Smart phone and mobile phone risks

  • Published on
    12-Nov-2014

  • View
    1.938

  • Download
    0

Embed Size (px)

DESCRIPTION

Your mobile knows a lot about you and that brings a number of business risks security breaches from company data held in emails or business apps, for example. We highlight the data and security risks of the phone in your pocket. - See more at: http://www.grant-thornton.co.uk/en/Thinking/Beware-the-secrets-held-in-your-smartphone-/?previouspage=7260

Transcript

  • 1. 2013 Grant Thornton UK LLP. All rights reserved. 2013 Grant Thornton UK LLP. All rights reserved. Smarter Than You Think - a look at the evidence available from smart phones and mobile devices 26 June 2013
  • 2. Agenda Introduction Range of mobile devices available Types of data Case studies GPS and Geotagging
  • 3. Agenda Mobile Apps The future of mobile devices Relationship with other digital disciplines Questions? Recent press articles
  • 4. Introduction
  • 5. Mobile Devices Embedded and reliant on mobile devices in our everyday lives work, personal and leisure. Mobile devices often overlooked as a source of potential evidence - awareness level for police constabularies and criminal investigations. Individuals often unaware of hidden data stored! Example Audience participation with BlackBerry devices Event Log
  • 6. How else are mobile devices used?
  • 7. Mobile Devices - Popularity Research Firm Gartner Suggest PC's are on the decline Not a dip caused by squeeze on household incomes 1.9 billion mobile devices to be sold in 2013, where 1 billion estimated will be smart phones Social media access Twitter feeds embedded into Bloomberg terminals at traders desks. Goes against the grain for reluctance of firms to allow access
  • 8. Manufacturers all have different OS causing complicating forensic investigations
  • 9. Why Mobile Device Investigations Criminal & civil law examples - murder, sexual assault, violent crime, burglary, intent sabotage and collusion, illicit images of children, financial fraud, commercial espionage, money laundering, and HR related issues. Examinations need to be forensically sound to stand up in court with robust procedures (ACPO guidelines). Recovery of deleted data. Recovery of data from damaged mobile devices.
  • 10. 2013 Grant Thornton UK LLP. All rights reserved. SIM cards Mobile Phone Memory Card USB dongle Tablets Watch phone Range of mobile devices & components
  • 11. Why Mobile Device Investigations SIM cards Subscriber data used to obtain billing records, contacts, call data, text messages. Handset Typically contacts, call logs, SMS text messages, MMS, emails, Internet history, Social Media, WiFi, Bluetooth, App data, Media (photos, videos and audio), voicemails (selected smart phones only), organiser information, eDocs, metadata and custom dictionary. Memory cards Typically media and backup of phone data
  • 12. Types of Data User created
  • 13. Computer versus the Smart Phone Any difference?
  • 14. Case Studies
  • 15. Examples Counterfeit and money laundering case Suspect unhelpful in investigation and unwilling to provide handset code to device. Commercial espionage Individual hid data on memory card under phone casing. Intelligence Individual identified with fake passport at airport. Handset examined to assist in identity.
  • 16. GPS and Geotagging
  • 17. Definitions and Problems Global Positioning System (GPS) activated on handset to locate geographical position. Geotagging adding metadata to media file. How accurate especially in large cities? Security issues giving away location? Social media issues privacy and public domain? False GPS co-ordinates can be generated by user. Geotags can be edited to give false information.
  • 18. How easy is it?
  • 19. Hypothetical Situations? Possible to frame innocent parties eg loading edited photo with fake co-ordinates to unsecured phone or website and tip off police. Uploading of images to smart phone by military personnel subsequently transferred to social media site. Potentially giving enemy access to location.
  • 20. Applications (Apps)
  • 21. What is an App? An "App" is an application - software designed to run on a mobile device with limited function. Shortcut to popular web based sites eg email. 50 Billion Apps have been downloaded from the Apple store alone. Equates to 7 apps per person on the planet. 800 Apps per second are downloaded from Apple. Data can be forensically retrieved from some Apps but not all, due to the vast array encountered.
  • 22. What information is held? - Emails - Location - Social Media - Personal information - Degrees of contact - Web-based data
  • 23. Security Apps problems for the investigator? Applications securing transmission of data to and from the handset
  • 24. The Future..
  • 25. Near Field Communication (NFC) 4G handsets
  • 26. Google Glasses How will data be able to be extracted and forensically obtained? Types of Data GPS, pairing with mobile devices, microphone, facial recognition?
  • 27. Relationship with Computer Forensics and eDisclosure
  • 28. Computer Forensics - Mobile devices synchronised with other electronic devices - Even without a physical mobile device, backups can exist on PC's for examination - Cloud based services
  • 29. 2013 Grant Thornton UK LLP. All rights reserved. eDisclosure Trends Increasing use of social media Proactive information management Ever increasing volumes of data Further disparate sources of data Thousands of emails can be extracted from smart phones easy method to screen data via eDisclosure review platforms
  • 30. 2013 Grant Thornton UK LLP. All rights reserved. 2013 Grant Thornton UK LLP. All rights reserved. Any Questions?
  • 31. UK Newspaper Articles Examples of mobile devices and their evidential use
  • 32. Mobile Devices in the News Extracts from the UK Press
  • 33. Mobile Devices in the News
  • 34. Mobile Devices in the News
  • 35. Mobile Devices in the News
  • 36. Mobile Devices in the News
  • 37. Mobile Devices in the News
  • 38. Mobile Devices in the News
  • 39. Mobile Devices in the News
  • 40. Mobile Devices in the News
  • 41. Mobile Devices in the News
  • 42. Mobile Devices in the News
  • 43. Mobile Devices in the News
  • 44. Mobile Devices in the News
  • 45. 2013 Grant Thornton UK LLP. All rights reserved. Contact Chris Clements Partner and Head of UK Regions Forensic & Investigation Services +44 (0) 7968 33 88 95 chris.m.clements@uk.gt.com Bruce Keeble Executive Forensic & Investigation Services +44 (0)7891 433 223 bruce.h.keeble@uk.gt.com