Tuesday, March 21, 2017

The 'Ides of March'

A year ago, today...

Certain key moments in the calendar had their own names in the past. Among them stands out the one known as "ides of March" that designated the 15th day of the month dedicated to the god of war Mars, or what is the same, on March 15 for mortals.
These days were days of good news, however, the whims of history made one of these days the own Julius Caesar was killed, which made this date change the tables and came to have negative connotations. Even Shakespeare made famous the phrase "Beware of the Ides of March!".

Like every week, we go into our time capsule and we go back a year ago, to take perspective and see how we have evolved in the cybersecurity sector. It is clear that we evolve, but sometimes it gives the impression that we make the same old mistakes. For example, today, a year ago, the news were security in mobile telephony. Google published in a hurry a patch for a vulnerability that affected 275 million Android phones, specifically from version 2.2 to 4.0, 5.0 and 5.1. Although the vulnerability was new, it was located in the same library that was attacking "Stagefright", which for reasons unknown, Google did not completely protect. Then, the only solution was to install patches. Patches that did not always reach all Android devices, or did not arrive on time. It's that subtle but fundamental difference between having a Nexus (or a Pixel), or having any other android device in the hands of another manufacturer... not to mention the delays of the operators.

The Swedish media should have taken more care of the "Ides of March" and this may not have happened to them. Does the attacks against the media seem familiar to anyone? They are are the order of the day, like the one that last year shook the Swedish media, which forced them to close their online editions for a few hours, between 8 and 11 at night. Just before the attack, a Twitter account was opened, @_notJ, whose first tweet said: "There will be attacks in the coming days against the government and Swedish media spreading false propaganda." It seemed like they were warned but this fact did not prevent a second tweet that said: "This happened for spreading false propaganda."

But unfortunately, not only the newspapers receive attacks. Also companies around the world were then, and currently are, victims of increasingly frequent phishing tricks to steal data or money from them. One of those attacks, and one of the most popular cases of all 2016, was Home Depot; the "joke" cost them almost $20 million just as compensation for the 50 million customers who had their data exposed. At the time of the attack, Home Depot antivirus had been 7 years without an upgrade and the password policy was practically absent.
Another topic that was widely discussed during last year and brought some problems to the whole researcher community was the MITRE database, which indexed all vulnerabilities discovered, and was working worse and worse during the time. Some researchers proposed an alternative solution but MITRE preferred to launch its own pilot test which did not lasted even a day.

And these days of March, a year ago, left us news that gave us hope and mistrust at the same time. A university professor and his students embarrassed iOS: a 0day that allowed to decipher intercepted iMessages and even to discover the key to watch encrypted videos and photos in iCloud. Apparently the professionals of the future came with strength and were able to ‘see some faults’ in the selfsame Apple. On the other hand, it is a little bit scary the fact that the system that many users consume "because it has no virus" has bugs that can be detected by students. The attack was difficult to reproduce and, according to Professor Matthew Green, was restricted to elite attackers at the "nation-state" level. Ok. But it was possible. We have to be careful to not repeat the mistakes of the past.

Image: pixabay.com


Post a Comment