Friday, November 14, 2014

Caution, a mandatory in the digital world

The story of spy Roberto Flórez was the most highly talked about topic in Madrid at its time. This man made counter-espionage work for the Russians for several years, with some surprising movements. In this sense, he was not the most cautious person. He repeatedly offered his services at the door of the Russian Embassy in Madrid. This, added to the fact that he systematically kept all receipts and invoices from his work, led to find him guilty of all charges presented at court.


However for others it is mandatory to be cautious. For such purpose, some technologies provide anonymous communication services. At least, all anonymity you can expect from a digital system. The Tor network is one of the most common tools used by those interested in privacy. Perhaps this is the reason why this network it is continuously targeted by strategies aimed at violating its architecture. OnionDuke is one of them. It modifies binary communications using a fraudulent Russian node. If you have the misfortune of exiting through this node, my friend, your communications are no longer secure.

On the other hand, ComRat is a new spyware similar to Uroburos used by some intelligence agencies as a Trojan horse. COM is its programming interface, and RAT its remote control module. If this malicious software managed to crack in the network, it allows attackers to take control of it and do evil (installing Trojans, filtering traffic, monitoring documents...).

At Net-Security they are aware of this, so they explain some good practices to avoid being easy targets of governmental spying attacks. Some of their recommendations are to manage internal information by a well-defined roles with restrictive permissions, to keep systems continually audited, to monitor and evaluate the entire perimeter of the network and to control shared resources.

One of the weakest links in business chain is the misuse of confidential information by employees, motivated by the democratization of the cloud and the BYOD ("bring along your own device" to the office) policies. Therefore it is good news that BlackBerry, which is one of the bigger players in mobile security, agrees an alliance with Samsung in order to securize communications on Android devices. Samsung’s security service KNOX, which is focused on BYOD, will be the first one in receiving new implementations by next year.

But imagine that it is not very well developed. It doesn’t hurt to consider a forensic analysis to check it out. For example, you can follow The taking evidence in Windows environments Guide released by INCIBE. A guide that covers all the steps from the discovery of an incident to treatment, evidence collection and documentation listed according to the associated economic impact.

Before saying goodbye until tomorrow, the CIGTR would like to tell you about Cybercamp 2014, the first European forum on network security. So if you are a young person interested in the security industry, you can still participate on the challenges from where the experts of tomorrow will be selected. In fact, they will receive a number of scholarships at prestigious cybersecurity institutions in Europe. Moreover if you have a good idea you'd like to make real, you'll be eligible for numerous prizes and mentoring programs. What are you waiting for?

0 comments:

Post a Comment