News from 2015

Interhack news from the year 2015.

Strategic Information Security

Interhack founder C. Matthew Curtin will discuss Strategic Information Security with the Columbus chapter of ASIS International on November 19, 2015. In this presentation, Curtin shows how security is often pursued by reacting to anecdote rather than analyzing data that show the most effective way to manage risk.

About ASIS International

ASIS International is the leading organization for security professionals worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS International Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities, and the public.

About Interhack

Interhack is a computer expert firm based in Columbus, Ohio, providing unassailable opinion in matters of cybersecurity and electronic evidence for courtrooms and boardrooms throughout the United States. Whether protecting clients in direct operations or discussing the meaning of data in trial, Interhack's work is used to find the best answers that science can provide. The firm is online at web.interhack.com.

WeAreIT and Edison Community College

C. Matthew Curtin of Interhack will be at the WeAreIT Conference at Edison Community College to encourage girls exploring information technology career options.

Interhack has supported the event since its inception, showing career paths in cryptography, cybersecurity, and forensic data analysis. The program has been held annually at community colleges throughout the State of Ohio, showing career options for thousands of participants.

About Interhack

Interhack is a cybersecurity firm based in Columbus, Ohio, providing expert guidance on the development and use of cybersecurity technology and its integration into business and legal processes since its founding in 2000. The firm is online at web.interhack.com.

Ohio Association of Criminal Defense Lawyers Superstars Conference

Interhack founder C. Matthew Curtin, CISSP will present his recent work in the interpretation and presentation of electronic evidence in criminal hearings and trials at the Ohio Association of Criminal Defense Lawyers Superstars Conference on October 23, 2015.

The presentation will cover proper acquisition of electronic evidence to avoid side-effects and spoliation of evidence, reconciliation of filesystem timestamps, and interpretation of forensic artifacts identified by forensic data examiners. Showing how attorneys can—intentionally or not—misinterpret such artifacts and argue to the Court or a jury not only the best interpretation for their client but one that actually goes beyond the scientific evidence. Curtin concludes the presentation with a discussion of how to approach electronic evidence and making the best use of scientific experts.

About Interhack

Interhack is a cybersecurity firm founded in 2000. With engagements throughout North America the firm addresses the acquisition, interpretation, and presentation of electronic evidence in federal and state courts. Interhack is on the web at web.interhack.com.

ILTACON 2015 Incident Response Planning That's Battle Tested, Client Approved

C. Matthew Curtin, CISSP of Interhack will join a panel of experts to discuss the process of planning for security incidents at ILTACON 2015.

Presenting from different perspectives inside and outside of law firms, the panel will help participants to understand not only how to get started but how to make effective plans that are defensible.

About Interhack

Founded in 2000, Interhack is a cybersecurity firm based in Columbus, Ohio. The firm's work in incident response includes training client organizations, direct-action response to client breaches, and analysis of breaches in civil litigation. The firm's work has been used in setting legal precedent in privacy and security litigation. Interhack can be found online at web.interhack.com.

Incident Response at LegalSEC

Interhack founder C. Matthew Curtin, CISSP will be presenting at the International Legal Tech Association (ILTA) LegalSEC conference in Baltimore, Maryland on June 9, 2015.

Not only are law firms advising their clients on handling cybersecurity incidents, but law firms are themselves becoming targets for attackers. In addition to the concerns that affect every individual and organization targeted by malicious actors, law firms need to ensure that they are acting ethically to protect their clients' sensitive and privileged information.

About Interhack

Interhack is a cybersecurity firm based in Columbus, Ohio. Engaged in cybersecurity since its founding in 2000, the firm has protected clients throughout North America through active defense of attacks, neutralization of vulnerabilities, and assessment of electronic evidence. Interhack can be found on the web at web.interhack.com.

Charges Dismissed: How Experts May Undermine your Forensic Evidence

Consumers of forensic and technical evidence often fail to understand the limitations of the evidence, weaknesses in the methodology and alternate explanations of data. This engaging session will draw from the speaker’s practice as a forensic computer scientist to show how he has successfully rebutted evidence taken to court.

Abstract

Consumers of forensic and technical evidence often fail to understand the limitations of the evidence, weaknesses in the methodology and alternate explanations of data. This engaging session will draw from the speaker’s practice as a forensic computer scientist to show how he has successfully rebutted evidence taken to court.

About Interhack

Interhack is a national cybersecurity firm based in Columbus, Ohio. In addition to the conduct of cybersecurity and incident response operations, the firm acquires, analyzes, and presents forensic evidence in civil, criminal, administrative, and military matters. Founded in 2000, Interhack's work has been used in federal and state courts throughout the United States. The firm can be found on the web at web.interhack.com.

Crypto War II: Protecting the Infrastructure

COLUMBUS, OHIO---On April 15, 2015, Interhack founder C. Matthew Curtin issues a call to action to security professionals: recognize the threat, take responsibility for defense, and exercise the right to use strong technology to protect the infrastructure.

During the 1990s, private security professionals and government agencies waged a battle over the control of cryptographic technology known generally as the Crypto Wars. Recent statements by the Director of the FBI James Comey, President Obama, and UK Prime Minister David Cameron indicate that we are headed into another Crypto War, where governments want to be able to compel private citizens and organizations to allow access to their information on the power of a warrant. With private organizations suffering expensive and embarrassing data breach incidents and government agencies working to undermine security in Internet standards and US companies' products, a path forward to protecting US critical infrastructure must be charted. This presentation highlights critical aspects of the 1990s Crypto Wars, and presents the proper role of government and private security professionals for securing the United States against its enemies.

Register for the event online at http://www.centralohioissa.org/?page_id=1650&ee=47.

About Central Ohio ISSA

Columbus chapter of this not-for-profit organization, and since 1989 we have been the voice of security in the metro area. Our 230+ members know that our forums will provide a venue for knowledge-share, networking, and career growth. When you attend one of our events you may find at your table a CISO of a Fortune 1000 firm, a security architect, a security analyst, a privacy officer, an attorney, and/or a security consultant. Diverse backgrounds, different points of view, a wide range of infosec experience and talent spanning every market vertical—all oriented towards addressing security issues faced by practitioners and leaders.

About Interhack

Interhack is a computer expert firm focused in cybersecurity and analysis of computer data. The firm uses teams of experts to conduct data breach analysis, incident response, penetration testing, application security assessment, vulnerability assessment, and other operations throughout North America. The firm's experts are often called to testify in matters ranging from computer crime to privacy and intellectual property theft to technology patent cases. Our experience includes civil, criminal, administrative, and legal adjudication, having been engaged by plaintiffs, defendants, and the courts directly. Interhack is on the web at http://web.interhack.com/.

Computer Forensics: Trade Secret Theft Case Study

Interhack Founder C. Matthew Curtin will present with attorney Matthew C. Curran at the Lawyers' Club of Cincinnati on Thursday, March 19, 2015.

The presentation provides a brief background and tips to help attorneys understand what forensic analysis of computers may yield, and how to engage with computer experts. From there we turn our attention to the matter of H&H Industries v. Erik S. Miller, a federal case heard in the Southern District of Ohio where a forensic computer expert was instrumental in bringing key facts to light.

The Ohio and Kentucky CLE presentation will be held at the Montgomery Inn Boathouse Bob Hope Room Overlooking the Ohio River. Lunch will also be served. Cost for Lawyers' Club Members: $20 for One CLE Session and $30 for two CLE sessions; non-members $25 for one CLE session.

About The Lawyers' Club of Cincinnati

The Lawyers' Club of Cincinnati was founded in 1920 as an alter ego to the Cincinnati Bar Association.  It's a small, friendly group of lawyers with a wide range of practices. The Lawyers Club can be found online at www.duiguy.us/Home.php.

About Interhack

Interhack is a computer expert firm. Our work is used nationwide to address questions in cybersecurity and forensic computer and data analysis. We can be found online at web.interhack.com.

About Lindhorst & Dreidame Co., L.P.A.

Lindhorst & Dreidame is a Cincinnati law firm known throughout Ohio for our strengths in medical malpractice defense, insurance defense, transportation and railroad law, and business litigation. The firm is online at www.lindhorstlaw.com.

Defending Against Cyberattack

COLUMBUS (February 5, 2015). How can an organization defend itself in the face of sophisticated cyberattacks? Interhack Sr. Specialist Matthew M. Brothers-McGrew, CISSP discusses cybersecurity with Beth Dal Ponte on WCMH-TV (NBC4 Columbus). The answer goes well beyond the information technology department and the tools put in place to protect information. Ultimately the matter is one of identifying risk and managing it appropriately.

Haphazard efforts and knee-jerk reactions are not the path to security. Neither is the purchase of yet another product. Security is like safety: take advantage of tools, be guided by policy, and act in recognition of your goal and what you want to avoid.

“A comprehensive security program that includes all members of an organization is the most effective preventive measure that a company can put in place. A person in accounting clicking on an email containing malware can often be the weakest link in the best-laid security plans.”
—Matthew M. Brothers-McGrew

Protecting Your Organization

When going about your job, remember not only what you are there to do, but be aware of what you should not do. Should you not give away proprietary information to competitors? If so, what information is proprietary? Where is it maintained? How do you access it? How do you handle it?

You might not print out sensitive information, put it in an envelope, and hand it over to a competitor. But would you reveal the same information in an informal conversation with a friend in a public place, where someone can over hear it? Would you keep that document on the same computer where you aren't using a malware scanner? On the same computer that you use for file sharing?

Remember two things and act accordingly: computer systems fail and people make mistakes. If your behavior protects your organization even when those things happen, you might still be a target but you're not an easy target.

Protecting Yourself

Remember that an organization can lose control over only what information you provide it. Many ask for personal information but that does not mean that you necessarily need to supply it. Name and social security number are common targets for attackers to use for identity theft and fraud. You can reduce the number of possible databases in which that information about you appears through your own behavior.

For example, if you buy a car do you arrange your financing through a bank where you already are doing business? The dealer will want to offer you financing, but in order to do so you need to give your name and social security number. If you provide it, there is now one more database in the world where breach means exposure of your information.

Other tips to protect yourself include keeping your passwords private, not using the same password for different sites, and watching for suspicious activity in your statements and credit reports.

About Interhack

Interhack is a cybersecurity and computer expert firm with operations throughout North America. We perform cybersecurity and incident response services, and act as experts in legal proceedings. Interhack is on the web at web.interhack.com.

Privacy Implication of Mobile Phone Sales

Interhack looks at mobile phones discarded for sale for WTTE Fox 28 in Columbus, finding messages, photos, business documents, and other private information. Using security features like encryption can help you sell your used phone while protecting your privacy.

COLUMBUS (January 29, 2015). Interhackers C. Matthew Curtin and Brad Moore work with Columbus TV station WTTE Fox 28 to show that selling your mobile phone may provide the buyer with your personal information. Reporter Adam Aaro provided Interhack with a set of mobile phones that their owners intended to sell. Brad Moore inspected the devices for recoverable data.

Cryptography is a powerful tool and now readily available to help you protect your privacy.

While the amount of recoverable information varied from device to device, results overall showed that information including communications, calendar appointments, call histories, contacts, and business documents.

Simply deleting records from the phone is typically insufficient to prevent the buyer of your phone from being able to retrieve such information. With phones keeping such voluminous and detailed records of our whereabouts and activities, giving a stranger your phone is not unlike selling your file cabinet without first emptying the files.

The good news is that many devices running Android and iOS now are providing the kind of security features long-available on BlackBerry devices: encryption. Use of encryption is a powerful tool not only for keeping information private while you're using the device, but ensuring that later legitimate users of the device do not have illegitimate access to the information there. Even if data are recoverable through a device reset, the data available will be encrypted, unreadable.

Fox 28's segment is available for viewing at www.myfox28columbus.com.

Crypto War II: Weakening the Infrastructure

COLUMBUS (February 10, 2015). Interhack Founder and cybersecurity expert C. Matthew Curtin will present at a MEMBERS-ONLY meeting of the Central Ohio InfraGard Members Alliance on Wednesday, March 25, 2015. Only current members of the InfraGard Members Alliance will be admitted to this a lively critique of recent public policy recommendations and presentation of Mr. Curtin's own recommendations for how to promote cybersecurity in the critical infrastructure of the United States. See www.cmhinfragard.org for details on confirming your membership status and to register.

Abstract

Security is fundamentally a product of two variables: the frequency of attack and the impact of attack. Federal government policy both in the original Crypto Wars of the 1990s and again twenty years later has been to reduce the frequency of attack. The strategy has been to improve the ability to monitor potential attackers, to predict attacks, and to prevent them from taking place. Promulgation of this strategy has resulted in DOJ officials making true-but-misleading statements to Congress, sabotage of Internet standards for cryptography, and ultimately systems that are vulnerable to snooping by attackers including foreign intelligence services. The President of the United States and the Prime Minister of the United Kingdom are now advocating that governments should have access to encrypted data.

Curtin believes that this approach will weaken the infrastructure of the United States, making our institutions and our citizens more vulnerable to enemies foreign and domestic.

In this talk Curtin proposes a superior approach that puts American resources, public and private, on the same team in reducing the impact of attack. He advocates the hardening of targets, recognizing that attacks will come, but will not succeed when good defenses are in place. Such defenses include the encryption of data in the Cloud and the use of tools and techniques that harden targets against monitoring, even by government agents.

The talk will be delivered by security and cryptography expert C. Matthew Curtin, a coordinator of the DESCHALL project that in 1997 cracked a message encrypted with the government standard DES for the first time in open research. The project's success immediately changed the debate in Congress, a change in executive policy regarding the export of strong cryptography, and the adoption of a replacement for the now-defunct DES.

About Interhack

Interhack is a computer expert firm based in Columbus, Ohio, with a national practice that covers cybersecurity, data breach response, incident management, and security assessment. The firm's experts are often engaged in litigation to help attorneys, judges, and juries make sense of complex technology. Founded in 2000, Interhack is on the web at web.interhack.com.