Please help me understand computer hacking 'forensics'

Discussion in 'Security' started by theNEOone, Feb 15, 2013.

  1. theNEOone

    theNEOone Diamond Member

    Joined:
    Apr 22, 2001
    Messages:
    5,744
    Likes Received:
    3
    After reading the post of the FB hack and how the company 'does not believe that user data was compromised' I thought to myself, 'How do they know that to be true?'

    I'm sure this is not the right analogy (which is why I'm posting here) but if someone were to break into my house and take pictures of my belongings or my bank statements, how would I know? Likewise, if someone hacked FB data and simply took screenshots or some other kind of screen capture (or file copy), how would FB know?


    =|
     
  2. Loading...

    Similar Threads - understand computer hacking Forum Date
    Hack Brief: Intel Fixes a Critical Bug That Lingered for 7 Dang Years Security May 3, 2017
    Stop LinkedIn from stealing my contacts! Security Mar 30, 2017
    Inside the Russian hack of Yahoo: How they did it Security Mar 16, 2017
    got osiris hack .. 3bt to unlock.. any other way? Security Dec 27, 2016

  3. lxskllr

    lxskllr Lifer

    Joined:
    Nov 30, 2004
    Messages:
    46,321
    Likes Received:
    524
    Probably checking the logs to see what was accessed, and by who.
     
  4. unokitty

    unokitty Diamond Member

    Joined:
    Jan 5, 2012
    Messages:
    3,349
    Likes Received:
    0

    Five Comments

    One
    Note that FB's statement "does not believe that user data was compromised" is meaningless.

    Similar to the "There is no evidence that the compromised data has been used in a crime." which is another meaningless statement.

    Two
    All forensics, digital and physical, is based on Locard's exchange principle.

    Three
    The two major computer forensic vendors are Access Data and Encase. Access Data offers several certifications. You can find more information about them here. (Full disclosure, I've earned their ACE cert.)

    Some schools offer digital forensics training as do the vendors as do SANs and the EC Council. If you enjoy learning about systems, you might enjoy forensics.

    Four
    What Facebook can discover about the intruders depends on several factors including what ID or IPS controls that they had in place at the time of the intrusion as well as what happened to the compromised systems between the time of the compromise and the discovery of the compromise.

    Five
    If you want to read something now, you could download NIST's Computer Security Incident Handling Guide.

    Uno
     
  5. RompinRaider

    RompinRaider Junior Member

    Joined:
    Jan 5, 2013
    Messages:
    3
    Likes Received:
    0
    Thanks for the info.....good stuff!