defense in the case of an incident. While we’ve seen a lot of developments, I think, with cyber insurance, we still don’t see the uniform policy language. So, there’s still a lot of uncertainty there, but we’ve seen some big developments recently.

Lee Neubecker: So, when a company suspects that they have a data breach incident, what’s your first role on the ground, talking with the client in terms of what you’re advising them?

Todd Rowe: Yeah, all things being equal, we would have loved to have been in there before there was an incident. Preparation is always the best scenario, and what preparation should look like is a corporation or a business working with forensics and legal and getting a game plan together, assessing what those threats might be, and what to do if there are those threats. But, afterward, hopefully you have the game plan. If you don’t, it’s pretty much all boots on ground, getting in there with forensics and legal, and understanding what the threat was, and making sure that the threat is extinguished, and moving on and notifying people that were involved in the threat.

Lee Neubecker: I know from experience that companies that take the time to proactively assemble their team before something happens, and bring in legal, forensics, and outside help, are often in a much better situation when something goes down. They face less downtime, their business can be back up and running. I think the biggest challenge I’ve seen is when companies have no idea what is legitimately their, what their devices are, because when you’re trying to assess are we still compromised, you need to know what good looks like. And if you haven’t mapped out your organization’s IT resources, that really creates a problem.

Todd Rowe: From our point, there’s always been, it’s been a tough sell to go in and try to get in before there’s an incident. A lot of corporations don’t want to think about something until it actually happens. But, the sort of, the wisdom in getting in there beforehand is getting that game plan together, figuring out what data you’re storing and what data you can get rid of. And so, the more data you can get rid of, the better you do on cutting down your liability in the end. Also, working on technology safeguards and having those in place. So, working with forensics, legal, and even PR a little bit really helps in the long run, no doubt about it.

Lee Neubecker: So, if you have cyber insurance, does that mean that you don’t have to worry about a cyber incident?

Todd Rowe: The thought right now, I think, and it has been for a number of years, is an incident’s going to happen, and it just, you need to go in and do things to prep. And while we were discussing earlier, the preparation that you need to do to get sort of an inventory, cyber insurance is another piece of that preparation that needs to be in place. Once again, working with professionals, insurance professionals, brokers, forensics, legal, on what that cyber product that best suits your needs, is the best situation to have that in place once something happens. It will happen, it’s just a matter of having all the right pieces in place when it does happen.

Lee Neubecker: So, if a company has, is storing biometric information, which could even include video cam footage of a certain resolution, what are some of the unique challenges that are raised by some of the laws here in Illinois and elsewhere?

Todd Rowe: Really, being in Illinois is, and I don’t want to use a cliche, but is on the cutting edge of biometric data. And we have BIPA, which is the Biometric Information Protection Act. And what that does is it protects a lot of things like face scans, and finger and thumbprint templates. And, I think one of the biggest issues we see is recently, now BIPA’s been around for 10 years or so, it’s been around for a long time. But we’re seeing a huge uptick in BIPA cases right now, because a number of businesses went in and put in timekeeping systems for their employees that work on thumb and finger scans rather than the old punch card systems. So, the law didn’t change, but the technology did, and so now, there was warnings that should have been put in place before you take that biometric data with those systems. So, they put the systems in, and they didn’t necessarily have the law in place. That’s a perfect scenario where we could’ve had forensics and legal all working together beforehand to avoid a lot of liability, so.

Lee Neubecker: So, what do you see happening in the future with the insurance coverage laws? Especially, you know, one of the concerns I have is, you know, there’s this act of war exclusion, and if you have cyber insurance and you’re hacked by someone outside of the country, what happens there, is that covered?

Todd Rowe: It depends, really, on the policy form. So, we’ve seen, once again, Illinois is on the cutting edge of that law as well. A lot of insurance policies, CGL, commercial liability policies, and even some cyber policies to some extent, have terrorism or war exclusions, excluding acts of war. And that was fine when we were looking at Pearl Harbor, perhaps, or something like a real act of war where a government might declare war on a country, and some damage that results of that would be an act of war. But, with privacy and hackers, and hackers sitting in nation states, but maybe not being an agent of that nation state. So, the case that we have right now that gives a good example of this is a Zurich case, insurance case with Mondelez, they’re a snack food maker. And, Zurich denied coverage, and it looks like the hacker may have come from perhaps China or North Korea. So, what do you do with that, as far as, if you’re going to exclude coverage for that, nobody’s declared war on any of those countries, so that’s going to be a struggle. And I think that demonstrates some of the strengths and weaknesses of cyber coverage right now, as it stands.

Lee Neubecker: And, what do you see happening, what’s the likelihood that the federal government stops in, steps up to the plate should a major data breach happen that could be considered an act of war?

Todd Rowe: Yeah, I mean, well first off, the government brings up another point, as far as right now as it stands, privacy and data laws, we just have a patchwork of things here in the U.S. Of course, there’s frameworks that have been adopted in, for example, the E.U. with GDPR, and we don’t really have that in the U.S. So, we first don’t really have a clear idea of who would do the response in the government. Would it be the Federal Trade Commission, or who would handle that type of situation? So, we have a lot of state laws, so we have a lot of problems like that. And, we have California, which is adopting some stronger guidelines as well. So, what would happen there as far, it’s going to be really left to ironing things out with the insurers and the insurance. Once again, what a great opportunity to sort of look at this issue before an incident happens. You really wouldn’t want to get into this complex of an issue when you’re trying to respond to an incident. So, another reason is, to go and prep a little bit, would be exactly what we’re discussing right now.

Lee Neubecker: Yeah, I know from experience that clients of ours that have had data breach incidents, if they’re working with someone that’s experienced litigation professional in the area of cyber and insurance, the likelihood that, you know, my firm’s fees get covered goes way up, and there are, there’s a potential for coverage of that forensic response. But ideally, you want to have your own team. You want to be picking your team. You don’t want the insurance companies assigning your people, if you can avoid it.

Todd Rowe: Yeah, a lot of insurers do have panels, and there are a lot of insurers that prefer that, because they don’t know where to go. So, that actually, if there’s an incident, that helps out. But, the best scenarios, and we’ve been involved in a lot of responses, and the best scenario is when we’ve had an opportunity to sit down, and maybe you and I talk, the forensic side of things and the legal side of things, and figuring out exactly how we can cooperate and what that response would look like. So, absolutely, if you can sit down and chat beforehand, you’re going to really save yourself a lot of stress and pressure.

Lee Neubecker: Well, thanks a bunch Todd, for being on the show. This has been great.

Todd Rowe: Absolutely, thank you so much, I appreciate it.

More articles that relate to data breach response and cyber insurance coverage follow:

Data Breach Response
https://enigmaforensics.com/blog/secure-home-from-cyber-attacks/
https://enigmaforensics.com/news/wgn-cyber-security-chicago-2018/
Data Breach Incident Response

https://www.thebalancesmb.com/what-s-covered-under-a-cyber-liability-policy-462459

Cyber Readiness: Power Grid Outages

Are you ready for a power outage? Check out this video for Cyber Readiness and Power Outages tips.

Enigma Forensics CEO & President, Lee Neubecker and Geary Sikich, President of Logical Management Systems, tackle the strategies you need to know to prepare for a cyber attack. Each describes in detail the importance of cyber readiness starting with power outages.

Be prepared for a cyber attack or power outage

The transcript of the video follows:

Lee Neubecker: Hi, I’m here today with Geary Sikich. Geary is the President of Logical Management Systems. Thank you, Geary, for being on the show.

Geary Sikich: Thank you, Lee.

Lee Neubecker: So we’re here to talk a little bit about cyber attacks on the power grid, and what impacts that could have on businesses and individuals alike. All right, Gary, is the future of war likely to be cyber, in your opinion?

Geary Sikich: Well Lee, I think there’s three aspects of that that we need to look at. There’s what I’ll call a strategic aspect, which in effect, we’re already in a cyber war in many respects. Nation states are using cyber in a lot of different ways. Not necessarily as disruptive as it could be, but it’s got the potential to expand. There’s then another level down from there which I’ll call operational, which is targeting specific locales and areas. And then, what I’ll call a tactical level where you’re targeting individual facilities to include even neighborhoods at this stage. And one of the things I think you’re going to see in the future is that there’s going to be more of a reliance on these disruptions because of the great impact they have on businesses as well as the general population.

Lee Neubecker: Yeah so, one of the things that I had lectured on before was some research that came out of Princeton University on a topic called MadIoT, which relates to manipulation of end user demand by attacking insecure Internet of Things, IoT, devices in homes and whatnot. And essentially, what the researchers found was that by taking over enough routers in homes, you could compromise Wi-Fi devices attached to high-wattage appliances like Internet-enabled microwaves, toasters, heaters, things like that that would draw a lot of current, air conditioning systems and that by attacking adjacent neighborhoods, you could manipulate power demand in one neighborhood such that the power’s going off or down low, and then the adjacent neighborhood causing all these appliances to come on, which by only creating a small disturbance in balance of power, Kirchhoff’s law that dictates the flow of electricity could cause faults in lines as electricity moved from one neighborhood to another in spikes, and that that type of attack could effectively knock out parts of the grid. There are a lot of factors, obviously, that could knock out the grid, but what have you been advising your clients to do in advance of such an outage, to help them mitigate the risk and protect themselves?

Geary Sikich: One of the things we look at with that issue, and it’s a very big issue, and it ties into the areas I previously mentioned, the strategic, operational, and tactical, is to begin to look at how you can be resilient as an organization. So, I’ll give you an example. A colleague who was at a firm in Southern Illinois, they were about to move to a larger building. And one of the things he was charged with was developing the plans and then getting the move set up. They didn’t have a generator, and I highly recommended to him that they get a generator. They decided to do it, and to their benefit, once installed and once they got it in the building, they had a localized power outage which, for them, was a non-event so to speak because the generator immediately kicked on. They didn’t lose any power. As a commodities trading firm, they’re very dependent on the ability to communicate electronically for trade. So when we got to analyzing things, I asked, “What did you think?” and he said, “Well, it cost “probably a quarter of a million.” And then I asked the second question, which I think was more relevant and important as he understood it, “What was the cost in lost trades, if you’d have not “had the generator?” He said, “About $2 billion.” So the immediate impact on these things is that organizations really need to think about how can they secure a power supply for themselves so that they can effectively operate independently of the grid in times of a crisis?

Lee Neubecker: So an adversary of a financial services company could actually cause massive harm by targeting and causing a power disruption, knocking out the trading facilities–

GSL Yes. LN:Costing them billions of dollars.

Geary Sikich: Yes. And the interesting part about that is, that when you begin to look at it, it’s not just that immediate impact, it’s the cascading impact that goes throughout the entire system. So you knock out the trading aspect, you suddenly knock out the logistics of movement of products and services, and it cascades throughout the entire system if you will.

Lee Neubecker: So what do you see are the other downstream potential impacts to a prolonged outage?

Geary Sikich: Oh, prolonged outages are one of the concerns that a lot of organizations have. What do I do to keep my business in business if we’re faced with a long-term outage? Natural disasters have shown us that it can take up to and beyond a couple of years to recover. A lot of organizations literally could go out of business as a result of not being able to have the financial resources to weather a storm like that.

Lee Neubecker: Well, this has been great stuff. I really appreciate you coming on the show, Geary. Thanks a bunch.

Geary Sikich: Thank you, Lee, I appreciate it.