The Threat of Covert Spying: Understanding and Protecting Yourself

The Threat of Covert Spying: Understanding and Protecting Yourself

14 Apr 2023 Blog

James Bond made it look cool. From fancy devices and trinkets, he got the intel with tracker devices and hidden cameras. He used it to catch the bad guy. Yet what if the threat of covert spying wasn't in the interest of government security or gathering intelligence, as James Bond made us believe? The threat of secret surveillance is increasingly used for nefarious reasons. Even ones that put people in danger and are a great invasion of privacy. So, how is this threat of covert spying happening? What can you do to ensure you aren't a victim? Read on to learn more. What Is Covert Surveillance? Let's start with a common understanding of covert surveillance or clandestine surveillance. As the name suggests, this type of surveillance gets executed where the person or activity being surveilled is done in secret. It's a calculated action done secretly to watch or gather information about or from someone unknowingly. Sometimes this covert surveillance gets done by a person who's nearby. Other times it's executed through a device, and the person watches or gathers information from a distance. Eavesdropping, Spying, Snooping, How It's Done The average person doesn't have access to James Bond's arsenal of secret gadgets and tools. Yet, it's become easier for those who want information secretly to get it in today's tech-driven world.  So, how is eavesdropping, spying, and snooping done in today's world? With many hidden devices, including: Remote cameras Hidden listening devices Tracking devices, like GPS tracking Apple Air tags, used for tracking Drone surveillance Hidden data readers  While these devices are secret, how do you know if someone is trying to spy on you? It's important to be aware of your surroundings and pay attention to the most minor clues that tell you someone has been in your space.  Types of Clandestine Surveillance So, what's being used to execute this invasion of privacy? Let's take a closer look at some types of devices used to gather clandestine surveillance.  Hidden Cameras You know that surveillance cameras are everywhere as you go about your daily life. From parking lots to common business areas, security is watching. But where are the hidden cameras you aren't supposed to know about? Hidden cameras can be nearly anywhere. The technology is so advanced that cameras can be the size of a pinhead. These can be hidden in almost any object around a room.  Be most worried about hidden cameras in areas like bathrooms and bedrooms, where your privacy is most at risk. Tracker Devices Tracking devices allow someone to know your whereabouts at all times. Often cell phones now carry tracking technology, so your whereabouts are available to anyone with your cell information.  Unwanted tracking can be achieved by adding a secret GPS device to your transportation. Apple Air tags are meant for luggage, yet are the same type of tracking device that could be hidden in a bag or clothing.  Covert Surveillance Other types of covert surveillance include using drones to get a birdseye view to gather information.  Secret devices hidden in card readers to steal credit card information are a huge problem for retailers constantly working to protect their data.  When Should You Be Most Worried About Unwanted Surveillance? You have some understanding of the types of threats that could be used for unwanted surveillance. You know how that surveillance might be attempted. Let's consider where you're likely most at risk for the potential for unwanted surveillance.  Businesses Managers and Owners If you're a James Bond movie buff, you will likely have seen a few films involving corporate espionage and insider trading.  You're at risk if you own or run a business with valuable information. Every employer wants to trust the people who work for them. Yet, one disgruntled worker could wreak havoc with some covert spying.  Gathering and using the information to start a new business using your information or selling to the competition could profoundly damage any business.  If you've created a product or service, businesses must also protect their intellectual property. Covert spying could take your most valuable assets from you. School Environments Most people want to believe they send their children to school where they are supervised and taught by well-intentioned individuals. Sadly, in today's world, that isn't always the case.  There are too many news stories of secret cameras in schools and school personnel using surveillance as sexual predators. This could include teachers, coaches, and school support staff. If your child suspects anything or you get an uncomfortable feeling, trust it and investigate. Hotels and Rental Accommodations You've heard plenty of stories about when people do a property share through a business like Airbnb or VRBO, only to find they've been under surveillance while staying in the property.  This is a massive invasion of privacy, even if they aren't the property owner. It's important to learn about hidden cameras and listening devices and learn how to find a hidden camera when you're on or staying at someone else's property. Retail Environments You also face some potential unwanted surveillance risks when you're out shopping. Be very aware of dressing rooms and their set-up. Some people have chosen to avoid them together to avoid the risk of clandestine cameras watching while trying on clothes.  Other retail risks include cameras working on getting PINs from debit cards or tracking devices in card readers to steal customer information. Be aware of the cybersecurity measures used by the places where you spend your money. You should expect any business to be working to protect your data.  Understanding the Threat of Covert Spying Unfortunately, the threat of covert spying is real. The more aware you are of the risks, the better you can work to protect yourself.  If you're worried someone is attempting to spy on you covertly, it might be time to call in the professionals for an assessment. Contact us for help with the digital forensics you need to protect yourself. 

Read More
The Science of ISO 17025: How Sytech can Help You Gain and Maintain ISO 17025 Accreditation

The Science of ISO 17025: How Sytech can Help You Gain and Maintain ISO 17025 Accreditation

03 Mar 2023 Blog

Did you know that more industries are now seeking ISO 17025 accreditation to demonstrate their competence and gain a competitive edge in their marketplace? According to recent numbers, over 85,000 organisations worldwide were accredited by the ILAC MRA Signatories. But what exactly is ISO 17025 accreditation and why is it so important for your business?  In this article, we'll explore some of the requirements behind ISO 17025 accreditation and how Sytech can help you navigate the process. Understanding ISO 17025: The Key To Unlocking Your Potential If you're looking to gain ISO 17025 accreditation, you'll need a solid understanding of what it entails. ISO 17025 is an international standard that outlines the requirements for testing and calibration laboratories. It sets out guidelines for: Quality management Technical competence The ability to produce accurate and reliable test and calibration data Think of ISO 17025 like a key that unlocks your potential. With it, you'll gain a competitive advantage in your industry. Which in turn should boost the confidence of your clients and stakeholders.  You'll be able to demonstrate that you have the necessary technical skills and management systems in place. And can consistently produce accurate and reliable results. One of the key differences between ISO 17025 and other ISO standards is that it is an accreditation, not a certification.. The requirements are tailored to the unique needs of your  facilities. This can include anything from medical to environmental testing facilities. In order to achieve ISO 17025, your facility will need to undergo a rigorous audit process. This process involves a detailed review of your facilities quality management system. An evaluation of your technical competence will also be necessary. The assessor will be looking for evidence that you meet the requirements of the standard. This can include processes such as: Document control Equipment calibration Proficiency testing The audit process can be challenging. But the benefits of ISO 17025 accreditation are worth it.  You'll be able to compete more effectively in your industry. And, also be able to demonstrate your commitment to quality and accuracy.  This can be a powerful differentiator for your business, especially if you operate in a crowded market. Why Accreditation Matters: The Benefits Of Being ISO 17025 Accredited Becoming ISO 17025 accredited can have a significant impact on your laboratory. It also opens doors to new clients and opportunities. Here are just a few of the benefits of being ISO 17025 accredited: Improved Quality Management System ISO 17025 accreditation requires laboratories to implement a robust quality management system. This can lead to better documentation, more accurate test results, and fewer errors.  By establishing and adhering to strict processes, you can reduce the risk. Plus, you'll ensure that your testing procedures are consistent and reliable. Competitive Advantage In today's market, stakeholders are looking for reliable partners that they can trust. With accreditation, you can differentiate yourself from competitors who do not have this. This can help you win more business and build a reputation as a leader in your industry. Increased Credibility ISO 17025 accreditation is recognized worldwide as a symbol of excellence. This accreditation can help you build trust with clients, stakeholders, and regulatory bodies.  It can also be a requirement for certain types of testing. This can include environmental and medical testing. Access To New Markets Many clients and organisations require their suppliers or partners to be accredited. By achieving this accreditation, you can open doors to new markets and opportunities that were previously closed to you. Continuous Improvement ISO 17025 accreditation is not a one-time achievement. It requires ongoing effort and improvement.  By maintaining your accreditation, you can ensure that your facility is always striving to improve. This can lead to better results, happier clients, and a more successful business overall. How Sytech Can Help: Expert Guidance for ISO 17025 Implementation And Accreditation At Sytech, we understand that achieving ISO 17025 accreditation can be a daunting and complex process. That's why we offer a range of services designed to guide you through every step of the process. Our experienced consultancy team has combined 40 years of testing and calibration laboratory experience and we've achieved ISO 17025 accreditation ourselves.  With our guidance, your organisation can transition smoothly to the new ISO 17025 revision. We can also help you maintain your accreditation for years to come. Guiding You Through Your ISO 17025 Journey Our team of experts can help you establish a suitable quality management system that meets the requirements of ISO 17025. We'll work closely with you to ensure that your laboratory is up to date and in compliance with the standard: Procedures Policies Processes We can provide ongoing support throughout the accreditation process by: Helping you to develop and manage documentation Establishing a robust audit program Fully CPD certified 17025 training programme  Audit provision Validation Guidance Pre-assessment checklists Preparing for your accreditation audit We'll guide you through the process, providing you with the tools and knowledge you need to succeed. Maintaining Your ISO 17025 Accreditation Made Simple Once your organisation has achieved ISO 17025 accreditation, it's not the end. Maintaining it requires continuous effort and improvement.  You'll need to be responsible for the continuous maintenance and improvement of the management system. We can help if your organisation doesn't have the personnel to support this.  We offer a range of maintenance services designed to help you maintain your accreditation, including: Internal audits Management system reviews Ongoing support We'll work with you to ensure that your facilities quality management system remains effective and compliant with ISO 17025. We can provide this through a managed service resource provision.  Why Choose Sytech? At Sytech, we have a deep understanding of the ISO 17025 accreditation process. Along with the benefits that it can bring to your organisation. Our team of experts has a wealth of experience in testing and calibration. We're dedicated to sharing our knowledge and expertise with our clients. We work closely with you to: Understand your organisation's unique needs Develop a tailored solution that meets your specific requirements Achieve ISO 17025 Accreditation With Sytech Earning ISO 17025 accreditation is a significant achievement for any business. It can set you apart from the competition and demonstrate your commitment to quality and competence.  At Sytech, we have over 40 years combined experience in testing and calibration laboratory services. We've helped many businesses earn their ISO 17025 accreditation. With our guidance and support, you can successfully navigate the accreditation process. Enjoy the benefits of this prestigious certification.  Contact us today to learn how we can help you achieve ISO 17025 accreditation and elevate your business to the next level.  

Read More
Stay Ahead of the Game: Why Your Business Needs Cyber Essentials

Stay Ahead of the Game: Why Your Business Needs Cyber Essentials

27 Feb 2023 Blog

The average cost of dealing with a ransom attack on an organisation or business can be £4.10 million. The cost of a cyber attack or a data breach in the UK has increased by 8.1% over the last year. A ransom attack on a business can take up to 237 days to identify and another 89 days for containment. Cyber threats are very real, costly, and are always becoming creative and invasive.  So, how should a business or organisation address potential cyber vulnerability? Cyber Essentials is intended to help you address potential threats you face in cyber security. Read on to learn more about why Cyber Essentials are so important to you. What Is Cyber Essentials? As early as 2014, the British government reckoned the serious threat related to cyber security. Through the Department for Business, Innovation and Skills, developed Cyber Essentials. Cyber Essentials has multiple goals for organisations, including: Guarding against common cyber threats Addressing common online threats to cybersecurity Identifying vulnerabilities Reducing the chances of an attack The threats included addressing phishing, hacking, and illegal password retrieval. Cyber Essentials is set for organisations to work through a checklist to evaluate their cyber security protocols.  Then it helps to address weak areas of their cyber security plan. Cyber Security Threat Landscape The world of cyber security is evolving at a breakneck pace. As soon as you think you've addressed one possible threat, another can appear. But an organisation can't address its cyber security needs without having a good understanding of the possible threats that are out there.  As businesses rely more and more on technology, with  information and data in a computer or on a cloud, the risks increase. One of the keys to a solid cyber security plan is that it can evolve and adjust as your needs change over time. Five Technical Controls of Cyber Essentials As Cyber Essentials was developed, the goal was to help organisations look at five key areas of their IT infrastructure.  An organisation starts with a self-assessment questionnaire to consider how their IT infrastructure will hold up in these five areas. Then the business can go on to address its needs in each area.  Let's take a closer look at these five areas.  1. Firewalls As the name suggests, a firewall is like a cyber wall that prevents access to private networks. When a cyber attacker attempts to get into a network to access information or data, the firewall, if done right, should prevent them from gaining access.  Your IT infrastructure can be built to identify who has access to your networks and their information. It can even delineate where certain users can go on the network.  2. Secure Configurations Computer networks have servers that help organise information and where to go when looking for information. A key to quality cyber security is your server configurations. They help to prevent access where it shouldn't be granted. When you have quality server configurations, you reduce your network's vulnerability. This prevents your network from releasing information when it shouldn't and helps to prevent unauthorised actions into your network. 3. User Access Control Most organisation networks are built with users in mind. They also have network administrators who oversee and have more access, ability and control over things within the IT infrastructure. Any organisation has to be thoughtful about who and how many people have administrator privileges. The more people with total access, the more risk of hackers getting in. You want limited access to computers, applications, and networks for anyone without administrator status. 4. Malware Protection Malware is malicious software. It's a type of software used by hackers to cause harm to computers and networks. Malware can be particularly dangerous and costly to organisations.  It can: Damage files Steal confidential information Lock files Prevent access It's a common practice for hackers to use malware to invade a network and hold it hostage until paid to release it. You need your IT infrastructure set up to prevent malware invasions.  5. Patch Management The world of cyber security is constantly evolving. You find ways to protect your IT infrastructure; then hackers work to invade in new ways.  It requires your cyber security plan to be prepared to address changes and needs as they arise. If a weakness develops, you can patch the issue to remain secure.  Types of Cyber Essentials Certification There are two types of Cyber Essentials certification. There's the Cyber Essentials certification and Cyber Essentials Plus. Both certifications start with Cyber Essentials requirements with a self-assessment questionnaire. Your IT expert completes the assessment questionnaire answering questions about the five areas and your IT infrastructure. Many organisations will seek professional assistance to guide them through the assessment questionnaire.  Once complete, an external certifying body evaluates the assessment and decides if your IT infrastructure qualifies for Cyber Essentials certification. Benefits of Cyber Essentials Certification A Cyber Essentials certification shows your organisation has done what needs to be done to protect against the most common types of cyberattacks.  Those who've suffered through a cyberattack can tell you that you'll suffer business loss. You could face potentially great expense if you're a victim of a cyber attack.  Although Cyber Essentials is often required to bid on government contracts, show your organisation has done everything possible to protect itself from the risks of cyberattacks. You gain the trust and confidence of those you do business with. Your credibility and reputation with a Cyber Essentials certification show you care about IT security. You get more business while assuring existing customers you take securing their data and information seriously. Protect Your Organisation With Cyber Essentials Without a careful cyber security plan, your organisation can face a significant risk of a cyberattack. Cyber Essentials certification helps ensure you have a solid security plan. Get a free consultation for your Cyber Essentials certification. Contact us today to get started.   

Read More
Why We Need Corporate Digital Forensics Now More Than Ever

Why We Need Corporate Digital Forensics Now More Than Ever

21 Feb 2023 Blog

Did you know that modern forensics dates back to the 1800s? Fast forward to today, and forensics has been revolutionized by technological advances. In addition to fingerprints and DNA, we now have smartphone records and other digital elements that can be used as evidence within a court of law. While digital forensics is new within the grand scheme, a corporate digital forensics industry can't be ignored. Are you wondering why it's so important? Keep reading to learn all about why we need corporate digital forensics now more than ever. What Does Digital Forensics Involve? There are several types of digital forensics, including those relating to smartphones and laptops. If it's an electronic device of some kind, then chances are information can be obtained from it. A single photo on a smartphone can reveal plenty of information, such as the date, the time, and even the exact location where the photo was taken. Laptop and desktop computers have records that relate to browser history, deleted files, time logs, and so much more. The wealth of information a forensic expert can get from a device is almost unlimited. Even a device damaged by fire or water can often have valuable data still hidden inside of it. Once a forensic expert gets the information, then it's possible for them to testify in a court of law. This can end up making a world of difference in the results of a given case. Aside from court matters, there are many different situations in which a digital forensic expert can help. For instance, there may have been a deliberate or accidental disclosure of sensitive data. It'd be important to get to the truth of this matter so you can act accordingly. Other situations include employee internet misuse or abuse, intellectual property theft, data breaches, and even industrial espionage. Don't forget about the range of white-collar crimes that happen on a regular basis, such as embezzlement, Ponzi schemes, and many others. Third-Party Digital Forensics Is Essential Did you know that an attack by hackers occurs every 39 seconds? Many people and businesses assume it will never happen to them. The truth is, almost anyone can turn into a target at the drop of a hat, including small and large businesses. By investing in third-party digital forensics, you can gather evidence that you'll need for insurance claims. It may even come in handy in a court of law. By learning what went wrong, businesses can also protect themselves more effectively in the future. The good news is that you don't have to wait for a cyberattack to occur to prevent cybercriminals. Instead, you can schedule a digital forensics consultation and get priceless advice. This can help you reinforce your business from the ground up. These kinds of services are essential because they provide every business with valuable tools and knowledge. That way, you won't always have to rely on the police for everything. Plus, you can see results much more quickly instead of waiting around for the authorities to handle whatever issues have cropped up. It'll also go a long way towards freeing up the police's time. Some people prefer not to get the authorities involved at all. In this situation, a corporate digital forensic expert can allow you to handle delicate matters in a way that works best for you and your needs. This includes finding out if your competitors are spying on your activities, whether your employees are getting harassed online, and so much more. The Importance of Digital Forensic Accreditation and Experience Whether you want to resolve cyberattacks or ensure that there are no glaring holes in your security, it's a good rule of thumb to seek out a digital forensic provider that has both accreditation and experience. The last thing you'd want is for an inexperienced team to meddle in your electronic devices and gain access to your sensitive data. Having an amateur do the job could end up making a bigger mess of things. Instead, you should always research various companies before enlisting them for help. One way you can narrow down your list of potential providers is by seeing what past clients have said about them on review sites. You can get an even more reliable impression when you ask for a recent referral and speak with someone on the phone. Referrals allow you to ask a range of crucial questions while also getting a much better idea of what to expect from a given company. Since digital forensics is fairly new in the grand scheme of things, many providers won't have the necessary experience. However, you shouldn't settle for anything less than the best, such as the services offered by Sytech Digital Forensics. Sytech can even provide you with an experienced expert witness who can provide valuable testimony in a court of law. You can't find services like this just anywhere. If you try to cut corners and get digital forensic results from a provider that doesn't have accreditation, then the evidence may not hold up in court. Are You Ready for the Future of Digital Forensics? Now that you've learned all about why we need corporate digital forensics more than ever, you can make sure you seek out the services of a third party with proper accreditation and experience. That way, you can rest easy, knowing that you're in good hands. We can provide you with various reliable digital forensics and cyber solutions. These include everything from computer and mobile phone forensics to penetration testing and incident response. Our clients know they can always count on our attentive expertise. Please contact us for a free digital forensic consultation. We look forward to assisting you.

Read More
A Tale of Two Courtrooms: Giving Evidence in the Crown Court vs Magistrates Court

A Tale of Two Courtrooms: Giving Evidence in the Crown Court vs Magistrates Court

08 Feb 2023 Blog

Appearing in court is a nerve-wracking affair. It's intimidating even if you aren't the defendant being charged with a crime: Back in 2016, a watchdog found that more than 10,000 criminal cases had to be dropped because witnesses simply didn't show up on the day. Whether you're due to appear in Crown Court or Magistrates' Court, we've compiled this easy guide to break down the jargon and explain what will happen on the day. Keep reading to learn how to prepare the right way. Types of Offence in the UK In English law, all criminal offences fall into three categories: Summary-only offences Triable either-way offences Indictable-only offences The difference is in the type and severity of the alleged crime committed. You might call a summary offence a "petty" crime, such as a motoring offence, criminal damage case, or an instance of minor assault. In 2020, 74% of cases in the UK were summary offences, while 23% were triable either way. The remaining 3% were indictable offences. Indictable-only offences are serious crimes, such as murder, manslaughter, FGM, and rape. Either-way offences are those that fall somewhere between summary and indictable incidents. They're often crimes that have a broad spectrum of possibilities, such as assault occasioning actual bodily harm. As you'd imagine, the maximum punishment for summary offences is far more lenient for more serious crimes - most summary offences carry a 6-month maximum penalty of £5,000. Indictable offences are punishable with up to life in prison. Magistrates' Court vs Crown Court The key difference between the Magistrates' and Crown Courts is the type of offences. In virtually all cases, summary offences are tried at Magistrates' Court. Crown Court, presided over by a judge with a jury present to deliver a verdict, deals with either-way and indictable offences. In other words: Serious crimes are tried before a judge and jury, while lesser criminal cases are tried before a panel of judges. What Is A Magistrates' Court? Magistrates' Court is a lower court that handles most summary offences. Usually, a Magistrates' Court is presided over by three judges, who hear a case and pass a judgement - though it's not unheard of for only two judges to be present. The Crown Prosecution Service (CPS) is responsible for prosecuting criminal cases in the UK. Giving Evidence in Magistrates' Court Cases heard in Magistrates' Court are typically resolved far more quickly than in a Crown Court. Often, you'll only be required to attend court for a day, and we've compiled a list of tips for you on how to give evidence in a clear and concise manner. You will be asked questions by the panel of judges directly and may be cross-examined by the defending lawyer.  What Is A Crown Court? The Crown Court primarily handles indictable offences, as well as either-way offences that are triable only as indictable offences because of the circumstances of the incident. Giving Evidence in Crown Court Cases that go to Crown Court are heard before a jury and the most severe criminal cases can take months to reach a verdict. If you're required to give evidence before the Crown Court, you may find yourself waiting around for a long time to be called up. Sometimes, certain witnesses are ruled out as unreliable or not needed by the CPS or defendant's lawyers - but usually, if you're there, you will appear before the court. Witnesses wait in a separate room from defendants and their families to prevent conflicts. On the day, a representative from the Citizens Advice Witness Service will help you find your way around. They will listen to and address any concerns you may have, and accompany you when you give evidence. What Is an Expert Witness? Expert witnesses are people with extensive knowledge of specialist topics. They may include forensic experts, cyber security specialists, data analysts, and coroners. Ultimately, it's up to the courts to decide who can and cannot give evidence as an expert witness. And importantly, an expert witness cannot offer up their own opinions, claiming them as fact - that's hearsay and isn't admissible as evidence. Expert witnesses are expected to provide independent opinions in accordance with the questions they are asked. They don't speculate on areas beyond their expertise and don't provide advice to the courts on how to proceed. Prior Considerations Before the Court Day Before you go to court, you will need to take care of a few administrative tasks. That can include hiring a babysitter and informing your boss or manager that you're required to give evidence in court. Your employer can't refuse your request for time off, but they aren't required to pay you for it. However, you are able to claim expenses from the government. If you suffer from a disability or require a translator to help with your statement, you can contact the CPS for assistance, which will be provided to you. Finally, if you're considered a vulnerable witness, the CPS will offer additional protections, such as shielding your identity to prevent a defendant from knowing who you are. Etiquette in the Courtroom Regardless of whether you give evidence at Crown Court or Magistrates' Court, you must observe courtroom etiquette. This includes matters such as: Dressing in formal attire Treating your witness statement seriously Being clear and precise in your testimony Answering questions directly when asked Staying on topic It's important that you don't volunteer information or meander when you're asked about a matter. You're giving evidence in court to answer specific questions that may (or may not) be deliberated over by a jury. Prepare for Court Testimony Whether you're headed for Crown Court or Magistrates' Court, knowing how to prepare in advance helps calm your nerves and ensures you'll give fair and accurate testimony. If you need assistance to prepare for court, we can help. At Sytech Forensics, we offer consultancy and training for court appearances to ensure our clients give professional testimonies. Click here to arrange a free consultation.  

Read More
Cyber Attacks and Business Growth: How to Avoid Being the Next Victim

Cyber Attacks and Business Growth: How to Avoid Being the Next Victim

01 Feb 2023 Blog

A recent report by the UK government found that two in every five businesses (39%) have experienced a cyber attack or security breach in the last 12 months. The report found that fewer businesses are using security monitoring tools to identify suspicious activity, highlighting how many businesses are unaware of the attacks and breaches they are facing. The report also found that 17% of businesses in the UK, do not have up-to-date anti-virus software. These statistics highlight the threat that many businesses are not prepared to deal with the ever-present threat of cyber attacks. The bottom line is that cyber attacks directly affect a business's growth. In this blog post, we will highlight the impact of cyber attacks on UK businesses and share practical advice on how your business can take steps to prevent cyber attacks from occurring. Let's get started. Impact of Cyber Attacks on UK Businesses According to the National Cyber Security Centre, hundreds of businesses and organisations in the UK reported cyber incidents in 2022. Several dozen of these were deemed significant enough to require a national-level response. These incidents included various malicious cyber activities including ransomware, malware, reconnaissance, disruption of systems and services, data exfiltration, and network intrusions. Efforts to defraud UK businesses have a direct impact on their growth. Recent data indicated that the cost of a data breach in the UK is on the rise, jumping 8.1%. At more than £4.5 million, the average total cost of a data breach in the UK is the fourth-highest in the world, higher than countries such as Germany, Japan, and France. The majority of UK businesses who have experienced a data breach say that they have experienced more than one. There are many reasons for the recurrence of breaches. These include employees without adequate cybersecurity training, unpatched vulnerabilities in a company's network, and human error. How to Avoid Cyber Attacks While the threat of cyber attacks is very real in the UK, the good news is that there are many steps businesses can take to reduce the likelihood they will be affected. Let's take a closer look at some of these. Partner With an Expert As a business, you shouldn't have to face up to the threat of cyber attacks alone. Here at SYTECH, we are digital forensic experts, helping businesses to recover, analyse, and investigate detailed files, internet history, hidden files, and more. We offer a range of services to UK businesses. For example, our computer forensic experts are here to investigate your computer data, recovering and examining digital data. As your dependable digital forensics support, we also offer mobile phone forensics and specialist forensics. We are also available to act as your expert witness in court cases.  Ensure Your Systems and Software Are Updated Cyber attacks often occur because a business's security software and systems are outdated, which results in vulnerabilities being exposed. Cybercriminals and hackers are therefore able to take advantage. We recommend that businesses in the UK invest in a patch management system. This system keeps track of all system and software upgrades, which ensures that a business's systems are up-to-date and secure. Set Up a Firewall A firewall, in computing, refers to a network security system. This system monitors and controls both incoming and outgoing network traffic based on predetermined security rules. Effectively, it establishes a barrier between an untrusted network and a trusted network. If your business doesn't already have a firewall, it's important to set one up. This is one of the most efficient strategies a business can take to protect itself. Any brute force assaults on your business's systems or network will be blocked before any significant harm can be caused. Make a Backup of Your Data Data backups are a critical aspect of data security. There are many good reasons for this, including because preventive measures don't always work. Many businesses who end up losing their data are simply unable to recover from the impact and end up closing down.  Therefore, we recommend that you always have your business data backed up in the case of a disaster, such as a cyber attack. This will help to avoid a significant slowdown and the loss of important information and data. Keep Track of Who Has System Access In addition to cyber attacks, physical attacks on computers are also possible. Therefore, it's important to have control over who has access to your network. For example, it is possible that a person may enter your place of business and insert a USB key with infected data into a computer, resulting in them infecting your network or giving them access. It's a good idea to install a perimeter security system. This is a way to prevent break-ins and cybercrime. We also recommend that employees use separate passwords for each program they use and change them frequently. This will help keep your business safe from both internal and external threats. How to Avoid Being a Victim of a Business Cyber Attack As this blog post highlights, the risk of cyber attacks in the UK is very real. Cyber attacks pose a serious threat to a business's growth. The above information and steps will help your business protect itself and reduce the risk of a damaging cyber attack. SYTECH are leading experts in recovering, analysing, and investigating cyber security issues for UK businesses. We offer unrivalled experience and expertise. If you would like to learn more about how we can help your business, please don't hesitate to reach out to our team.  

Read More
12 Days of Christmas: Our Top 12 Tips for Giving Courtroom Testimony

12 Days of Christmas: Our Top 12 Tips for Giving Courtroom Testimony

27 Dec 2022 Blog

The truth is in your hands! More than one million cases were held in magistrates' courts in 2020 alone. Many of these cases involved expert witnesses who explained difficult concepts for jurors and magistrates.  Your testimony can be the difference between acquittal and conviction. For you to make the most effective courtroom testimony and to ensure that justice is served, you need to follow a few steps.  How should you behave in court? How can you answer questions and give accurate information? What should you never do while you are testifying? Answer these questions and you can perfectly fulfil your responsibilities as an expert witness. So, here are 12 essential tips for testifying in court. 1. Review Courtroom Etiquette Even if you are familiar with testifying in court, you should study courtroom etiquette before your testimony. It never hurts to have a helpful refresher. Try to sit in on a hearing that your judge or magistrate is running so you can understand how they conduct themselves in the courtroom. Take notes on what types of answers they like, and what they don’t. Read a guide on what to expect coming to a court so you're fully prepared. You can also ask for tips for testifying from a judge not involved in your case if you would like extra reassurance.  2. Understand Your Legal Rights and Limitations As an expert witness, you cannot offer your own opinion and claim it is fact. You must base your testimony on science that is generally well-accepted, and you must explain your methods and thought process during your testimony.  You should talk to a barrister or solicitor so you know what answers you can and can’t give. If you're nervous about violating the law or courtroom procedures, hire an expert witness preparation coach to train you.  3. Study the Case Gather as much information about the case as possible. Understand how your testimony will elucidate a confusing point or procedure. Document your own process of researching the case, the surrounding issues, and consider taking written notes you can introduce as evidence in the trial. 4. Dress Properly You should wear formal attire before going to court. Wear full sleeves, comb your hair, and trim any facial hair. You can wear a coat if you're feeling cold, but select one that will not clash with the rest of your outfit. 5. Take the Responsibility of Testifying Seriously Being asked to testify as an expert witness is a serious responsibility. Avoid saying anything about the case to anyone besides your lawyer.  If you feel you cannot give your testimony due to a conflict of interest or another shortcoming, tell the judge as soon as possible. You can be excused if you have a valid legal reason. Testifying while you have a conflict of interest can lead to a retrial or a delay. 6. Be Clear Your testimony will be useless if the judge or jury cannot understand what you are talking about. Use simple language and keep your sentences as short as possible. Do not talk over anyone, especially when someone is objecting to a question. Be as specific as possible with your answers. If you are answering a multi-part question, mention what part you are addressing before you give your answer. If you need to qualify your remarks, make the qualification and explain the factors that can affect your answer.  7. Use Your Own Words You can ask a legal professional for help and get expert witness training for yourself. But you should not answer questions based on what you remember from your conversations with others. You should always phrase your answers as you would phrase them in natural conversation.  Do not nod or shake your head to a question. You should speak aloud and make your thoughts known so everyone can understand what you are saying. 8. Take a Moment to Think You do not have to answer a question as soon as it is asked of you. Take a few seconds to think about what the best answer is and how you can phrase it properly. There is no rush in the courtroom.  Take a deep breath so you are calm and not rushing to speak. You can also take a sip of water if you're feeling thirsty or dry. This will help you with providing a clear and concise answer.  9. Answer Questions Directly You may be asked uncomfortable or difficult questions. Do not get emotional, and do not dodge the question you are asked. Give the most honest answer you can and ask for clarification if something seems confusing.  10. Never Volunteer Information Do not meander while you are answering a question. Stay on the subject and stop talking once you've stated everything that you think is helpful. Do not talk about a different subject, even if you think it would be helpful. 11. Do Not Exaggerate  Exaggerating or overstating your conclusions can hurt your credibility and cause you to contradict yourself. If you are not sure of something, say that you are not sure. If you think a lawyer is twisting your words or exaggerating your position, mention that when you are answering a question. 12. Be Positive Though you should avoid exaggerating, you should also put as much authority into your answers as possible. Avoid saying "I think" or "I guess." Bring up statistics, scientific theories, and processes that corroborate your perspective, and refer to other facts brought up in the trial if you can.  Deliver a Strong Courtroom Testimony Before you deliver a courtroom testimony, you need to take some preparations. Study the case, talk to a legal professional, and get training so you deliver clear answers. Before you answer any question, think it through so you are using your own words.  Never make guesses, exaggerate your information, or avoid answering questions. Give the full extent of your knowledge and acknowledge your limitations.  If these tips are hard to grasp, you should get courtroom testimony preparation. Sytech Consultants helps businesspeople and professionals prepare for giving testimonies. Contact us today.

Read More
Nightmare Before Christmas: Make Sure Your Clients Data Is Protected This Festive Period

Nightmare Before Christmas: Make Sure Your Clients Data Is Protected This Festive Period

22 Dec 2022 Blog

You could argue that the most overlooked essential business expense is cybersecurity. With attacks occurring every 39 seconds in the US alone, it's important that we enter the new year with greater protection. No matter what our plans are for the holidays, you still need to ensure your data is protected. Let's talk about data protection over Christmas break. Why Are Attacks a Concern Right Now? Cyberattacks are always a concern, but did you know the holidays are the most common time of the year for data breaches? Cyberattacks surge during the holiday season every year, and small and medium-sized businesses are the prime target. So, why is that? Small and mid-sized businesses are the most common targets for one simple reason; they're the perfect fit for attacks. Think about it. If you were a cybercriminal, you wouldn't want to waste your time attacking random strangers' personal accounts and hoping for the best. They may not have anything worth stealing. Conversely, attacking a large company like Apple or the US government would have the highest potential reward, but the most security. This puts small and medium-sized enterprises in the "sweet spot" for attacks. So, the only question is why the holiday season is such a busy time for attackers. While there are many potential reasons, the holidays are usually a golden opportunity for attackers with an increase in remote employees, a decrease in IT monitoring, extended server vulnerabilities, and more frequent transactions. On top of that, many people are also more desperate around the holidays, making them more willing to commit crimes to make ends meet. This could result from shorter work hours, large family gatherings, unpaid time off, and more. All of this makes the holiday season a perfect time for cybercrime. This is especially true for businesses that see an increase in sales this season, as that leaves more transactions to exploit. How to Make Sure Your Data Is Protected Remember that 60% of businesses fail within six months after a cyber attack. You don't want to risk having to tell your customers and staff about a data breach, as this could devastate your business. Here's how to protect data over the holidays! Use a VPN If you have employees traveling or working remotely during the holiday season, consider using a virtual private network or VPN. This is especially important on company devices. One compromised smartphone can destroy a business. Moreover, this will ensure that your employees aren't using too many variables in network security, which can prevent hackers from breaching your systems. Secure Your File Sharing Your file-sharing is another critical aspect, especially if some employees are remote. Data is most vulnerable during transport, so use a cloud-based system with two-factor authentication for the best results. It's the easiest and safest way for employees to access and share files from anywhere. Meet With Staff Sit down with your staff and talk about the rising cyber threats during the holidays. You can have all of the security knowledge in the world, but it won't matter if your staff doesn't know how to keep your data safe. Talk to them about best practices, encourage them to change passwords, and most importantly, teach them about phishing scams. Phishing, and other social engineering attacks, are when attackers use psychological manipulation to achieve a specific end goal. No matter who you are, you can fall victim to one of these. We all know not to send the "prince" who's "stuck" our life savings, but with the rise of deep-fake technology and sophisticated scamming techniques, employees may truly believe that a coworker is asking for something reasonable. If they don't have the training to recognize the right flags and to report suspicious behavior, then your data is vulnerable to scams. These conversations should include where to report potential threats, how to respond, and general best practices for protecting data. If you plan to use any new software (anti-malware, file sharing, etc.), make sure staff become familiar with it before working remotely. Test Your Network If you're concerned about the security standards of your system, you can always try penetration testing. This will determine how secure your network is from potential hackers and help you close potential doors for them to enter. Scan For Viruses Christmas is the perfect time for antimalware scans. You should do these at least once a week across all of your devices. You can pick up malware from any site online, any file in your inbox, or really anywhere. The only way to find out is to scan and remove potential malware before it becomes too big of a problem to manage. Get the Right Help Again, one of the major concerns is a lack of IT staff and system monitoring. If that's the case for your organization, you need to find protection as soon as possible. With the right help, you can see how your systems hold up to penetration testing. From there, cybersecurity experts can prescribe the right monitoring and response plan for your needs, as well as a detailed security strategy. Check out our cyber services to learn more! Stay Secure Now that you know how to ensure your data is protected this holiday season, put these tips to use right away. The longer you wait, the longer you remain at risk of disaster. Stay up to date with our latest cybersecurity tips, and don't hesitate to contact us with any questions or for help with your security needs!  

Read More
The Grinch Who Stole Christmas: 6 Things You Need To Do If You Suspect Someone Stole Your Customers Data

The Grinch Who Stole Christmas: 6 Things You Need To Do If You Suspect Someone Stole Your Customers Data

20 Dec 2022 Blog

The Christmas period is a perfect time to perform a cyber-attack on your IT environment. Darktrace reported a 30 percent increase in the average number of ransomware attacks over the holiday period compared to the monthly average. Therefore, it’s vital you stay extra vigilant during this period. But what should you do if you suspect someone has stolen your customers' data? Step 1 – Communication: If you suspect you have had customers data stolen, the first step is to make sure the relevant parties are informed within your business. This may include your IT Manager, Senior Managers, Data Protection Officer and Security Operations Centre.  Depending on the extent of the breach, you will have 72 hours from identifying the breach, to report it to the Information Commissioner Office (ICO). A full investigation is not expected within this time frame,  they will allow you to provide information in phases. It’s important at this stage to make sure a log is kept of all actions taken so that they can be included within the report.  Step 2 – Containment: To prevent the attack from spreading further into your network, the immediate action will be to contain the incident by isolating compromised devices from your network. This may also involve isolating entire parts to your network if a particular office or department is affected.  Step 3 – Investigation and Removal Of Threats: Now that the affected devices have been contained, you will need to have the devices examined to determine the extent of the attack including:  What data has been stolen? If the attacker can still access your IT network? How was the attacker able to gain access?  Any threats that could allow the attacker to regain access to your network will then be removed.  We know that time is of the essence in these situations. By choosing SYTECH, you will get undivided attention and focus with the best customer care from the moment you first contact us, until the incident is fully resolved. Step 4 – Submit A Report: Once the investigation is completed and depending on the results, you will need to submit a full report to the ICO. Not all incidents need to be reported though. You can use the self-assessment tool on the ICO website to see if a report is required.  Step 5 – Recovery: Now that the investigation has concluded, you can now start the recovery process to restore functionality to your business. Ideally, you will have backups of your data which will allow you to carry on where you left off. Once you have your systems back online, you should test and monitor each device to ensure there is still no threat.  Step 6 – Security Improvements: The final step is to review the incident, so that you can apply additional security to prevent a similar incident in the future. This can involve: Installing security patches Physical security improvements Changing passwords Staff awareness training Install monitoring software Although your IT environment is now secure, threats are ever evolving. Once improvements have been made to your systems, it is vital to continue monitoring for threats and making an effort to constantly improve your security and keeping staff aware of the dangers. 

Read More
The Evolution of Vehicle Forensics

The Evolution of Vehicle Forensics

14 Sep 2020 Blog

  The Evolution of Vehicle Forensics by Matthew J Parkinson BSc (Hons), Laboratory Manager (SYTECH Digital Forensics)  Credit: Matthew G McKay MComp (Hons) IntroductionIn this day and age, technology surrounds our everyday lives, whether it be at home watching the Smart TV, at the gym using a Smart Watch or in the car using a Sat-Nav, society thrives on it. At the center of this ever-growing, fast paced industry, is the Mobile Phone.Mobile Phones are leading the way in technological advancements with many new technologies exploiting the phone’s connectivity and capabilities, since a mobile phone is generally with the user, it is the perfect hub for all of our digital needs. This has led to a growing interest in the “Internet of Things” and the idea of a “Smart Home” which allows different aspects of your home to be autonomous or controlled via a Mobile Phone. This growth of the idea of everything being connected has now extended into vehicles, altering the way vehicle technology is implemented.Since 1930, when the first stereo was implemented within a car, until not so long ago, car technology has been stagnating with not many changes away from the original idea. Recently, car technology has started catching up to the 21st Century with the buyer’s expectation increasing, and expecting; Bluetooth, Touch Screens and DAB radio as standard. With the implementation of the aforementioned features comes concerns over what data the car will store.Currently, Vehicle Forensics involves the investigation of a bespoke system with limited research available and manufacturers restricting information to assist.We believe the future of Vehicle Forensics will revolve around a Mobile Phone, eliminating past issues and forensic limitations.Predicting the direction in which technology will flow towards is important for any digital forensics company and here at SYTECH Digital Forensics it’s no different. At SYTECH, we endeavour to maintain a strong arm in research and development in order to stay up-to-date with “bleeding edge” technology, this innovative characteristic of the company is vital in order to maintain a well-established advantage in the digital forensic age.This article explores the marriage of two industries, mobile devices and vehicle technology, and how they will change Vehicle Forensics for the better.The Evolution of Vehicle Technology HistoryIn the past, Vehicle Technology was confined to the car radio, with the only improvements relating to different ways of storing and accessing music, this originally came in the form of a tape (cassette) which was then followed by CD’s. The first stage of device connectivity to a car was an Auxiliary Port (AUX) which was implemented by vehicle manufacturers. This enabled a user to play music from a personal device.After this, Car manufacturers started developing Vehicle Infotainment Systems, which generally used a touch-screen with bespoke hardware and software. These systems displayed a visual interface of what was once analogue and included features such as programmable radio stations and basic manufacturer- supplied satellite navigation. This system was quickly outdated as the process of updating the system’s software was inconvenient and not undertaken by the majority of the users. This process involved getting the software from the manufacturer, commonly in the form of a CD / DVD. This led the car manufacturers to look for other means of keeping the system up-to-date.Current Society’s heavy reliance on Mobile Phones and their idea of being connected at all times has led to vehicles needing to implement a strong link to take advantage of these devices. This started out as the connection to a phone being possible via Bluetooth or Physical connection. This allowed the user to play music stored on their mobile phone, download their phonebook onto the in-car system and make and receive phone calls hands-free. This was achieved by the phone sharing its data with the in-car system that displayed the music, phonebook and call information in its native format. At this stage, the connectivity of the phone and vehicle infotainment system was useful but still restrictive with the users still having to rely on limited functionality and basic software provided by the vehicle manufacturer. This often included a native satellite navigation system that was both expensive and difficult to update leading to maps becoming erroneous. Due to the issues of the in-car system, many technology companies started looking for a solution. Overlooking these issues, there is a strong foundation for an efficient, connected and up-to-date eco-system to build upon, with the already present Bluetooth and USB connections, Touch Screen display and microphones placed for hands-free control. The in-car technology market is at a very pivotal point right now with two well-established companies introducing the following standards: Apple CarPlay Apple CarPlay is a development from Apple which was released in 2014 as “iOS in the Car” but rebranded to CarPlay, it allows the user to connect their iPhone to the in-car display through a USB or Bluetooth connection. The display will then show a refined version of the iPhone’s display with all the applications and notifications the user will need whilst in the car. As standard these applications are; Apple Maps, Phone, Messages and Music. The user will then have the option to include additional third-party apps that are compatible with CarPlay and accepted by Apple, these include music streaming, navigation, radio, communication and many other genres of apps. Currently, application development is in its infancy but will grow as the technology is standardised across the vehicle manufacturing range. The user can control CarPlay using their voice, touch or in-car controls. The voice control will use the already established voice recognition software built into most Apple products called Siri, this can be activated from the steering wheel or saying the words “Hey Siri”. After activating this voice control the user is able to control all the supported applications, as well as perform internet searches. Siri can also answer many different queries from the user for example “How long will it take to get home?” and “Play a song by Bon Jovi”, both useful if stuck in traffic. The touch controls will be utilised on the in-car screen where the current activity will be displayed. CarPlay will integrate and operate with the vehicle’s in-car controls such as steering wheel buttons and dashboard dials. Apple CarPlay requires a compatible Infotainment System and an iPhone 5 or later running Apple’s mobile device operating system, iOS 7.1 or above. Android Auto Android Auto was developed and released by Google in 2015, it allows the Android operating system to be displayed on an in-car infotainment system. Android Auto requires a Physical and Bluetooth connection which enables the device to display notifications, sync contact information and make and receive calls. Android Auto is built around Google Maps, Google Now and the ability to talk to Google and also has a growing audio and messaging app eco-system. Android Auto requires an application to be installed on the Mobile Phone to allow the connection to the in-car system, this is downloaded from the Google Play store. Android Auto displays five option panels to the user: Navigation, Phone function, Information, Music & Media and Car diagnostics information. The Navigation pane will present the user with a polished version of Google Maps, this will include a voice controlled search function, live traffic information and turn-by-turn directions. The Phone function pane will allow the user to receive and make calls as well as dictating SMS messages. The Information pane will allow the user to conduct internet searches, using Google, with their voice. The Music & Media pane will contain all the entertainment apps which include Spotify, Pocket Casts and Google Play Music. The Car diagnostics pane will show the car’s various statistics. In a similar fashion to Apple, Google will monitor and control the applications that will be compatible with Android Auto to keep driver-safety measures at the forefront of their vision. Android Auto requires a compatible vehicle infotainment system and can be used with mobile devices running Android operating system, version 5.0, also known as “Lollipop”, or higher. Similar Technologies Technologies similar to both Apple CarPlay and Android Auto include, MirrorLink, a research project by Nokia, created to integrate a smart phone and a car’s infotainment system. Some vehicle manufacturers have native systems for syncing the car with smartphones but Android Auto and Apple CarPlay will have many benefits over the competition, this is due to the link to the user’s mobile phone. This link provides the user with the already present functionality, applications and personal data that the phone possesses to use with the in-car system. Another technology that has features that compliment both Apple CarPlay and Android Auto is “OnStar”. This is being introduced to many new vehicles across the UK, with Vauxhall being the first to include this service across the range. “OnStar” provides direct communication to an advisor who can assist with tasks such as Navigation, security and various other features. Along with this, “OnStar” also brings other useful technologies to the vehicle system which include WiFi, sensor access, automated emergency response and limited app control such as unlocking your car using an app on your mobile phone. An analogy for these technologies is a set top box and a TV: - The set top box is the Mobile Phone - The TV is the Car Display The TV alone has limited functionality but the connection of a set top box allows further capabilities o be added and displayed on the TV. Data Created The implementation of all this new technology brings a new perspective on the way we use our cars, resulting in different data being collected about its user. In the past, vehicles have been a gold mine of data but forensic barriers including bespoke systems and unsupported hardware meant that vehicles were being overlooked, although potentially imperative to an investigation. The introduction of new in-car systems means the Mobile Phone will become the hub of all the data thus allowing a clear cut method in obtaining the data without the previous complications, meaning Vehicle Forensics will become Mobile Forensics. Vehicle & Mobile Forensics The merging together of Mobile & Vehicle Forensics will result in the main extraction method of vehicle data becoming the analysis of Mobile Phones that have been connected to the vehicle in question. This will bring simplicity and speed to these investigations, as Mobile Forensics has a strong foundation with industry-recognised tools, a Mobile Phone is easier to store and work with and the fact that two avenues of data can be analysed as one. Along with data that is already recovered from a Mobile Phone examination, data from the connection to the in-car system through Apple CarPlay or Android Auto will also be included, this will show the user’s activity whilst in the car. Applications running through Android Auto and Apple CarPlay from the connected phone will create the majority of the data. The types of applications currently available and future considerations are as follows: Location-based Applications - Location-based applications are predominately satellite navigation apps such as Apple Maps and Google Maps. Siri and Google Now both use the user’s location to narrow down the scope of a user’s requests such as nearby petrol stations and restaurants. These applications will create location data which is very useful in pin-pointing the user’s movements and location, potentially providing important evidence for a case. Phone Applications - Phone applications will include the native Phone app and various other third-party apps, these allow contacts to be saved and the making and receiving of calls over GSM or an internet-based network e.g. Skype and FaceTime Audio. These applications will create call logs which will provide the user’s communication activity, which is useful evidence in a case. Messaging Applications - Messaging applications will include the native Messaging application, Email and various third-party apps, these allow for messages to be sent over GSM or an internet-based network, e.g. iMessage, WhatsApp and Kik. These applications will create chat logs which could be used for evidence of communication between two or more parties. Music & Audio Applications - Music & Audio applications will include the native Audio application as well as many music streaming options such as Spotify and Deezer. Other types of Music & Audio applications will include Audiobooks, Podcasts and News apps. These applications can show user activity and they have potential to compliment evidence in a case. Voice Control - Voice Control applications will utilise the user’s voice to control various aspects of the in-car system, this will be achieved through the native voice recognition software from the Mobile Phone, e.g. Siri and Google Now. This software brings functionality that is easy to control whilst maintaining driver safety, this functionality includes: o Internet Searches o Voice Dialling, e.g. “Call George” o SMS dictation, e.g. “Message Stuart” o Updating social media feeds, e.g. Facebook and Twitter o Location queries, e.g. Where’s the nearest petrol station? o Various other requests, e.g. Music, Time, Weather, Sport - These activities will amass valuable data that can be used in many types of investigations. Car Diagnostics Applications - This area of Apple CarPlay and Android Auto haslimited support but we believe it will become useful and increasingly popular as car manufacturers implement this. Car Diagnostic applications will show the user many statistics about the vehicle, for example, fuel level, service reminders, crash information and speed warnings, all of which could be of beneficial use within a case. All of these different types of applications and the various data that they store will need extracting to be used in a forensic investigation. Since the data is stored upon the Mobile Phone, the extraction will be performed in exactly the same manner in which a normal Mobile Phone examination will be completed. This involves various stages that takes it from the extraction of raw data, the analysis and finally production of an expert witness statement. Extraction The three common extraction types are: - Physical – this will recover both live and deleted data - File System - this will recover both live and deleted data depending on the phone - Logical - this will recover live data. There are also five advanced forensic techniques that assist in completing the extraction of the Mobile Phone which are as follows: - JTAG / Flasher Box examinations - Advanced iOS PIN Decryption (iOS 7, iOS 8 and working towards an iOS 9 exploit) - Advanced Chip-Off Examination - In-System Programming (ISP) - Custom Recoveries All of which SYTECH Digital Forensics can provide. After the data has been successfully extracted using one or many of the aforementioned techniques it will then be analysed Analysis Analysis involves parsing the raw data to present it in an understandable format including different data types such as SMS messages, Search History and other valuable evidence recovered from the Mobile Phone. Prior to a full investigation and further in-depth testing of both Apple CarPlay and Android Auto we are unable to say how the data, that is created from both, is stored on the Mobile Phone. We do however believe the following: - Apple CarPlay - The data created whilst using Apple CarPlay will not contain any indication that the data was created via this, resulting in Mobile Phone and in-car data being analysed as one. - Android Auto – Taking into consideration that Android Auto requires an application to be installed on the Mobile Phone for a connection to the vehicle, we believe that the data will be sent through this application thus making it identifiable as in-car data. However, as all of the data is stored on the Mobile Phone, it will still be analysed as one. The analysis carried out will depend on the type of case we are dealing with, as previously mentioned it may not be easy to differentiate in-car and mobile data, causing issues with cases that only involve in-car data. However, if we need to find out if the suspect has contacted a certain person, we will be able to analyse the communication data whether or not it has been created whilst connected to Apple CarPlay/ Android Auto. Below are examples of cases that data from cars and mobiles can be used as one: - Robbery – We may use the data from the Sat Nav application to see the details of a journey, as well as calls to accomplices and internet searches, all of which could be created whilst the phone was connected to the car. - Grooming – Messages of a grooming nature may have been sent whilst the phone was connected to the car through voice dictation. - IIOC offenses – The user could use voice dictation whilst their phone is connected to the vehicle to search for, and/or view Indecent Images of Children. - Drug Offenses – Activity of intent to supply or the purchase of illegal drugs could be created whilst the user’s device is connected to the car, for example SMS messages or call history. - Person of interest – The device’s Music & Audio may be used to assist in a case where very limitedevidence is available, for example the user’s music or audiobook preference may help identify the device’s user. - Murder – Activity that could be used as evidence in a murder case may be created upon the Mobile Phone whilst connected to the in-car system. This includes location, communication and many other types of data. Future Considerations Many vehicle manufacturers will be implementing Apple CarPlay and Android Auto compatibility into their new build models, for example Ford, who have said they will be adding support for both platforms to all 2017 models. The availability and support of both platforms will increase significantly over the coming years, this will lead to more applications being developed, adding more functionality to the in-car system, this will in turn create more data that can be forensically extracted, analysed and used for a digital forensic investigation. SYTECH Digital Forensics In conclusion, Mobile Phone forensics is going to take over Vehicle Forensics and being one of the leading companies in the UK dealing with Mobile Forensics, SYTECH will in turn become leading experts in Vehicle Forensics. Our already successful advanced forensic techniques will play a key role in the future of Vehicle Forensics. - SYTECH Digital Forensics can conduct In-House Advanced Chip-off examinations - SYTECH also offers Advanced iOS PIN Decryption.

Read More
Assisting Investigations - Cell-Site Analysis

Assisting Investigations - Cell-Site Analysis

10 Jun 2020 Blog

Cell-Site Analysis is an investigative technique which is commonly performed to determine the location and movements of a mobile phone. This is possible through the communication a cellular capable device (such as a mobile phone) has with its network provider. To expand, whenever a mobile phone is powered on, it will begin relaying signals between the phone and the surrounding ‘network equipment’ (fixed-place antennas commonly referred to as ‘cells’). If the mobile phone has a registered SIM card attached to it, the corresponding network operator for the SIM will allow the mobile phone to ‘route’ communications through these ‘cells’. It is the intention of the network operators to provide coverage to all of its subscribers; because of this, these cells surround us at almost all times so subscribers can use their mobile phones to perform ‘call-events’ such as voice calls, text messages and accessing internet-based services. When a mobile phone generates a call-event (whether incoming or outgoing), the cell which provides the ‘best’ service at that particular time is used to handle that event. When this happens, the network will record the various details of the call-event which includes (but is not limited to): Date and time Type of call-event Third-party telephone numbers Cell-site information (such as its cell ID, location and orientation) This information is stored within the mobile phones ‘Call Data Record’ (CDR) which in turn provides the analyst with a list of a mobile phones historical connections to cell-sites. These CDRs are then analysed and cross referenced against external measurements, intelligence and evidential data to narrow the possible locations for a mobile phone whilst within the coverage area of the utilised cell-sites at specific times or within specific periods. The ‘external measurements’ referred to is data collected during Radio Frequency (RF) surveys which involves using specialist test equipment to monitor and measure the mobile phone network while tracking its own location using GPS. The resulting data can then be used to determine the service area of a particular cell. However, as cells are typically designed to provide service to areas, a cell could provide service to multiple locations within the defined area of a particular cell. Therefore, intelligence and evidential data in the form or witness sightings, significant events, data contained within the mobile phone and ‘alibis’ are considered to determine whether the call-event sequencing within the target phones CDR matches a timeline of purported events. When and where possible, these external factors should be considered as they potentially change the circumstances regarding the mobile phone in question. For instance: The defence may be told by the prosecution that the mobile phone they have attributed to the client used a cell which provides service to the location of a reported ‘drugs house’ almost every five days of a week for the past month. If it is the client’s case that he has no involvement with the reported drugs house, then counsel may advise an opposing expert to view the telecommunications evidence to review the Prosecutions materials while considering the client’s home and work addresses. After a review of the CDRs for the relevant mobile telephone the expert may determine that the call-event sequencing of the client’s mobile phone refutes the prosecutions claim that the mobile phone was located at the reported ‘drugs house’. As a further example, the cell-site activity may instead support an assertion that the mobile phone attributed to the client was merely following a pattern indicating travel to and from a reported ‘work’ address as the cell-site in question merely provided service along his typical working day commute and provided no indication of remaining in the area of the drugs house. Additionally, whilst Cell-Site evidence is commonly used to provide location and movement analysis, Cell-Site evidence can also be used to identify communication (or lack thereof) between individuals/groups to establish a connection to, or refute any association to, a larger criminal organisation. SYTECH has a proven history of being able to interpret Cell-Site evidence in a coherent manner to the Prosecution, Defence and ultimately, the members of the Court during trial proceedings.   Parvaz Khan Cell-Site Analyst (Sytech Digital Forensics) Email: cell-site@sytech-consultants.com

Read More

About Sytech

SYTECH is a trusted partner, specialising in providing expert analysis and reliable solutions for a wide range of consultative and investigative needs. With a dedicated team of seasoned professionals and a commitment to upholding ethical standards and impartiality. Our meticulous approach and proven track record across diverse industries make us the preferred partner for navigating complex digital challenges with confidence and integrity.

Sign Up to Our Newsletter