Trump was Right..Almost..Sort of...

Not long after the election President Trump made the startling claim that he had been the victim of “illegal wiretapping” and he was right, almost, sorta. While most of the media discounted his claims outright false members of the Electronic Freedom Foundation and computer security professionals were a little more believing.

Not too long ago, Edward Snowden released documents detailing the NSA’s surveillance program named PRISM among other intelligence programs. At the time in an unprecedented trip the head of the NSA went to speak to the BLACKHAT conference in Las Vegas. Among statements made at the conference were that the NSA did not have the ability read the contents of an email.

Unlike a conference hearing in congress, this was a room full of computer security experts. So, of course there was a loud shout from the crowd of “Bullsh@t, if I can do it, you damn sure can!“ Fast forward to this past week and the NSA reveals that they have discontinued the policy of reading the contents of emails sent by American Citizens.

And so this brings me back to my original statement, maybe Trump is right, but in the language of “Politicians and Media” the surveillance wasn’t “ILLEGAL” and it was all electronic and not “TAPPING a PHONE LINE”, so the entire statement is obviously false. Only in Washington could such logic be followed much less believed.

The take away for the rest of us: IF you wouldn’t share that message, text or photo with your Grandma, you probably shouldn’t send it across the internet. 

Fraud and the Cost of Doing Business

This weekend is NOLA-Con a great Hacking, or to be more politically correct, Computer Security Conference in the amazing city of New Orleans. Even though I missed this year, I still plan on checking out the videos of presentations and you should too!

In 2016, I got to give a talk at the conference on the challenges that law enforcement investigators face when investigating cyber crimes. I'm sure it's on YouTube somewhere if you care to look. One of the greatest challenges faced is the lack of cooperation by victims.  I know what you are thinking, "How can that possibly be true?" If you have been a victim of identity theft, I feel your pain, but follow my logic for just a minute.

You log into your bank account one day only find somebody used your account information to make several online purchases and now you are out several hundred or even thousand dollars. You quickly call your bank and after playing 20 questions with a fraud representative you are advised to contact local law enforcement and file a police report to complete your fraud claim.

Of course when you call your local police you want the bad guy caught and prosecuted to the "fullest extent of the law!" And you are willing to help in anyway possible, at least for a couple of days. Thankfully, the bank refunds your missing money and you begin to lose interest. I know, we are all busy and downloading records or printing out information is a pain, Besides, you are busy with kids and work and school and church.....

Really, it's not your fault. The banks are almost as bad, some other person will send over that information as some other time. I no longer hold my breath waiting and after a few weeks the case is marked "Inactive" and place a really, really big file cabinet never to be seen again. (Think the last scene of Indian Jones Raiders of the Last Ark movie)

The problem is real money was stolen either from the merchant (via charge back) or the bank, or maybe an insurance company and the current solution: "Just raise the price a little or charge another fee" That's just the cost of doing business.

Welcome to Cyber Case Files! My name is Chip Thornsburg and I am the CEO of Alamo Cyber Security. In all of my free time I am also a detective with the Helotes Police Department, or maybe it's the other way around. Any-who I thought I might take some time to share stories of past cyber cases worked in a law enforcement capacity and in the private sector. I also intend to share some pointed tips on Cyber Security, how you can help protect yourself and maybe even some comments on the news of the day.  Once again WELCOME and I hope you enjoy!