Why do people cheat? Well its usually for a few reasons. Mostly its because they are not happy in their relationship (more on this later). Other times is because they can, they don’t care or have no respect for the person the are with. It could be for revenge or they fall in love with someone else. But now, in the information age, people cheat  because its never been easier to meet people.

With the availability of chat  applications like Windows Live Messenger/MSN, Yahoo, Google Chat and chat rooms or  on Internet Web sites like dating sites, Twitter and Facebook, the temptation to meet new people online increases. According to research, online relationships provide individuals with an outlet to tell secrets and express themselves to a stranger anonymously, while allowing for the creation of another persona, or to flirt and get to know someone before they meet.

Men often create a well-groomed, professional, athletic persona, while women create a thin, beautiful and adventurous alter ego. When online, people create fictitious, seemingly perfect personalities that are desirable to others to fill social and psychological needs.Though, most come clean after a short period when it becomes time to meet the other person. In 40% of the cases, online cheating is with someone the person already knows.

Divorce and Relationship Breakdown

A recent survey found that Facebook and Twitter are now fuelling Divorce and the breakdown of relationships. The UK Newspaper ‘The Telegraph’ published this story about the divorce factor. However, this is not something new. Relationships have always been subject to online misuse. These Social Networking sites just make it easier for people to have infidelity whilst in a relationship.

Why it happens

Once the honeymoon phase of marriage or a courtship is over, couples sometimes get bored, begin to take each other for granted and stop doing the nice things they did for one another before getting married or involved. When that happens, (spouses or partners) are vulnerable and may seek affection and attention from someone else. Men are goal oriented. They can’t read (women’s) minds. Women should tell their husbands what they need. Most of the time, men just want to do what their wives need them to do. If a woman needs attention, she should tell her husband exactly what she wants.

Warning signs, consequences and recovery

There are warning signs that an individual might be having an online relationship such as an increase in time spent privately on the Internet, reluctance to let others access the computer, frequently erasing Internet histories and constantly deleting e-mails.

In addition to providing warning signs,there are tips to stop having an online affair:

• Admit Internet use is causing problems in the relationship
• Only use the computer for specific reasons — do not “surf” the Internet
• Move the computer to an open area
• Remove online messaging programs and change e-mail addresses
• Install computer monitoring software
• Spend more time with your loved one, family and friends
• Communicate more with your loved one. Don’t keep secrets

Sometimes people become addicted to the Internet. If an individual is addicted, then more intensive counselling to battle the addiction may be necessary.

The Signs of a Cyber Affair

I’m sure all of us who have been in relationships wonder what our significant other is doing when they are on-line. There is a distinct difference between that random thought that may enter your jealous mind, and a real reason to be thinking about what your loved one is doing or who they are chatting with on-line. If you ever have wanted to know if your loved one was guilty of infidelity, but don’t know how to go about finding out without asking them, then these few tips may help you out.

Lying is always an indicator of something gone wrong in a relationship and is often a sign of infidelity. If your loved one begins to tell you they are “just surfing the Internet,” and they do it in privacy, you may have something to worry about. You must ask yourself how many times this has been happening, There is a fine line before having friends of the opposite sex on the Internet and constantly being with them on-line. If he/she has nothing to hide, then he/she shouldn’t be lying to you in the first place, and you shouldn’t turn into the questioning and jealous loved one until the excuses begin occurring much more frequently.

You should also look for signs (listed below) to see if your loved one seems to be drifting away from you as well. Try to pay more attention to the inner workings of your relationship. See if husband/wife/partner still spends quality time with you willingly, or if he/she avoids speaking with you about anything besides superficial topics. If they are not paying as much attention to you, and you know they do not have a significant reason to want to be alone or more aloof, then this may also be a sign of infidelity. Are they simply avoiding you, or avoiding their friends as well? Usually if a person is cheating on their loved one, they continue to keep contact with their friends much more than the loved one. Sometimes, the best way to tell if they are cheating on you is through the little things.

No matter what happens, always make sure to talk to your loved one before making any rash decisions. Sometimes you may think you have the best clues and you could be completely wrong, so confront them and ask them what’s going on and why you are worried without accusing them. You still want to give them a chance to defend themselves so you can then decide if they are telling the truth, lying once again or if they come clean with the cyber affair. So whatever you decide, discuss your thoughts and feelings with your significant other before breaking off that relationship because of the cyber affair.

Experts say that a gut instinct is one of the most powerful signs of infidelity. Statistics say that 85% of women who feel their lover is cheating are correct. 50% of men who feel their lover is cheating are right. The first clue is seldom obvious. Typically, it’s a “feeling” that something is different. You notice minor changes in your lover’s behaviour. Even the most skilled cheater can’t hide these clues and only a lover in total denial can miss them. The first sign of infidelity can be a comment or incident that seems harmless but remains in your mind. The following is a short list of infidelity signs:

• Your spouse spends an excessive amount of time in the on-line chat rooms
• Long chats to the opposite sex on an Instant Messenger
• Minimizes/Closes or Hides Windows when you walk into the room
• Your spouse pays less attention to you
• Your spouse is preoccupied with on-line chatting, more distant emotionally
• Your spouse is insisting on chatting alone
• Your spouse has unaccounted time away from home
• Your spouse has a decreased interest in sex
• Your spouse becomes defensive during normal conversations
• Discovery of a post office box
• The toilet bowl seat is up, (men) and when you left home it was down
• The passenger seat in the car has been moved and is not in the usual position
• An unusual number of hang ups or wrong number calls
• Fragrances of colognes and/or perfumes are noticed on clothing of a cheating spouse
• Car mileage is unusual for claims made by cheating spouse
• Your spouse explains a late return home as a result of having to drive
  out of town on business, but yet the mileage on the car indicates less than ten mile driven
• Discover the recent opening of another checking account
• Unaccounted for hairs of a different colour on clothing
• Cigarette smoke on clothing that can not be explained
• Credit card transactions for unknown or unusual types of purchases
• Cosmetic, perfume or lipstick purchases listed but not received
• An increase in toll and/or long distance calls
• Increase in ATM withdrawals. Check the transaction record to ID the withdrawal
• Income tax returns revealing unexplained travel and business expense deductions
• Florist or jewellery bills
• Credit card gas purchases that are inconsistent for the amount of miles driven on the car
• Joins a health gym or weight reducing clinic
• Visits made to the tanning salon
• New hair style
• Wearing hair spray, colognes & perfumes more often
• Needs a pager, mobile phone, Protective of said devices
• Excessive buying of new and different clothes
• Sudden and unexplained change in clothing style
• The buying of sexy underwear or lingerie
• There is an unexplained aloofness or indifference in the relationship

Conclusion

Is cheating wrong? Well, yes if you are deceiving a partner or are being deceived. In a relationship, you must trust your partner or spouse, if you have any room for doubt, talk to each other. Try to sort things out before they escalate and get worse. If he or she is cheating, then either sort it out and learn to trust again, or end it. You will only be causing yourself much more pain in the long run.

Personal Service

If your still in doubt, contact me to find out how you or I can investigate your situation and find proof that your partner is or isn’t cheating.

A picture may be worth a thousand words, but it could also hide something more treacherous.

Today, businesses wanting to guard against the potentially ultra-serious hazard of vitally important data being deliberately leaked to unauthorised people outside or even inside the organisation, need to get to grips with an alarming reality: a picture can also conceal a thousand words.

Or in some cases even up to around 5,000 words. More than enough to betray all your most precious and commercially sensitive data: locations of newly-discovered oil fields; formulae for synthesising newly-discovered molecules of breakthrough drugs costing millions or even billions to develop; designs of revolutionary products you’re planning on being the first to bring to market; ultra-sensitive lists of hard-won customers; you name it.

Data concealed in pictures? It may sound like the basis for a plot sequence in the next Mission Impossible movie, but it isn’t. It’s real. And unless you are prepared to let any Tom, Dick or Harry cruise around your precious data, you need to be aware of the threat it poses.

The technique is called steganography, from Ancient Greek words meaning hidden or covered writing, just as that lumbering dinosaur the stegosaurus is so named because its back was covered in those large bony plates whose real purpose is a mystery even today.

But steganography wasn’t a mystery to the Ancient Greeks; indeed they most likely invented it. The Greek historian Herodotus records that in 312 BC, Histaeus of Miletus commanded the head of his most trusted slave to be shaved and tattooed with a vitally important secret message on it. Once the slave’s hair had grown, hiding the message, Histaeus used him as an emissary to a friendly power via enemy territory to instigate a revolt against the Persians.

This example from history shows why steganographic writing is such a dangerous threat to security. Friends who betray us are always a more potent threat than people we recognise as enemies from the outset, and steganographic messages look friendly and innocent.

You could devise a simple steganographic message by agreeing with your recipient that your real message will consist of the first letter of every word of your apparent message. ‘Bring us your invoice by Monday’, for example, would really mean ‘BUY IBM’. In steganographic writing the apparent message is known as the covertext and the real message is called the plaintext.

The innocuous appearance of the covertext in the example illustrates why steganographic writing doesn’t tend to set alarm bells ringing. It looks innocent, whereas the message ‘BUY IBM’ encrypted in a simple code that consisted, say, of substituting each letter for the next letter in the alphabet – ‘CVZ JCN’ – obviously looks dodgy and would be certain to awaken the suspicions of even the most credulous member of an industrial espionage prevention team.

The point is that any encrypted message will tend to raise suspicions because even though it can’t readily be read you will know it’s been encrypted and will instantly conclude that something fishy’s going on.

In the highly competitive ocean of modern business, the threat of steganography has recently become a major issue in corporate life.

It’s actually been a significant threat for several years due to the increased computing power available on everyone’s desktop, but people have been distracted by publicity about cryptography and steganography has rather remained in the background.

It’s a particularly worrying threat now because of the enormous computing power on desktops today, the massive volume of electronic communications, and the number of freely available tools that allow even a routine user to employ steganographic techniques.

By far the biggest type of threat is the potential for concealing steganographic writing within computerised images. With Windows you can literally drag and drop your hidden text onto a picture and the deed is done.

As Gordon Gekko reminded us in the film Wall Street (1987), the most valuable commodity of all is information. And it’s precisely that which can so easily be given away today – or sold – using image-based steganographic techniques.

What’s actually happening when you carry out what looks like a simple drag and drop?

An electronic image is comprised of thousands of ‘picture elements‘ or ‘pixels‘. A pixel is a binary number that provides information on the colour or (in a black and white picture) the shade of grey that should be displayed in that particular pixel.

The binary number will look something like this: 10011011 etc depending on the pixel in question. The individual numbers (the 1 or the 0) are known as bits and the further along you go to the right the less significant the bits become in defining the precise colour of the pixel.

Why does the opportunity for steganography exist? Because while each pixel is defined by a series of bits, some of these bits can be changed without affecting the resulting pixel to any discernible extent. In a computerised image whose size is 256 by 256 pixels, making a total of 65,536 pixels, there would easily be room to conceal say, about 5,000 words of data.

This method of concealment is known as ‘bit twiddling‘. An obvious place to conceal a secret message would be within a computerised picture that does not show any apparent changes.

Bit twiddling is the most common way to conceal text within a computerised image. There are many more techniques, though, particularly when using image formats such as the now ubiquitous jpeg which many will have encountered through their digital cameras.

An apparently innocuous picture of – of example – an employee’s child’s first day at school taken with a standard family digital camera could easily be used to conceal a damaging leak. The leak could be so fatal that by the time the school term ends, thousands of other mums and dads at the business from which the information was leaked will have had to find new jobs – if they can.

Insider Threats are big business, and selling or leaking company information, customer credit card details and more can now all be hidden in a single image file and emailed or innocently be taken out of the building on a laptop or removable media.

What’s the best way to guard against the hazard of modern image-based steganographic betrayal?

The first step is to recognise that it is a potential problem and get help to understand what tools are likely to be available to a malicious team member. You also need to know the manner in which these tools can be used because they often leave little trace of their presence – some are even termed ‘zero footprint‘ by those who develop them.

Yet help is at hand because dedicated teams of experts have been making available tools to help detect steganography. The technique they use is known as ‘steganalysis’.

Steganalysis is as much an art as a science. The detection tools need to be used so that the appropriate steganalysis resource is used in the appropriate situation.

Admittedly, this is not easy, when the range of steganography tools and the steganalysis counterparts have proliferated and are proliferating just as the threat from viruses did when they first emerged into the IT environment.

At work I began my own anti-steganography work as a forensic technical exercise but was soon alarmed at what my experiments were told me, not just about the power of the steganography tools available but also about the degree of care that needs to be applied to combat this potent security hazard.

Taking the threat of betrayal by apparently innocuous pixels seriously will lead you to put into practice the measures necessary to defend against it. And you do need to take this threat very seriously indeed. The stegosaurus may be long extinct, but steganographic treachery is, unfortunately, here to stay.

Your passwords are the keys you use to access personal information that you’ve stored on your computer and in your online accounts.

If criminals or other malicious users steal this information, they can use your name to open new credit card accounts, apply for a mortgage, or pose as you in online transactions. In many cases you would not notice these attacks until it was too late.

Fortunately, it is not hard to create strong passwords and keep them well protected.

What makes a strong password

To an attacker, a strong password should appear to be a random string of characters. The following criteria can help your passwords do so:

Make it lengthy. Each character that you add to your password increases the protection that it provides many times over. Your passwords should be 8 or more characters in length; 14 characters or longer is ideal.

Many systems also support use of the space bar in passwords, so you can create a phrase made of many words (a “pass phrase“). A pass phrase is often easier to remember than a simple password, as well as longer and harder to guess.

Combine letters, numbers, and symbols. The greater variety of characters that you have in your password, the harder it is to guess. Other important specifics include:

The fewer types of characters in your password, the longer it must be. A 15-character password composed only of random letters and numbers is about 33,000 times stronger than an 8-character password composed of characters from the entire keyboard. If you cannot create a password that contains symbols, you need to make it considerably longer to get the same degree of protection. An ideal password combines both length and different types of symbols.

Use the entire keyboard, not just the most common characters. Symbols typed by holding down the “Shift” key and typing a number are very common in passwords. Your password will be much stronger if you choose from all the symbols on the keyboard, including punctuation marks not on the upper row of the keyboard, and any symbols unique to your language.

Use words and phrases that are easy for you to remember, but difficult for others to guess. The easiest way to remember your passwords and pass phrases is to write them down. Contrary to popular belief, there is nothing wrong with writing passwords down, but they need to be adequately protected in order to remain secure and effective.

In general, passwords written on a piece of paper are more difficult to compromise across the Internet than a password manager, Web site, or other software-based storage tool, such as password managers.

Create a strong, memorable password in 6 steps

Use these steps to develop a strong password:

1. Think of a sentence that you can remember. This will be the basis of your strong password or pass phrase. Use a memorable sentence, such as “My son Aiden is three years old.”

2. Check if the computer or online system supports the pass phrase directly. If you can use a pass phrase (with spaces between characters) on your computer or online system, do so.

3. If the computer or online system does not support pass phrases, convert it to a password. Take the first letter of each word of the sentence that you’ve created to create a new, nonsensical word. Using the example above, you’d get: “msaityo”.

4. Add complexity by mixing uppercase and lowercase letters and numbers. It is valuable to use some letter swapping or misspellings as well. For instance, in the pass phrase above, consider misspelling Aiden’s name, or substituting the word “three” for the number 3. There are many possible substitutions, and the longer the sentence, the more complex your password can be. Your pass phrase might become “My SoN Ayd3N is 3 yeeRs old.” If the computer or online system will not support a pass phrase, use the same technique on the shorter password. This might yield a password like “MsAy3yo”.

5. Finally, substitute some special characters. You can use symbols that look like letters, combine words (remove spaces) and other ways to make the password more complex. Using these tricks, we create a pass phrase of “MySoN 8N i$ 3 yeeR$ old” or a password (using the first letter of each word) “M$8ni3y0″.

6. Test your new password with a Password Checker. A Password Checker is a non-recording feature on this Web site that helps determine your password’s strength as you type.

Password strategies to avoid

Some common methods used to create passwords are easy to guess by criminals. To avoid weak, easy-to-guess passwords:

Avoid sequences or repeated characters. “12345678,” “222222,” “abcdefg,” or adjacent letters on your keyboard do not help make secure passwords.

Avoid using only look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an ‘i’ with a ’1′ or an ‘a’ with ‘@’ as in “M1cr0$0ft” or “P@ssw0rd”. But these substitutions can be effective when combined with other measures, such as length, misspellings, or variations in case, to improve the strength of your password.

Avoid your login name. Any part of your name, birthday, social security number, or similar information for your loved ones constitutes a bad password choice. This is one of the first things criminals will try.

Avoid dictionary words in any language – Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, and substitutions. This includes all sorts of profanity and any word you would not say in front of your children.

Use more than one password everywhere – If any one of the computers or online systems using this password is compromised, all of your other information protected by that password should be considered compromised as well. It is critical to use different passwords for different systems.

Avoid using online storage – If malicious users find these passwords stored online or on a networked computer, they have access to all your information.

The “blank password” option

A blank password (no password at all) on your account is more secure than a weak password such as “1234″. Criminals can easily guess a simplistic password, but on computers using Windows XP/Vista or Windows 7, an account without a password cannot be accessed remotely by means such as a network or the Internet. (This option is not available for Microsoft Windows 2000, Windows Me, or earlier versions) You can choose to use a blank password on your computer account if these criteria are met:

• You only have one computer or you have several computers but you do not need to access information on one computer from another one

• The computer is physically secure (you trust everyone who has physical access to the computer)

The use of a blank password is not always a good idea. For example, a laptop computer that you take with you is probably not physically secure, so on those you should have a strong password.

How to access and change your passwords

Online accounts

Web sites have a variety of policies that govern how you can access your account and change your password. Look for a link (such as “my account”) somewhere on the site’s home page that goes to a special area of the site that allows password and account management.

Computer passwords

The Help files for your computer operating system will usually provide information about how to create, modify, and access password-protected user accounts, as well as how to require password protection upon startup of your computer. You can also try to find this information online at the software manufacturer’s Web site. For example, if you use Microsoft Windows XP, online help can show you how to manage passwords, change passwords, and more.

Keep your passwords secret

Treat your passwords and pass phrases with as much care as the information that they protect.

Don’t reveal them to others – Keep your passwords hidden from friends or family members (especially children) who could pass them on to other less trustworthy individuals. Passwords that you need to share with others, such as the password to your online banking account that you might share with your spouse, are the only exceptions.

Protect any recorded passwords – Be careful where you store the passwords that you record or write down. Do not leave these records of your passwords anywhere that you would not leave the information that they protect.

Never provide your password over e-mail or based on an e-mail request. Any e-mail that requests your password or requests that you to go to a Web site to verify your password is almost certainly a fraud. This includes requests from a trusted company or individual. E-mail can be intercepted in transit, and e-mail that requests information might not be from the sender it claims. Internet “phishing” scams use fraudulent e-mail messages to entice you into revealing your user names and passwords, steal your identity, and more.

Change your passwords regularly – This can help keep criminals and other malicious users unaware. The strength of your password will help keep it good for a longer time. A password that is shorter than 8 characters should be considered only good for a week or so, while a password that is 14 characters or longer (and follows the other rules outlined above) can be good for several years.

Do not type passwords on computers that you do not control. Computers such as those in Internet cafés, computer labs, shared systems, kiosk systems, conferences, and airport lounges should be considered unsafe for any personal use other than anonymous Internet browsing. Do not use these computers to check online e-mail, chat rooms, bank balances, business mail, or any other account that requires a user name and password. Criminals can purchase keystroke logging devices for very little money and they take only a few moments to install. These devices let malicious users harvest all the information typed on a computer from across the Internet—your passwords and pass phrases are worth as much as the information that they protect. Windows has an OnScreen Keyboard that you can access if needs be. Press Start > Run and type OSK and click OK. Now use the mouse to type in a password.

Windows 7 On Screen Keyboard

What to do if your password is stolen

Be sure to monitor all the information you protect with your passwords, such as your monthly financial statements, credit reports, online shopping accounts, and so on. Strong, memorable passwords can help protect you against fraud and identity theft, but there are no guarantees. No matter how strong your password is, if someone breaks into the system that stores it, they will have your password. If you notice any suspicious activity that could indicate that someone has accessed your information, notify authorities as quickly as you can. If you need further help on what to do if you think your identity has been stolen or you’ve been similarly defrauded, then contact me.

What Is “Sexting?”

When people take a sexually revealing picture or video of themselves and send it or them as text message attachments, it’s called “sexting.” And recently the practice has been increasing exponentially amongst kids. Kids “sext” to show off, to entice someone, to show interest in someone, or to prove commitment. The problem with that, is that the moment the relationship ends (and most of them do) someone is in possession of a highly compromising image that can be easily posted on a social networking site or sent around via email or text.

There have been some high profile cases of sexting — including High School Musical star Vanessa Hudgens, who sent a nude picture to her co-star/boyfriend, Zac Efron, that ended up all over the Internet and made headlines. And in July 2008, Cincinnati teen Jesse Logan committed suicide after a nude photo she’d sent to a boyfriend was circulated widely around her high school, resulting in harassment from her classmates.

Why It Matters

In a technology world where anything can be copied, sent, posted, and seen by huge audiences, there’s no such thing as being able to control images. Even if a photo was taken and sent as a token of love, the intention doesn’t matter — the technology makes it possible for everyone to see your child’s most intimate self. And in the hands of teenagers, when revealing photos are made public the subject almost always becomes the object of ridicule and name calling. Furthermore, sending sexual images to minors is against the law, and some states in the US and the UK have begun prosecuting kids for child pornography or obscenity.

Advice for Parents

Don’t wait – for an incident to happen to your child or your child’s friend before you talk to your kids about the consequences of sexting. Sure, talking about sex or dating with teens can be really uncomfortable, but better to have the talk before the fact.

Remind them – that once an image is sent, it can never be retrieved — and they will lose control of it. Ask teens how they would feel if their teachers, parents, or the entire school saw the picture, because it happens all the time.

Talk about pressures – to send revealing photos. Let teens know that you understand that they can be pushed or dared into sending something. Tell them that no matter how big the social pressure is, the potential social humiliation will be hundreds of times worse.

The buck stops with them. If someone sends them a photo, have them delete it immediately. Better to be part of the solution than the problem. Besides, if they do send it on, they’re distributing pornography — and that’s against the law.

If you can’t deal with this, have your kids go to a professional that can help (and you should go yourself).

Statistics

• 22% of teen girls and 20% of teen boys have sent nude or semi-nude photos of themselves
• 22% of teens admit that technology makes them personally more forward and aggressive
• 38% say exchanging sexy content makes dating or hooking up with others more likely
• 29% believe those exchanging sexy content are “expected” to date or hook up

Remember; revealing photos can be resent to a vast audience. If the person you or a kid sends an explicit image via mobile phone, or even email. These can be forwarded to someone else, and before you know it, the content is uploaded online or passed between peers and sending a sexual image to a minor, even minor to minor is illegal.

Evidence

As a parent, you may be worried what your kids are sending to each other. Where do your ethics come in to play regarding a kids privacy? Sometimes drastic measures will force you to intervene in a child’s life and development and for his or her protection.  For the worried parent there is software available that will help you. MOBILedit is a Forensic Application that works will all mobile phones and PDAs and requres a data cable (one of these usually comes with a new phone as standard, if not, they are cheap to buy).

MOBILedit is quite costly, but the trial is fully functional and will allow you to use the application for a short time. Which will be all you need to gather the information you need. This software can also be used to read test (SMS) messages from both sides of the conversation. This is useful if your child is being bullied, or is indeed a bully him or herself. The application can be used for many predicaments you and your child may come across, and a way of proving facts.

Do not use this software as just a spying tool, this would be unfair and you would be infringing on privacy issues if you have no just cause, so please use this software wisely. You can download the trial below.

The lack of sensory information on the Internet (like too many adults,  teenagers and younger kids with a Facebook or Myspace page or Twitter account) may have a significant impact on cyberstalkers,  “The absence of sensory-perceptual stimuli from a real person means that fantasy can play an even more expansive role as the genesis of behavior in the stalker.” The victim becomes an easy target for the stalker’s projections, and narcissistic fantasies, that can lead to a real world rejection, humiliation and rage.

One of the most prominent features of stalking behaviour is fixation on victims. Their obsession can drive stalkers to extremes that make this type of investigation challenging and potentially dangerous. Although stalkers who use the Internet to target victims may attempt to conceal their identities, their obsession with a victim often causes them to expose themselves. For instance, they may say things that reveal their relationship with or knowledge of the victim, or they may take risks that enable investigators to locate and identify them. However, even when stalkers have been identified, attempts to discourage them can have the opposite effect, potentially angering them and putting victims at greater risk.

In 1990, after five women were murdered by stalkers, California became the first state in the US to enact a law to deal with this specific problem. Then, in 1998, California explicitly included electronic communications in their anti-stalking law. The relevant sections of the California Penal Code have strongly influenced all subsequent anti-stalking laws in the US, clearly defining stalking and related terms.

Any person who willfully, maliciously, and repeatedly follows or harasses another person and who makes a credible threat with the intent to place that person in reasonable fear of death or great bodily injury is guilty of the crime of stalking … “harasses” means a knowing and willful course of conduct directed at a specific person that seriously alarms, annoys, torments, or terrorizes the person, and that serves no legitimate purpose. This course of conduct must be such as would cause a reasonable person to suffer substantial emotional distress, and must actually cause substantial emotional distress to the person.

… “course of conduct” means a pattern of conduct composed of a series of acts over a period of time, however short, evidencing a continuity of purpose … “credible threat” means a verbal or written threat, including that performed through the use of an electronic communication device, or a threat implied by a pattern of conduct or a combination of verbal, written, or electronically communicated statements and conduct made with the intent to place the person that is the target of the threat in reasonable fear for his or her safety or the safety of his or her family and made with the apparent ability to carry out the threat so as to cause the person who is the target of the threat to reasonably fear for his or her safety or the safety of his or her family. It is not necessary to prove that the defendant had the intent to actually carry out the threat… “electronic communication device” includes, but is not limited to, telephones, cellular phones, computers, video recorders, fax machines, or pagers.” [California Penal Code 646.9]

The equivalent law in the United Kingdom is the Protection from Harassment Act 1997 (Chapter 40).

Note that persistence is one of the operative concepts when dealing with stalking. A single upsetting e-mail message is not considered harassment because it is not a pattern of behavior. Remember that anti-stalking laws were enacted to protect individuals against persistent terrorism and physical danger, not against annoyance or vague threats.

The distinction between annoyance and harassment is not easily defined. It is usually enough to demonstrate that the victim suffered substantial emotional distress. However, there is always the argument that the victim overreacted to the situation. If a victim is not found to be a “reasonable person” as described in the law, a court might hold that no harassment took place. Therefore, when investigating a stalking case, it is important to gather as much evidence as possible to demonstrate that persistent harassment took place and that the victim reacted to the credible threat in a reasonable manner.

The explicit inclusion of electronic communication devices in California’s anti-stalking law is a clear acknowledgement of the fact that stalkers are making increasing use of new technology to further their ends. In addition to using voice mail, fax machines, cellular phones, and pagers, stalkers use computer networks to harass their victims. The term cyberstalking refers to stalking that involves the Internet. This chapter briefly describes how cyberstalkers operate, what motivates them, and what investigators can do to apprehend them.

How Cyberstalkers Operate

Cyberstalking works in much the same way as stalking in the physical world. In fact, many offenders combine their online activities with more traditional forms of stalking and harassment such as telephoning the victim and going to the victim’s home. Some cyberstalkers obtain victims over the Internet and others put personal information about their victims online, encouraging others to contact the victim, or even harm them.

CASE EXAMPLE (ASSOCIATED PRESS 1997):

Cynthia Armistead-Smathers of Atlanta believes she became a target during an e-mail discussion of advertising in June, 1996. First she received nasty e-mails from the account of Richard Hillyard of Norcross, GA. Then she began receiving messages sent through an “anonymous remailer,” an online service that masks the sender’s identity.

After Hillyard’s Internet service provider cancelled his account, Ms Armistead-Smathers began getting messages from the Centres for Disease Control and Prevention in Atlanta, where he worked. Then she got thousands of messages from men who had seen a posting of a nude woman, listing her e-mail address and offering sex during the Atlanta Olympics.

But police said there was little they could do – until she got an anonymous message from someone saying he had followed Ms Armistead-Smathers and her 5-year-old daughter from their post office box to her home.

People say “It’s online. Who cares? It isn’t real. Well this is real,” Ms Armistead-Smathers said. “It’s a matter of the same kind of small-minded bullies who maybe wouldn’t have done things in real life, but they have the power of anonymity from behind a keyboard, where they think no one will find them.”

In general, stalkers want to exert power over their victims in some way, primarily through fear. The crux of a stalker’s power is information about and knowledge of the victim. A stalker’s ability to frighten and control a victim increases with the amount of information that he can gather about the victim. Stalkers use information like telephone numbers, addresses, and personal preferences to impinge upon their victims’ lives. Also, over time cyberstalkers can learn what sorts of things upset their victims and can use this knowledge to harass the victims further.

Since they depend heavily on information, it is no surprise that stalkers have taken to the Internet. After all, the Internet contains a vast amount of personal information about people and makes it relatively easy to search for specific items. As well as containing people’s addresses and phone numbers, the Internet records many of our actions, choices, interests, and desires. Databases containing social security numbers, credit card numbers, medical history, criminal records, and much more can also be accessed using the Internet. Additionally, cyberstalkers can use the Internet to harass specific individuals or acquire new victims from a large pool of potential targets. In one case, a woman was stalked in chat rooms for several months, during which time the stalker placed detailed personal information online and threatened to rape and kill her. Some offenders seek victims online but it is more common for stalkers to use chat networks to target individuals that they already know.

Acquiring Victims

Past studies indicate that many stalkers had a prior acquaintance with their victims before the stalking behavior began (Harmon et al. 1994). The implication of these studies is that investigators should pay particular attention to acquaintances of the victim. However, these studies are limited because many stalking cases are unsolved or unreported. Additionally, it is not clear if these studies apply to the Internet. After all, it is uncertain what constitutes an acquaintance on the Internet and the Internet makes it easier for cyberstalkers to find victims of opportunity.

Cyberstalkers can search the Web, browse through Windows Live Messenger (MSN), Skype, Digsby, Yahoo, ICQ and AOL profiles, and lurk in Yahoo, IRC and AOL chat rooms looking for likely targets – vulnerable, under-confident individuals who will be easy to intimidate.

CASE EXAMPLE: One stalker repeatedly acquired victims of opportunity on AOL and used AOL’s Instant Messenger to contact and harass them. The stalker also used online telephone directories to find victims’ numbers, harassing them further by calling their homes. This approach left very little digital evidence because none of the victims recorded the Instant Messenger sessions, they did not know how to find the stalker’s IP address, and they did not contact AOL in time to track the stalker.

Of course, the victims were distressed by this harassment, feeling powerless to stop the instant messages and phone calls. This sense of powerlessness was the primary goal the cyberstalker. This stalker may have picked AOL as his stalking territory because of the high number of inexperienced Internet users and the anonymity that it affords.

As a rule, investigators should rely more on available evidence than on general studies. Although research can be useful to a certain degree, evidence is the most reliable source of information about a specific case and it is what the courts will use to make a decision.

Anonymity and Surreptitious Monitoring

The Internet has the added advantage of protecting a stalker’s identity and allowing a stalker to monitor a victim’s activities. For example, stalkers acquainted with their victims use the Internet to hide their identity, sending forged or anonymous e-mail and using ICQ or AOL Instant Messenger to harass their victims. Also, stalkers can utilize ICQ, AOL Instant Messenger, and other applications (e.g. finger) to determine when a victim is online. Most disturbing of all, stalkers can use the Internet to spy on a victim. Although few cyberstalkers are skilled enough to break into a victim’s e-mail account or intercept e-mail in transit, a cyberstalker can easily observe a conversation in a live chat room. This type of pre-surveillance of victims and amassing of information about potential victims might suggest intent to commit a crime but it is not a crime in itself, and is not stalking as defined by the law.

Escalation and Violence

It is often suggested that stalkers will cease harassing their victims once they cease to provoke the desired response. However, some stalkers become aggravated when they do not get what they want and become increasingly threatening. As was mentioned at the beginning of this chapter, stalkers have resorted to violence and murder. Therefore, it is important for investigators to be extremely cautious when dealing with a stalking case. Investigators should examine the available evidence closely, protect the victim against further harm as much as possible, and consult with experts when in doubt. Most importantly, investigators should not make hurried judgements that are based primarily on studies of past cases.

Investigating Cyberstalking

There are several stages to investigating a cyberstalking case. These stages assume that the identity of the cyberstalker is unknown. Even if the victim suspects an individual, investigators are advised to explore alternative possibilities and suspects. Although past research suggests that most stalkers have prior relationships with victims, this may not apply when the Internet is involved since stranger stalking is easier. Therefore, consider the possibility that the victim knows the stalker, but do not assume that this is the case:

Interview victim – determine what evidence the victim has of cyberstalking and obtain details about the victim that can be used to develop victimology. The aim of this initial information gathering stage is to confirm that a crime has been committed and to obtain enough information to move forward with the investigation.

Interview others – if there are other people involved, interview them to compile a more complete picture of what occurred.

Victimology and risk assessment – determine why an offender chose a specific victim and what risks the offender was willing to take to acquire that victim. The primary aim of this stage of the investigation is to understand the victim-offender relationship and determine where additional digital evidence might be found.

Search for additional digital evidence – use what is known about the victim and cyberstalker to perform a thorough search of the Internet. Victimology is key at this stage, guiding investigators to locations that might interest the victim or individuals like the victim. The cyberstalker initially observed or encountered the victim somewhere and investigators should try to determine where. Consider the possibility that the cyberstalker encountered the victim in the physical world. The aim of this stage is to gather more information about the crime, the victim and the cyberstalker.

Crime scene characteristics – examine crime scenes and cybertrails for distinguishing features (e.g. location, time, method of approach, choice of tools) and try to determine their significance to the cyberstalker. The aim of this stage is to gain a better understanding of the choices that the cyberstalker made and the needs that were fulfilled by these choices.

Motivation – determine what personal needs the cyberstalking was fulfilling. Be careful to distinguish between intent (e.g. to exert power over the victim, to frighten the victim) and the personal needs that the cyberstalker’s behavior satisfied (e.g. to feel powerful, to retaliate against the victim for a perceived wrong). The aim of this stage is to understand the cyberstalker well enough to narrow the suspect pool revisit the prior steps and uncover additional evidence

Repeat - if the identity of the cyberstalker is still not known, interview the victim again. The information that investigators have gathered might help the victim recall additional details or might suggest a likely suspect to the victim

To assist investigators carry out each of these stages in an investigation, additional details are provided here.

Interviews

Investigators should interview the victim and other individuals with knowledge of the case to obtain details about the inception of the cyberstalking and the sorts of harassment the victim has been subjected to. In addition to collecting all of the evidence that the victim has of the cyberstalking, investigators should gather all of the details that are required to develop a thorough victimology as described in the next section.

While interviewing the victim, investigators should be sensitive to be as tactful as possible while questioning everything and assuming nothing. Keep in mind that victims tend to blame themselves, imagining that they encouraged the stalker in some way (e.g. by accepting initial advances or by making too much personal information available on the Internet) (Pathé 1997). It is therefore important for everyone involved in a cyberstalking investigation to help the victim regain confidence by acknowledging that the victim is not to blame. It is also crucial to help victims protect themselves from potential attacks. The National Center for Victims of Crime has an excellent set of guidelines developed specifically for victims of stalking.

Victimology

In addition to helping victims protect themselves against further harassment, investigators should try to determine how and why the offender selected a specific victim. To this end, investigators should determine whether the cyberstalker knew the victim, learned about the victim through a personal Web page, saw a Usenet message written by the victim, or noticed the victim in a chat room.

It is also useful to know why a victim made certain choices to help investigators make a risk assessment. For example, individuals who use the Internet to meet new people are at higher risk than individuals who make an effort to remain anonymous. In some instances, it might be quite evident why the cyberstalker chose a victim but if a cyberstalker chooses a low risk victim, investigators should try to determine which particular characteristics the victim possesses that might have attracted the cyberstalker’s attention (e.g. residence, work place, hobby, personal interest, demeanor). These characteristics can be quite revealing about a cyberstalker and can direct the investigator’s attention to certain areas or individuals.

Questions to ask at this stage include:

Does the victim know or suspect why, how, and/or when the cyberstalking began?

What Internet Service Provider(s) do(es) the victim use and why?

What online services does the victim use and why (e.g. Web, free e-mail services, Usenet, IRC)?

When does the victim use the Internet and the various Internet services (does the harassment occur at specific times suggesting that the cyberstalker has a schedule or is aware of the victim’s schedule)?

What does the victim do on the Internet and why?

Does the victim have personal Web pages or other personal information on the Internet (e.g. a Facebook profile, Twitter, Myspace or Bebo Web page, customized finger output)? What information do these items contain?

In addition to the victim’s Internet activities, investigators should examine the victim’s physical surroundings and real world activities.

When the identity of the cyberstalker is known or suspected, it might not seem necessary to develop a complete victimology. Although it is crucial to investigate suspects, this should not be done at the expense of all else. Time spent trying to understand the victim-offender relationship can help investigators understand the offender, protect the victim, locate additional evidence, and discover additional victims. Furthermore, there is always the chance that the suspect is innocent in which case investigators can use the victimology that they developed to find other likely suspects.

Risk Assessment

A key aspect of developing victimology is determining victim and offender risk. Generally, women are at greater risk than men of being cyberstalked and new Internet users are at greater risk than experienced Internet users. Individuals who frequent the equivalent of singles bars on the Internet are at greater risk than those who just use the Internet to search for information. A woman who puts her picture on a Web page with some biographical information, an address, and phone number is at high risk because cyberstalkers can fixate on the picture, obtain personal information about the woman from the Web page, and start harassing her over the phone or in person.

Bear in mind that victim risk is not an absolute thing – it depends on the circumstances. A careful individual who avoids high risk situations in the physical world might be less cautious on the Internet. For example, individuals who are not famous in the world at large might have celebrity status in a certain area of the Internet, putting them at high risk of being stalked by someone familiar with that area. Individual who are sexually reserved in the physical world might partake in extensive sexual role playing on the Internet, putting them at high risk of being cyberstalked.

If a cyberstalker selects a low risk victim, investigators should try to determine what attracted the offender to the victim. Also, investigators should determine what the offender was willing to risk when harassing the victim. Remember that offender risk is the risk as an offender perceives it – investigators should not try to interpret an offender’s behavior based on the risks they perceive. An offender will not necessarily be concerned by the risks that others perceive. For example, some cyberstalkers do not perceive apprehension as a great risk, only an inconvenience that would temporarily interfere with their ability to achieve their goal (to harass the victim) and will continue to harass their victims, even when they are under investigation.

Search

Investigators should perform a thorough search of the Internet using what is known about the victim and the offender and should examine personal computers, log files on servers, and all other available sources of digital evidence as described in this book. For example, when a cyberstalker uses e-mail to harass a victim, the messages should be collected and examined. Also, other e-mail that the victim has received should be examined to determine if the stalker sent forged messages to deceive the victim. Log files of the e-mails server that was used to send and receive the e-mail should be examined to confirm the events in question.

Log files sometimes reveal other things that the cyberstalker was doing (e.g. masquerading as the victim, harassing other victims) and can contain information that lead directly to the cyberstalker.

CASE EXAMPLE: Gary Steven Dellapenta became the first person to be convicted under the new section of California’s stalking law that specifically includes electronic communications. After being turned down by a woman named Randi Barber, Dellapenta retaliated by impersonating her on the Internet and claiming she fantasized about being raped.

Using nicknames such as “playfulkitty4U” and “kinkygal30,” Dellapenta placed online personal ads and sent messages saying such things as “I’m into the rape fantasy and gang-bang fantasy too.” He gave respondents Barber’s address and telephone number, directions to her home, details of her social plans and even advice on how to short-circuit her alarm system.

Barber became alarmed when men began leaving messages on her answer machine and turning up at her apartment. In an interview (Newsweek 1999), Barber recalled that one of the visitors left after she hid silently for a few minutes, but phoned her apartment later. “What do you want?” she pleaded. “Why are you doing this?” The man explained that he was responding to the sexy ad she had placed on the Internet.

“What ad? What did it say?” Barber asked. “Am I in big trouble?”

“Let me put it to you this way,” the caller said. “You could get raped.”

When Barber put a note on her door to discourage the men who were responding to the personal ads, Dellapenta putting new information on the Internet claiming that the note was just part of the fantasy.

In an effort to gather evidence against Dellapenta, Barber kept recordings of messages that were left on her machine and contacted each caller, asking for any information about the cyberstalker. Two men cooperated with her request for help, but it was ultimately her father who gathered the evidence that was necessary to identify Dellapenta.

Barber’s father helped to uncover Dellapenta’s identity by posing as an ad respondent and turning the e-mails he received over to investigators.

Investigators traced the e-mails from the Web sites at which they were posted to the servers used to access the sites. Search warrants compelled the Internet companies to identify the user. All the paths led police back to Dellapenta. “When you go on the Internet, you leave fingerprints – we can tell exactly where you’ve been,” says sheriff’s investigator Mike Gurzi, who would eventually verify that all the e-mails originated from Dellapenta’s computer after studying his hard drive. The alleged stalker’s M.O. was tellingly simple: police say he opened up a number of free Internet e-mail accounts pretending to be the victim, posted the crude ads under a salacious log-on name and started e-mailing the men who responded. (Newsweek 1999)

Dellapenta admitted to authorities that he had an “inner rage” against Barber and pleaded guilty to one count of stalking and three counts of solicitation of sexual assault.

When searching for evidence of cyberstalking it is useful to distinguish between the offender’s harassing behaviors and surreptitious monitoring behaviours. A victim is usually only aware of the harassment component of cyberstalking. However, cyberstalkers often engage in additional activities that the victim is not aware of. Therefore, investigators should not limit their search to the evidence of harassment that the victim is already aware of but should look for evidence of both harassment and surreptitious monitoring.

If the victim frequented certain areas, investigators should comb those areas for information and should attempt to see them from the cyberstalker’s perspective. Could the cyberstalker have monitored the victim’s activities in those areas? If so, would this monitoring have generated any digital evidence and would Locard’s exchange principle take effect? For example, if the victim maintains a Web page, the cyberstalker might have monitored its development in which case the Web server log would contain the cyberstalker’s IP address (with associated times) and the cyberstalker’s personal computer would indicate that the page had been viewed (and when it was viewed). If the cyberstalker monitored the victim in IRC, he might have kept log files of the chat sessions. If the cyberstalker broke into the victim’s e-mail account the log files on the e-mail server should reflect this.

Keep in mind that the evidence search and seizure stage of an investigation forms the foundation of the case – incomplete searches and poorly collected digital evidence will result in a weak case. It is therefore crucial to apply the Forensic Science concepts presented in this book diligently. Investigators should collect, document, and preserve digital evidence in a way that will facilitate the reconstruction and prosecution processes. Also investigators should become intimately familiar with available digital evidence, looking for class and individual characteristics in an effort to maximize its potential.

Crime Scene Characteristics

When investigating cyberstalking, investigators might not be able to define the primary crime scene clearly because digital evidence is often spread all over the Internet. However, the same principle of behavioral evidence analysis applies – aspects of a cyberstalker’s behavior can be determined from choices and decisions that a cyberstalker made and the evidence that was left behind, destroyed, or taken away. Therefore, investigators should thoroughly examine the point of contact and cybertrails (e.g. the Web, Usenet, personal computers) for digital evidence that exposes the offender’s behavior.

To begin with, investigators should ask themselves why a particular cyberstalker used the Internet – what need did this fulfill? Was the cyberstalker using the Internet to obtain victims, to remain anonymous, or both? Investigators should also ask why a cyberstalker used particular areas of the Internet – what affordances did the Internet provide? MO and signature behaviors can usually be discerned from the way a cyberstalker approaches and harasses victims on the Internet.

How cyberstalkers use the Internet can say a lot about their skill level, goals, and motivations. Using IRC rather than e-mail to harass victims suggests a higher skill level and a desire to gain instantaneous access to the victim while remaining anonymous. The choice of technology will also determine what digital evidence is available. Unless a victim keeps a log, harassment on IRC leaves very little evidence whereas harassing e-mail messages are enduring and can be used to track down the sender.

Additionally, investigators can learn a great deal about offenders’ needs and choices by carefully examining their words, actions, and reactions. Increases and decreases in intensity in reaction to unexpected occurrences are particularly revealing. For example, when a cyberstalker’s primary mode of contact with a victim is blocked the cyberstalker might be discouraged, unperturbed, or aggravated. How the cyberstalkers choose to react to setbacks indicates how determined they are to harass a specific victim and what they hope to achieve through the harassment. Also, a cyberstalker’s intelligence, skill level, and identity can be revealed when he modifies his behaviour and use of technology to overcome obstacles.

Motivation

There have been a number of attempts to categorize stalking behavior and develop specialized typologies (Meloy 1998). However, these typologies were not developed with investigations in mind and are primarily used by clinicians to diagnose mental illnesses and administer appropriate treatments.

When investigating cyberstalking, the motivational typologies can be used as a sounding board to gain a greater understanding of stalkers’ motivations. Also, as described earlier in this chapter, some stalkers pick their victims opportunistically and get satisfaction by intimidating them, fitting into the power assertive typology.

Other stalkers are driven by a need to retaliate against their victims for perceived wrongs, exhibiting many of the behaviours described in the anger retaliatory typology. For instance, Dellapenta, the Californian cyberstalker who went to great lengths to terrify Randi Barber, stated that he has an “inner rage” directed at Barber that he could not control. Dellapenta’s behavior confirms this statement, indicating that he was retaliating against Barber for a perceived wrong. His messages were degrading and were designed to bring harm to Barber. Furthermore, Dellapenta tried to arrange for other people to harm Barber, indicating that he did feel the need to hurt her himself. Although it is possible that Dellapenta felt some desire to assert power over Barber, his behavior indicates that he was primarily driven by a desire to bring harm to her.

Summary

Cyberstalking is not different from regular stalking – the Internet is just another tool that facilitates the act of stalking. In fact, many cyberstalkers also use the telephone and their physical presence to achieve their goals. Stalkers use the Internet to acquire victims, gather information, monitor victims, hide their identities, and avoid capture. Although cyberstalkers can become quite adept at using the Internet, investigators with a solid understanding of the Internet and a strong investigative methodology will usually be able to discover the identity of a cyberstalker.

With regard to a strong investigative methodology, investigators should get into the habit of following the steps described in the chapter (interviewing victims, developing victimology, searching for additional evidence, analysing crime scenes, and understanding motivation).

The type of digital evidence that is available in a cyberstalking case depends on the technologies that the stalker uses. However, a cyberstalker’s personal computer usually contains most of the digital evidence, including messages sent to the victim, information gathered about the victim, and even information about other victims.

It is difficult to make accurate generalizations about cyberstalkers because a wide variety of circumstances can lead to cyberstalking. A love interest turned sour can result in obsessive and retaliatory behaviour. An individual’s desire for power can drive him to select and harass vulnerable victims opportunistically. The list goes on, and any attempt to generalize or categorize necessarily excludes some of the complexity and nuances of the problem. Therefore, investigators who hope to address this problem thoroughly should be wary of generalisations and categorizations, only using them to understand available evidence further.

For many people, the word “encryption” invokes images of spies, clandestine operations and World War II, or NSA code breakers feverishly working to decipher enemy messages. Actually, encryption is a priceless security tool that any business can easily use to keep sensitive information confidential and safe from prying eyes.

Unfortunately, many businesses fail to take advantage of encryption technology, fearing that it’s ‘too complex’ and ‘difficult to use’ on a routine basis. In reality, encrypting vital data isn’t much more difficult than running a virus scanner or a data-backup program. Here’s how to get started.

The Basics

There are two basic ways to encrypt data. One approach is to use asymmetric PKI (public-key infrastructure) encryption. PKI cryptography is based on a pair of cryptographic keys: One is private and known only to the user, while the other is public and known to the opposite party in any exchange.

PKI technology provides privacy and confidentiality, access control, proof of document transmission, and document archiving and retrieval support. While most security vendors currently incorporate some type of PKI technology into their software, differences in design and implementation prevent interoperability between products.

The other method of encrypting data is symmetric key protection, also known as “secret-key” encryption. Generally speedier yet less secure than PKI, symmetric encryption uses the same key to both encrypt and decrypt messages. Symmetric technology works best when key distribution is restricted to a limited number of trusted individuals. Since symmetric encryption can be fairly easy to break, it’s primarily used for safeguarding relatively unimportant information or material that only has to be protected for a short period of time.

Applying Encryption

The easiest way to use encryption is to purchase a business application or a hardware product that incorporates some form of encryption technology. Microsoft’s Outlook or Outlook Express email client, for example, provides built-in encryption support. Meanwhile, vendors such as Seagate Technology LLC and Hitachi Ltd. have started incorporating encryption technology into their hard drives.

Since most software applications and hardware products don’t include any type of internal encryption technology, business owners and managers need to look for stand-alone encryption products. This can be a confusing process, one that’s best approached by first determining the business’s precise security requirements, then finding an encryption product that fits each need.

Microsoft Vista Enterprise and Ultimate users can take advantage of BitLocker Drive Encryption, a full disk tool that offers powerful 1024-bit encryption. Another Windows offering is EFS (Encrypting File System), which uses symmetrical PKI technology to provide file encryption.

Beyond Microsoft, leading encryption vendors and products include PGP, free – open-source TrueCrypt, DESlock+, Namo FileLock and T3 Basic Security.

What to Encypt

So how do you know what to encrypt? Here are some places to start:

• Hard Drives: A business may choose to encrypt entire hard drives as a way to reduce or eliminate data theft.
• Individual Files: In cases where full disk encryption is overkill, file-by-file encryption provides added security on an “as-needed” basis. Many leading encryption products offer drag-and-drop encryption capabilities.
• Laptops: Unlike office systems, laptops are easy to lose and are prone to casual theft. By ensuring that the system’s data content is unreadable, a business can limit its loss to the cost of the laptop. A growing number of government regulators and insurance companies are demanding that businesses encrypt any data that leaves their premises and over 5000 Laptops were left in the back of a taxi cab last year.
• Removable Media: Memory sticks, thumb drives and similar portable storage technologies provide portability, convenience, and an opportunity for data loss and theft. As with laptops, encryption limits a business’s loss to the cost of the device itself. A growing number of removable-media devices come with built-in encryption support.
• File Transfers: Sending files over unsecured wired or wireless links can expose sensitive information to data thieves. Encryption provides an additional layer of security, even when a secured network is used.
• Email: Encrypted email is kept secure during the transmission process and while sitting in its recipient’s mailbox.
• IM (Instant Messaging): A growing number of businesses are using IM to swap confidential business information. Encryption helps secure these critical transmissions.

Encryption’s Limitations

Like any technology, encryption software isn’t perfect. Even the best products consume both processor speed and storage space. Users can also lose or forget passwords, thereby potentially locking systems forever.

Before purchasing any encryption tool, carefully research the product. Make sure that the offering addresses your company’s needs, is compatible with your systems and has a good track record concerning reliability and support. If possible, check with your friends and colleagues for their opinions on various encryption tools.

Lastly, if you do use any of the products available for encryption, including Windows EFS, please remember to backup and store your public and private keys. If not, you will probably lose your data.

Data theft is, quite simply, the unauthorised copying or removal of confidential information from a business or other large enterprise. It can take the form of ID-related theft (the theft of customer records) or the theft of a company’s proprietary information or intellectual property.

ID Data Theft

ID-related data theft occurs when customer records are stolen or illegally copied. The information stolen typically includes customers’ names, addresses, phone numbers, usernames, passwords and PINs, account and credit card numbers, and, in some instances, Social Security numbers. When transmitted or sold to lower-level criminals, this information can be used to commit all manner of identity fraud.

A single data theft can affect large numbers of individual victims. There are many examples to cite.

Let’s start here in England. In January, 2008, two laptop PCs were stolen from Brent’s Central Middlesex Hospital. Each laptop contained hundreds of confidential patient records. Not a large theft (389 records in all), but one particularly disconcerting to the patients whose personal data were compromised.

Then there was the case of the Wilkes-Barre driver’s license centre in Hanover, PA, which was broken into in late November, 2006. In addition to assorted office supplies and materials, the thief got away with a computer containing driver’s license information for more than 11,000 citizens.

Not even those companies charged with keeping our data safe are immune from data theft. For example, ChoicePoint, Inc., is a company that collects personal and financial information on millions of computers. In February, 2005, ChoicePoint reported that it had suffered a security breach and inadvertently sold personal information on 145,000 people to a criminal enterprise. Oops!

A much larger theft occurred in October, 2007, when the financial institution GE Money discovered that a computer tape containing information on 650,000 J.C. Penney customers had gone missing. Although not yet officially confirmed as a theft (it was just “missing”), the tape in question included more than 150,000 Social Security numbers.

Retailers store a lot of valuable data about their customers, which makes them a prime target of data thieves. Thus the story of shoe retailer DSW, which in June, 2005, had 1.4 million customer records stolen. Among those customers affected was then-FTC chairwoman Deborah Platt Majoras—a nice little irony for those that care.

Of course, data theft isn’t limited to the retail sector. Witness the U.S. Department of Veterans Affairs, which had the home of one of its employees burglarized in May of 2006. Stolen in the burglary was a laptop computer and external disk drive that contained the Social Security numbers of about 26.5 million veterans. That was a big breach—but the story has a happy ending. Thanks to some excellent police work, the hard drive was eventually recovered; it was later determined that the sensitive data had not been accessed.

An even bigger breach was the June, 2005, “security incident” reported by Atlanta-based payment processor CardSystems Solutions. The company handles payments for all the major credit cards, including MasterCard, Visa, American Express, and Discover. Intruders used malicious software code to breach the company’s systems, exposing more than 40 million credit card accounts to potential fraud. Fortunately, only about 200,000 of these accounts were found to be actually stolen, but the FBI was still called in to investigate.

But all these incidents pale compared to the largest reported case of data theft on record. In December, 2006, the TJX Companies (parent to T.J. Maxx, Marshalls, and other retailers) reported a massive computer breach on that part of its network that handles credit card, debit card, check, and merchandise transactions. It appears that hackers made off with more than 94 million records from customers in the U.S. and abroad.

Take a look at that last case again. A single data theft compromised the identities of an estimated 94 million individuals. That’s just an incredible number—and indicative of the impact of this type of computer crime.

NOTE: For what it’s worth, TJX disputes the 94 million number, which comes from a group of banks suing the company over the breach. The company says that only 45.7 million records were stolen—which is still a very big deal.

Non-ID Data Theft

Customers’ records aren’t the only kind of data that can be stolen from a large organization. Companies of all sorts are hosts to various types of confidential information; this information, if accessed by a competitor, could often lead to a diminishment of the company’s position in the marketplace.

Non-ID data theft occurs when an employee makes one or more copies of a company’s confidential information, and then uses that information either for his own personal use or transmits that information to a competitor for the competitor’s use. However it’s done, this is a theft of the business’ intellectual property, every bit as harmful as a theft of money or equipment.

What kind of information are we talking about? A company’s confidential information includes its employee records, contracts with other firms, financial reports, marketing plans, new product specifications, and so on. Imagine you’re a competitor who gets hold of a company’s plans for an upcoming product launch; with knowledge beforehand, you can create your own counter-launch to blunt the impact of the other company’s new product. A little inside information can be extremely valuable—and damaging for the company from which it was stolen.

NOTE: One notable example of non-ID theft occurred in 2006, when three Coca-Cola employees attempted to steal the secret formula for Coke. They tried to sell the trade secret to rival PepsiCo; unfortunately for them, Pepsi contacted Coca-Cola management, who alerted the FBI. The Feds used this information to conduct a sting operation that landed all three culprits in the big house.

Clickjacking is a form of client-side, web-based attack in which the attacker tricks the victim into clicking areas of disguised/obfuscated HTML elements, such as the IFRAME, APPLET, OBJECT, or other HTML elements that can display externally loaded resources. The clickjacking technique aims to circumvent the stringent security policies of the browser and all of its components by forcing the user to perform the necessary malicious actions on behalf of the attacker—without realizing that he or she is under an attack.

The clickjacking technique is an old form of an attack that was reincarnated recently with help from Jeremiah Grossman and Robert (rsnake) Hansen, two researchers known for several discoveries of web and client-side (more specifically, browser-related) vulnerabilities. Ever since Grossman and Hansen’s public statement about their finding, the clickjacking technique has been discussed in full on several niche blogs and information security resources online, including ha.ckers.org, hackademix.net and GNUCITIZEN.

In this article, we’ll look into what clickjacking is and what you need to do to protect yourself as a web application developer and as a user.

What Is Clickjacking?

The clickjacking technique falls into the category of graphical user interface (GUI) attacks. Another attack in the same category is the infamous file-input focus-stealing bug, with all of its variations, which allows attackers to steal any file from the filesystem when the victim is tricked into typing characters into a seemingly harmless text field. The clickjacking attack is also what security researchers call a design bug. Essentially, clickjacking is possible because of several design limitations. Design bugs are difficult to fix because they usually require change of the affected system’s design, which is something that may not be very trivial to do. Very often, design bugs stay unfixed.

To understand how clickjacking works, consider the following example. You visit your Facebook account. On your dashboard is a notification that one of your friends wants to share a new story with you, so you follow the link inside her message. Once you click the link, a new tab opens inside your browser, displaying a strange but rather harmless-looking message. The page simply asks whether you’d like to use AJAX in order to preview the content of the page, as it will improve your user experience. There’s only one button, so you hurry to click it and move on.

Game over—you’ve been clickjacked! The longer you stay on this page, the more auditory and visual data will be retrieved from your current surroundings, via your microphone and camera. You’ve been cyber-bugged.