Physical Access and Computer Forensics
Physical Access and Computer Forensics
We have combined physical access and forensic analysis into one chapter, as these threats utilize similar methodologies, and the methods of combating them will also be largely similar.
Physical Access
This threat involves gaining physical access to a device to steal information or perform actions that can harm the owner.
The most common attacks include: direct theft of information, installation of malicious software, and connecting external drives.
Let me give an example of an attack using physical access. An attacker observed your password either in person or by placing a miniature camera near your computer, then waits for you to leave and installs a program to spy on your computer. The program operates unnoticed by you, collecting all information and sending it to the attacker. The spyware is manually added to antivirus whitelists, so you shouldn't rely on them.
Surveillance programs can be purchased completely legally and are mainly intended for monitoring children. What distinguishes these programs from malicious software is the requirement for physical access to the computer.
The typical functionality of such software includes recording what is happening on the screen, logging all keystrokes, perimeter control using webcams and microphones, and generating convenient reports on user activity. Some programs can also censor user activity by blocking access to certain websites.
How to protect against such a threat? First of all, you need to add false characters to your password: this will protect you from those who like to peek at passwords. We will teach you how to add false characters to your password in the chapter dedicated to passwords. Second: install and configure Panic Button (the project was closed in 2021) - a program that protects against unauthorized access to the computer. You can also go further: today, locks, safes, and alarms for laptops are available for purchase. We will cover everything in detail as part of the course; the purpose of this chapter is just to introduce you to the threat.