In our numerous interactions with the industry and our customers, one problem that we have found ever prevalent is the use of removable storage on company computers. Organizations are always vary of insiders stealing information on USB devices. Since mobile phones can also act as data carrying mechanisms, files can be taken from a company PC not just using a Pen Drive or an external disk storage, but by also connecting a phone using the USB cable and using the smartphone in MTP(Media Transfer) mode.
To solve this problem, we have spent months in developing a solution that we feel will put you at ease regarding data theft in your enterprise. USB Scout
USB Scout is a one of a kind software package that works in the background on a machine, silent observing and scouting for file exchanges that occur between the computer and any external medium. When a file is copied to a Pen Drive or a Smart phone, USB Scout records the activity and reports it to a central database that helps you to know all file movement in your organization via a Dashboard
You can also block USB usage on an endpoint using the dashboard and monitor all file exchanges
Once the sign-up process is complete, a download link and license key will be sent to you. A single license key can be installed in a maximum of 10 endpoints
The license confirmation email will also contain a username and password for you to login into https://scout.informantnetworks.com and manage your endpoints. All USB activity will also be shown to you once register all the endpoints and login into the personal dashboard provided to you
Since March 2017, Informant Networks has been noticing a combination of a cyber and physical social engineering attack at 3 different companies in the Udyambag Industrial Area in Belgaum. The modus operandi of the criminal group is to hijack email conversations between two businesses and intervene at the point at which financial transactions are supposed to take place.
The attack starts by compromising the email account of one of the two business entities that are normally known to do business, the attacker at this stage just observes the email exchanges between the representatives of the two companies being attacked, once the conversation has come to a finish or when matters of payments are being discussed, the attacker starts impersonating the receving party in the financial transaction and provides a new account number for the funds to be transferred.
The attackers here take advantage of previously established trust between the two companies and requests for payments to be done to a new account and not to the previous account which would be the account of the legitimate business.
Once the funds are transferred to the attackers account. the money is withdrawn almost immediately and all trails are cold. This combination of a cyber and physical attack is lethal since it takes advantage of a previously established trust.
In these situations it is advisable to reach out to a previously known contact over a previously used phone number and cross check for the correspondence by a new individual claiming to be from the same company.
This word brings excitement to some and worry to some. When people ask me what i think. I tend to have mixed responses. Although i like the idea of blockchain and the guarantees it provides. There is a lot of discussions around ethical use of bitcoin and where trust lies in the system.