Imagine your laptop gets stolen. Wouldn't it be great to remotely spy on the machine and get it back?
Clair Fleener, chief executive of IT outsourcer InertLogic, got that chance after a laptop belonging to a customer was stolen.
Fleener was instrumental in the investigation that led to the recovery of the laptop, monitoring the activities of the laptop user for two weeks using remote software and sharing the information with law enforcement in Omaha, Neb.
The story starts back in mid-May, right around Mother's Day, Fleener recounted this week. Someone broke into the car of an employee working for an InertLogic customer and stole the laptop, which had work and personal information on it.
Months went by before anyone realized that technology InertLogic uses to help manage equipment remotely was sitting on the laptop and could be flipped on to monitor it. The technology, from Kaseya, captures screenshots from remote machines and can be used to install keyloggers, as well as record audio and images from a Webcam.
Fleener relied only on the screenshots that were taken captured every 5 or 10 seconds to see what the user of the laptop was up to. Within a short time, he learned the name, address, and other sensitive information about the man using the laptop. (Fleener is careful not to accuse the individual of being the thief because there is no proof of that.)
The man visited Facebook, MySpace, and other social networks, according to Fleener. He used Google to search for auto parts and did queries on how to remove security tags from merchandise. He looked at porn and made pirate copies of DVDs, including "Harry Potter and the Half-Blood Prince." Every time the laptop went online, typically on weekend nights and never on Tuesday, Fleener and others got paged.
Benjamin Lavalley, a senior engineer at Kaseya, figured out that by looking at the nearby Wi-Fi access points and doing an online map search, they could try to find out the exact location of the laptop.
The list of Wi-Fi access points indicated that an AT&T store, a Burger King, and a Cubbies restaurant were all nearby. Lavalley searched Google Earth for a location with those merchants in close proximity and narrowed the location down to a spot about 20 miles away from where the laptop was stolen. A drive-by confirmed it--the laptop appeared to be in an automotive shop and gas station where the man using it happened to work.
This screen shot shows an AT&T store and a nearby Burger King on Google Earth, helping investigators pinpoint the location of the stolen laptop based on Wi-Fi networks available.
(Credit: InertLogic/Kaseya)On Wednesday night, about two weeks after the sleuthing began, sheriff's agents went to the auto shop and caught the man using the laptop.
"He had a cover story and it was pretty well thought out," Fleener said, explaining why no arrest was made. The man claimed he had bought the laptop from a customer of his for $500 and didn't know it was stolen. Despite losing the money, he handed the machine over with no objections, Fleener said.
"It's like every movie or TV program where there's a mystery involved," Fleener said of the investigation. "You find yourself getting involved in the story. It was very exciting."
Using a data backup program helps recover lost data but can also help get a stolen laptop back--if you're lucky.
A Berkeley, Calif., man recently recovered his stolen laptop after seeing photos the thief took of himself with the built-in camera via his Internet-based data backup program.
That's according to a police officer's article in an e-mail newsletter from Berkeley City Councilmember Susan Wengraf that was posted to the Web by open-source advocate Bruce Perens.
It all started on May 5, when the victim left his laptop in the back seat of his car (tsk tsk). Two hours later, the thief smashed the car window and grabbed the computer. It's not clear what else was done with the laptop, but the big break in the case came when the laptop owner later spotted the self-portrait photos of the thief on the storage service Web site.
Detectives working the case were shown the photos and recognized the man, who had been released from jail earlier in the year. They noticed that in the photos he appeared to be in a motel room and began trying to track down the IP address used by the laptop hoping that it would lead to the motel.
Before that could be accomplished, however, the detectives spotted the man getting into a car in a motel parking lot in Oakland and arrested him. In his car and the motel room they found the laptop along with stolen property from other auto burglaries.
Case solved.
A laptop's value is more than meets the eye. Intel says stolen laptops cost corporate owners more than $100,000 in some cases, in a study announced Wednesday.
The study on notebook security, commissioned by Intel and conducted by the Ponemon Institute, states that laptops lost or stolen in airports, taxis, and hotels around the world cost their corporate owners an average of $49,246 "reflecting the value of the enclosed data above the cost of the PC," Intel said.
Analyzing 138 instances of lost and stolen notebooks, the study based the $49,246 price tag on costs associated with replacement, detection, forensics, data breach, lost intellectual property, lost productivity, and legal, consulting and regulatory expenses, Intel said. Data breach alone represents 80 percent of the cost.
Who owns a missing notebook is important, Intel said. It is not the CEO's computer that is the most valued, but a director or manager, according to the study. A senior executive's notebook is valued at $28,449, while a director or manager's notebook is worth $60,781 and $61,040, respectively.
The average cost if the notebook is discovered missing the same day is $8,950, according to the study. After more than one week, this figure can reach as high as $115,849.
In addition to the obvious need for vigilance, countermeasures include encryption and data-deletion security services. The study found that data encryption makes the most significant difference in the average cost: a lost notebook with an encrypted hard-disk drive is valued at $37,443, compared with $56,165 for a nonencrypted version, the study says.
Intel Anti-Theft Technology is a "poison pill" solution programmed into the PC that can be triggered by internal detection mechanisms or by a remote server to lock a lost or stolen notebook, rendering it completely useless, according to Intel.
Updated at 7:55 a.m. PT on Wednesday to specify that the FBI cleared Mitnick of any wrongdoing in this event.
Since being released from prison eight years ago, Kevin Mitnick's brushes with the law have consisted of a few parking tickets and a citation for driving without a front license plate--that is, until he returned from a trip to Colombia two weeks ago.
(Credit:
Monty Brinton )
After landing at the Atlanta airport for a security conference, Mitnick was detained for four hours for reasons still not fully explained. To make matters worse, while customs officials in Atlanta were busy inspecting his cell phone, laptop, and luggage, police in Bogota were ripping open a package he had mailed to his U.S. address on suspicion that it contained cocaine.
The simultaneous incidents gave Mitnick deja vu of his days as a fugitive pursued by the FBI for breaking into computer networks, only this time, he hadn't broken any laws.
"There was uncertainty, fear, and panic because I didn't know what was going on, and I didn't do anything wrong," he said in a recent telephone interview with CNET News. "In my mind, I thought I was being set up for something."
Here's a rundown of what happened:
Mitnick's Delta Airlines plane landed in Atlanta on September 16 at around 3 p.m. He had flown in from Bogota, where he had gone to give a speech to the newspaper El Tiempo and to visit his girlfriend.
The first sign of trouble was when a U.S. customs agent swiped his passport through the computer system and started staring intently at the screen and typing. "Kevin," the agent said with a big smile on his face. "Guess what? There are some people downstairs who want to have a word with you, but don't worry. Everything will be OK."
... Read moreA laptop with information on prescreened travelers, which was reported stolen, has been found, and the incident may be relabeled the case of the misplaced laptop.
Late Monday, the Transportation Security Administration had announced that a laptop containing data on about 33,000 travelers who had applied for a national airport security fast-pass card was believed to have been stolen from a locked office at the San Francisco Airport in late July.
Early Tuesday, however, the computer was found in the same company office from which it was supposedly stolen on July 26, Allison Beer, senior vice president for corporate development for Verified Identity Pass, which runs the Clear screening program, told The San Francisco Chronicle. The computer, which held names, addresses, and birthdates for people applying to the program, was found in the same airport office but not in its previous location, the executive told the newspaper.
"Yes, it was sensitive privacy information, but not the stuff that was most sensitive," the executive told the paper, adding that a preliminary investigation showed that information was not compromised.
As a result of the investigation, new sign-ups for the program have been suspended. The program lets travelers pay to have the TSA verify their identities, allowing them access to special security lanes in airports to avoid lengthy security line waits.
Updated 1:30 p.m. PDT with laptop being found.
The perils to consumer privacy are getting greater day by day.
In a recent headlines, nearly 130 workers at UCLA Medical Center are accused of prying into the medical records of celebrities and other patients. One woman is even accused of selling information about Farrah Fawcett's cancer treatment to tabloids, according to the Los Angeles Times.
California Gov. Arnold Schwarzenegger, whose wife, Maria Shriver, is believed to have had her records snooped on at the hospital, has endorsed legislation that would impose penalties on hospitals and workers for patient privacy breaches.
The breach opens UCLA Medical Center up to lawsuits and government investigations related to alleged violations of the Health Insurance Portability and Accountability Act of 1996, which requires medical providers to safeguard the privacy of patients, said Brian Cleary, vice president of marketing at Aveksa, which provides access governance solutions to enterprises.
"UCLA has had this happen multiple times," but is not unique, he says. For instance, the passports of presidential candidates John McCain, Barack Obama, and Hillary Clinton were looked at by unauthorized government workers earlier this year, and George Clooney's medical data was breached after a motorcycle accident in New Jersey last year.
"The number of incidents suggests that these organizations do not have an effective (data access) control framework," Cleary says. "Even the federal government needs some work here."
Apparently, the San Francisco Airport could use some help, too.
A laptop containing data on about 33,000 travelers who applied for a national airport fast pass card was believed to have been stolen from a locked office at the San Francisco Airport in late July, according to The San Jose Mercury News.
The Associated Press reported on Tuesday that the laptop was found in the room where it was supposed to be.
The alleged breach had forced officials to temporarily halt enrollment in the program, The San Jose Mercury News report said.
- prev
- 1
- next
