LITIGATION SUPPORT TIP OF THE NIGHT

The National Institute of Standards and Technology makes a free cybersecurity framework reference tool available on its site at: https://www.nist.gov/file/15696. Unzip and run the .exe file and you'll get a great tool that will help a firm or client implement cybersecurity practices according to standard practices and guidelines.

As you can see the framework has five main stages: IDENTIFY; PROTECT; DETECT; RESPOND; RECOVER.

This little program really just integrates outlines of five different cybersecurity guides. The Council on Cybersecurity's Critical Security Controls; Control Objectives for Information and Related Technologies COBIT 5; International Society for Automation's 62443 Standards; the International Organization for Standardization / International Electrotechnical Information Security Management ISO/IEC 27001:2013; and the National Institute of Standards and Technologies' Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53 Rev. 3.

The Framework really just points you to specific sections in each resource in which you can look up more specific information on how to address particular problems. So in this selection we see where to find more information on how to make sure your detection processes can deal with anomalous events by making concerned parties aware of them.

There's another great utility available from the French company, IDRIX, called VeraCrypt. See: https://www.idrix.fr/Root/content/category/7/32/60/ . This is based on TrueCrypt, and can open TrueCrypt volumes. IDRIX claims that its utility has enhanced security features, which they concede come with the trade-off of encrypted files taking longer to open.

A helpful tutorial on how to use the utility is available here. VeraCrypt comes with a cool James Bond style feature allowing you to create a hidden volume inside the encrypted data. So even if someone forces you to reveal the password for the encrypted drive, partition, or file, your truly sensitive data can remain out of the hands of your foes. The 'free' space on any volume encrypted with VeraCrypt is always actually filled with random data, so there's no way to tell that there's extra space taken up with useful data. The hidden data is simply accessed with a password that is different from your decoy data.

VeraCrypt has you select both an encryption algorithm and a hash algorithm. The encryption algorithm encoded the data so it can only be accessed with a password. The hash algorithm allows the recipient to confirm that they have received the same exact data you intended to send.

An odd feature of VeraCrypt is that the wizard makes you generate the encryption keys by randomly moving your mouse cursor around on the screen . . .

A VeraCrypt file will appear as an extensionless file with the file size of the data you specified that it could be capable of holding - not just what you added.

The recipient clicks 'Select File' to browse to the encrypted file, and then clicks MOUNT to enter the password.

LITIGATION SUPPORT TIP OF THE NIGHT NO LONGER RECOMMENDS USING THE KASPERSKY PASSWORD CHECKER OR ANY OTHER KASPERSKY PRODUCTS. KASPERSKY IS BEING INVESTIGATED BY THE FBI. AS THE NEW YORK TIMES HAS REPORTED KASPERSKY IS SUSPECTED FOR USING ITS ANTIVIRUS SOFTWARE TO STEAL CLASSIFIED GOVERNMENT DOCUMENTS.

I'VE LEARNED MY LESSON, AND I'M SURE YOU WILL TOO. LITTLE HOPE THAT THE MORON WHO IS CURRENTLY PRESIDENT OF THE UNITED STATES WILL LEARN THIS LESSON AS WELL.

There are several utilities on line that you can use test the strength of a password. Kaspersky Lab (which was rated as having the best virus protection software in 2015 by AV Comparatives - see the Tip of the Night for February 15, 2016) has a password checker here, It will give you estimate as to how long it will take someone to crack your password. If you just use a few digits, your password can be cracked in a number of seconds. It can a few years to crack a password that uses a combination of numbers, special symbols, upper case letter, and lower case numbers.

The site, http://www.passwordmeter.com will show you which features of your password are making it stronger or weaker. Repeating characters or using consecutive lower case letters will make your password weaker.

Keep in mind that password cracking programs have libraries not just of commonly used words from dictionaries and books, but commonly used passwords. A password strength tester may indicate that a password with any combination of upper case letters, lower case letters, numbers and special characters is a strong password. The Kaspersky password checker accounts for commonly used combinations. So if you test the password, 'Abc123??' Kaspersky will let you know that this password can be cracked in 3 minutes.