Leonardo’s lesson

by Andrea Monti – originally published by Infosec.News

^{A note for the non-Italian readers: Leonardo is the biggest Italian defence contractor. Recently the company has discovered a massive information theft related to critical pieces of defence equipment, allegedly committed by two insiders. According to the prosecution, the exfiltration went on undisturbed for about two years before being discovered.}

A great deal has already been said about the massive illegal exfiltration of data suffered by Leonardo, about the difference between the institutional narrative of cybersecurity and the dramatic situation of the Italian infosec, and about the regulatory superfetation burdening national security. However, something still lasts to be discussed: the less-than-proportional relationship between the members’ quantity of a structure and their “loyalty” to the structure itself. Continue reading “Leonardo’s lesson”

November 28, 2020

SIM hijacking, security measures and bank’s liability

Threats change, but security measures to protect account holders do not. Can banks still blame users in case of frauds? by Andrea Monti – Originally published in Italian by Infosec News

One of the many recent cases reported by the press in Italy accounts for the umpteenth fraud committed against a bank account holder exploiting a SIM hijacking attack. Not even a week ago, I had to deal with a similar case, where through a social engineering attack, the scammers mislead the customer into giving them by telephone the OTP to finalise the fraudulent transaction.

In many cases, the victim manages to obtain a refund of the stolen amount, but in others the bank refuses, claiming the client’s negligence for not recognising the fraudulent nature of the criminal behaviour. In other words and rough terms: the bank does not pay for the outcomes of the stupidity or ignorance of the victim.

However, is that so? Continue reading “SIM hijacking, security measures and bank’s liability”

November 20, 2020

The EU contradictions on cryptography

Two recent leaks reveal the European Union’s choices on cryptography. Child protection and national security are the reasons for the impossible mission of ensuring security through weakened encryption. By Andrea Monti, Adjunct Professor of Law and Order at the University of Chieti-Pescara – Originally published in Italian by Formiche.net Continue reading “The EU contradictions on cryptography”

November 12, 2020

Facebook and Telegram seizures reveal the problems that plague the online criminal investigations

by Andrea Monti – Originally published in Italian by Infosec.News

An article published on page 30 of IlSole24Ore of 11 November 2020 reports on the seizure-by-access-blocking of Facebook and Telegram by the Public Prosecutor’s Office of Naples. According to the newspaper, the Public Prosecutor’s Office ordered a “seizure-by-obscuration” of several domain names and a significant number of IPs.

The Guardia di Finanza (Italian tax police force) notified the magistrate’s decision to the operators and internet service providers. While the latter are executing the magistrate’s order, a further note from the Guardia di Finanza arrives asking them not to follow up the inhibition or in any case unblock sixty-six domain names, among which the first two are Facebook (it-it.facebook.com) and Telegram (t.me). Continue reading “Facebook and Telegram seizures reveal the problems that plague the online criminal investigations”

October 30, 2020

Defending Computer Criminals

Andrea Monti – Adjunct Professor of Public Order and Security
University Gabriele d’Annunzio – Chieti-Pescara, IT – amonti@unich.it

Paper presented at the Tokyo CodeBlue Conference 2020

Abstract

This paper is about defending a person accused of computer crime and computer-related crime in Court. It is intended as a primer for those defence counsel who have no experience in the specific field of criminal trials involving computer, digital assets and the Internet. At the same time, it provides insights to computer experts wanting to enter into the digital forensics sector, because it offers a way to understand how a lawyer thinks, and what are his needs when designing a defence strategy.

The focus is on the practical issues, as emerged from the direct trial experience of the author and of other criminal trial lawyers, therefore the legal theory and the ICT technical aspects are not discussed in detail. Both the legal and the IT professional, though, can find in the discussion enough hints to widen their understanding of the matter and improve the effectiveness of their strategies.

The paper is structured in three part: a criminological profile’s taxonomy of the defendants, the analysis of the digital investigation carried on by the prosecution to build the case, and the trial strategies of the defence counsel.

Finally, a note on the cases discussed in this paper: where possible, references to court decisions are available, but in some cases, for confidentiality reasons, the paper analyses the relevant elements without providing further information. Continue reading “Defending Computer Criminals”