Logging onto your computer, you are greeted with a screen full of statistics in easy-to-read bar and pie graphs. One graph in particular quickly catches your attention. Out of hundreds of users, one computer is being flagged for sending large amounts of data to a server in Iran.
With a double click of your mouse, you are now watching the user attach an external drive to his system and log into a proxy website to transfer encrypted confidential files to a foreign server -- something your own corporate firewall would have missed. With a few more clicks of the mouse you log into his live machine and forensically capture the documents for your review.
With the solid evidence of your suspect leaking classified files to an unknown person, you plant a digital tracking device within his own documents to follow them to their final destination. As a final confirmation, the suspect's work cell phone is tapped and GPS coordinates in combination with SMS text messages prove his guilt.
Sounds like the new state-sponsored spyware "Flame", but actually it's a combination of programs that have been on the market for years and can help your corporate investigations.
Although the media have been reporting the recently discovered and formally ousted spy tool, Stuxnet and its intel-collecting brother, Flame, as powerful and miraculous tools, hackers and others in the industry aren't impressed. Flame and its multiple payloads have been around for at least a decade in various combinations of malware and software-for-sale.
Known as RATs, or remote access tools, these programs are as complex and extraordinary as Flame in their data stealing abilities. Paid and free programs are available that can capture the users' screenshots and keystrokes, download files, view webcams, listen to laptop microphones, and offer other features that allow you full control on the user's system unbeknownst to them.
Here are a few that investigators can start using now to quickly gather evidence of wrong-doing within their organizations' walls.
Spectorsoft offers multiple spyware tools to protect your data and investigate your suspect's wrong doing. Spectorsoft's 360 is an enterprise-level monitoring tool that captures all activity on your employees' computers--screenshots, chats, emails, file uploads, printing, and more--and places it into a database full of specialized exception reporting.
Want to know who is printing too many documents, putting files on an USB drive, or uploading bulk data to a remote server? 360 will show you in an easy-to-read format. One click of the flagged suspect and you can see video of his evildoing as if you were looking over his shoulder.
If you are looking for a tool to use more for a case by case or personal (wife, kids) matter, try Spector CNE or eBlaster for the same features on an individual basis. Spectorsoft even offers the same quality tool for smart phones. Install their mobile program for monitoring of phone calls, GPS, text messages and more. Prices start at $69 depending on program and number of users. Monitoring also can always be done by many open source programs and cheap tools like Cybergate.
For cell phone monitoring, Flexispy expands well past Spectorsoft's cell phone monitoring, and may cross legal lines depending on your jurisdiction or company policy. Instead of just the basics of GPS locations, SMS capturing and phone log tracking, Flexispy lets you listen to phone calls, use the phone as a covert microphone in your suspect's room, and more.