By Stellamaris Ashinze
Lagos – Mr Chidi Obum, a Forensic Analyst, says the USB device is effective in harbouring stolen data from unsuspecting victims.
Obum spoke on: “The USB Trail: A case of anti-forensic and anti-forensic bitter romance’’ at the second NaijaSecCon annual conference in Lagos on Friday.
He said that some of the USB had been designed to access vital data on a computer system and stored without the knowledge of the owner.
“The USB device, due to its small physical size but very large storage size, can be very effective in harbouring stolen company trade secrets and sensitive information with same sold to competing organisations.’’
The expert said in certain organisations, insertion of USB mass storage devices was hugely disallowed.
He said that it stemmed from an attack point of view, where it could be used to transport compromised data unto the company systems, apart from stealing company data.
“In spite of such “no-USB” policies, threats from disgruntled employees utilising such devices are still rife.
“Therefore, unraveling the activities of insider threats (with respect to usage of USB Mass Storage devices) is needful,’’ he said.
Obum underscored the importance of USB forensics and highlighted the fact that the usage of USB devices on systems would leave footprints, which the normal user was not usually aware of.
“To the sophisticated attacker, the need to cover tracks will lead to employing anti-forensics methods to erase traces of USB usage on the system with the ultimate aim of frustrating the Forensics Analyst.
“Several tools have been churned out to enable anti-forensics activities, even to the deletion of USB usage traces from the registry but other tools exist that is capable of exposing such anti-forensics activities.
“The tools that will be used to simulate the attack anti-forensics and recovery anti-anti-forensics scenarios include USB Deview, USB Oblivion, Registry Explorer, Link Parser, AccessData Registry Viewer, AccessData FTK Imager, Windows Registry Editor and Windows Event Viewer,’’ Obum said.
The News Agency of Nigeria (NAN) reports that Nigeria Cybersecurity conference NaijaSecCon is Nigeria’s 100 per cent technical cyber security conference.
Naija SecCon 2018 had 49 attendees and 49 Catch-the-Flag (CTF) participants who will compete in a Cyber Security game.
Cybersecurity professionals from various industries including Financial Services, Insurance firms, Telecommunications, Oil and Gas, conglomerates, Tech Start-ups, Financial Technology (FinTech) companies, and Ministries, Department and Agencies (MDAs) of government attended the conference.
It is a technical cybersecurity conference is aimed at not just identifying talents, but bridging the gap between the techies and the corporate world. (NAN)