System Administration and Crime: The Really Hidden Data

Having competences both in system administration and in the military is sometime useful. Especially when I’m involved in Police operations to discover systems used by our fellow system administrators working for the dark side of the Force.
Yes, the first interesting thing is that crime uses Information Technology at the highest level not only to stole data but also to manage information about its business. If you still imagine mob guys acting like James Gandolfini in “The Sopranos” you need to update your eeprom. The lower level of crime organizations, people carrying guns and shooting each other, is only the tip of the iceberg. The real danger are people wearing tuxedo.

Talking about hidden things, In the past I had to work in a filed case where a business consultant was under Police oversight because they were sure that he was an accountant for an Italian crime organization. I was involved directly in the action because the Police didn’t want someone destroying data during the irruption operation. Usually, our dark side SA provide a lot of quick systems to destroy data in few seconds. And when I say “destroy”, I’m not talking of delete, erase or low level format, I’m talking of small appliances that release a powerful acid directly in data storage device to physically burn the surface and making impossible any attempt to recover data (that, just to be sure, are also strongly encrypted).
There are procedures to avoid this kind of problems (no, I won’t explain them over the Internet) so after we broke the door, I was sure that all computers and storage devices were safely seized by Police Officers.
We spent several days looking for crime data, but we didn’t find anything interesting. But, examining network cards configuration, I figured that an hidden wireless network was used in the seized offices.
So, we went back in the office and started looking for the “hidden” router. We didn’t find it. Police dogs couldn’t help us. It seems that routers don’t have a characteristic smell. It was only a kind of intuition when we realized that small walls are obstacles only for electromagnetic radiation between 790 and 435 THz, not for electromagnetic waves ranging in the IEEE 802.11 specification 😉
Yes, a small router and several small NAS storage have been physically buried into the office walls. No doors, no access. Only light bricks allowing signal to propagate, power cables and internal connections to air condition system to keep the required working temperature.
The (good) idea was to provide only a fast routine to immediatly detach remote mounted disks in the case of an unwelcome visit.
Starting from that visit, the actual surveillance and irruption procedures of Italian Police includes countermeasures for what we called the “in walls buried data”.
So, if you want to fight crime, stay tuned and keep thinking in an not conventional way. They have young, smart SAs, but we have experience and a bit of knowledge.
(Yes, I know, there are a lot of technical particulars missing, but it works in the same way of magicians. Your tricks are your money.)