Internet of Things and Digital Fingerprints
In my presentations I talk a lot about how crime has moved online, and in some ways pre-meditated physical crime has a huge online component that, in my humble opinion, has not been fully explored. When the Internet of Things becomes fully evolved will your fitness tracker solve your own murder? Or could evil hackers kill you wirelessly, or over the Internet? Five years ago these ideas would elicit laughter, now there is an unease. In a few circles like the Secret Service, there is a quiet admission that Medical Device hacking is a “thing."However, on the more positive side – privacy issues aside – self-inflicted, continuous, ubiquitous surveillance of ourselves through fitness tracker apps, geo location on our phones, car GPS, and “black boxes” (Event Data Recorders) may all be potentially used to identify dangerous situations. Could fitness tracker apps detect a dangerous drop in blood pressure that could be associated with being stabbed? Could they then summon medical assistance, and order blood in your blood type to the nearest hospital? If the event is in your home, work, or someplace in-between, could they request law enforcement and automatically collect cellphone IMIEs around you for potential witnesses? Could they automatically download video from CCTV cameras and record license plates from nearby sources? With all these interlinked devices and analytic engines moving data and triggering responses, investigations into murders, sexual assaults, and accidents could be set to have a relevant and complex cyber dimension. Complex due to the interlinking and relevant because, like it or not, your cellphone and other devices will leave a digital trail that must match to the physical situation, or everything becomes questionable.Moving deeper into the digital world, we have a problem: we are different online than in real life. For example, the shy loner could have hundreds of “friends” in an online game system, because we can masquerade as our complete opposite online. This is where things get complicated for law enforcement. Real life may have some cyber similarities, but personalities and online behavior may be the exact opposite of what is expected.True, the tell tail signs of a person meticulously planning physical mayhem or a sex crime, can just be a web search away, and digital evidence has received some notoriety in recent cases, such as the Casey Anthony prosecution. But here’s the rub: digital forensics have been used to help convict, but have they been used to exonerate? If a suspect Googles “how to kill your partner”, the partner turns up dead and investigators gain that evidence – it contributes to the suspect’s guilt. However, somehow submitting the fact that “how to kill your partner” was not in the search history does not exonerate the suspect. Seems prejudicial and who knows who was actually behind the keyboard.Evolving MSP and IT Service Provider Roles
Clearly a new dimension of investigation, legal prosecution, and defense is evolving firmly rooted in digital evidence. Where physical crime has gone, digital is sure to follow, and this is where MSPs and IT Service providers will have a role to play as custodians of the digital infrastructure. The reality, is that most managed service providers (MSPs) and IT Service providers will understand the cyber world far better than municipal and state resources, and in some cases even more than federal operatives.I hope that MSPs and IT service providers don’t have to encounter more than ransomware or financial crimes, but unfortunately many MSPs I’ve talked to are being drawn into investigations to discover digital evidence of more serious crimes. Disturbingly, the most common encounter for IT providers is evidence of child exploitation.“As of Nov. 19, 2014: At least 12 states – Alaska, Arkansas, California, Illinois, Michigan, Missouri, North Carolina, Oklahoma, Oregon, South Carolina, South Dakota and Texas – have enacted laws requiring computer technicians or information technology workers to report child pornography if they encounter it in the scope of their work.”

Ian Trump is security lead for LOGICnow. Follow him on Twitter at @phat_hobbit.