2015 - Kemper Forensics : Kemper Forensics

December 15, 2015

No Comments

Phishing Email Leads to $750,000 OCR HIPAA Settlement

In a press release dated December 14, 2015 U.S. Department of Health and Human Services Office for Civil Rights announced a settlement with the University of Washington (UWM) for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.

In November of 2013, OCR initiated an investigation of the UWM following receipt of a breach report of approximately 90,000 individuals electronic protected health information (e-PHI) was accessed after an employee opened an email attachment that contained malware. The malware compromised the organization’s IT infrastructure stealing patient information, such as names, date of births, social security numbers, medical record numbers, billing information, etc.

December 1, 2015

No Comments

VTech Data Breach: 5 million records, including Photos of Children

Yesterday, Hong Kong based toymaker VTech (VTech Holding Limited) announced a data breach of approximately 5 million customer records and related kids profiles worldwide were affected by this data breach. VTech’s online portal more commonly known as Learning Lodge, allows parents to register accounts for themselves and their children. This allows parents to download apps and other VTech related electronic content. A hacker that has leaked the content of this data breach revealed he has no plans to do anything with the stolen data. So what type of information was stolen?

According to the FAQ page, in the United States alone 2,212,863 parent accounts and 2,894,091 child profile accounts were compromised.

November 30, 2015

1 Comment

Cyber Monday Consumer Tips

Here are a few tips to help make the most of Cyber Monday today:

Shop reputable websites. First, ask yourself if you’ve done business with the website before? What are other users saying about the website? Be cautious with deals that just show up on Facebook, Twitter, and other social media sites. How many Facebook/Twitter followers does the account have and when was the social media account registered? Prior to entering your credit card and payment information, make sure you are on a secure website (https://). Check the status browser in your browser to make sure the padlock icon is locked, which ensures your connection to the website is encrypted. DO NOT submit your credit card information or bank information over public Wi-Fi! Avoid paying via electronic check and a use a major credit card.
Be alert for counterfeit product. Can you spot counterfeit merchandise? Does it sound too good to be true? Then it probably is and you should avoid these products. A $50 iPad, or other reputable brand name products that are being sold very cheap should be a red flag. DHS’ ICE (Immigration, Customs, and Enforcement) shared this short video via Twitter about counterfeit merchandise this past week. Department of Homeland Security also shared this news release.

November 11, 2015

No Comments

CyberFetch Spotlight Interview

In September, our Digital Forensic Examiner Lead Brad Garnett was interviewed by CyberFetch. CyberFetch is a Dept of Homeland Security Science and Technology Directorate that spotlights interesting people in the cyber forensics community. You can read the interview here: https://www.cyberfetch.org/groups/brad-garnett

July 22, 2015

1 Comment

Car Hacking: Researchers Remotely Hack Jeep Cherokee

The story

**Update July 24th*: Reports show Fiat-Chrysler will be recalling 1.4 million vehicles

Yesterday, Wired.com broke the story of how two security researchers remotely hacked into a Jeep Cherokee that was driven by one of their journalists. The journalist agreed to test drive this motor vehicle while the security researchers wirelessly connected to the vehicle and began controlling various components of the vehicle from miles away. The security researchers have been conducting research in this area for several years. In 2013, the same journalist test drove a Ford Escape and Toyota Prius in South Bend, Indiana, and researchers were able to disable the vehicle’s brakes, honk the horn, pull on the seatbelt, and even steer the vehicle in a parking lot. You can read the full current story on Wired.com.

June 2, 2015

No Comments

ISBA Solo and Small Firm Conference

We are pleased to be attending the Indiana Bar Association’s Law Expo June 4th through June 6th in historic French Lick, Indiana. If you are attending this conference and are looking at ways to incorporate forensic services into your law practice, please stop by our booth and see us! Solo and small firms can really benefit from digital evidence in their law practice!

We will also have someone available to discuss forensic accounting and our business valuation services.

Event Schedule: http://www.inbar.org/events/Sessions.aspx?id=514910

May 13, 2015

No Comments

Digital Forensics in the NFL: A Look at DeflateGate

By now, you have probably read about the Wells Report released this past week concerning deflated footballs used in the AFC Championship game between the New England Patriots and the Indianapolis Colts this past season. Monday afternoon, the NFL announced it would suspend New England Patriots Quarterback Tom Brady for the first four (4) games of the 2015-2016 season for violating the NFL policy on the integrity of the game. The NFL will also fine the New England Patriots $1M and the Patriots will forfeit 2016 first round and 2017 fourth round draft choices. Different forensic science disciplines came into play during the “DeflateGate” investigation. This article focuses on how digital forensics played an integral role in what has been commonly known as “DeflateGate”.

April 29, 2015

No Comments

IoT: Internet of Things

If you are entrenched in technology you’ve probably heard about IoT (Internet of Things). If you are not in the middle of technology mix, then IoT is something that you are going to hear more and more about in the future. So What is IoT? It is basically the movement of internet enabled devices embedded into many everyday items. This ranges from home automation (e.g. your internet capable thermostat), automobiles, and to wearable technology (e.g. Fitbit & Apple Watch), and everything in-between. Yes, the internet is all around us and it isn’t going anywhere.

March 30, 2015

1 Comment

Digital Forensics: Recovering a Deleted Document

Hello Reader,

Our first blog post was inspired by a common question our clients pose to us, how do you recover a deleted document?

You have probably heard by now that a deleted file is not necessarily deleted. You’ve come to the right place and this is a question that we often help our clients answer. The objective of this blog post is to provide you an overview of how a digital forensic examiner recovers a deleted file from a thumb drive. In this blog post, we are going to cover the FAT file system, which a lot of small removable media devices, such as the 1GB thumb drive referenced in this blog post store data. Larger capacity removable media storage devices use other file systems, such as NTFS for storing data. Your Windows PC is using NTFS as its file system (unless there is a small chance you are using an antiquated PC running Windows XP or older operating system). FAT and NTFS file systems are beyond the scope of this blog post, but something that forensic examiners are familiar with when it comes to performing forensic examinations.

There are many methodologies and tools that a forensic examiner may utilize when recovering a delete file. This blog post is going to focus on recovering a deleted Microsoft Word document from a thumb drive. There are many forensic artifacts associated with this exercise, but we are just focusing on viewing a deleted file from a thumb drive. The file that we are going to recover is called “secret.docx” and it was deleted from a FAT formatted 1GB Kemper Technology USB Thumb Drive as pictured below (Figure 1).

Figure 1

March 11, 2015

No Comments

Welcome: Our Digital Forensic Services

As technology has changed through the years, so has the manner in which people communicate and share information. If you want to learn how to do something, where to vacation, or just stay in tune with what is going on in the world, a Smartphone, tablet, or computer are all within reach to help you find that information. Slow, dial-up Internet connectivity is a thing of the past and fast, high-speed Internet connectivity is now!

With the popularity of social media, e-mail, digital photography, document sharing, and other forms of electronic communication, people leave a trail of digital footprints every day. These digital artifacts provide clues about an individual’s identity and activities and can prove to be critical during a number of situations businesses – and individuals – often face. Digital forensics, e-discovery, and data recovery services can be utilized in civil litigation, divorce, business law, intellectual property theft, employee misuse, or business operational matters.