CyberSecurity Pulse 2016-02-18

CyberSecurity Pulse 2016-02-18

Analyst Insight

Cooking Up the Future of Counterintelligence: OPSEC as a Need

Have you ever made a call by mistake to someone you did not want to call? Can you think now about calling a member of a criminal group in context of an investigation? These human mistakes may happen if the members of the unit have not received the appropriate tools to prevent as many information leakages as possible when conducting an investigation. This concept of security operations, also known as OPSEC, is part of the discipline of counterintelligence, and their relevance has lead to the creation of dedicated structures inside the intelligence services to deal with this issue.

cybernews1These activities, conceived as essential from the point of view of state agents as being focused on overturning the knowledge of foreign actors, are also carried by other criminal groups to hide their identity. For instance, it is well known that members of the Islamic State are taught by means of several official guides which tools to use and which to avoid in order not to be monitored. Likewise, Europol published in its annual report for 2015 on organized crime in the network how anonymous networks are being used to share the need to remove any trace that could identify the authors dedicated to child pornography or how to include fake details in the background of pictures so as to confuse researchers by inserting noise.

The reality is that the analyst should have the capability of working using safe environments in which the tools provided allow him to know what kind of information is the machine revealing to others. By improving our counterintelligence capabilities we can also leverage to enhance our skills in the process of obtaining information, a field in which everything we are able to internalize will not be a waste of time.

Top Stories

Apple Refuses to Access the Data of the Attackers of San Bernardino

cybernews2Apple must provide “reasonable technical assistance” to help US law enforcement agencies to access encrypted data on an iPhone 5c used by Syed Rizwan Farook, one of the shooters in an attack in last December at San Bernadino, California. The aim is to discover whether there were accomplices of the couple and find possible links to Islamic State and other radical Islamist groups. However, Apple has resisted and CEO, Tim Cook, has come to write an open letter to Apple Customers published on the website of the company claiming that this is a "overreaching by the US government" while asking to open a public debate on the subject.

» More information at Apple

Russia Vs Tech Companies

cybernews3The newly appointed Internet Tsar German Klimenko, who is the first internet advisor of Vladimir Putin, wants to kick off American Giants from Russia. According to Klimenko, it seems that both the nations are unhappy with the worldwide surveillance programs conducted by the US intelligence agency, NSA, and its British counterpart, GCHQ, which indulge into one’s private life. As part of this project, Klimenko plans to hike the tax on foreign companies, including Google and Apple, by 18% VAT on their applications and services sold online. It is estimated that Apple, Google and other companies are nearly gaining 300 Billion rubles (up to $4 Billion) in revenue every year from Russia.

» More information at The Hacker News

Rest of the Week´s News

Man Charged of Laundering $19.6 Million Earned With PBX System Hacking

Pakistani citizen, Muhammad Sohail Qasmani, admitted having laundered millions as part of a massive telecommunications fraud scheme and computer hacking action. The man worked for a hacking organization composed by individuals set in Bangkok and Pakistan that was mainly targetting US companies by gaining access into their PBX systems.

» More information at The Hacker News

Stealing Decryption Key from an Air-Gapped Computer Placed in Another Room

Tel Aviv University researchers have hacked for the first time a standard laptop ostensibly protected by the latest ECDH commercial encryption, in an attack carried out in seconds and through a wall. To achieve their goal, the only thing an attacker needs is to send the victim an email and then capture their decryption key by measuring the electromagnetic (EM) waves emitted by the PC.

» More information at The Hacker News

The IPT Ruled that GCHQ Spies Can Legally Hack Any Electronic Devices

The UK Government is giving full power to its intelligence agency to spy on Britons as well as people living abroad. The verdict was issued on Friday after Privacy International and seven ISPs launched a legal challenge against the conduct of the GCHQ whom hacking operations were revealed by documents leaked by NSA whistleblower Edward Snowden.

» More information at Security Affairs