If Dark Data is hidden, how can it be dangerous? How much of a threat can it possibly be? Dark Data is everywhere. It’s hidden in the firmware of the smallest devices, like survelance cameras, printers, TV streaming devices, your smart watch, your smart phone, everywhere. It may be collected intentionally, or as a mistake made by a computer programmer. I am describing Dark Data in the form of unstructured files, which is what we specialize in, as opposed to the Dark Data that resides in large company databases called “Big Data”.
International Threats
All over the world, terrorist cells are communicating secretively by sending image files across the Internet. They are using Steganography to embed messages and data into normal looking image files. An example of this was a Jihadi Sleeper Cell, that was recently caught in Assam, India.
Countries are using Cyber Espionage and Cyber Warfare to spy on each other, and disrupt their foes. One method they use is to hack into websites, servers and peoples’ devices, with phishing attacks and Trojan files. Once they have infiltrated a system, they utilize Malware to accomplish their goals. An example of this, was the 2020 SolarWinds attack. When the Russian state-sponsored hacking group, Cozy Bear, took control of the software IT security system, they were able to infect 18,000 customers. They planted their Trojan in a Software Update.
Corporate Threats
Ransomware tends to target larger corporations and government agencies, because they have the potential for higher payouts. They enter organizations, in the form of Malware, through Phishing Spam and Security Vulnerabilities. Malware either mimics familiar application names or stows away as a Trojan Object in innocent looking unstructured files.
Disgruntled employees and past employees may gain access to your company’s Intellectual Property and Sensitive Customer Data. Employee Theft can result in enough legal, reputation and competitive damage to potentially put a company out of business. Before the Internet became so convenient, I witnessed a fellow employee copying all customer data onto a thumb drive with the intent of walking out the front door at the end of the work day and starting their own business to compete with ours. Today, she could do the same thing with an email attachment or FTP file transfer.
Personal Threats
Your smart phone tracks your location using GPS. The original advertised purpose was to provide you, and your installed applications, with proximity specific content. This can help emergency services to find you, when you dial 911, but this hidden data can also be used for less honest and transparent purposes. Google has been caught sending this information to their servers without permission from their users. They weren’t just tracking your current location, but all of your location history. There are also applications and Malware available for Cyber Stalkers to track you as well. Even Social Media Stalking is a threat, when you advertise your location too often.
Imagine opening an app on your cell phone, and discovering data that you didn’t put there. Evidence Planting can not only get you in trouble, if found by law enforcement, but can also destroy your personal reputation. A competitor, political opponent or bitter enemy could sneak Malware onto your phone, then plant Incriminating Evidence there. The Pegasus Spyware application has been used to upload Malware through the Apple iMessage application, without even requiring the user to click on a link. If someone simply put child pornography images on your device, and the FBI was informed of its presence, you could be in big trouble with the federal government.
Solutions
Proactively, you should protect your company with Business Insurance, and regularly scheduled Backups. While both of these solutions are mostly only useful reactively after the event, I believe that they are both necessary and should be standard business practice. Daily Backups can protect you from serious down time from a Ransomware attack. Although more recent ransomeware attacks have included data theft as part of their threat.
Scanning your unstructured files in motion (over the Internet and internal network) and at rest (on hard drives and servers), is another proactive solution. But, if a file has already made it to your hard drive, then the Virus Scanner is technically quarantining it reactively. A Firewall can catch malicious files proactively before they are delivered to your computer or devices. Virtual Private Networks (VPN) provide you with a secure tunnel from your location to a trusted secondary location. This can protect you when using a device on a public WiFi network, assuming that your secondary/home/ISP location is sufficiently secured.
At Forensic Innovations, we are planning to provide computer and mobile device applications in 2023 to scan for irregularities at the unstructured file level, as well as all of the objects inside those files. Our solution will empower individuals to keep ahead of any threats on their personal devices, as well as corporations to maintain data integrity with their company owned devices and BYOD (Bring Your Own Device) users. Our goal is to provide complete Data Transparency, and the ability to cleans your devices of any recorded data that you don’t approve of. You will then be able to take complete ownership of your personal data on your devices. We currently provide our technologies to Electronic Discovery service providers, Government Agencies, Law Enforcement and Digital Forensics Investigators. Soon, we will be releasing our new Dark Data Detective investigation and research platform. These field proven technologies will be leveraged in our 2023 personal line of products.
I welcome comments with any constructive corrections, and additional Dark Data Dangers.