Security Breach Threatens Soldiers’ & Civilians’ Personal Information

/in /by

Robert Siciliano Identity Theft Expert

Burglars tend to go after high ticket items that can be immediately turned into cash. They may include electronics such as TVs, computers, game consoles or various kinds of stereo equipment. Jewelry has always been the favorite of the thief, and they know most women keep their jewelry box on their dresser or in the top or bottom drawer.

What many are beginning to realize is that the information on the computers or laptops that are stolen is worth much more than the hardware itself. The money today is in the data that is stolen that can be used to commit identity theft.

In the past few years, numerous data breaches have occurred simply because a laptop or PC was stolen from someone’s home. A Veterans Administration employees home was broken into and his work PC was stolen which had almost 26.5 million Social Security numbers of veterans and their families. That’s almost 10% of the US population on one computer! That PC cost the VA maybe $1000.00 to purchase, but the data loss cost hundreds of thousands of dollars to mitigate.


“CNN reports The personal records of thousands of soldiers, employees and their families were potentially exposed after a laptop computer containing the information was stolen over the Thanksgiving holiday weekend, the military says.

The security breach happened where the rental apartment of an employee was. The computer contained “names and personally identifiable information for slightly more than 42,000 records including names, Social Security number, home address, date of birth, encrypted credit card information, personal e-mail address, personal telephone numbers, and family member information.”


A theft of this kind in your own home, whether it is your company’s computer or your own can have a devastating effect. The key is to prevent it from happening in the first place.

1. Always lock your doors and windows no matter what time of the year it is.

2. Make sure all exterior ladders are locked up to prevent someone from accessing an upper level window.

3. Install a home security system that calls you and the local police when tripped.

4. Make sure your computers are locked down too.  For desktops, it is a good idea to cable them to a desk or wall. For laptops they should be put in a safe.

5. Install encryption software on all PCs that makes the data unreadable and useless to the thief.


Robert Siciliano personal security expert to Home Security Source discussing stolen laptops on the Today Show. Disclosure

My Identity Thief Loves Me (PTI)

/1 Comment/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

I have a very weird job. I explore aspects of society that people read about but would never consider exploring themselves. I go places where others may be led to because they didn’t know any better. And I like too expose the flaws in the system that make us vulnerable. Much of my “research” or “antics” as some would call it is prompted by my desire to learn more about the scumbags of society or predators that prey on other people.

My research has taken me down a dark seedy road into online dating scams, where some people are at their most emotionally vulnerable. The predators work a form of 419/advanced fee scam that always involved a money wire transfer.

There is something about people with antisocial personality disorder (ASPD) that intrigues me. Antisocial personality disorder is a type of chronic mental illness in which your ways of thinking, perceiving situations and relating to others are dysfunctional. When you have antisocial personality disorder, you typically have no regard for right and wrong. You may often violate the law and the rights of others, landing yourself in frequent trouble or conflict. You may lie, behave violently, and have drug and alcohol problems. And you may not be able to fulfill responsibilities to your family, work or school. Some say at least a full 1 percent of the world has this.

I say 99 percent of all people have had ASPD for at least a day/week/month/year, except me 😉

My recent love affair was prompted by a call from a national television show producer who is newly divorced. She, like many millions of others, (about 40 million +) is subscribed to online dating services. She is in a circle of women who all are in their early 50’s, married young and now find themselves in a new chapter of their lives.

With this degree of transition and being single comes an unfair level of loneliness that is very difficult to overcome without support from others. At times in my life, early on, I experienced this can tell you first hand, loneliness often trumps common sense and facilitates bad decision making.

She and a dozen of her girlfriends all got together recently and discovered many of them were being courted, online by men from the UK. These men would say the nicest things to them. For example (and this is within 1 week):

In me sweetheart you are going to find the most passionate, loving and romantic man you have ever met. There are very few promises in life but this is one of them!. ROMANCE is the key to my happiness and to my heart and soul!. It is the single biggest reason I am single today is because I have yet to find a woman who will romance me with the passion of there heart and be a giver of there love, and not just a taker. I am a man who is very committed to the special woman I am sharing my heart and soul with. I totally dedicate and devote my life totally to this person 24/7, for her she’s my Queen and it is my belief that as long as she’s my Queen, I would treat her good and right, by putting her on a pedestal that is reserved only for a Queen and showing her with an endless amount of affection, attention, passion, and unconditional love. It is my duty as a follower of the word of God to be her provider, providing for her emotional, mental, and sexual needs. It is my responsibility as her King to take any problems and stress that she has in her life and put it on my shoulders to free her of it, for I am a man and her King!. My shoulders are bigger so it is my obligation to carry the burdens she might has in life off them, allowing her to have a healthy mind, body, and heart and soul at all times. I love and cherish this role sweetheart, and it is because I love it so much, that I feel God has a role for everyone in life, and his chosen role for me is to be that excellent lover, father, and family man, because of the way I live my life, and because of my passion to be a great lover and family man.

Dudes gotta be a great lover to have that roll off his tongue. Right? Eeesh. At first, none of this seemed all that odd to them. We all like nice things said to us, and while a bit hokey, this dudes dictation ain’t all that bad.  Further, when you are lonely, even a visit from one of those crazy religious sects can be soothing. This entire scene is a perfect opportunity for a predator to strike. To be continued on “My Identity Thief Loves Me (PTII)” where you can read the actual chats with the scammer.

Protect your identity:

  1. Get a credit freeze. Click on the preceding link and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  2. Go to my website and get my FREE ebook on how to protect yourself from the bad guy.
  3. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News

My Identity Thief Loves Me (PTII)

/3 Comments/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

In “My Identity Thief Loves Me (PTI)” I brought you into my weird world of “research” into online dating scams. Here’s where I fell in love. I have been perused by “Kath Riss Green”. For whatever reason the scammers choose very WASPy names. But her picture was a hot Latina. She sent me a message via a social network I’m on. So I responded via a completely different profile I set up that had nothing to do with the original. And “she” didn’t seem to notice or care: I am “Ronn”.

1/17/10 Scammer: Hi,I saw your profile and wanted to say hello. Your very handsome and Id like to get to know you better.

1/18/10 Me: Hi back, you sent me an email on my profile. You look good to me. What is your name? Ronn.

1/19/10 Scammer: thanks for your email Ronn…..i’m kathline,i live and work in texas..i’m 30years,single and never with no kids,i love kids though.i would like to know more about you,where you from,what you do and many more…hope to read back from you, kathline

See the bad English and punctuation? The criminal hacker I wasted 4 hours with from Ghana wrote the exact same way.

1/19/10 Me: Hi Kath, I’m basically a nice guy… I want a woman to like me for who I am. I like eating pizza and I like to drink beer. I’m a little overweight.  I’m 5′ 2″ and 220 lbs, but my mom says Im handsome. What do you look like? Ronn

1/19/10 Scammer: Hello Ronn, How you doing an how was your day like?SO where you from?what do you do?are you married?got any kids?and what you ooking for?do you have any photo you can send to me?i would like you to tell me everything about yourself……….i’ve added you to my yahoo lit and hope to chat with you later on……attached are my pics.hope you will like them Kathline

1/19/10 Me: Wow, You’re very pretty! I’m from Massachusetts. My day was long I worked hard today. Gotta pay the bills! I work in an office as a word processor. Not married, one kid from when I was younger, his mom has him. Just looking for someone to love me like I love them. My camera dropped over the holidays and I need to get another one.  Do you have kids? Ronn

1/20/10 Scammer: Hi Ronn,sorry to hear about your day….wish i was there to keep your accompany….i’m also single,nerver maried with no kids..i love kids though,and i hope to have some with the right man someday..So tell me since when you’ve been doing online dating and how many woman have you meet online lately?what kind of relationship are you looking foir? Kathline

1/20/10 Me: No kids! Thats OK. Ive been doing the online dating thing for about 6 months. I just got a computer over the summer. i used to go to the library and use their computer, so Im new to this. All the women I have send messages to dont respond all that much. But you were nice to me first… Im looking for a relationship where the woman can be nice to me and treat me with respect, as I am nice to her and treat her with respect. I also wish that she can cook because I like to eat ALOT!!! LOL!!! Truly Ronn xoxoxox

I’m baiting

1/20/10: Hi Ronn,hhmmm….i guess i’m the one you’ve loking for all thiswhile…i’m someone who is loving,caring and God fearing,a down to earth type with great sense of humour..i love the out doors,i enjoy cooking,i like holding hands,kissing and cuddling….i wish things could ork out between us…..

It pisses me off when they weave the God thing in there. Heartless bastards!

1/22/10 Me: OMG THATs SO SWEET! You sound like my soul mate! Im sorry that I have not responded, I had to go away on business.  I would LOVE TO MEEET YOU!!!

1/22/10 Scammer: Ronn,I went to bed last night with a vision of you next to me. I slept like a baby all night, because I was not feeling alone.. When I awoke this morning to see if it was real or if it was a dream, realty hit me that it was only a dream. Very soon, I know that you will be right next me…i will also love to meet you for a weekend or so…..we can plan on meeting if you dont mind,i can come there but thaats if only we can both work the airfares together or what do you think?

Boom, 5 days into it and “airfare” comes up. I sound like a lonely desperate fool, I haven’t sent a picture, I’m built like a walrus. And Kath is dreaming about me. What a !@#$%^ SCUMBAG!

1/22/10 Me: Wow, this is wonderful! im flexible. I’ll do what you wish. Tell me what you would like to do.

1/23/10 Scammer: Jon said it will cost me 560$ to fly there and i cant afford it all…i dont know if you can make and half payment while i had up the rest..

Who the heck is Jon? I don’t even bother asking.

1/24/10 Me: Im happy to pay half. How do you want to do it? Ronn

1/24/10 Scammer: Awwww thanks then, i do appreciate that, just get the half down to jon so he can go ahead with the reservation, and you know we have to book in advance.. below is Jon Details for the payment. send it through western union, and get back to me with the MTCN, the name, of thw sender, and location of where money is sent. hope to read from you soon

Jon ***ardt

1325 ***pe dr,

Paris, TX 75462

One week, 2 idiots, 7 email exchanges, an opportunity to expose a complete azz@#%, PRICELESS.

Turns out, after further research “Jon” is a victim too. He is 54 and divorced. He has been duped by “Kath” as a money mule. So when the wired money goes to Jon, he sends to Kath.  Here is Kath kathlinegreen36@yahoo.com.

1/27/10 Me: Can I call you on the phone?

1/27/10 Scammer: Hello Ronn, WHy did it take you few days to get back to me?you just keep runing through my mind and my heart longfs to be with you….my phone got missing last weekend….so how you doing and how’s work being like?were you able to send the money..

Of course your “phone got missing last weekend” so how YOU doing? Jerk.

1/27/10 Me: Are you a complete scumbag scammer?

Then no more response. Was it something I said?

Protect your identity:

  1. Get a credit freeze. Click on the preceding link and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  2. Go to my website and get my FREE ebook on how to protect yourself from the bad guy.
  3. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News

Online Scam Targets Pet Lovers

/in /by

Robert Siciliano Identity Theft Expert

I love my dog, 60lb German Shepherd. Small for a GS, she was the runt. I’ve always rooted for the underdog. The underdog has more heart, more passion and they try harder. My GS is a perfect example.  She’s my second in 20 years. After the first one passed, another was in my house 4 months later. With a wife who was 4 months pregnant. That was a fought contest between man and wife that was won when the runt fell on the feet of the wife at the kennel. I had nothing to do with it!

My dog watches the house when I’m gone. She is me, but furrier. She hears and sees things like I do. Shes territorial and knows when something is OK, and when it isn’t. We both bark too. Some say I’m half Italian, half German Shepherd! I have to be careful about disciplining someone who might trespass into my yard in front of the dog. When I use a confrontational or stern voice to a stranger, the dog goes nuts, as she should.

It doesn’t matter how big or small a dog is. Most, but not all dogs have a territorial instinct. This is a good back up alarm, a good deterrent. And its not the size of the dog in the fight, it’s the size of the fight in the dog that matters most.

This story caught my eye” A warning for internet users: an online scam targeting pet-lovers is circulating the web, and it could cost you more than a new pet.

An ad posted to a local online classified website by a man who claimed he was living in Florida. The seller said he had recently moved to Miami, and couldn’t keep his dog due to his new living conditions. He was willing to give the Labrador Retriever puppy named Dely away for the cost of shipping, which was $220.

The couple sent a delivery service $220 by way of Western Union. The delivery service told the family to send another $820 or risk losing the dog. That’s when the couple realized they’d been scammed. They told the person on the other end of the phone the deal was off. But the caller kept calling, becoming more aggressive each time.

“He kept calling me saying the dogs here,” said the victim. “Making me feel like this poor dog is sitting somewhere unattended.” When the caller realized the couple wasn’t sending the extra $820 he threatened to turn them into authorities and charge them with animal abandonment. “We didn’t know if something was really going to happen to us. We didn’t know if we could get in trouble.” They said. That’s when they decided to call police. Authorities were at their home in less than an hour. They looked at the emails, the website, and tried to trace the phone calls. Officials determined the entire thing was a scam.

Scammers will say and do anything to get a person to part with their money. At first they had a sob story that sounded like a legitimate issue, new housing, cant have a pet. When posted in a classified ad, it looks legitimate. Then they involved a “shipping company” that was a front for the scam. Once the victims were asked to send money via Western Union, that should have been a red-flag.

Its best to always do business like this locally. Never automatically trust over the phone or via the internet. Unless the business is one that is well established online, don’t ever send money that you cant get back. Money orders and wiring money have less security than a credit card does. Anytime the transaction involves wiring money, that’s a dead giveaway. In any virtual transaction, I’d suggest using a credit card, but not without first checking the legitimacy of the business or the individual. A quick scan online of a company, individual, or even the nature of a transaction can often provide enough information to make an informed decision.

Robert Siciliano personal security expert to Home Security Source discussing advanced fee scams on the Mike and Juliet Show. Disclosures

Home Safety: Operation Storm Targets Burglars

/in /by

Robert Siciliano Identity Theft Expert

I travel a LOT. I spend lots of time on planes and in new and different communities. Traveling is often a bear, but the rewards of consuming different cultures and ways of living is well worth it. I often try to learn from others “way” to determine how it might work in my life.

Here is an interesting story about how law enforcement in the UK is dealing with criminals. They have a very different take on the issue than we do. But there is definitely something to learn here.

Police in the UK have launched a new blitz on burglars to bring down crime, increase the number of burglars convicted and provide a high profile presence on the streets. They arrested more than 600 burglars, robbers and thieves in four days this week in its first major clampdown of the New Year.

As part of Operation Storm, police will continue to target known and suspected burglars through home visits, stop checks, high profile policing and use of the automated number plate recognition system (ANPR) to reassure residents and deter offenders. High impact enforcement activity on all divisions across the Force has seen officers making almost 100 raids on properties of suspected criminals.

Action such as this shows offenders that they will be made to payback for the misery they cause to innocent people. There is no hiding place for them and we will make sure that they are caught.”

Why don’t we adopt this strategy here in the USA?? That’s such a great home safety strategy that puts known criminals on alert that they are being watched.

I see that as very proactive police work.  Most people understand that law enforcement can’t protect you around the clock. While they certainly patrol and have many proactive duties, we are pretty much on our own when it comes to protecting ourselves and families.

Taking responsibility for your personal security and home safety begins with understanding that a law enforcement officer generally isn’t there when you need one. Its just not cost effective to have one cop per household.

To protect yourself:

Always lock doors and windows when you are home and away. When I travel to different parts for the country speaking on security issues and ask “How many of you lock your doors?” I’m always amazed at how many people do not lock their doors. My doors are locked all day while I’m home.

Do not display high end expensive items in windows easily viewed from the street. If you have a big plasma TV facing the street and your shades are open at night, you are inadvertently sending a signal to a burglar.

No matter what time of the year, holidays or not, cut and put boxes for high ticket items and put them in black opaque trash bags when disposing.

Install a home security system complete with monitored alarm and surveillance cameras. Have the cameras monitor motion connected to a DVR. Set the alarm while you are home during the day, sleeping and when you are gone.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures

Burglaries Up; Many While People Are Home

/in /by

Robert Siciliano Identity Theft Expert

In Wichita, Kansas they are facing a huge up tick in burglaries. Generally, crimes of this nature rise when there is a financial crisis, unemployment, gangs and drug activity. Police there have recorded 2,839 burglaries last year, a 10.2 percent increase over the same period the year before.

Of the 2,839 burglaries, 384 — or 13.5 percent — occurred while residents were home. Many of these burglaries occurred as people slept in their homes. Home security conscious people cant even imagine that is possible, but I know it is. Too many people don’t think it can happen to them and don’t lock their doors or even have a home alarm system.

The article states The burglars had to have known that someone was home — there were cars in garages and driveways, and purses visible in the homes. The criminals came in anyway — a brazen, potentially dangerous risk that burglars rarely take, experts say.

The local police passed out a flier alerting residents that burglars hit two homes between midnight and 5 a.m. last Friday while families slept. You might ask if these people live in “Pleasantville” and have no idea that these things happen. But the “it cant happen to me” syndrome is a real issue.

“They didn’t even know until they got up,” said their Police Chief. Can you imagine that?!!.

The report states that burglars simply entered through unlocked doors. In one of the burglaries, a couple with small children woke up after being alerted by their growling dog. Dogs are great. But a home alarm in place would have alerted them first.

Many alarms are installed after the home is broken into. Once a home is burgled, people lose their sense of security and try to gain it back with the installation of an alarm. A home alarm certainly provides security, but people who are victimized in this way often face years of emotional after shocks.

The key to security is thinking proactively and doing things to secure your self and family before something bad happens. Don’t think “it can’t happen to me”, think “yes, there is a chance this can happen and I’m going to set an example and do something about it.”

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclosures

Police Warn of Potential “Alarm” Scam

/in /by

Robert Siciliano Identity Theft Expert

Call them con men, grifters, scammers, or thieves. Or simply call them liars. Lying is what they do best. They stare you in the eyes, do it via email or over the phone and lie through their teeth. They do it casually and with such conviction that we have no reason not to believe them.

A Police Department investigated a suspicious activity report after a resident contacted police about an “alarm company” calling and offering a free home security system for people in their neighborhood.

Someone representing “Maximum Security” said the company was giving away five home security systems.

The “representative” would ask if the resident had a security system in the home, at which point the resident said he was not comfortable discussing the home’s security system. Which or course is the appropriate response. In this case, after the resident made it a difficult sales call and the sales person hung up on him. This prompted a call to the police.

When the police investigated the caller ID number, they were met with busy signals and incomplete calls.

Ive been addressed in a similar way over the phone, at my front door and via email.

Whatever you tell them can be used against you. They can steal your identity. If they find out you don’t have an alarm they may break into your house. If you tell them who your home alarm is with they may call you at a later date posing as that alarm company and requesting “updated credit card numbers”.

This “request” is best resolved by not answering any questions at all, hanging up, deleting the email or telling the person at the front door (while you speak to them through the locked door) you are not interested. No matter what, never give them social security or credit card numbers, or tell them whether or not you have an alarm.

Robert Siciliano personal security expert to Home Security Source discussing cons and schemes on the Donny Deutsch Show. Disclosures

Crimeware: Do It Yourself Criminal Hacking

/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

For $400-$700 you too can be a criminal hacker. Phishing hacking and spoofing software has been around for a few years. Heres what may be an example.

The ease and availability of this good for nothing other than crime software has made it easier, cheaper and more user friendly than ever to get into the cybercrime business.

Anyone with moderate computer skills that can navigate around the web and upload or download files is pretty much capable of accessing and implementing the crimeware.

Todays crimeware kits are designed so a person who is new to the criminal hacking business can quickly get up to speed and snare victims rapid fire.

USA Today reports they’ve been blasting out fake e-mail messages crafted to look like official notices from UPS (UPS), FedEx (FDX) or the IRS; or account updates from Vonage, Facebook or Microsoft Outlook (MSFT); or medical alerts about the H1N1 flu virus.

The faked messages invariably ask the recipient to click on a Web link; doing so infects the PC with a banking Trojan, a malicious program designed to steal financial account logons. Often, the PC also gets turned into a “bot”: The attacker silently takes control and uses it to send out more phishing e-mail.

The crimeware software business models the manufacturing and distribution of the legitimate software industry. Criminals are also getting more sophisticated in marketing their wares and doing it openly online. Just because they sell crimeware, doesn’t mean the software is illegal. It only becomes illegal when it’s used to scam people.

The fundamentals of how to prevent phishing are presented here by the Anti Phishing Work Group

  • Be suspicious of any email with urgent requests for personal financial information
    • unless the email is digitally signed, you can’t be sure it wasn’t forged or ’spoofed’
    • phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
    • they typically ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.
    • phisher emails are typically NOT personalized, but they can be. Valid messages from your bank or e-commerce company generally are personalized, but always call to check if you are unsure
  • Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t know the sender or user’s handle
    • instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser
  • Avoid filling out forms in email messages that ask for personal financial information
    • you should only communicate information such as credit card numbers or account information via a secure website or the telephone

    Additionally

  1. Get a credit freeze. Click on the preceding link and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  2. Go to my website and get my FREE ebook on how to protect yourself from the bad guy.
  3. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News

Meet Raoul Chiesa: UN Interregional Crime & Justice Research Inst.

/in , , , , , , , , /by

Robert Siciliano Identity Theft Expert

In my quest to learn more about what makes a criminal hacker tick, I came across Mr Chiesa when he commented on a blog post I wrote “How I Wasted 4 Hours with a Criminal Hacker”. He warned me I was treading on dangerous ground due to the fact that when communicating with the blackhat, I used my real name and provided my web address. His concern was a revenge hack that would clear the hackers name amongst his hacker peers.

I’ve danced with the devil a few times in my life and don’t mind the occasional walk on the ledge. And I’ll heed his advice in the future. After a closer look, I learned he is from the United Nations, based in Italy. (Road trip anyone?). That’s a cat I want to talk to who is fighting the battle 24/7/365 against the bad guy.

What do you do?

Since 2005 I’ve worked with the United Nations Interregional Crime & Justice Research Institute (UNICRI), where I am a Senior Advisor on Cybercrime Issues & Strategic Alliances. We develop new strategies, techniques and methodologies in order to support the Member States fighting cybercrime-related issues, supporting policy-makers, end-users and States.

I’m also an entrepreneur in the Information Security arena. I run 2 vendor-neutral consulting firms, specialized in Penetration Testing, Audit & Compliances, while the second firm supplies Digital Forensics services. I’m into IS since 1997, while I began my interest in it – and the hacking’s underground – back in 1986.

Why do you do it?

Mainly it’s because of the passion. I love my job, I love what I do everyday…and this is not so common so…I’m feeling really lucky. Talking about my role at UNICRI, I decided to join them in order to support a neutral organization that is really trying to achieve important goals.

What’s your process?

Mainly building an international network of contacts; attending a huge amount of IT events all around the world, often as a speaker; trying to build an “informal communication and alert network” among LEAs, in order to simplify and speed-up the process of information exchange. We’re working on various R&D projects, that help and benefit the IT and ICT community all around the world. Our main research is HPP – Hackers Profiling Project (http://www.unicri.it/wwd/cyber_crime/hpp.php), where we’ve been able to interview more than 1200 hackers from five different continents. It’s a really huge research program, that will last five years more. It’s something never done before.

What are the “politics” with it world wide?

Politics – especially USA and EU – are driving towards issues related to privacy, Lawful Interception, copyright, etc. I’m a technical guy, with a technical background: I don’t like politics, though it’s clear to me that it’s something we need, somehow.

In my humble opinion, the common mistake when politics meet IT, is that politicians are obviously not IT people, they do not have an IT background, and often they misunderstand the logistics of IT…in this scenario, (big or small) mistakes may always happen.

What is next? What’s the future look like?

We are observing in incredible rise in cybercrime. New profiles of attackers arrived in the so-called “hacking underground”, and the hacking world – sometimes – is meeting with organized crime and State-sponsored attacks. The world is changing and, basically, the keyword is “the information”. In today’s world, “Information is the Power”, that’s the sole reason why all of this is happening.

Sum up a profile of the criminal hacker today vs. 10 years ago.

There are huge differences between hackers in the past and hackers nowadays. Hackers from the past were not “mandatory” criminals. While their actions were illegal (note: during the 80’s and the 90’s, “hacking” was not a crime in many countries of the world. I.e. in Italy it became a crime only in 1993/1994), the global approach was much more on the “challenge”, the “curiosity”, as well as “teens actions”.

21st century hacking has moved towards criminality. This leads us to Cybercrime, that is de-facto composed by many different “subsections”, where hacking is often related. I am talking about spam, carding, zero-day attacks (and all the black-market there connected), obviously Identity Theft, scams & economical fraud, that leads us to the so-called “Underground Economy”.

The on-going economical global crisis too has something to do with this: each time there’s a global crisis, criminality raises up. This is exactly what’s happening now, since 2009, and that will continue in 2010: people that basically are NOT criminals, may be forced/pushed to “accept” a crime deal, linked to cybercrime actions.

This happens because cybercrime does not involve “straight” criminal actions such as killing somebody with a knife or a gun, stealing a mobile phone from somebody’s hands, etc… It’s a not-physical crime, involving actors to think that they are not doing anything “bad”. Also, cybercriminals ALWAYS think that they will “never be busted”, since they rate themselves “much better, more skilled” than LE agents.

Last issue (of a really huge, huge picture!) is related to State Sponsored attacks. Recent attacks from China, Estonia and Georgia are showing us how much hacking techniques are involved in all of this. Governments are starting to hire hackers (USA, UK, China, Korea, Iran….) and set up Information Warfare: this will be one of the hottest keywords in the near future.

More info on our book on Hackers Profiling: http://www.amazon.com/Profiling-Hackers-Science-Criminal-Applied/dp/1420086936

Raoul Chiesa, OPSA, OPST, ISECOM International Trainer, CLUSIT, ISECOM, TSTF, OWASP Italian Chapter: Board of Directors Member Osservatorio Privacy & Sicurezza – OPSI-AIP, Comitato Esecutivo

Thank you Raoul. We appreciate your contributions.

  1. Get a credit freeze. Click on the preceding link and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
  2. Go to my website and get my FREE ebook on how to protect yourself from the bad guy.
  3. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. (Disclosures)

Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News

Convicted Burglar; Police Offer Tips for Keeping Home Secure

/in , /by

Robert Siciliano Identity Theft Expert

When it comes to breaking into homes, the best experts are the ones who know everything about the process, the burglars themselves.

The burglar in this story, is on probation for a September 2008 burglary conviction, but admits he burglarized 30 or 40 homes to feed a drug addiction.” When I was breaking into houses, the feeling was like you get when you open your presents on Christmas morning and see what you got.”

Imagine if that was your outlook? Think for a moment how warped and anti-social a person must be to process the world in that order.

This burglar prided himself in getting intelligence as to whether or not the homeowner was going to be there or not. He specifically made an effort to seek information prior to determine when they would be gone and when they would come back. Often that type of information is known amongst people close to the thief, often in a trusted position. He says that if you have someone in your life who is an active addict, then they should not be trusted with this type of information.  This is sage advice that should be heeded.

He also suggested stopping mail and newspaper deliveries when you travel, as these are signals to a thief that the house is temporarily vacant. I’ve never been a fan of this tactic due to the fact that your name and address are now on a “stop delivery” list signaling to anyone on the inside of the post office or newspaper delivery service that your house is vacant. I think it’s better to have a trusted friend remove the mail and newspapers daily.

This home burglar also stated he would mostly break into houses where the doors were left unlocked. This is an obvious issue that many people don’t consider due to the fact they are either lazy about their security or they say “I don’t want to live like that.” And I say, “live like what, secure?” It’s always bothered me that some people associated effective home security behavior with “paranoia” which is actually a mental illness and the complete opposite of secure.

Effective home security includes:

  • Timed and/or motion activated lights, inside and out. This burglar stated lights turned on made him nervous and he would go to a home that didn’t pose a threat of getting caught.
  • Trim bushes and shrubs. Anything covering doors and windows that give a burglar cover is an invitation to a thief. I also recommend defensive shrubbery with lots of thorns.
  • Encourage your neighbors to report any suspicious activity around your home while you are gone or even while you are home.
  • Install a home security system. It’s not enough to just lock your doors. A home alarm is an effective deterrent while you are away and while you are home. Even home alarm decals and signage is a layer of protection.
  • Dogs big and small. A dog need not be an attack dog to be an effective deterrent. Barking dogs bring attention to the home they are protecting.

Robert Siciliano personal security expert to Home Security Source discussing burglar proofing your home on Fox Boston. Disclaimer