10 Disaster Information Security Tips From Digital Forensics Experts

Cyber attacks in numbers

If you’re still unsure whether cyber security threats are to be taken seriously, take a look at the following statistics, numbers, and facts:

• Between 2019 and 2021, the number of cyber-attacks has almost doubled. (Source: Identity Theft Resource Center)
• 62% of insider data breaches were due to employee negligence. (Source: Ponemon Cost of Insider Threats Report)
• In 2021, there were 623.3 million ransomware attacks (up by 105%). (Source: Techrepublic)
• 500 million LinkedIn user records were leaked due to a major data breach in 2021. (Source: ITgovernance)
• 87% of Anomali’s survey respondents claim to have experienced a cyberattack that resulted in a data breach, disruption, or damage. (Source: Anomali)

This is just the tip of the iceberg, but it should be more than enough to give you a perspective on how serious of an issue information security is nowadays.

To stay on the safe side and avoid becoming a victim of a cyber attack, make sure to implement the following recommended cyber security practices:

1. Grant access privileges on a per-need basis

Think hard before bestowing administrative privileges on an individual, especially if:

• That person has not been around in your department for long
• That person doesn’t require elevated privileges to complete the task

According to Goldstein, 60% of data breaches are caused by malicious insiders. Not to incite paranoia, but these are the numbers.

In light of these findings, the best course of action is to grant access privileges on a per-need basis. Otherwise, someone could misuse your trust to go beyond the scope of their authority and stick their nose in matters that don’t concern them, thus making for a major information security leak.

Even in cases that require administrative privileges to complete the task at hand, any access privileges should be revoked immediately after that individual no longer needs them.

2. Make regular backups

The very nature of working with digital files implies unpredictability. Whether it be due to a hardware failure, ransomware, hackers, or other internet threats, sensitive data can be lost in the blink of an eye, even if you consider yourself knowledgeable in information systems security.

Therefore, you should make it a point to prevent data loss at all costs and make regular backups of your most important data. Ideally, you should have:

• At least one cloud backup
• At least one physical backup (flash sticks, exterior drives, DVDs, etc.)

This way, you will be able to restore it even in the unfortunate event of a disaster (fire, hacking attempts, theft, and so forth). In case you have multiple copies, it’s highly unlikely that you will lose access to all of them.

Ransomware attacks are increasingly more frequent

As ransomware attacks are picking up the pace in the latest cyber safety and security trends, the safety net of having a reliable way of restoring your data is becoming that much more crucial to your peace of mind. In essence, a ransomware attack is when you get infected by a specific type of malware that encrypts your files against your will and throws away the key.

The last thing you want to do is pay a ransom to the hackers if your files do end up getting encrypted and the key tucked away. Not only would this entice them to continue in their nefarious ways, but you’d also be placing a sizeable chunk of your department’s finances on hope and a prayer.

After all, nothing is binding the hackers to follow up on their promise of sending you the decryption key despite having received the payment.

FACT: In 2021, there were more than 78 million attempted ransomware attacks. (Source: Techrepublic)

3. Learn about good password practices

Strong passwords are the gateway to network information security. If your password is something like “12345” or the name of your puppy, hackers are going to be able to get in before batting an eyelid.

To achieve a decent level of cyber protection, your passwords should contain:

• Special symbols
• Numbers
• Capital letters

You should avoid basing them on facts someone could easily research (such as where you grew up or what was your mother’s maiden name). Longer passwords are preferable – this serves as a good preventative measure against brute force attacks.

Other information security measures include changing your passwords often and never re-using them as people often do simply because it seems convenient. If you think this can take quite a toll on your brain’s capacity to remember things, the good news is, you don’t necessarily have to.

Thanks to password managers, you no longer need to memorize every single password

Password management software was developed exactly for the purpose of providing a more suitable and more secure alternative to re-using your passwords or having to write them down manually.

When using one, all of your passwords will be stored in an encrypted database and accessible by inputting a master password.

4. Educate your staff about phishing

Once in a while, any law enforcement department will need to communicate with the outside world, and email messaging still remains one of the primary professional communication channels.

The problem is, that it also happens to be one of the easiest ways to dupe an unsuspecting target into voluntarily giving away sensitive personal data such as one’s login credentials or revealing sensitive details about an ongoing case investigation to an unauthorized third party. This is known as phishing, which is one of the most potent internet threats out there.

How to recognize phishing

In a typical scenario, a hacker would set up a fake login page with the sole intention of harvesting your login credentials.

Under the guise of a false identity, the hacker would then proceed to send an email to one of your staff members, often pretending to be one of their superiors and urging them to upload a report, update their account, or something similar.

To ensure no one falls for it, educate your staff to recognize telltale signs of a phishing attack, including:

• A sense of urgency to act
• Typos and inconsistencies in the email address or domain name
• Poor grammar
• Unusual writing style
• Threats
• Bluntly requesting login credentials or other sensitive data

Whenever in doubt, double-check with the person who appears to be signed under the email’s content. If they don’t know anything about it, you’re definitely dealing with a phishing attempt.

5. Make time for regular updates

One of the most common ways hackers and unauthorized individuals compromise a system is by taking advantage of unpatched software or system vulnerabilities. This is why you should never wait too long to apply computer security updates when they get released.

This applies to:

• Operating system updates
• Software updates
• Plugin and extension updates
• etc.

A common reason why so many people delay updating their system is that updates often require taking the device offline and restarting it, even if it’s just for a couple of minutes. Even so, this can be enough to disturb an individual’s workflow, so delaying the update by just another day often seems so appealing.

Sometimes, you need to make time in your schedule to apply these vital security updates. The good news is, that they don’t require your active participation, so you may as well initiate the update process while going on a lunch break.

6. Invest in a security system

An ounce of prevention is worth a pound of cure – a mantra to live by. In the field of information security, this translates to allocating at least some of your budget to:

• Security forensics tools
• Antivirus software
• Firewalls
• External backup media
• etc.

While true that having strong IT and cyber security fundamentals will go a long way towards helping your department stay safe from cyber threats, it’s important to have at least the basic tools with which you’ll gain an upper edge.

If you think it’s too expensive, just consider the financial burden of being slapped with regulatory or legal fines in case of a breach, not to mention the loss of trust in your department. When you put things in perspective like this, investing in your security arsenal is a very small price to pay.

7. Invest in your team's education

Investing in your team members’ education is equally as important as having all the right software and hardware tools to combat cyber threats. After all, it’s important for everyone to be on the same page if you want to prevail in this battle.

Ideally, your law enforcement organization should have an information security policy in place that clearly outlines what is and isn’t allowed. An example of this would be your stance on Bring Your Own Device to work (BYOD).

Even though your network and information security infrastructure may be up to par with the latest cyber threat landscape, that particular user’s device may not. So think twice whether you’ll let them use it for work-related purposes (and if the answer is yes, it’s wise to limit the scope of the use).

8. Use firewall protection

Setting up a firewall is one of the network information security essentials. The gist of it is gaining the ability to monitor any incoming and outgoing traffic to determine if there are signs of malicious activity. Oftentimes, the malware attempts to “phone back” to the home server, which can give you valuable clues whether your system has been compromised.

At the same time, using a firewall lets you whitelist certain applications you’d like to retain internet access (such as your antivirus as it looks for updates). All others will need to request permission on a case per case basis. This way, nothing will be able to slip under the radar and steal sensitive personal information behind your back.

9. Utilize two-factor authentication

Your password is your first line of defense. But what happens if it somehow lands in the wrong hands?

To provide an extra layer of security, two-factor authentication was invented. By enabling it, before being let into your account, you will also need to confirm a randomly generated code that gets sent to the rightful owner of the account via:

• Email
• SMS
• 2FA app

This extra step makes it much less likely for an unauthorized individual to obtain access to the account – they would not only need to steal your password but your smartphone as well (or another account that you own).

10. Avoid suspicious links and attachments

The golden rule of cyber security is to never click on links and attachments whose sender you don’t recognize. Never feel pressured into downloading or opening anything, even if the sender claims it’s a dire emergency.

Instead, verify the email is coming from a legitimate sender. In doing so, check for any misspellings or other dead giveaways such as weird-looking domain names. Bear in mind that it’s possible to forge an email header through a technique known as email header spoofing, so never take things at face value.

SalvationDATA's digital forensics solutions are designed to help you keep on top of cyber crime

If you’re working on a case that requires bypassing encryption or trying to salvage data from a device, SalvationDATA has you covered through a multitude of cutting-edge digital forensics products.

With this in mind, consider availing yourself to:

• SPF PRO. If you’re trying to salvage data from a smartphone, this industry-grade tool will let you bypass any locks or encryption regardless of the model or brand.

It’s more cost-effective than competing solutions and also lets you extract data from databases, a rather unique feature in this field. There’s even a free trial.

• DRS. The best digital forensics solution for salvaging data from computers and storage devices that allows you to get the data you’re looking for without the fear of corrupting the files. And yes, you will get your data back even if partitioning has been lost.

If you’re looking for a one-click extraction that is as intuitive as it gets, look no further. Also, be sure to check out the free trial.

• Digital Forensic Lab. The most comprehensive one-stop solution for all your digital forensics needs. Uniformly visualize evidence, generate professional reports, extract data from every device, storage medium, file, or database

If your law enforcement agency is dealing with ransomware cases and other forms of digital crime on a regular basis, this is what you need to improve case resolution accuracy and solve more cases in a record-breaking time.

Conclusion

Following the tips laid out above can make all the difference in preventing a major cyber disaster and thus help preserve the reputation of your law enforcement organization or agency.

After all, in today’s world, a single click on the wrong link could have massive consequences for the safety of your data, so the issue should not be taken lightly.