ACPO Guidelines

Computer Security Education & Awareness

Computer security education is an important element of providing a safe environment for digital assets.

CCC has provided a variety of education and awareness programs on differing aspects of computer security, these include:

  • advising on how to undertake internal investigations, the requirements for gathering evidence and the potential pitfalls that may be encountered.
  • educating employees on company policies and procedures.
  • ensuring employees understand the potential consequences of a breach, hence the reason for policies and procedures.

Get users to ‘buy into’ security…

I.T. Security Awareness

Talks and presentations should be aimed at raising staff and client awareness. We have found that a combination of question-and-answer sessions, combined with providing examples and giving demonstrations, has been the best approach.

Users with little or no technical abilities, who do not ‘buy into’ policies and procedures, looking to take shortcuts will increase the risk of compromise. Whereas those that understand the need to comply are likely to improve security. We have frequently found users circumventing or bypassing security measures simply because they were unaware of the implications or the measures were so restrictive that it prevented them from doing their work efficiently. Resulting in them looking for ways to get around those security measures.

We have also found it beneficial to break down the areas of education and awareness into the following groups.

  • Computer Security
  • Policies & Procedures
  • Malicious Programs
  • Wireless Exploitation
  • Password Security

One of the many gripes we have found employees to have are the password policies implemented by many companies, which are often poorly thought out. Resulting in users having difficulty remembering them because of their complexity or the frequency with which they are changed. It is quite possible that the reason for this is a lack of knowledge by the policymakers in relation to the real lifespan of a password, with decryption frequently cited as the main reason for policy.

Most policymakers have no experience of what is required to break a password. As a result, a ‘belt and braces’ approach is often taken, without fully understanding the impact on users or the increase in risk this may have. Forcing users to change their passwords every month can have a detrimental effect.

For example, a user may have a password that complies with policy, an example of which may be TheCanaries@01, with monthly changes resulting the password incrementally changing to TheCanaries@02, TheCanaries@03 etc.

Experience has shown that as time passes, users tend to forget the number they have reached, leading to frustration with passwords being written down. In reality,  good quality passwords can take years to decrypt even with the fastest and most sophisticated of attacks. Where, depending on circumstances, a more rational approach may be possible once company specific factors have been taken into consideration. Extending the life of a good quality password that meets company requirements has often been found to have a positive effect on users with no additional risk to the organisation.

Finally, senior management also needs to be seen to be complying with policy.

For more information email contact@ccc-ltd.com

Computer Forensics - Computer Crime Consultants

Computer Forensics

The original discipline in a growing group of electronic devices and storage media that are now the subject of digital forensics. CCC has and continues to provide investigative services and expert testimony covering the full range of disciplines for both criminal and civil cases, with clients including police forces, government agencies, corporate clients, the legal profession and individuals alike.

Where there is a potential for the results of an examination being used in legal proceedings, examinations are undertaken in accordance with ACPO guidelines.

Examples of the types of information or data capable of recovery from a computer would include:

  • Audio
  • Backups
  • Calendar events
  • Chat
  • Cloud
  • Digital assistant reminders.
  • E-mail
  • Encrypted
  • Files – documents, spreadsheets etc.
  • File
  • Internet activity
  • Media
  • Messaging
  • Peer-to-Peer
  • Pictures
  • Remote
  • Keyword search results
  • Social networking
    – Facebook, Twitter etc.
  • Timezone data
  • User Account
  • Videos
  • Virtual environments
  • Wi-Fi
  • Xbox
  • Virtual environments
    – MS teams, Zoom etc.

For more detailed information regarding specific artefacts that may be recoverable during an examination. Such as, bitcoin logged queries, cryptocurrency clients or cryptocurrency wallets, please email forensics@ccc-ltd.com.

Mobile Forensics - Computer Crime Consultants

Mobile Forensics

With advances in solid state technologies, mobile devices have increased their capabilities significantly, where apart contact, voice and text communications existing, social media technologies, audio, video and graphics can now also be found on the same device. Increasing the need for comprehensive mobile forensics to be undertaken.

The examination of mobile devices and other hand-held devices have increased significantly as the number of applications capable of use and volume of recoverable data has also increased. For many, these devices act as organisers, storing additional personal information. Such as significant dates, events, meetings, contact information, even passwords.

CCC provide a comprehensive range of mobile forensic services, for evidential, intelligence, or data recovery purposes.

Examples of the type of data available mobile phones and other handheld devices can include:

  • Application Data
  • Call logs
  • Deleted information
  • Documents
  • Emails
  • Geo-location data (GPS)
  • Images
  • Instant Messaging
  • Internet History
  • Multimedia Messages
  • Network Connectivity
  • Passwords
  • Phonebooks
  • Residual “digital assistant” data
  • SIM Card Data Analysis
  • Social Media
  • Text Messages
  • Video
  • VOIP Data
  • Wi-Fi History

Meta data contained within files such as images, can also contain location data, which may be relevant to an investigation.

For more information regarding this service, please email contact@ccc-ltd.com

 

mobile forensics

Scroll to Top