Image Theft, Hacking, and
Cyber Crime
Cyber Crime
By Lisa Loucks Christenson
Imagine arriving home late one evening, after midnight, and as you open the door you just unlocked and arrive in your foyer, you stare at a mystifying, glowing light coming from your living room floor. Cautiously, and trembling, you slowly walk towards the light and find a small flashlight lying on the floor in plain view.
Just the thought of someone lurking within your home will send shivers up your spine, but take note: someone has been intruding in your house of thoughts and memories, and that someone has left you a calling card, intentionally or not. It’s up to you to look around to see if anything is missing.
How would you feel if you went to sign on to your computer and found that your system had been
Mention the word hacker, and you picture computer nerds whose compulsions sometimes turn them to crime. What you may not picture is the extent to which these hackers will go to invade your life.
I know, I’ve been there. It took me three years to pick myself up and recover from the cyber criminal games that cost me thousands and thousands and thousands of dollars and left scars around my heart, before I found a way out.
What would you do if you knew you were being hacked? Do you know that you’re not? Whom would you call? The police? The FBI? To whom do you report cyber crimes?
I know you’ve heard this a thousand times: “Don’t leave your doors wide open,” yet many still do, not only at home, but on their computers.
Do you post pictures of your clients online? Do you trust the security of your web host company? Are you able to load your images online, those precious images you worked so hard at creating and resizing, captioning and loading, all so you could have your little collection, your corner-store market on the Internet?
Here’s how my wake-up call came:
Big Time Client: “Hello, Lisa, this is Ms. Big Name Art Director. We are interested in using two of your photographic images that we found on your website through an Internet search. What do you charge for front cover usage? Additionally we’d like to use another other image inside the publication.”
I gave a fair price, and we negotiated further for Internet usage, and then I issued her the password so that she could pick up her high-resolution images. After all, the publication was going to press in a couple days and they really wanted my images over some others they had found.
;We hung up and I spent the night walking on cloud nine. That ended the next day when I got another call from Big Name Art director: “Lisa, I did as you said, but there were no high-resolution images there to pick up. I tried several times.”
;“Are you sure?”
Never ask an art director if they are sure. I remember the long pause that followed the heavy exhalation from the big-name art director.
“Okay,” I said. “Let me check this out and I’ll get right back to you. I recently licensed those images to a non-competing textbook market, so I know they have to be there. The images went to the textbook company. I know the images have to be there. It’s probably just a glitch. I’ll call you back shortly.”
I signed into my server and was horrified to find the art director was right—the images were all gone. Even the low-resolution jpegs had been removed. All my work, vanished.
I had two choices: call them back and say, “No deal,” or go through my relatively new, and still rudimentary, back-up system of images, a tedious, boring, and time-consuming project.
Of course, I wanted the credit more than the money, and so I went through all my back-ups and finally located the images so I could continue the sale, but I almost lost the entire deal from having my “secure server” hacked.
True story. It could happen to you, too.
Have you properly identified all your images? Have you an anti-deterrent in place? Have you checked into water marking and digitally tracking your images? Do a search under watermark technology, or stolen image protection, and you will find companies like:
www.Digimarc.com
www.ArtistScope.net
www.baytsp.com
These sites, along with countless others, will help lead you to those with experience in helping businesses secure their images, helping secure your website code, and tracking them for would-be thieves.
At the very minimum, you should be embedding your own copyright notice into each image. There are many photo programs that allow you to set the copyright ownership and link in the properties of each image.
Another way to track your images is to give them code-specific names and do searches under those file names to see if someone else is using your images. I’ve caught others who have not only used my images, but have stolen my articles, kept my credit line, and changed the company named in the interview to their company name, as if I had done the interview for them!
You’ll be well advised to hook up with professional services that carefully monitor their network security, and have a phone number you can call if trouble should arise.
Believe you me, I’ve bought hosting from the bottom-of-the-barrel of all service providers, and paid through the teeth to afford what I thought would be a fully-protected, dedicated, and virtual server, and I tried at least sixty hosting companies between expensive and cheap, and I was hacked on all of them.
;One day, a sympathetic gentleman informed me that until I stepped away from shared servers and virtual servers, my data and images would always be at risk for attacks. He offered to help me.
I highly recommend these two companies for their excellence in services provided to me. Real people who care about me and have gone miles out of their way to help protect my work and help me succeed:
Founded in 1994 and incorporated in 2004, Internet Engineering Association, LLC, specializes in providing extremely secure, private and reliable Internet services. Their design, hosting and management services provide clients a reliable, worry-free environment for all their website and email needs.
Contact information:
Internet Engineering Association
Contact: Justin Franks
365 Main St. 3rd Floor
San Francisco, CA 94105
(415) 261-0706 (Tel)
www.inetassociation.com
info@inetassociation.com
;Second, I can recommend BigBlackBag.com online portfolio websites which provides photographers and creative professionals with an inexpensive means to build, design and maintain their own websites from any computer without the need for special software or programming skills. BigBlackBag is fast and easy for the photographer, but its real value comes from its intelligent design that makes browsing the photographer’s portfolio fast, easy and intuitive for their customers. Designed around the needs of creative professionals, BigBlackBag provides specific online tools that turn the photographer’s website into an extension of their business workflow, including commercial and even proofing systems, as well as inexpensive art and stock e-commerce capabilities. Image protection, watermarking, automatic image sizing, animated slide-shows, soundtracks, search engine optimization and many more features are included at no extra charge.
Contact information:
info@bigblackbag.com
(416) 516-8736 (Tel)
(888) 755-8518 (toll free Tel)
www.BigBlackBag.com
Let me get to the point. You are only secure until hit. Trust me, or live with the consequences. My own banks, credit card companies, all of them get hit. Just last week, I received another letter that their system was attacked. Why would you think you’re safe? Because you’re small? That just makes you an easier target. Hackers want your machine to be added to their zombie pool of computers to attack other systems.
Big Brother doesn’t have the means or funds to help you—sorry. It’s the truth. So don’t waste your time expecting the police or FBI to take the time to investigate a little port probing, snooping through your files, hacking your email account, hijacking your site, destroying your software, stealing your photos. Do they care? Probably.
I; live in a town of about 90,000 people. Now, you’d think I could call and get some help instead of the curt reply, “Do you think you’re the only one getting hacked? Call the FBI. We’re understaffed and under funded.” That came from the policeman in-charge of the relatively new division in cyber crimes of my local police department. Hardly the response I expected and I hung up disappointed that there really wasn’t anyone who could help me.
Keep in mind that law enforcement may not get involved at all. Also keep in mind that if they do get involved, they will take over the investigation, and you may be waiting weeks and weeks in a shut-down state, or at the very minimum, in a reduced workload state.
If you don’t have the time to wait around for the law enforcement, you may already know it’s just what they call script kiddies (kids messing around with code they have copied or written themselves and were looking for a victim—you—to try it on), snooping through your work, files, emails as they learn how to perfect their skills and most importantly remain undetected by you and any firewalls you have in place.
These kinds of hacks are well known. In fact, there is even a publication I’ve skimmed at our local Barnes and Noble store called 2600 The Hacker Quarterly, which is a resource guide for hackers, and phreaking.
At first, I was appalled that someone would publish a guide like this to teach and hold contests for hackers, a magazine chock-full of prized hacks and new ways to destroy others’ work and data.
bs; However, I realized that if I read up on the tricks over which they so boldly fought for page space, perhaps I could learn the reverse of their games, and in the end lock them out. After all, when you show your victim your pathway doors, what victim isn’t going to go inside and shut and bolt them tighter?
Of course, any search under hacking will yield you weeks and probably months of reading literature off the Internet. I think it’s wise that everyone using the Internet and keeping their businesses online at least peruse a few books on network security, hacking, and image protection.
Your local bookstore likely has a section on networking. That’s a good place to begin. I’m not saying that you should become your own network administrator; I’m saying you should learn at least the basics of what goes on in that wire or cable or telephone line that is talking to your computers, and consider the precautionary measures you may need to invest in: software, hardware, books, IT people, new computers to lock down your systems.
If suddenly your computer software has malfunctioned, or your OS has become corrupted—it doesn’t mean you were hacked. The term “hacking” wears many hats, anything from denials of service (DOS) or not allowing your computer to reach the Internet or your online services, to malicious codes or Trojans placed in emails, sent to the unsuspecting victim, or redirects that land you on a hijacked website. You may even find you are a victim of a hacking ring (groups of awful, devious people who find destroying others’ works, websites, as stealing, defacing, breaking links, etc., is more fun than a night at the movies.)
Please don’t be fooled into believing that a simple software firewall will protect you and your data. I’ve used them all, and had several IT companies come in and set them up for me, all on new systems, and I was hacked through all of them. When I called and stated I wanted a refund, I was told, “Sorry, we don’t offer refunds if you were being hacked before using our software.” As they say, “A firewall is only as high as someone find a way over it.”
There is always someone who will try and jump the highest wall. It may be your competition; it may be an ex-employee, ex-boyfriend or girlfriend, or just the kid down the street who got into this game of hacking.
Keep in mind, too, that many freeware programs are actually spy ware programs you put on your own machines and open the doors to these hackers, Trojans and RATs (remote access Trojans) that allow criminals to control your computer from a remote area without your knowledge. &nbs;I once interviewed a hacker who was rich with advice on protecting my network. We began talking about Trojans, and he started laughing. “I sent my mother a Trojan.”
”Why?” I questioned.
“Because it was funny,” came his reply.
If a hacker would send his own mother a Trojan – why would he spare you?
Another security issue that you should be aware of is the legitimate services or programs you buy or license, programs that are wide-open doors to those who hold the code keys. There are thousands of remote PC programs that were designed to make life easier, allowing you to work at home, or in a remote office off your office network. However, any program that allows a connection into your machine, such as online web operator chat services, instant messaging, etc., is also an open port for an attacker.
If it hasn’t happened to you, the chances are it may. I don’t want to scare you, but I want you to be aware and to at least have some knowledge of who to contact, so you can be prepared. You need to arm yourself with reputable firms who have the expertise to keep your business going, experts who will be your first responders to a crisis when, and if, a situation does arise.
From personal experience, I would YELL and get in a professional forensic computer investigator specialist ASAP if you have been hacked. Unplug your Internet services, and don’t let anyone touch that machine. Don’t let the computer shop down the street convince you that it’s a quick fix, even if he took a class in college or has read a book. This is specialized knowledge and there are only a handful of people in this country who swim in that pool of knowledge.
A couple investigative companies I recommend are:
www.CFISdTechs.org Computer Forensic Investigative Services, LLC
(636) 386-2347 (tel)
16176 Westwoods Business Park, St. Louis, MO 63021
www.WillDocken.com
Will Docken Investigations, Computer Investigative Specialist (608) 582-2958
After being hacked, I bought all new machines, hardware. I bought books on how to lock down my systems. I bought books written by “ethical hackers” to learn their tricks, to protect my systems. I changed ISPs several times. Then I hired several tiers of specialists to protect what I hadn’t lost and something else they could steal or damage: my future.
They say everything comes at a price. What is the price you will pay to keep your work safe, keep your clients’ images protected from thieves and hackers?
&nbs; If you find your data, emails, or images corrupted, or perhaps you have a hard drive that has quit working, you may use several of the online data recovery programs, with good results. However, I would highly recommend that you consider using the services of a professional data recovery company:
www.ontrack.com (800) 872-2599 Besides offering software, and in-lab recovery services, this 24/7/365 company even offers a remote data recovery service from your desktop and on-site service.
If you find yourself a victim of cyber crime, and really don’t have the means to afford the security professionals’ fees, you should be pleased to know there are also hundreds of groups, cyber angels, to turn to if you find yourself at
www.cyberangels.org
Government agencies you can contact:
www.usdoj.gov/cybercrime/reporting.htm
www.FBI.gov
www.ifccfbi.gov
Another team member you may want to bring onboard is a company that specializes in vulnerability testing. In essence, you will be hiring an “ethical hacker” to hack your network or systems. Why, you may ask, and the answer is simply because you want them to find any security holes or leaks before a criminal does.
I found myself forced to use these services to secure my systems. I can’t recommend a particular company or I would breach my own security. However I will forewarn you that you can expect to pay anywhere from $2,000 an incident to $5000 per day-plus, to keep and protect your systems, data, and images, and set up a security plan with someone monitoring your systems and patrolling the integrity of your data.
My intention in this timely article is to help inform you that cyber crime is on the rise, and the law enforcement agencies are already overwhelmed with cases that will never get solved, or even get a second glance. The FBI agent I’d been working with told me, “This won’t get solved before I retire (eleven months later).” He was right.
I’ll leave you with a story this FBI agent told me and my husband while I was setting up my machine for him to observe a hack in progress.
“A man came to me saying he’d been looking at some porn on the Internet, and then he came across a photo of his niece. He recognized her headshot from her high school senior photo, but the rest wasn’t her body. Someone with art skills had cut her head off and pasted it onto another body. “
Her image had been stolen online or scanned by someone and now had been turned into a pornographic image. This man went to the FBI to show them and to get her some help.
This is just one reason why you need to protect your client’s images in any online proofing or portfolios you maintain.
Is it worth it? Only you can answer that.
 Tommy Thompson |
 Kerry Kolb |
 Jon Saban |
 Jake Nelson |