Wednesday, December 3, 2014

It was accidentally on purpose, as digital hook

Last week passed Roberto Gómez Bolaños, better known as "Chespirito" or "Chavo del Ocho". One of these humorous artists with whom we grew up, he coined the famous phrase "It was accidentally on purpose".

Cyber attackers have hurried to exploit the tragic news for malicious purposes. A sponsored tweet (for now in English, although we expect its spread in Spanish and Portuguese), invites the user to access a page with supposed new information about the success is exploited to send victims to an infected domain, or to download an adware app. Let's be very careful with shortened links.

"It was accidentally on purpose" as a digital world principle, in which some (auditors) want to clarify the studied cases, and others (the criminals) hide their evidences. INCIBE includes in a long article all common anti-forensic techniques, emphasizing among them steganography (hiding information within a file), sources of evidence elimination (most radical) and counterfeiting (creating false evidence).

Police is aware of these methodologies, and more and more governments have teams specifically designed to address digital attacks. Multidisciplinary teams, such as those found in the US armed forces, with paradoxically more civilians than military, due to the difficulty for the latter to combine the necessary technical studies (they exist, and of various kinds) with military career.

If you should read something today (besides CIGTR article, of course), our recommendation would be the research entitled "The web never forgets". A "it was accidentally on purpose" script, which shows all techniques that major internet services use to monitor its users. And do, we don't talk just about cookies, easily removable, but rather more sophisticated tools (webbrowser fingerprinting, evercokies, cookiesync, ...).

This is at company level. At government level it gets even more serious. Boys from Thiber group have published on Linkedin a world map with submarine cables tapped by British intelligence (remember that they have the advantage of being a strategic communication node between America and Europe), based on Snowden revelations.

If you want nobody tricks you, remember that all internet services are paid services. Or you pay with money, or you pay with data that'll end up being paid with money. A well known secret, a 'was accidentally on purpose", it's the case of these VPN services totally free that offer private communications and skipping of corporate connections restrictions, in exchange for a tracking that can be quite expensive for us.

Rest in peace, "Chespirito". We will continue here every day, applying everything you have taught us, and trying, from a fun and sincere point of view, to offer all the sector news.


Post a Comment