Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

For consumers

 

MY TAKE: Let’s not lose sight of why Iran is pushing back with military, cyber strikes

By Byron V. Acohido

It is not often that I hear details about the cyber ops capabilities of the USA or UK discussed at the cybersecurity conferences I attend.

Related: We’re in the golden age of cyber spying

Despite the hush-hush nature of Western cyber ops, it is axiomatic in technology and intelligence circles that the USA and UK possess deep hacking and digital spying expertise – capabilities which we regularly deploy to optimize our respective positions in global affairs.

Last week, President Trump took an unheard of step: he flexed American cyber ops muscle out in the open. An offensive cyber strike by the U.S. reportedly knocked out computing systems controlling Iranian rocket and missile launchers, thus arresting global attention for several news cycles.

“The digital strike against Iran is a great example of using USCYBERCOM   as a special ops force, clearly projecting US power by going deep behind enemy lines to knock out the adversary’s intelligence and command-and-control apparatus,” observes Phil Neray, VP of Industrial Cybersecurity for CyberX, a Boston-based supplier of IoT and industrial control system security technologies.

Some context is in order. Trump’s cyber strike against Iran is the latest development in tensions that began in May 2018, when Trump scuttled the 2015 Iran nuclear deal – which was the result of 10 years of negotiation between Iran and the United Nations Security Council. The 2015 Iran accord, agreed to by President Obama, set limits on Iran’s nuclear programs in exchange for the lifting of nuclear-related sanctions.

For his own reasons, Trump declared the 2015 Iran accord the “worst deal ever,” and has spent the past year steadily escalating tensions with Iran, for instance, by unilaterally imposing multiple rounds of fresh sanctions.

Iran pushes back

This, of course, has pushed Iran into a corner, and forced Iran to push back. It’s important to keep in mind that Iran, as well as Europe and the U.S., were meeting the terms of the 2015 nuclear deal, prior to Trump scuttling the deal.  Let’s not forget that a  hard-won stability was in place, prior to Trump choosing to stir the pot.

Today, Iran is scrambling for support from whatever quarter it can get it. It’s moves, wise or unwise, are quite clearly are calculated to compel European nations to weigh in on its behalf. However, many of Iran’s chess moves have also translated into fodder for Trump to stir animosity against Iran. …more

Comment | Read | June 26th, 2019 | For consumers | For technologists | Imminent threats | My Take | Privacy | Top Stories

BEST PRACTICES: Do you know the last time you were socially engineered?

By Byron V. Acohido

This spring marked the 20th anniversary of the Melissa email virus, which spread around the globe, setting the stage for social engineering to become what it is today.

The Melissa malware arrived embedded in a Word doc attached to an email message that enticingly asserted, “Here’s the document you requested . . . don’t show anyone else;-).” Clicking on the Word doc activated a macro that silently executed instructions to send a copy of the email, including another infected attachment, to the first 50 people listed as Outlook contacts.

What’s happened since Melissa? Unfortunately, despite steady advances in malware detection and intrusion prevention systems – and much effort put into training employees – social engineering, most often in the form of phishing or spear phishing, remains the highly effective go-to trigger for many types of hacks.

Related: Defusing weaponized documents

Irrefutable evidence comes from Microsoft. Over the past 20 years, Microsoft’s flagship products, the Windows operating system and Office productivity suite, have been the prime target of cybercriminals. To its credit, the software giant has poured vast resources into beefing up security. And it has been a model corporate citizen when it comes to gathering and sharing invaluable intelligence about what the bad guys are up to.

Threat actors fully grasp that humans will forever remain the weak link in any digital network. Social engineering gives them a foot in the door, whether it’s to your smart home or the business network of the company that employs you.

Attack themes

A broad, general attack will look much like Melissa. The attacker will blast out waves of email with plausible subject lines, and also craft messages that make them look very much like they’re coming from someone you might have done business with, such as a shipping company, online retailer or even your bank.

Some common ones in regular rotation include: a court notice to appear; an IRS refund notice; a job offer from CareerBuilder; tracking notices from FedEx and UPS; a DropBox link notice; an Apple Store security alert; or a Facebook messaging notice.

…more

Comment | Read | June 24th, 2019 | Best Practices | For consumers | Imminent threats | My Take | Top Stories

GUEST ESSAY: Dear America, Facebook is an addictive digital drug of little productive value

By Sen. Josh Hawley

Social media consumers are getting wise to the joke that when the product is free, they’re the ones being sold. But despite the growing threat of consumer exploitation, Washington still shrinks from confronting our social media giants.

Why? Because the social giants have convinced the chattering class that America simply can’t do without them. Confront the industry, we’re told, and you might accidentally kill it ? and with it, all the innovation it has (supposedly) brought to our society.

Related: The cost of being complacent about privacy.

Maybe. But maybe social media’s innovations do our country more harm than good. Maybe social media is best understood as a parasite on productive investment, on meaningful relationships, on a healthy society.

Maybe we’d be better off if Facebook disappeared. Ask the social giants what it is that they produce for America and you’ll hear grand statements about new forms of human interaction. But ask where their money comes from and you’ll get the real truth.

Advertising is what the social giants truly care about, and for an obvious reason. It’s how they turn a profit. And when it comes to making money, they’ve been great innovators. They’ve designed platforms that extract massive amounts of personal data without telling consumers, then sell that data without consumers’ permission.

And in order to guarantee an audience big enough to make their ads profitable, big tech has developed a business model designed to do one thing above all: addict. …more

Comment | Read | May 22nd, 2019 | For consumers | Guest Blog Post | Imminent threats | Top Stories

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

By Byron V. Acohido

Android users – and I’m one – are well-advised to be constantly vigilant about the types of cyberthreats directed, at any given time, at the world’s most popular mobile device operating system.

Related: Vanquishing BYOD risks

Attacks won’t relent anytime soon, and awareness will help you avoid becoming a victim. It’s well worth it to stay abreast of news about defensive actions Google is forced to take to protect Android users. Just recently, for instance, the search giant removed 50 malicious apps, installed 30 million times, from the official Google Play Store, including fitness, photo-editing, and gaming apps.

And earlier this year, three popular “selfie beauty apps”– Pro Selfie Beauty Camera, Selfie Beauty Camera Pro and Pretty Beauty Camera 2019 – accessible in Google Play Store were revealed to actually be tools to spread adware and spyware. Each app had at least 500,000 installs, with Pretty Beauty Camera 2019 logging over 1 million installs, mainly by Android users in India.

Instructive details about both of these malicious campaigns come from malware analysts working on apklab.io, which officially launched in February. Apklab.io is Avast’s mobile threat intelligence platform designed to share intelligence gathered by analyzing samples collected from 145 million Android mobile devices in use worldwide.

I had the chance to sit down with Nikolaos Chrysaidos (pictured), head of mobile threat intelligence and security at Avast, to drill down on the wider context of the helpful findings apklabl.io has begun delivering. Here are excerpts of our discussion, edited for clarity and length:

Acohido: What was distinctive about the 50 malicious Android apps your analysts recently discovered?

Chrysaidos: The installations ranged from 5,000 to 5 million installs, and included adware that persistently displayed full screen ads, and in some cases, tried to convince the user to install further apps. The adware applications were linked together by the use of third-party Android libraries, which bypass the background service restrictions present in newer Android versions.

The bypassing itself is not explicitly forbidden on Play Store. However, our analysts were able to detect it because apps using these libraries waste the user’s battery and make the device slower. In this instance, the libraries kept displaying more and more ads, which does violate the Google Play Store rules. …more

Comment | Read | May 8th, 2019 | For consumers | For technologists | Privacy | Q & A | Top Stories

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

By Byron V. Acohido

No matter how reliant we ultimately become on cloud storage and streaming media, it’s hard to image consumers ever fully abandoning removable storage devices.

There’s just something about putting your own two hands on a physical device, whether it’s magnetic tape, or a floppy disk, or a CD. Today, it’s more likely to be an external drive, a thumb drive or a flash memory card.

Related: Marriott reports huge data breach

Ever thought about encrypting the data held on a portable storage device? Jay Kim, co-founder and CEO DataLocker, did.

Launched as a one-man operation in 2007, DataLocker has grown into a leading manufacturer of encrypted external drives, thumb drives, flash drives and self-encrypting, recordable CDs and DVDs.

DataLocker today has 40 employees and last year moved into a larger facility in Overland Park, Kansas, with room to grow. I had the chance at RSA 2019 to visit with Shauna Park, channel manager at DataLocker, to discuss what’s new in  the encrypted portable drive space. For a full drill down please listen to the accompanying podcast. Key takeaways:

Protected backup

Even with increased adoption of cloud computing, external storage devices, like USB thumb drives and external hard drives, still have a major role in organizations of all sizes. These drives still serve a purpose, such as transporting data from one computer to another, accessing presentations outside of the office, or as an additional backup solution. …more

Comment | Read | May 8th, 2019 | For consumers | For technologists | New Tech | Privacy | RSA Podcasts | Top Stories

GUEST ESSAY: Six risks tied to social media marketing that all businesses should heed

By Mike James

While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts.

Related: Defusing weaponized documents

While social media on every platform has benefits, there remains risks that must be addressed so as to keep your companies’ image and data safe.

No matter how large or small your business may be, the ability of social media to help you reach new customers and interact with consumers is unparalleled; however, there are danger areas. Here are five potential pitfalls of social media marketing.

Risk no. 1: Cybercrime

Businesses should always be very aware of the threat of cybercriminals, and social media also poses very real cyber-security risks.

Hackers use social media to learn more about you, and they can be very skilled when it comes to working out your passwords thanks to your posts about your pets, family, or even birthday plans.

When your social media accounts are shared between your personal account and your business pages, then even your own profile pages may be a way for hackers to gain access to company data.

In order to minimize the risks, you need to establish a strong online security culture across every level of your company. Teach your employees about the need for stronger passwords, and how to make use of both password generators and password management systems.

Risk no. 2: Trolls

There are some people online who enjoy attacking strangers on social media, and businesses are not exempt from this unpleasant attention. Whether it’s online bullying on Facebook, attacks to your brand on Twitter, or even leaving unfounded negative reviews online, those trolls cost UK businesses as much as £30k a year. …more

Comment | Read | May 3rd, 2019 | For consumers | For technologists | Guest Blog Post | Top Stories

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

By Byron V. Acohido

Defending a company network is a dynamic, multi-faceted challenge that continues to rise in complexity, year after year after year.

Related: Why diversity in training is a good thing.

Yet there is a single point of failure common to just about all network break-ins: humans.

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee.

In 2015, penetration tester Oliver Münchow was asked by a Swiss bank to come up with a better way to test and educate bank employees so that passwords never left the network perimeter. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity.

Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. I had the chance at RSA 2019 to sit down with Lucy CEO Colin Bastable, to discuss the wider context. You can listen to the full interview via the accompanying podcast. Here are key takeaways: …more

Comment | Read | May 1st, 2019 | Best Practices | For consumers | For technologists | Podcasts | Privacy | RSA Podcasts | Top Stories

Older Articles »