spionlinewhich locked up hun-dreds of thousands of computers in more than 150 countries. krehel was...
TRANSCRIPT
SPIONLINE Summer 2017
1
Friends: On September 28, 2017, SPI will be celebrating its
61st Anniversary as New York's premier fraternal organization
of professional investigators. This year's dinner theme
celebrates heroism and service to our city and country. It has
also been 16 years from the horrific events of 9/11, yet health
issues still linger for many who were present during and after
the attack.
Dr. John Howard serves as the Director of the National Institute for Occupational
Safety and Health and as the Special Coordinator to respond to the health effects of the
9/11 attacks. He will be traveling to New York from Washington, DC to accept our
award and will address the medical issues impacting our heroic first responders. If you
or a member of your family has 9/11 health-related issues, you should not miss
this event.
Mitchell Weiss serves as the Liaison to the Chief of Department at the NYPD. Many of
you already know Mitch either personally or by reputation. You know that he works
tirelessly to improve relations between the police and the community. What you might
not know is how hard he works to foster positive relations between the various law
enforcement and investigative organizations in our city. He is always making sure that
others are rewarded for their hard work and now it’s his time for recognition.
Capt. Florent Groberg was a criminal justice major before joining the US Army. In
2012, while serving in Afghanistan, his heroic actions, subduing a terrorist bomber,
saved the lives of several soldiers. In 2015 he was awarded the Congressional Medal
of Honor by President Barack Obama. We would be hard pressed to find a better
example of post 9/11 heroism than this outstanding individual. So please join us this
most special event. The cutoff date is fast approaching and you don't want to miss such
a unique and special occasion.
All best,
Bruce Sackman, President, Society Of Professional Investigators
INSIDE:
Letter from the
President of SPI
1
SPI’s 61st 2-3
Ransomware
dinner with
Ondrej Krehel
Cell records
mapping
Charles-Eric
Gordon
Serena Xu-Ning
FAMA on Social
Media screening
New website for
SPI
Welcome New
Members
NPDF Award
Blue On Blue
Book
NPDF honors
4-5
6
6
7
8
9
10
9-
Members In The
News
SPI at AAPLE
summer festival
+ Special event
AAPLE @ Yan-
kees Stadium
Coming to SPI
The data left
behind our daily
devices
NPDF
Blue On Blue:
NYPD Internal
Investigations
11-
13
14
15
16
17
18
SPIONLINE SPI’S 61ST AWARDS DINNER ON SEPTEMBER 28, 2017 IN BROOKLYN, NY
CELEBRATING HEROISM AND SERVICE
TO OUR CITY AND COUNTRY
SPIONLINE Summer 2017
2
SPIONLINE Summer 2017
3
P A G E 3
SPI’S 61ST AWARDS DINNER ON SEPTEMBER 28
How to make reservations
The price for this event is $140 per person. It includes a full sit down dinner, ap-petizers, open bar and valet parking. Table cost ($1,400) includes 10 seats, a full page ad in the dinner journal and in SPI newsletter into Dec 2017. Visit our webpage for the 2017 Awards dinner or to pay by Pay-pal, click on the button: You can also mail a check to: SPI, 329 South Oyster Bay Rd., # 161, Plainview, NY 11803.
Individuals and organizations who purchase a table for the 2017 SPI Wards Dinner are entitled to a free one page ad in our journal, website spion-line.info and remaining issues of our newsletter for 2017. Business cards ads cost $150. Please send Bruce Sackman a JPEG or PDF of the ad you would like to place. He can be reached at [email protected].
Advertising at the Dinner
Please, don’t delay in reserv-ing your seat for our 61st An-niversary Dinner on Septem-ber 28, 2017 at Giando On the Water, in Williamsburg, in Brooklyn. You can expect a wonderful evening of cele-bration and professional ca-maraderie, with sweeping views of the Manhattan sky-line. This will be the best networking opportunity of the year!
Testimonial
from the
60th Anni-
versary
Awards
Dinner:
“We had a
terrific
time; great
people,
food and
spectacular
location.
You run a
great orga-
nization.“
From the
2015 Gala:
"Great ho-
norees,
great net-
working,
great food.
I need to
grab a
mem-
bership and
attend all
of the mee-
tings!"
SPIONLINE Summer 2017
4
LIFARS FOUNDER ON RANSOMWARE AND THE TOOLS AGAINST IT
“I’m a cyber ambulance. That’s how I explain my job to my mom,” Ondrej Krehel told SPI, during a captivating presentation at Forlini’s at our June 15 meeting, the last one be-fore summer break. Krehel’s voice was a tad hoarse from overworking amidst the cyberattack by the WannaCry ran-somware cryptoworm, which locked up hun-dreds of thousands of computers in more than 150 countries. Krehel was a former cyber-military agent in his home country of Slovakia before becoming a contractor for the U.S. government, then founding in 2013 LIFARS, LLC, an international cybersecurity, incident-response and forensic investiga-tion company in New York City. During our dinner, Krehel presented real cases of cyber extortion on universities, financial firms, medical fa-cilities and high-net-worth individuals. “These attacks will only increase,” he says. “Think of the incentives. These cybercriminals get paid in two days. A target such as a hospital, with 25,000 computers, have to pay millions. What is the risk of getting caught?” Unbeknownst to many members in the audience, many of the victims are likely to be attacked again. “Attackers have friends and share info with these friends,” Krehel ex-plained. The process is called “credentials reuse”: Users make the mistake of reusing the same pre-attack credentials across applications, making themselves vulnerable again. “I know universities in the United States that have been hacked over 25 times, but it’s never in the press. No-one wants to talk about ransomware.” If a target refuses to pay, thinking they have all their information backed up, hackers still find ways to black-mail them, for example threatening to publish some of the stolen data on the internet. If the victim pays the ransom, “tech support” from their extortionists is non-existent. “Attackers don’t care much if encryption can’t be undone. Attackers give you the key, but if it doesn’t work, you’re on your own,” said Krehel. At the end of the day, targets need professional help to clean all of their machines from any possible malware left behind and to prevent similar exploitations in the future.
Cybersecurity and digital forensics expert investigator Ondrej Krehel came to SPI to
discuss digital extortion in the wake of the WannaCry ransomware attacks.
SPIONLINE Summer 2017
5
Ondrej Krehel was asked: “How do you know when you are hacked? When do you know that you have a prob-lem?” “When your computer starts playing AC/DC’s ‘Thunderstruck’ at full volume,” he answered, jokingly referring to America’s famous 2012 cyberattack against Iranian nuclear facilities, using a worm blaring out the song at any given moment. In other words, you’ll just know. Like calling 9-11 after getting stabbed, tar-gets need to call professional cyber-investigators, who then deploy “ransomware kits” adapted to each case. “Keep in mind that we respond,” Krehel said, “but that part of the response is leading to a sometimes uncom-fortable conversation about changing your cyber-hygiene.” Answering many questions from SPI attendees over dinner, Krehel said that he was looking forward to some-
what of a summer break: “This business can be very seasonal,” the digital forensic investigator explained,
adding: “Some of these crooks, especially in Eastern Europe and Russia, they have girlfriends and they like to
take the summer off. Once, we tracked
one who had purchased a boat. He just
sailed and disappeared for two months.”
Photos by SPI Photographer
Serena Xu-Ning Carr http://serenaxuning.com
SPIONLINE Summer 2017
6
P A G E 6
Easy mapping of cell phone records Tom Slovenski is a
certified Cell Tower
Analysis and Geo Lo-
cation expert works
with ZetX, creator
of a mapping soft-
ware called Trax X,
used by many federal
and local Law En-
forcement agencies
to map call detail
records from cell
phones. Trax X has
become available to
those outside of LE,
who do a lot of work
with cell phones. SPI
members who are
interested in a live
demo of how the
product works can
contact Tom via his
company, http://
cellularforensics.com.
S P I O N L I N E S U M M E R 2 0 1 7
SPIONLINE Summer 2017
7
Ben Mones, CEO and founder of the innovative social media screening provider FAMA Technologies came to
SPI on May 18, fresh from winning the “Most Innovative Use of Data" award at Wharton People Analytics
Conference 2017.
Based in Los Angeles, the start-up was originally geared towards the 60% of hiring companies who include
social media posts analysis as part of their candidates screening process. Instead of conducting the analysis
manually and in-house, they can have FAMA automate the social media posts identification and analysis. “We
look at ‘who’ somebody is when they think we’re not looking,” Mones explained, adding that FAMA’s technology
analyzes text, images, video and also “scans” the Deep Web for relevant data. FAMA produces FCRA-
compliant reports, leaving out classes of information, like race, gender or disability.
The serial start-up creator highlighted a few real-life case studies of how investigators are using social media
screening technology today. He added that FAMA is also working with select investigative firms: “My grand-
father, Ray Mones, was a New York
private investigator, with an office on
Rector street, and this is special to
me,” he told the audience.
P A G E 7
FAMA FOUNDER BEN MONES ON SOCIAL MEDIA SCREENING
Special Offer
This is a good place to make a special offer for joining your
organization, purchasing a product, or requesting your service. You
can also transform the feedback into a sign-up or generic feedback
form.
Photos by SPI photographer Serena Xu-Ning
SPIONLINE Summer 2017
8
A NEW AND IMPROVED WEBSITE FOR SPI
Have you seen our new website at www.spionline.info?
New SPI Webmaster Eileen Gordon has done an outstanding job setting up a new membership directory and events registration system, among other things. Eileen also needs your participation. At our June meeting, she asked SPI members to contact her if they haven’t received an e-mail invitation to register and update their page in our public directory. Members who work undercover or don’t wish to be listed can do so, while others can add photos, details and links to their professional website or LinkedIn page. If you have any ques-tions, don’t hesitate to contact Eileen at [email protected].
Eileen Gordon, new SPI webmaster presented the new website at Forlini’s (r).
WELCOME TO OUR NEW MEMBERS
Please join us in welcoming John Mazzuca, Licensed Private Investi-gator and President of Unique Investigations LLC, in Yonkers, NY; Associate member Laura Hynes-Keller, CFE, of LHK Communications; Chad Los Schumacher, Team Lead at iThreat Cyber Group,; Mark McDaniel, LPI, director of investigations at Connecticut Investi-gative Services and Edward McNamara, Independent Inspection and Oversight.
SPIONLINE Summer 2017
9
SPI President Bruce Sackman received the President’s Award from the National Police Defense Founda-tion (NPDF) on May 3, 2017 at Russo’s on the Bay, Howard Beach, NY.
The 2017 NPDF gala was
a huge success, with over
four hundred and fifty
guests attending: repre-
sentatives from over
twenty different police
and fraternal organiza-
tions, including the Socie-
ty of Professional Investi-
gators. The NPDF
Founder and Executive
Director Joseph Occhipin-
ti described how the
NPDF’s $10,000 Safe Cop
Reward Program helps
protect and support law
enforcement. Upon recei-
ving The President’s
Awards, SPI President
Bruce Sackman, U.S. Vet-
erans Administration,
OIG, urged young investi-
gators to get off their
phones and tablets and
get to meet colleagues in
the real world: “I encour-
age millennials to go out,
join professional associa-
tions, meet people and
build a network of con-
tacts. ”
SPIONLINE Summer 2017
10
P A G E 1 0
Order Form Title
Order total:
Tax:
Shipping:
Total:
Item # Description Qty. Price Subtotal
Name
Address
Phone
American Express
MasterCard
Visa
Bill Me
Credit Card #
Signature
Method of Payment
Exp. date
Check
SPIONLINE Summer 2017
11
P A G E 1 1
Mark Warshavsky honored by NAVCA
Debra Cascardo on the new CMS Disaster Plan
MEMBERS IN THE NEWS Anthony Luizzo in P.I. MAGAZINE on Incoming Verification
SPI member Anthony Luiz-
zo, CFE, CST, PI (Ret.
NYPD) and Phil Luizzo
of Vault Verify published an
article in the April issue of
PI Magazine on a service
that PI firms don't offer
very often: Handling inco-
ming verification requests
for current and previous
employees. This function is
almost always performed
by internal HR or manage-
ment personnel. The au-
thors explain why it’s im-
portant to offering, and/or
partnering with firms that
offer this specialized service
and help diminish corporate
liability. Digital subscribers
can read the piece on the
PI Magazine website or e-
mail Anthony, using his
website or the SPIOnline
member directory to send
him a request for a copy of
the article.
Debra Cascardo, M.A.,
M.P.A., C.F.P. is the prin-
cipal at Cascardo Con-
sulting Group, a certi-
fied compliance consult-
ant firm established in
Westchester county,
helping healthcare pro-
viders, hospitals, nursing
homes implement com-
pliance programs.
Member Debra Cascar-
do was asked by the
asked by the American
Academy of Procedural
Coders to instruct their
staff, doctors and compli-
ance officers on the new
CMS (Centers for Medi-
care and Medicaid Ser-
vices) Disaster Plan Rules
and Regulations.
mas R. Porter Lifetime Achievement Award pre-sented by the National Association of Certified Valuators and Analysts (NACVA).
Mr. Warshavsky ac-cepted the award during the NACVA/CTI Annual Consultants' Conference,
June 7-10, 2017 at Swissôtel, Chicago, IL. At Gettry Marcus, Mark S. Warshavsky is the Part-ner-in-Charge of the firm’s Business Valuation and Litigation Services Group, one of the largest in the New York metro-politan area.
Our friends at Gettry Marcus CPA, P.C. are pleased to announce that partner (and long-time SPI member) Mark S. Warshavsky, CPA/ABV/CFF, CVA, CBA, ASA, CFE, MAFF, DAB-FA, MBA, has been na-med the 2017 recipient of the prestigious Tho-
S P I O N L I N E S U M M E R 2 0 1 7
Debra Cascardo
SPIONLINE Summer 2017
12
MEMBERS IN THE NEWS
SPI’s treasured Treasurer David Roberts, owner of British American Consultants Inc, a Security and Investiga-tions Agency based in Florida, worked as the iconic singer’s personal bodyguard from 1988 to 1995. In this interview with the UK Observer republished in the Guardian on Sunday June 4, he talks about the job as “a vocation”. Excerpt: “He was so dedicated to the woman he still calls “Miss Houston” that he was the real-life inspiration for The Bodyguard, the 1992 movie that made her into a global superstar. The soundtrack fea-tured Houston’s version of I Will Always Love You and sold more than 17m copies. The bodyguard in the film was played by Kevin Costner – “a good two inches taller than me, and with two or three women hanging from his neck at all times,” says Roberts. “Was he like me? Oh heck, no!” He laughs. A great read.
David Roberts in The UK Observer on his years
as Whitney Houston’s bodyguard
SPIONLINE Summer 2017
13
Bruce Sackman on medicine, money and fraud On May 16, SPI President Bruce Sackman gave a presentation to the NY External Fraud Committee, on how medical centers work to combat fraud waste and abuse in their organizations. Sackman, Senior Investigator for the Mount Sinai Healthcare System, addressed the topics of external and internal financial frauds, including Medicare/Medicaid frauds, bribery, theft of equipment and supplies, employee misconduct...
The variety of frauds and motives was impressive. In New York City, some doctors can get very creative in their billings when treating foreign pa-tients. These patients pay cash and in advance. They often overpay for services not rendered. As they fly back home, their visits are deleted from
systems. While "Phantom billing" and "Upcoding" line the pockets of corrupt physicians, other types of fraud, such as "unbundling" (charging separately for procedures that could be under one code), are often committed by salaried employees of hospitals who don’t make direct financial gain, said Sackman: "These are people who want to avoid embarrassment at meetings, they want to 'make numbers' and hope that they will move up the ladder,” he explained.
Sackman described different laws that help combat fraud and abuse in medical facilities, such as the Stark Anti Kickback Law and the systems in place to encourage whistleblowers to come forward with information on fraud, such as Qui Tam Litigation. He also talked about external threats and the WanaCry cyberattack. “Security isn’t always a priority in hospitals. Medicine is,” he stated. That’s why ID thieves and hackers target hospitals for ran-somware. “A lot of hospitals have paid ransomware, and you don’t hear about it,” he said.
SPI SECRETARY EMMANUELLE WELCH
TO SPEAK AT THE OSMOSIS 2017 CONFERENCE
Her presentation, «Hacking the Meet-up and Hook-up apps,» will dive into the world of dating apps such as Tin-der and Grindr that can become a handy tool to perform people locates, asset investigation and more.
«Most of the tips and tools can only be learned from experience,» says Welch, a Private Investiga-tor who runs French Connection Research, a Brooklyn-based agency licensed in New York State and Washington, DC. Founded in 2004 as a
research business out of Los Angeles, the agency has branched out into white collar crime investiga-tions, international asset searches, IP disputes, opposition research, and cross-Atlantic fraud cases.
At the 3rd Osmosis Con taking place in Myrtle Beach, CA October 8-11, Welch will use examples drawn from real-life cases to address the audience of investigators for the legal, law enforcement, investiga-tive, business, and accounting community. Osmosis Con was developed by OSINT (Open Source Intelli-gence) expert investigator and former SPI speaker Cynthia Hetherington. SPI members can get a confe-rencec discount by e-mailing Emmanuelle at [email protected].
SPIONLINE Summer 2017
14
SPI AT AAPLE’S SUMMER FESTIVAL
SPI is working on a very special
program with our friends at the
American Academy of Profes-
sional Law Enforcement
(AAPLE) and the International
Police Association to be an-
nounced shortly after the sum-
mer break. It will be available
to members of these organiza-
tions exclusively!
A once-in-a-lifetime ... A SPI delegation had an excellent time at the American Academy for Professional Law Enforcement ‘s Summer Festival & Scholarship Dinner at Battery Gardens, in New York City, on June 28, 2017 (below). The Law Enforcement Officer Of the Year Award was handed to NYPD’s James Murtagh, while Maria Mammano received the Robert Colangelo Award, an award to an AAPLE member who epitomizes Chief Co-langelo's ideals and commitment.
SPI’s Challenge Coin to be unveiled at
SPI’s 61st Awards Dinner Challenge Coins are metal coins typically awarded to an individual for excellence or special achieve-ment, also in various ways for special occasion and remembrance. The original Challenge Coins in the U.S. Military (and in a few other military forces, in Canada, the UK, Germany, Australia…) symbolize unit identity and foster “Esprit de Corps:” So much that if someone initiates a “coin check” at a bar, anyone present who doesn’t have their Challenge coin on them has to buy a round of drinks… How-ever, if everyone present produces their coin, the individual who initiated the “coin check” has to buy the round.
SPIONLINE Summer 2017
15
P A G E 1 5
SPIONLINE Summer 2017
16
P A G E 1 6
COMING TO SPI ON OCTOBER 19
Daryl Rowland of Digital Forensics Corp on
The data left behind on our phones, cars and
every day devices
What is, exactly, the forensics evidence left behind in our smart phones?
What about in our tablets, vehicles, Amazon Echo and other every-day de-
vices?
Daryl Rowland is a senior consultant for the digital forensics firm Digital
Forensics Corp, based in Cleveland, Ohio. The firm’s experts provide digi-
tal forensics and data recovery across the US and Canada, for individuals,
businesses and government entities. He will be our speaker at the SPI Oc-
tober 19, dinner, at 6 p.m. at Forlini’s.
A digital forensic expert, Rowland will tell how data from digital device
can become "digital evidence.": What can be obtained by law enforcement
and investigators working civil cases, including "deleted information" that
is still there, to piece together the story the information tells. Rowland will
also cover the use of remote acquisition of data via the internet and how
deleted browsing histories can reveal hidden activities.
Daryl
Rowland
SPIONLINE Summer 2017
17
SPIONLINE Summer 2017
18
COMING TO SPI ON NOVEMBER 16
SPI TOOLBOX
In this new column, SPI members share their favorite
tips. This month: SD card reader and Twitter search.
Paul Babakitis (photo r.) of PGB Executive Investiga-tions, Inc., brought one of his favorite gadgets at a recent SPI meeting: The PhotoFast SD Card reader. "You plug it in your iphone and you can determine right away if the SD card from your camcorder or camera has good audio and video before wrapping up a surveillance, for instance.” More Info here: http://www.photofast.com/. For Twitter investigations, SPI Secretary Emmanu-elle Welch is a fan of Twiangulate, a tool to analyze connections between Twitter friends and followers. A new site, TweetBeaver, offers ten Twitter search options. This great resource was shared by privacy and OSINT consultant Mike Bazzell. To subscribe to his monthly newsletter, click here.
Charles Campisi’s Blue on Blue:
Internal Investigations at the NYPD unveiled
Charles Campisi is the longest-serving Chief of the NYPD’s Internal Affairs Bureau, an elite unit tasked with investigating fellow officers suspected of misconduct, corruption, or worse. Under Campisi’s watch, New Yorkers shot or killed by cops dropped by 90% and the number of cops failing integrity tests plummeted to historic lows. In his compelling and fascinating new book, Blue On Blue, Campisi describes a shadow world where police officers confront evil. At our November SPI meeting, he will reveal what really goes on—and why—in big city police departments and will describes the strategies implemented to achieve results. The first 20 members to register will re-ceive a complimentary copy of Blue on Blue.
SPIONLINE Summer 2017
19
The Society of Professional Investigators awards free mem-bership in our organization to eligible members of the Active Duty Military and of the Brooklyn-based Combat Wounded Veterans of America Although the requirements for full and associate membership remain the same, the application fee, (and yearly dues (currently $75) are waived for these individuals. Just go the SPI website at www.spionline.info and fill out the application indicating you are a member of one of these groups of special
status individuals.
New mailing address: 329 S Oyster
Bay Rd #161 Plainview, NY
E-mail: [email protected]
Ph: 718-490-7288
For over 20 years the Mechanic
Group has specialized in providing in-
surance programs to the private secu-
rity, investigation and electronic securi-
ty industries. For many years The Me-
chanic Group has supported SPI and
2014 is no different. Ask your fellow
SPI members who provides their insur-
ance and chances are this is the firm.
SPI encourages all of its members with
insurance needs to contact the
Mechanic Group at: 800-214-0207
Society of Professional
Investigators, Inc.
Free membership to active duty personnel
and Combat Wounded Veterans of America
Celebrating 60 years as NYC’s Premiere
Investigative Fraternal Organization
SPI has proven itself to be the premier fraternal investiga-tive society in New York. Our monthly meetings con-tinue to present the top ex-perts in their fields, and the networking opportunities are second to none.
Each year our annual dinners attract the top law enforce-
SPIONLINE is a monthly newsletter
published by the Society of Profession-
al Investigators.
Publisher: Bruce Sackman
Editor: Emmanuelle Welch
We welcome comments regarding the
newsletter and submissions from members.
Please contact Bruce at 718-490-7288.