Connect with us

Feature Articles

Hybrid cyberattacks – A new era of threat

Inside Telecom Staff

Published

on

Hybrid cyber attacks

In the ultimate dystopian novel, George Orwell’s “1984”, there is a chilling sentence towards the end of the book which reads, “The creatures outside looked from pig to man, and from man to pig, and from pig to man again; but already it was impossible to say which was which.” 

The same can now be said for your common cyber-criminal and groups of state hackers. The ability to differentiate between the two is becoming more and more difficult as the two are increasingly impersonating one another in an attempt to cover their tracks and escape detection.

The most recent edition of the “Cyber Threat Intelligence Estimate”, from security solutions integrator Optiv Security of Denver, Colorado, states that cyber-criminals and nation-state owned or sponsored hackers are now learning from each other and improving at what they do, as they implement similar practices, spoof each other’s hacking plans and lay fake tracks to confuse investigators. 

The Optiv report states:

Sometimes threat actors may masquerade as a certain type in order to hide their true agenda. Or, threat actors may belong to two or more classes, switching between them as their priorities change”.

The report finds that many vertical industries are still susceptible to constantly evolving cyber threats.

While businesses and organisations increasingly understand that cyber-security is an imperative asset to their success, this issue is rarely at the top of the corporate agenda despite the fact that just one, brief, effective cyber-incursion could bring an entire business down.  Anthony Diaz, VP and general manager of cyber operations at Optiv says, “Cyber security can be an existential threat for organisations.”

The report discovers that retail, healthcare, government, and financial institutions are among the industries most vulnerable to verticals of cyber security attacks. The attackers also are developing in terms of sophistication as “hybrid threat actors” (those that pretend to be of a different threat classification to conceal their real identities) begin to thrive. 

Old conventional attack methods (botnets, DDoS attacks, malware and phishing remain persistent threats but ransomware and “cryptojacking” are amid the new array of weapons in the hacker’s armories.

The painful fact is that cyberspace is increasing in terms of its hostility, hackers are now more refined than ever and hybrid threat actors are improving at defying detection methods and systems. Consequently, no vertical business is exempt from attack.

The new report recommends several instances of best practice including the employment of multi-factor authentication when possible, and conducting of frequent audits of all vendors and third-party assets, disposing of the ones that aren’t used any more.

The report also recommends that organisations take a proactive stance, rather than a reactive one in their approach to cyber security. When it comes to Cyberspace, shutting the stable door once the horse has bolted is pointless. The deed is done and the money (or the IP) has long gone. It is better and more cost effective to put the defenses up before an attack takes place rather than to try to recover when the assailants have come and gone. In today’s world, it is sadly a case of when, rather than if.

We’re a diverse group of industry professionals from all corners of the world. Our desire is to provide a high-quality telecoms publication that caters to an international market, offering the latest and most relevant telecoms information to businesses, entrepreneurs and enthusiasts.

Continue Reading
Advertisement

Feature Articles

4 ways 5G will change our lives

Karim Hussami

Published

on

4 ways 5G will change our lives

5G technology is being rolled out in many countries worldwide, and is expected to have a substantial impact on our lives. Here’s how it will change things.

  1. 5G will change the way we shop for good – and will support the unprecedented shift in consumer behavior that was triggered by the health crisis. It offers high-performance, ultra-low latency networks that enable retailers to use immersive technologies such as AR to integrate the physical and digital worlds. This allows shoppers to try products virtually without the need to go to the store physically. The shopping experience will be enhanced with hyper-personalized digital experiences for customers, when in-store activity resumes.

 

  1. For the fact that 5G enables us to realize the potential of a fully connected world, it will push autonomous cars and drones more into the public space. 5G will give life to better and safer self-driving cars that will connect to other people, buildings, vehicles and street lights. Road safety will also benefit from a streamline system aided by 5G technology. Data collected from more IoT devices will be made possible which will expand a city’s ability to manage traffic flow, air quality, power use and public safety.

 

  1. Moving to more advanced forms of digital technology is a very important principle especially in regard to supply chain management. 5G will improve network speeds, simplify workflows among varying groups and will add new levels of end-to-end visibility on operations. Such improvements will translate into services that embody efficiency, quality and transparency for customers.

 

  1. Our trips to the doctor’s office may become a thing of the past as 5G facilitates virtual visits by low-latency, HD quality wireless networks. Telehealth services are being used more, since the start of the pandemic as it offers long distance patient and clinician contact, care, advice, reminders, intervention and monitoring. With 5G technology, wearable or implanted medical devices will capture your vitals and transmit them more efficiently to health care providers, to allow them to detect early signs of heart attacks, strokes, or other life-threatening events.

 

 

 

Continue Reading

Feature Articles

Confidence levels among tech startups have been shaken amid health crisis

Inside Telecom Staff

Published

on

Confidence levels among tech start-ups have been shaken amid health crisis

The pandemic has impacted industries across the world –with figures showing that almost 40 million people have lost their jobs since the health crisis. It therefore comes as no surprise that business confidence has been shaken. Many aspiring companies set out with a promising vision for a future – that did not include the pandemic.

The sharp drop in confidence levels has undoubtedly been caused by the prevailing and unprecedented impact of Covid-19. Studies have shown that many startups are worried about surviving the pandemic – as many reported having no contingency plans in place. A ‘plan B’ always comes highly recommended in case a company’s initial launch does not meet expected sales figures. Should a primary target not be met, a viable alternative must help diversify channels to help mitigate the impact of potential loss. The formal documenting of policies and procedure for startups, might seem cumbersome but there is a lot to gain from a careful, methodological approach; such information can be of great value when you are in need of clear guidelines to help you in a moment of crisis.

Despite the sharp decline in confidence levels, experts believe that tech startups are the most likely businesses to bounce back from the crisis. Ritam Gandhi, founder and director of Studio Graphene, said that while coronavirus is the biggest challenge faced by businesses today, startups are well positioned to overcome adversity of this scale. “They are nimble, agile and able to respond to the challenges that arise on a day-by-day basis,” he said. “What’s more, demand for technology is higher than ever – consumers and businesses need innovative solutions to the problems they are currently facing. So, there are opportunities for those who can pivot and keep pushing forward.” In fact, many businesses in e-commerce, digital payments, e-learning and med tech have seen positive impact amid the health crisis. But travel and tourism platforms have not been so lucky.

With revenues hard hit in these few months, many small business owners have experienced significant cash flow difficulties. While adaptability is a key characteristic of smaller companies, dried up resources and funding may disrupt plans to move forward post-pandemic. Law360 reports, that “regardless of sector, the inability to generate adequate cash flow jeopardizes the ability to meet obligations to lender, creditors and investors.”

While the pandemic has shaken confidence, reports show that the vast majority of tech startups will plan to hire more staff and hope to raise further investment this year. Businesses need to explore new markets if they are to survive more permanent changes caused by Covid-19. The shift in consumer behavior may even bring about new opportunities for those who started out with an entirely different vision. But, strategies must align with and not fight, new, emerging trends.

 

Continue Reading

Feature Articles

A law issued in 1789 may put your iPhone at risk

Ranine Awwad

Published

on

A law issued in 1789 may put your iPhone at risk

“We have even put that data out of our own reach- because we believe the contents of your iPhone are none of our business,” said Apple in a statement released in 2016. The company, that has been refusing orders from the Federal Bureau of Investigation (FBI) to unlock devices seems to be in a pickle.

In 2019, the FBI started investigating the case of Mohammed Saeed Alshamrani, a military trainee who killed three US sailors and wounded several others in a terror attack on a military base in Pensacola, Florida. Back then, Apple refused to break into his iPhone and claimed that the company provided every piece of information available to it, including iCloud backup, account information, and transactional data for multiple accounts.

On May 18, 2020, Attorney General William Barr and FBI director Christopher Wray had a press conference after they successfully broke into the iPhone – with no thanks to Apple according to Barr. FBI finds out that the gunman ties with Al Qaeda in the Arabian Peninsula (AQAP) began in 2015. Barr said that Apple’s decision has dangerous consequences for public safety and national security. “We are confident that technology companies are capable of building secure products that protect user information and at the same time, allow for law enforcement access when permitted by a judge,” he said. On the same day, Apple issued a statement saying that “There is no such thing as a backdoor just for the good guys, the American people do not have to choose between weakening encryption and effective investigations.”

In May 2020, Digital Trends requested a comment from Apple on the incidence as to whether this would force the company to rethink its encryption, or whether the average iPhone user should be concerned. But there was no response from the company.

In 2016, the FBI was investigating the case of Syed Rizwan Farook, the gunman of the San Bernardino, Calif., mass shooting. Farook is killed and the FBI has a warrant to access information on his phone but they can’t ask him for this unique decryption key and Apple doesn’t have it either. In March 2016, the FBI was able to crack his iPhone 5C running Apple’s iOS 9 mobile operating system.

There was no other way for the FBI to unlock the iPhone but to guess the code. However, Apple designed a security system that can wipe a phone’s data following too many incorrect guesses. The FBI asked Apple to write a workaround that turns this feature off. Apple refused. But the FBI found a way to hack the iPhone. “Apple has attempted to design and market its products to allow technology, rather than the law, to control access to data which has been found by this Court to be warranted for an important investigation,” the US attorneys said.

Federal officials refused to identify the person/organization that helped them crack the phone. This came as no surprise. According to The New York Times, Stewart A. Baker, a lawyer at Steptoe & Johnson and the Department of Homeland Security’s first assistant secretary for the  police said: “The method used is proprietary to the company that helped the FBI so it’s possible that the government won’t reveal the method that allowed them to crack the iPhone”.

Apple engineers have also begun developing new security measures that will make it impossible for the government to open an iPhone. Experts said that the government might have used different methods in order to unlock the iPhone. One of these methods is removing a chip and fooling it. This mechanism blocks password guessing, in order to find the user’s password and unlock the data. Another mechanism used by the government might be the NAND chip. This method could allow the FBI to replace the original NAND chip by another one that has a copy of the content. This procedure mirror’s the phone storage chip and copies it onto another chip.

What is really interesting is that a new iPhone has upgraded a chip known as the A7 with Secure Enclave, a security processor that has a unique numerical key which is essential to the security of information stored on the phone. This numerical key is not known to the company. Thus, new iPhones may be less susceptible to NAND-mirroring. But how was the FBI able to unlock Alshamarani’s iPhone?

In fact, the Silicon Valley company was ordered by a federal magistrate judge in California to help unlock the smartphone. Timothy D. Cook, Apple chief-executive opposed to the order via a public letter he published on February 16, 2016. “The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers,” he said.

Cook avowed that this order has implications far beyond the legal case at hand. “The US government is asking us to create a new version of IOS that bypasses security,” he said. This software does not exist today and if so, it would have the potential to unlock any iPhone in someone’s physical possession. The US government suggested that this tool can be used on one iPhone. But according to Cook, once created, this technique can be used to crack other iPhones.

What is more important, privacy or security? This is the FBI-Apple debate that would define the future of digital privacy.

In fact, the US government invoked the All Writs Act (AWA) signed by President Georges Washington in 1789. Courts have tended to use this law when there are extraordinary circumstances- which applies to cases such as Farook and Alshamrani. Under this law, federal judges have the power to issue orders to compel people to do things within the limits of the law.

The Communications Assistance for Law Enforcement Act (CALEA) already limits the ability of law enforcement agents to dictate design and software configurations. According to the Center for Internet and Society at Stanford Law School, CALEA applies to the manufacturer- Apple is the case- and providers of telecommunications services.  According to the Legal Information Institute at Cornell Law School, CALEA permits the strongest encryption deployed by a manufacturer under the section 1002 (b) (3): “A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer- unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication”. In fact, this act limits court orders written under the AWA.

Neil Richards, professor of law and a privacy law expert at Washington University in St. Louis pointed out that intermediaries’- Apple for example- decisions on our behalf directly affect our civil liberties, including our right to privacy. “Law enforcement demands would be unconstitutional in the physical world and few companies are courageously standing up for the rights of their users,” he said for “The Source”.

It’s completely understandable that the FBI is seeking criminals to Justice. But this might put the user’s privacy at risk. In fact, privacy is secured under the International Human Rights law as well as the EU’s General Data Protection Regulation (GDPR). Undoubtedly, the Apple and FBI dispute is opening a new debate on digital rights.

Continue Reading
Advertisement
Advertisement change picture Advertising Banner

Advertisement

Subscribe

Sign up to our newsletter to receive the latest news every week.

Trending

Pop Up