​Prelude to a HACK

It all sounds harmless to post and share information, but to attackers these are great clues and can form the basis of a hack. Social engineering is a technique used as a foundational step to collect information for open sources.

A keynote from the CSO Perspectives Roadshow (Sydney 15th and Melbourne 22nd March) will feature an expert on this subject – Brett Webber from Sententia. Brett is an acknowledged thought leader and practitioner of deep analysis of open source data.

In a normal year, Brett is engaged by various law enforcement agencies, law firms and financial services companies to find all the things that we didn’t expect to be available online, or indeed we thought we had deleted.

Lots of Breadcrumbs

Should I want to conduct electronic surveillance of a targeted person or entity – I would arrange such an engagement with Brett. (For purely ethical business reasons of course!)

Brett uses Big Data tools and methodologies to collect large data sets to find the breadcrumbs of useful data, thus there is a critical and mandatory requirement for strong capabilities across a number of domains including:

  • Meta Data management
  • Unstructured data analysis
  • eDiscovery
  • Advanced Online Searching
  • Forensics
  • Social Media Data Mining.

Data is collected from multiple online sources and coalesced, then the real fun begins. The data is analysed against the requirements of the particular piece of work to develop valuable information for the client.

To analyse these large data sets of unstructured data from disparate data sources, companies like Sententia apply deep business and technical domain knowledge, and just a little hint of white magic.

Seeing patterns

This line of work typically produces a high proportion of ‘false’ positives, thus there is both a degree of inspiration and perspiration.

A demonstrated history of being able to eliminate false positives suggests that there is no luck involved, rather deep levels of skill with technology and methodology are involved in what to some may be a dark science.

Brett noted that: “In our investigations we are always surprised with what, and how much of it, we find. We bring expertise and context to large data sets which we obtain from a multitude of open sources. Enterprise search and analysis solutions enable us to join the dots. Often the data tells a very different story to that being spun elsewhere.”

Different disciplines in search are used including geospatial, social network analysis, keywords and search terms to augment supervised and unsupervised data analysis. Brett remarked that ‘key word’ search alone is quite limited.

The Power of Forensic Analytics

The acid test is how this actually works in the court of law. As I talked to Brett he also shared that in order to be used as evidence in court - insights from pattern matching has found critical items in many cases. In turn these new insights, led to discovery of facts and the overturing of claim matters.

Just one simple example, from Brett ……

“We recently found a key witness to an assault that had a particularly high media profile. The witness was found via an exchange of related material on a blog. Locating and contacting the witness in a manner which facilitated them being willing to give evidence was a key outcome, which assisted our client in turning the case to their advantage”.

Want to hear more? Then join us at the CSO Perspectives Roadshow in March.

CSO is proud to present our international keynote speakers: Robert Lentz, former CISO of US Department of Defense discussing the evolution of Cyber Security and Graham Cluley, world- renown IT Security blogger and Analyst (UK) on the rise of Malware in our age. We will also be featuring our Security Awareness stream, where you will hear from the likes of NAB and ANZ, as they discuss the importance of staff and customer security awareness programs. We will have up to 18 different interactive Security Exchange discussions on a variety of different topics for you to choose from as you build your personalised agenda for the day. Join CSO for a day of networking with your peers, engaging and discussing topics relevant to you, hearing from some of the top worldwide IT Security leaders in the market and attending the exhibition floor to win some amazing prizes.

Join the CSO newsletter!

Error: Please check your email address.

Tags analyticsediscoveryhackMeta Data managementCSO Perspectives Roadshow 2016data miningCSO AustraliaBrett Webber

More about AdvancedCSOindeedIT SecurityNAB

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Gee

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place