So …. are you still using USB storage devices ?

 

This was a question my friend asked me last week as it turned out his company suddenly wanted to block them from being used and he could not understand why and was in fact rather annoyed. After I had sat down and explained to him the risks of USB devices, I thought this would make a great post for the blog

What are USB storage devices?

They can range from a flash drive to a hard drive in a box, this post will concentrate on the small flash drives but equally applies to the other devices .

Flash drives have become so popular because they use little power, have no fragile moving parts are small, light and cheap. Data stored on flash drives is impervious to mechanical shock, magnetic fields, scratches and dust. These properties make them great for transporting data from place to place and keeping the data readily at hand.

I remember when the first flash drives were just 8 MB  but they have since massively increased to 516 GB or even 1 TB. A 64 GB for example already holds a massive amount of information (Examples can be seen here https://www.ebay.co.uk/gds/What-Size-USB-Flash-Drive-Should-You-Buy-/10000000177330128/g.html)

So what risks ?

These devices as mentioned are small and can contain a vast amount of data, so look out for the following risks

They can easily be lost or stolen which can lead to an accidental of data

They can be used by malicious insiders at a company to easily extract a large amount of confidential company information.

They can bypass most of the network security controls (such as the firewall, proxy, mail security gateway etc)  and accidentally (or maliciously) introduce malware onto your computer. This is particularly relevant if a USB device is shared between work devices and home (which probably has far less security than at work)

 

The first risk applies to everyone from home user to a company employee. Using an encrypted USB device will help if the device is lost (as long as you have used a strong password .. more on this in a future post)

I usually advise a company that does not want to block USB devices to at least only allow approved company encrypted devices to be plugged into a device and to block any other makes of USB devices.

Blocking USB devices is the best and most cost-effective way to stop company data loss via these devices. They also give an additional benefit of preventing the  third risk of introducing malware

One question I get from company bosses is the third risk does not really apply to their company as they have anti-virus. It may come as some surprise to you that anti-virus is not 100% effective and does not always pick up the latest malware. (http://www.slate.com/articles/technology/future_tense/2017/02/why_you_can_t_depend_on_antivirus_software_anymore.html)

My recommendations

If you are a company ..block the devices and use a cloud business service (OneDrive, Dropbox, Google Drive)  to store company data (more on this in a later post). Allow only a few exceptions which must use a company approved and monitored device

For home use, by all means, use an encrypted USB device but be aware it can be lost so make sure that you have a backup of your data elsewhere.

Online counterfeiting – part 2

This post follows on from part one which is here

 

 

Your company has realized that actually online counterfeiting is an issue, so what next  ? Well the next step could be go and grab some data and see how large or small the problem actually is.

Getting the data

Let’s take a scenario ..your company sells a product that is being counterfeited and sold online a global eCommerce site. You want to get a list of the sellers of the counterfeited goods to give to your legal team

Right so there are a couple of ways to do this

  • Get a human to sit down once a week, log on to the ecommerce site , search the site for your brands and copy and paste the results into say an excel file
  • Use an automated system to regularly do the above

The first option is going to work if you have the human resources or there are only a few sellers and adverts. However I would argue the second option works better if you have many sellers with many adverts, you do not need extra resources but it also has some extra benefits.

The automated system

First you need what is known as a web scraper. These come in many shapes and sizes from DIY programming  to ‘data as a service’ which is outsourced web scraping from which data is delivered to you. There are a number potential issues to be aware of running a web scraper in-house which we will go into in a later article.Whatever type of web scraper  you take it should be easy to automatically schedule daily or weekly to search for the latest adverts.

Before we move to the next part there are a couple of things to highlight. The web scraper compared to a human has the ability to scale across many sites and eCommerce platforms and collect the data in an organised format. 

Next you need is somewhere to store these results. It could be an excel sheet that you send somewhere in your company each week but I would suggest something a little smarter .. data analysis

Data Analysis

Essentially all this means is put your data into a database and run analytics across the data. This has many advantages , some of which are listed below

  • You keep all the historical stuff. You can get a timeline of when a particular seller is putting adverts online. Are they regularly putting up adverts or are they waiting for a particular high season , or were they just a one off seller
  • You can see hotspots of adverts. Is a particular time of the year more important than another
  • Who are you top sellers of counterfeiters ? These may be the ones to send to Legal as high priority
  • You easily get metrics over the full amount of data in the database . How many counterfeits were taken off the market this year ?
  • Collect intelligence for identifying sellers. Are counterfeited being products sold a certain percentage lower than the official price compared to say someone selling second –hand ?

All parts of the system could be out-sourced, in-sourced or a combination of the two. It just depends on the resources you have and of course budget 

The next post will look at how to build a system and the potential costs 

Online counterfeiting – Part 1

Most of my work is in the cybersecurity field but I have been recently brought into more and more projects involving online counterfeiting

What is online counterfeiting?

Almost anything can be counterfeited and the internet provides a great way for the counterfeiters to get a global market. Online selling has been incredibly successful for a number of legitimate companies so it will come as no surprise this is the same for counterfeiters

Mostly you hear about the high end luxury brands having the biggest problems, but there are in fact there are many more lucrative markets such as medicines and chemical products which could potentially harm human health.

How big a problem is it ?

It will come as no great surprise that counterfeiting is a vast, successful and global business which increasingly operates online.

An April 2016 report issued by the Organisation for Economic Cooperation and Development (OECD) and the EU Intellectual Property Office estimates in 2013 the value of counterfeited goods rose to $461 billion, or 2.5% of the value of global trade.

How do online counterfeiters operate ?

The main online counterfeiting industry business model is to set up fake sites usually on free hosting platforms (see for a list https://www.techradar.com/news/best-free-web-hosting-sites-of-2018)

If a brand owner asks for a takedown then it is very easy (and cost effective !) to set up a brand new fake site again.

I have noticed a number of counterfeiters use Ecommerce platforms such as ebay and Amazon to sell fake branded chemical products to consumers (e.g rodent, insect killer ) and in fact Apple claimed that 90 percent of genuine Apple products sold on e-commerce giant Amazon are counterfeit – leading them to sue Amazon supplier Mobile Star in October 2016

in a couple of projects the counterfeiters had compromised the online adverts delivery system to drive traffic away from the legitimate branded sites to the fake site and had quickly picked up expiring brand domains which the company had let expire

 A big change I have seen however is the move away from the sites concept above and to facilitate sales through social media, instant messaging tools (Telegram, Whatsapp and WeChat). In fact this blog receives a number of comments advertising suspected counterfetiting sites ( all blocked thanks to the antispam tools !! )

 

Next post will look at what can a company do about monitoring for counterfeiting of their products