Are any of you members of a community group? I’m not because there simply isn’t one worth going to in my area but I’d quite happily get involved if there was. I went along to a popular village community meeting, which took place in a village church and boasted a turn out of over 100 people. As you would expect for this sort of meet up, under 40’s were lacking representation and I was there to facilitate a cyber crime session so wondered how receptive the audience would be.
Generation Neutral Cyber Concerns
The initial talk gave an outline of the threats of cyber crime, emerging patterns, prevention and reporting advice. Then came the Q&A and despite expecting a tumbleweed moment, to my delight the questions flooded in. Each question posed had a technical element, which came as a pleasant surprise as clearly the older generation in this village had a grasp of digital. They asked about antivirus, protection in an OS X environment and guidance on the latest password advice. It was extremely encouraging to see so many people in the community showed an interest in fraud and cyber crime prevention. It challenged the stereotype of the older generation not having a clue about the internet and made me reflect on how entwined all our lives are with the internet and world of digital devices.
I decided to stay for the remainder of the meeting and listen to the chair and others go through the schedule. They talked about planning applications, summer parties, fund raising and local clean ups. It was very impressive to see such an engaged and active group. It somehow felt very old fashioned yet this was in stark contrast to the technical questions asked of me earlier following the crime talk.
It then dawned on me. Every fund raiser, every membership query and every petition was orchestrated via the medium of electronic mail. Surveys were being done online and one lady even spoke about her desire to establish a Facebook page to promote the good work they were doing. It was whole heartedly encouraged by the rest of the group. It was pleasing for me to see how the plethora of services available online were being used to promote the good work of such a traditional village community.
To top it all off the vicar chimed in with a story about nearly falling foul of a PayPal phishing email. The audience gasped and shook their heads and they nearly all seemed to have similar stories.
It is fair to say some of the older members of the community were far more aware and cautious than a lot of the younger people I work with. How encouraging.
If you’re anything like me and enjoy running Parallels on a Mac Book to operate your Virtual Machines then it can be infuriating when some VM builds refuse to run.
This recently happened to me whilst trying to fire up a Windows 7 Professional VMWare build in Parallels; it just simply wouldn’t convert. My easy fix when this happens is to fire up the VM in VirtualBox. I use VirtualBox because it’s free for Mac OS X (unlike VMWare Fusion) and tends to convert VMWare files quite well.
However, the default network settings for Win 7 on VirtualBox are NAT. This is great if all you want to do is load up Win 7 Pro on a Mac and get on the internet. If you want to start talking to this machine from Kali running on Parallels then sadly it’s not going to happen.
The IP address given to the Win 7 machine is 10.0.2.15 and is on a different subnet to the Kali Linux machine running in Parallels.
I initially got some strange results from nmap scans pointed towards the Win 7 IP address from the Linux machine, however could not replicate them. Either way, no useful communication could be had between the two VM’s.
After a great deal of fruitless searching the internet I stumbled across the simplest of solutions.
This is what to do to get both machines on the same subnet, able to access the internet through the host and talking to each other. Simply change the network settings on the VirtualBox Win 7 installation to Bridged Adaptor using vnic0 as follows:
A further ipconfig command should provide you with an IP address in the same subnet as the Kali Linux machine. From here you should have no problem doing whatever it is you need to do.
Let me know if you have any similar tips for people paying for Parallels but filling the gaps by running a free version of VirtualBox on Mac OS X.
Cyber crime is on the increase and has been for some time. Of course, the effectiveness of the police to correctly label a crime as cyber has improved but it is doubtful this alone can account for what we’re seeing. There is a real and substantial increase in crime being committed online or facilitated in some way by our ever more intrinsically digital lives.
What do most people think of when they hear the term ‘cyber crime’? Well that depends on who most people are, how they use the internet and where they believe the threat of crime is coming from.
Take the retired teacher who occasionally uses the Internet to do banking, email distant friends and seek out the cheapest car insurance. Ask that person what they think cyber crime is and they will inevitable talk to you about the dodgy phishing emails they receive and how they are worried about fraud. They will likely tell you of the time they nearly clicked on an email link thinking it was the ‘tax man’. Or the time someone called from their internet service provider to advise them their router was faulty in order to convince them to install TeamViewer to allow remote access.
Then think of that retired teacher’s daughter who has two children, one in high school and one in primary school. They both have a tablet and smart phone each and do their homework on the family laptop. The kids come home and tell her all about how someone came into school from the police and gave them loads of advice about staying safe online. They reel off their new knowledge and impress their parents but what does this all mean to Mum & Dad? It means the next friend request to come from an older looking male means smart phones are being confiscated and access to the internet limited. These children are children born into an online world and they will go online whether their parents say they can or not. Now they just won’t say anything next time they are being bullied or asked to perform a ‘special dance’ in return for the prize of a new smart phone.
What about the boy living across the road who you rarely see? Sometimes he’s up all night, judging by the flickering light of his computer screen that can be seen from outside. He’s your local cyber criminal. He began in school by being the smart ass who shoulder surfed a few passwords and sent hilarious emails to teachers from unwitting fellow student’s accounts. He got bored of that, watched a few YouTube videos and now he sits there scanning for vulnerabilities on local school websites. He commits DDoS attacks against local businesses using free stressor tools just for the hell of it. After doing that a few times he gains enough kudos to join an ‘elite’ hacking squad of like minded individuals. He is now the big man revered by his peers and hated by his victims for the loss of business, damage to reputation and outright nuisance he causes. All the while he is ignorant to the fact that despite never being in trouble ever in his life he is committing offences each night that can bring a maximum sentence of ten years in prison and what a shock that is for him when the police come knocking.
Despite all he has learned the youthful cyber criminal fails to put his skills and knowledge to good use. He could have told his Dad to backup his business data and update antivirus but he didn’t. His Dad runs a well respected car sales company in town. A couple of days ago a member of staff double clicked an attachment in an innocent looking email and now access to payroll, quotes, orders and customer contact information is denied. Ransomware has taken over the network of three computers and the local IT company can do no better than wipe all drives and start again. No backup, no data and a bill for IT that they can ill afford hits the company hard. Fortunately, the organised crime group behind this spree of offending failed to profit on this occasion.
Cyber crime is a problem for not just one type of person or business but a problem for all. For those of us who understand the threats and know how to mitigate in some small way against them we need to share this knowledge. The criminals have evolved but you have to consider how the public are more exposed than ever due to the increasingly seamless integration of the internet into all our lives.