Have I Been Hacked?
After working in digital forensics for more than two decades, it is common to receive a call from a potential client who thinks they have been “hacked.”
After a few minutes of conversation, a “paranoid client” meter can quickly become active. If it reaches a predetermined threshold, we systematically walk through the technical aspects required for this to be realistic and provide an honest assessment of whether it likely occurred.
However with the somewhat recent NSA hacking revelations that have been disclosed, cybersecurity companies have had to re-calibrate their paranoia meters just a bit. The truth is that there are now numerous vectors in which someone can hack you to obtain your personal data or spy on you: computers, mobile devices, and cloud platforms. To ensure relevance, we will not be discussing the NSA or major hacking groups such as anonymous, nation states, or the Russian mafia in this article.
For computers, the crowd favorite method of spying that we encounter is the installation of commercial malware. This software can gather a wealth of valuable information. One of our cases as computer forensics experts involved commercial spyware and the usage was actually ruled to be Federal Wiretapping. One of the more common products that we encounter for computers is Veriato, formerly Spectorsoft. As described on their website, this software provides that ability to capture and report on:
- Chat/Instant Messaging
- Websites Visited
- Applications/Programs Used
- Online Searches
- Keystrokes Typed
- User Activity/Inactivity
- File Transfers
- Document Tracking
- Network Activity
Spectorsoft is available for both Microsoft Windows and Apple OSX. Please understand that this software executes in “stealth” mode and, due to this being a commercial product, any anti-virus protection installed will not alert on this software. Someone can get all of this and more for $99.95. While there are other products on the market, the majority of them are very similar to Spectorsoft.
Hacking Mobile Devices
As we discussed in a previous blog post, mobile devices are overtaking computers as the technology of choice. Without a doubt, mobile devices are the No. 1 method of communication. In addition, 30 percent of users access Facebook exclusively from their mobile device. One of my favorite mobile device statistics is that 72 percent of people are never more than 5 feet from their phone.
With this level of usage, spying on the computer is no longer the only objective. Most are finding that mobile devices also contain VERY valuable information. A simple Google search for either “mobile device monitoring” or “mobile device spyware” produces numerous results with varying levels of capabilities. The possible features consist of:
- Monitoring text messages
- Monitoring phone calls
- Monitoring email
- Monitoring app installs
- Monitoring photos/videos
- Monitoring Internet activity
- Monitoring locations
- Monitoring of social media usage
- Monitoring address book
- Monitoring of notes
- Monitoring of tasks
- Monitoring of calendar
While there are numerous options available, we are not aware of one application at the time of this writing that can collect all of this information on all devices. For example, the Apple iPhone is VERY difficult to monitor in stealth for many reasons. It is more common for commercial spyware to be able to monitor the Android and Blackberry platforms.
Hacking Data in the Cloud
Most all of us are using “the cloud” in some form or fashion (think Gmail, Facebook, Dropbox, iCloud, etc.). Cloud data is also becoming a target for personal and sensitive information.
Once you place your data into a cloud platform, it potentially makes your data more accessible. Someone no longer needs to have physical access to your phone or computer; they simply need your username and password to get into your email, files, and social media accounts.
In some instances your iPhone backups can even be accessed with the correct username and password. If you choose to use a simple password, others can potentially determine it and access your data.
Therefore, please choose a strong password and change is periodically (Yes, I know this is a pain). A good option for password management is LastPass.
Hacking Isn’t Simple
It is possible to be hacked from different vectors such as computers, mobile devices, and cloud platforms. However, it isn’t a simple thing to do. The overwhelming majority of the time, physical access is needed to install spyware on computers and mobile devices. To determine if computers or mobile devices have spyware on them, a detailed forensic analysis by a qualified professional is often needed to gather the essential details. For cloud “hacking” a different approach is needed but catching the culprit is possible.
Sword & Shield’s digital forensics and mobile forensics experts team with attorneys and organizations to deliver our services. We use the same mobile forensics tools used by law enforcement investigators and can handle investigations spanning multiple devices, computers, networks, and more. Contact us for a free consultation to get started.