Dumb Criminals – The Best Way to Get Caught? Call 911!

/0 Comments/in , , , , /by

In Daytona Beach, Florida, the dumb criminal capital of America, two Florida teenagers are facing charges after breaking into cars. Apparently one teen’s phone was programmed to call 911 and the phone was smarter than the teens and called (maybe accidentally) 911 to inform law enforcement of the crimes taking place.

Dispatchers from the police department listened in at the duo discussing the cars they were breaking into and the stuff that was worth taking. Seems some info was given that directed law enforcement to the parking lot of a local nightclub where the teens were apprehended. Karma man karma.

Meanwhile, another Cro-Magnon Mickey-the-dunce in Utah stole 2 phones from a convenience store. In the process he left a piece of paper with an address he was going to. So now cops had a lead. But it gets better. The store clerk reported the theft and gave a description of the man to police.

Moments later as Mickey was driving and looking for the address, he pulled over to ask a cop for directions. Immediately the cop recognized the address and the dunces description and arrested him. Karma man karma.

And in an amazing criminal history that spans 55 years, an 80-year-old woman, known as the “Beverly Hills Burglar,” gets three years for breaking into a medical building.  Her rap sheet was well known in Beverly Hills as she’s been to the clink in the past. She was quoted saying “I’m 80 years old,” she said. “I don’t think I’ll ever come back – except I’m going to die and be in the morgue.”

That’s amazing and sad all at the same time.

Lock up. Don’t be victimized. And don’t be dumb.

Home Safety Tips:

1. Install outdoor lighting on timers and motion sensors.

2. Make sure your home has a “lived in” look.

3. Use indoor timers for lights, TVs and automatic shades.

4. Install security cameras that can be remotely monitored.

5. Install a home alarm system monitored by an alarm company and the police.

Robert Siciliano personal security expert to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

Is That Portable Device a Data Hazard?

/0 Comments/in , , , , , , , /by

Robert Siciliano Identity Theft Expert

According to a survey of London and New York City taxi companies last year revealed that more than 12,500 devices, such as laptops, iPods and memory sticks, are forgotten in taxis every six months. Portable devices that may have troves of sensitive data.

Recent reports of identity data including names, addresses, Social Security numbers on 3.3 million people with student loans was the largest-ever breach of such information and could affect as many as 5% of all federal student-loan borrowed. A company spokesperson said the stolen information was on a portable media device. “It was simple, old-fashioned theft, it was not a hacker incident.” Lovely. That’s just ducky spokesboy.

The survey further reached out to 500 dry cleaners who said they found numerous USB sticks during the course of a year. Multiplying that by the number of dry cleaners they got a figure of approximately 9000 USBs lost and found annually.

Computerworld reports a 2007 survey by Ponemon of 893 individuals who work in corporate IT showed that: USB memory sticks are often used to copy confidential or sensitive business information and transfer the data to another computer that is not part of the company’s network or enterprise system. The survey showed 51% of respondents said they use USB sticks to store sensitive data, 57% believe others within their organization routinely do it and 87% said their company has policies against it.

It’s not just lost portable devices that are an issue. Found ones can be scary too.

Dark reading reports an oldie but goodie from Steve Stasiukonis, a social engineering master, he says those thumb drives can turn external threats into internal ones in two easy steps.

When hired to penetrate a network he says “We gathered all the worthless vendor giveaway thumb drives collected over the years and imprinted them with our own special piece of software. I had one of my guys write a Trojan that, when run, would collect passwords, logins and machine-specific information from the user’s computer, and then email the findings back to us.

The next hurdle we had was getting the USB drives in the hands of the credit union’s internal users. I made my way to the credit union at about 6 a.m. to make sure no employees saw us. I then proceeded to scatter the drives in the parking lot, smoking areas, and other areas employees frequented. It was really amusing to watch the reaction of the employees who found a USB drive. You know they plugged them into their computers the minute they got to their desks. Of the 20 USB drives we planted, 15 were found by employees, and all had been plugged into company computers. The data we obtained helped us to compromise additional systems”

I did a program recently for a client where I presented in front of other security professionals. I had my laptop set up on the stage with my presentation loaded. The client was introducing me and asked if he could load a quick file onto my laptop to assist in his opening remarks. I inserted the drive for him and my anti-virus went NUTS! Seems his flash drive had a nice little virus on it. His boss, standing right next to him said “that’s why we are phasing out non-military grade security enabled flash drives as soon as we get back.”

I checked out BlockMaster SafeStick® 4.0 – a fast and user-friendly secure USB flash drive, which streamlines military-grade security and meets those standards to protect your data. The SafeStick hardware controller encrypts all data using AES256-bit encryption in CBC-mode. Encryption keys are generated on board at user setup, and all communications are encrypted. SafeStick is protected against autorun malware, and onboard active anti-malware is available. Once unlocked, SafeStick is as simple to use as a standard USB flash drive.

The one I got just plugs in, initializes, then launches a program requiring the user to set up a password. From that point on any time the user has to access the data, a password needs to be entered.

Flash drives can be a security mess. Organizations need to have policies in place requiring secure flash drives and never plugging a stray cat into the network.

Disclosures: I have no financial ties to BlockMaster. I just like this thing.

Robert Siciliano Identity Theft Expert discussing good ole fashion identity theft on Good Morning America.