Friday, March 31, 2017

The Chinese Whispers (The ruined phone)

The best of the week in Cybersecurity

One of the most popular games when we were kids was the Chinese Whispers (the ruined phone), which consisted of a handcrafted phone made with a couple of yogurt containers and a thread. The function of each containers was to get a message from one person to another, and in both cases, the only thing that was received was a babbling of the original content. As expected, the safety of this procedure was not very high (nor was it sought), and this is what the companies have focused on in the last years: in seeking a secure communication from one “yogurt container" to another.

Telegram, following the steps of its alter ego, has added the possibility of making calls. This feature is not new in this kind of applications, but the innovation that it brings is the encryption of the "end-to-end" calls, as well as in the text messages. And it doesn’t stop there: we also will be able to select who we want to allow to call us and the quality of the calls (deciding between a higher call quality or using less data). At the moment it will only be available in Western Europe, for iOS devices and Android.

The other large instant messaging app, WhatsApp, has the ability to make calls since a much longer time ago, and recently it also added the encryption. About that fact has just spoken the British government, who demands WhatsApp its cooperation to face terrorism. After the terrorist attack in London, and to prevent further attempts, Interior Minister Amber Rudd has urged the company to facilitate the restricted conversations that the terrorists had in the previous days of the attack. We hope that they have been able to get clear ideas and find a common point of understanding between security and privacy at the meeting they had yesterday.

Other news that has caught our attention are the results of the new IBM report, which indicates that spam grew by 400% in 2016 and that almost half of that messages came with ransomware as a gift. The study has been carried out 20 times, and this year the record has been exceeded by far. Cybercriminals know where they should act and therefore their main field of action has been the financial sector, targeting secondly the government, which recorded 398 million compromised actions. Last year, the number one target was the health sector, which recorded 100 million incidents in cybersecurity, nothing to do with this year's data, which shows that it 'only' received 12 million attacks. It seems that cybercriminals are giving a small respite to hospitals.

As a preventive mesure, Mastecard has acquired NuData Security. The technology company has helped companies around the world prevent online fraud and Mastercard will join this cause, prompting greater protection in the digital space. This merge will also strengthen efforts around the security and certification of all types of devices, allowing almost real-time collaboration between issuers, merchants and processors.

And today we end up with good news to prevent cases of online fraud. 39% of companies have introduced a formal policy BYOD (Bring your own device). We have already talked about the dangers of using personal electronic devices at work, and so many companies are starting to take action. It is necessary that these policies are collected in writing and fulfilled by all workers, without exceptions. In addition companies have to provide a secure network and a good antivirus, and most importantly, make employees aware of the need to follow these safety standards, so the calls made at work from their own devices will also be secure.



Post a Comment