Meta Intelligence - Cyber Intelligence and Security
  • Home
  • Cyber Intelligence / Digital Risk Management
  • Courses
  • About Us/Contact
  • Blog

BigEye Cyber Edition

Knowledge is power

Encryption in Transit - Part 1

2/14/2017

0 Comments

 
During the past two days I have seen many articles regarding the use of encrypted communications by government representatives. Ergo, I think it is time to do an eval of the many apps available and what I like and don’t like about each of them.
 
What are the key features I look for?
End-to-end encryption is paramount. This means that the encryption keys are generated locally on each devise and the private key never leaves the deceive. This ensures that only the intended recipient can read your messages.  
 
Transport Layer Security (TLS) to prevent the man-in-the-middle attack. If you have been following my blogs, you probably remember that I recommend using a virtual private network (Expressvpn.com) at all times to prevent man-in-the-middle attack. If the communication app has a built it one, it is a double plus.
 
Content is never stored in a server, even if it is encrypted in that server or deleted later.

The organizational and pedigree structure of the company. Who are the company executives and board of directors? You are rendering your trust by using the technology this group of people designed, and you do not want your normative privacy violated. Do they have a transparency page of information?
 
Which app is the winner in my humble opinion and analysis?
 
Wickr me - https://www.wickr.com/security/how-it-works Wickr has a personal and a business model. It clearly states its transparency protocol when it comes to responding to court orders and search warrants. It does not require the user to associate a phone number or email address with the account.
 
Most commonly used encryption apps and my second choices...
 
Signal - https://whispersystems.org/
If you talk with the geek community, many will tell you that this has the best layers of encryption. I do not like that you need to associate your phone in order to use the app. I prefer to use the apps that do not leave footprints.
 
Confide - https://getconfide.com/
It states that nobody can take a screen shot of the message. Well, with the device that has the message but you can take a photo of the device with an iPad or any other device has a camera. Do not get caught thinking that you can type whatever here and be 100% safe.
I do not like that you need to use your email address to use this app, then confirm that email address. Too many footprints in the process.
 
TigerText - https://www.tigertext.com/videos/
You must use an email attached to your domain. As with Confident, I do not like that you need to use your email address to use this app, then confirm that email address. Too many footprints in the process.
 
The ones I would not use even if you pay me to do so...
 
Telegram; Whatsapp; Snapchat; Cyber Dust
 
That is all for now. Thank you for reading and remember that I can bring this training to your organization. See below.
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization. 
0 Comments

Clicker Happy Syndrome

1/16/2017

0 Comments

 
As of today, 95% percent of all cyber intrusions took place because someone clicked on a link that was in an email or a text. The most publicized cyber intrusions such as the DNC, Sony, Target, the robbery of the F-35 plans perpetrated by China, and the list goes on and one have one single common denominator: phishing!
 
What is phishing?
It is a fraudulent way of fishing for information and the consequences stink like rotten sardines. This fraudulent practice consists of sending emails purporting to be from reputable companies or government organizations asking individuals to reveal personal information, such as passwords and credit card numbers.
The emails most often look very legitimate. The photo below shows a phishing email that the customers of the National Australia Bank received. The bank lost $1.8 million before they realized the scam was going around. 
Picture
Who can get phished?
Everybody can get phished. The goal is to obtain information that can be used to access intellectual property, bank accounts, credit cards, medical records…. Anything that can be sold in the black market.
There is this false belief that only important people get phished. Nope. You could be the newest employee hired to watch people go in and out of the building. If the crook can access your personal information and from there crawl his/her way to the most protected data in the company or government organization; then, you are a good candidate to be a phishing target.
In Dec 2016, Ben DiPietro writing for the Wall Street Journal reported about a survey conducted by the firm RedSeal resulting in a conclusion that 80% of CEOs operate with such a cyber ignorance about these type of threats that they make their companies a cyberattack target. 

How do you escape a phishing attack?
You might think that if phish stinks like rotten sardines, then maybe a powerful room deodorizer will protect you against cyber intrusions. Not in this type of phish.
 
The ONLY way you can prevent falling victim of a phish is by NEVER clicking on a link sent to you via email or text. If you receive an email from Google asking you to check something on your account (as it was the case in the DNC hack), do not click on the link of that email to go to Google. You must go to your browser, and type the domain of the website you need to access directly on your browser.
 
If you receive an email from anyone you know well, or trust, or your boss, the Pope, the Dalai Lama… and that email has a link (URL) that will send you to a website, DO NOT click on the link. You will copy the link and paste in the Google search bar (not in the URL bar but the search bar). This way, if the link has a cyber mine, Google will let you know in most cases that you are about to step on a cyber mine.
​
Most people check the news on their phones. The same rules apply. You will copy the link and bring it to your browser search field. See images below, and noticed that the link gets copied, then pasted to the Incognito url bar of Google Chrome (incognito mode does not have a search field separate from the url bar).
Picture
Same principle applies to links received by text.
 
How can you read the source or header of an email?
When you look at the header of all emails, you can see the return path. This means you can see to whom the email will be sent when you click reply. This is a good thing to look at in emails where the sender is asking you to reply with some personal information.
Not all phishing emails have a link. Some phishers are asking you to type information in the body of the email as you send your reply.
In Gmail, you can access the “view source” by selecting the arrow to the right of the reply button. Below are examples of a phishing scam, and what the return path address is. 
Picture
Picture
Picture
That is all for now. Thank you for reading and remember that I can bring this training to your organization. See below.
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization. 
0 Comments

Let's Talk About Android Devices

12/5/2016

0 Comments

 
As for today, the world smartphone market share has 87.6% of Android devices and 11.7% of iOS devices. In 2013, the statistics were showing that 79% of malware was written for Android devices. Today, you see that the number has gone up to 97% (according to some writers in the industry). If you are an Android owner, there is not much you can do about some of the very serious bugs floating around. I hope that these few measures and changes that I recommend can keep your droid without “cyber gonorrhea,” – an expression I have coined three years ago while teaching a class where ALL droids had a serious problem. J
 
Oh, and since I do not own an Android device and there are many models with different screens, this blog will look more like a lawyer’s book – no photos.

What can I do under the Security tab?
 Remove the check mark of Make passwords visible, and add a check mark on Verify apps. Remove the check mark from Unknown sources so you cannot install apps that are not being sold in the PlayStore.
 
The PlayStore is not a guarantee that your app will be clean and trustworthy. As of October 2016, there were 400 Android apps in PlayStore that had the DressCode malware.
 
How about Location Services?
Location Services should be turned off at all times; except when you are using a navigation app like Waze. Emergency services locator will not get turned off when you turn off the Access to my location.
Make sure that your apps do not have permanent access to your location. Only in use for those who assist you in navigation or transportation, and never for the other apps.
 
What can I use for Texting?
Textra SMS is the best third-party app in the PlayStore for texting.  You can read more about Textra here.
 
Can I encrypt my Android device?
Yes, and you should! Encryption protects all the data you carry on the phone… emails, photos, contact information, credit card information, etc. When a phone is encrypted and locked, nobody can access your data. Once you unlock the device, your phone decrypts the data. For this reason, get in the habit of always locking your phone when you are not using it.
You will not see a performance drop that will make your phone act like a turtle after the flu. If you enable encryption, keep in mind that the only way to undo the process is by factory resetting. For this reason, I highly recommend that you always back your data to an external device. If you have rooted your phone, you will have to unroot temporarily, encrypt and then root again.

Even if you do not have sensitive information on your phone, you should encrypt it to protect others. If your device is compromised and it starts sending malicious links to all of your contacts, then you are responsible in a way for their getting infected. You had the knowledge but you did not apply it, and now your family and friends end up with an infected device.
 
Is there a good anti-virus for Android?
Yes! Sophos Free Anti-virus for Android rocks. You can find it here.  Once you install, make sure you run the scan and fix whatever Sophos is recommending you to fix to protect your device.
 
Any other app for my Android?
Yes! I recommend installing CCleaner by Piriform. This app optimizes your device in seconds, and gets rid of cache, trash, etc.
 
DuckDuckGo for Android is a better choice to surf the web because this search engine does not parse your IP/MAC address with your searches.  (See the blog I wrote about Browsers).
 
What are the latest malware threats to Android?
The list would be enough to write a book. Thus, I will just include the very latest in case you missed the news about them.
Gooligan roots vulnerable Android devices and steals email address and authentication tokens. This is a serious problem affecting 1 million Google accounts.  If you do not have two-factor authentication, I recommend you implement that in all your accounts.
 
Quadrooter affects 900 million Android devices that use the Qualcomm chipsets. Here you can read the list of those devices.
 
AirDroid app, used by tens of millions of Android devices, makes the devices vulnerable to man-in-the-middle attacks leading to data theft and pushing malicious updates to the devices.
 
If I were you, the user of an Android device, the first item I would put on my wish list for Christmas is an iOS device. :-)
 
That is all for now. I wish you a Merry Christmas and Chanukah, and best wishes for 2017. 

Thank you for reading!
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization. 
0 Comments

Configuration for Apple Computers

11/22/2016

0 Comments

 
​Heavy online shopping season is upon us and most of your computers are configured in such a way that are vulnerable to many maladies floating in the Internet. I hope this short and simple blog encourages you stop what you are doing and upon reading this blog, open the System Preferences and make the changes that will guard your privacy and enhance the security of your system and the nation at large. Remember that each one of your devices, regardless of the content, can be used as a stepping stone to commit a cybercrime. So securing your technology is not only about you and your safety. It is about the safety of the nation at large.  
 
How to upgrade the Apple OS?
Although the latest operating system for Apple is Sierra, I recommend El Capitan as a most stable system. If you have any operating system lower than 10.11 (El Capitan), you need to backup your data and upgrade to El Capitan.
 
How do I backup and upgrade?
Using a WD Passport external hard drive that you can buy at any computer store or online, go to System Preferences and select Time Machine.
Connect the external hard drive to your computer, select On in the Time Machine window, and select the WD Passport as your destination. Once the backup is completed, you can take your laptop at any Apple store’s Genie bar and they will upgrade your computer to El Capitan for free.
Then, you can restore your data from the backup.
 
How do I configure my computer?
Go to System Preferences and follow the screen shots below.
Picture
​Open the General tab and select Google Chrome as your default browser. Then, go back to the main menu and select Security & Privacy. You will see four tabs: General, FileVault, Firewall and Privacy.  Under FileVault, Apple gives you the beautiful feature of encrypting your entire hard drive. Use it!
Still under Security and Privacy – Firewall Tab, select Firewall Options and put a check mark on Enable stealth mode. And under the Privacy tab, disabled Location Services, and Diagnostic & Usage. 
​I understand that many, many are Bluetooth dependent but it is one of the most vulnerable points of technology because of it spread spectrum and hopping frequency. A laptop can be compromised via Bluetooth within 100 meters, and there are plenty of Bluetooth scanners in the market. If you insist on having the Bluetooth on, at least remove the check mark on these options so your Bluetooth will not be so easily discovered. 
Picture
​That is all for now. Thank you for reading!
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization.
0 Comments

Modify Behavior to Reduce Hacking Epidemic

10/25/2016

1 Comment

 
In 2013, the Federal Bureau of Investigations (FBI) stated that cybercrime had become the number one threat to the nation, and that social engineering was rampant in 2013.[1] In fact, as of today, 95% of cybercrime incidents start with a “spear phishing” email sent to a member of the targeted organization. Cybercriminals are targeting CEOs and other strategic planners of the organization who are often exempt from security rules within the organization, and are too busy to take a few easy steps to verify the provenance of an email with a link or an attachment, or to wait until they get to their computers to click on a link sent to them via text (SMS).

So far, the solution has been a reactive approach of adding layers of technology. As the hacking attacks increase, the IT departments are acquiring more technology to guard the network perimeter, which in turn depletes government agencies and private industry of funds that should be more profitable invested in educating all members of the organization on the A-Z of using technology in private mode.
​
Total reliance in technology has proven to be ineffective against today’s modus operandi of hackers, spies and cybercriminals alike. Whenever an IT department deploys a new piece of technology to secure the network perimeter, the cybercriminals will find the way to circumvent it, as we have seen during the hacking events of the past 10 years, and on 21 OCT 2016, on the DDoS done to Dyn using the malware Mirai.
 
Moreover, cybercriminals and spies are masking their intrusions under the pretense of normal Internet traffic and they know they can count on the “click-happy” Internet user that will, without thinking, click on a URL link sent to him/her by email or text. The goal is to compromise the individual’s cybertechnology device (phone, tablets, laptops, etc.) with the malware. Then, the infected device becomes under the control and command of the hacker and it is used to penetrate the holy grail of the organization – assets, intellectual property, and username/password/credit card information, or to control the computer to execute a denial of service attack, and other cybercrimes.
 
Our nation does not have a technological problem when it comes to cyber security. It has a behavioral problem – the operator is the weakest link in the security chain. It is the manner in which the operator (CEO, grandma, a child playing computer games, stay-home mom, receptionist, and anyone touching a device that connects to the Internet) opens an email with an embedded URL (regardless whether the sender is a known or unknown subject), uses portable devices, and applies privacy measures what it is causing this wave of cyber-attacks.  
 
Therefore, every organization must have a program to educate all employees and executives, including board of directors, on risk management in the cyberspace domain. It is not enough to tell a person to be cautious while opening an email. A good educational program, like the program Meta provides, will show the step-by-step procedure to safely open an email with an attachment or a URL link regardless whether a known or unknown individual has sent it; how to properly configure an iPhone and Droid phone so it provides privacy as a precursor of security; how to secure the devices that constitute the Internet of things.  Although 100% security is not achievable in any domain, this action will considerably reduce the probability of falling into the list of cybercrime victims.
 
There is a great movie out called IT starring Pierce Brosnan. It shows the perils of having a smarthome… where all the devices are connected to one single point of entry: your WiFi router. The movie is creepy, accurate, and a great thriller. J
 
This movie also makes you ponder on the official definition of Operational Security (OpSec) that I often see written in corporate guidelines and also in the government sector guidelines to users. The definition goes “OPSEC is a process to deny potential adversaries information about capabilities and/or intentions by identifying, controlling, and protecting unclassified information that gives evidence of the planning and execution of sensitive activities.” I have used bold typeface and underline the text that makes people believe that only computers with proprietary or critical information ought to be configured in private mode. This, in part, is causing the problems we see today with 95% of cyber intrusions being done through an unsecure and compromised device.
 
You have to imagine that any device that connects to the Internet is like a hammer. You can use a hammer to build a home, which is a noble deed, or you can use a hammer to crack a skull, which is a crime. If your computer is compromised, unbeknown to you, it can be used to conduct a cyber-attack against our nation, and it can also be used as a stepping-stone device on a drive-by-download to move child porn files across the Internet.
 
How many of you read my blog about passwords and two-factor authentication and immediately applied what you have learned? It is not enough to call yourself a patriot. You MUST take cyber security seriously, and put privacy ahead of convenience because privacy is the precursor of security. Your security and the security of the country at large.
 
That is all for now. Thank you for reading!
 
Meta brings the courses Risk Management When Online and Open Source Intelligence (OSINT) Collection and Analysis to your organization regardless of where you are located. Watch this short clip: https://www.youtube.com/watch?v=aRXazQuPzFs Then call us to schedule training for your team or organization. 
 



1 Comment
<<Previous

    About the Blog

    This blog is updated on a bi-weekly basis and it will address a variety of topics concerning cybertechnology, privacy and ethics in the cyberspace domain.
    ​
    About The Author
    Cecilia Anastos holds a Master’s Degree in Strategic Intelligence w/sp in Middle East Issues, a Graduate Certificate in Cybercrime, and a B.A. in Criminal Justice w/sp in Psychology.  In 2005, Ms. Anastos founded Meta Enterprises, LLC (Meta-Intelligence.com) where she works as Chief Intel Analyst – OSINT, Cybercrime and Instructor.  Fluent in five languages, she is a pioneer in the utilization of digitized open source and publicly available information to create actionable intelligence, and in the reduction of digital signatures in the cyberspace domain; and has designed many of the cyber programs currently used at the US Navy Special Operation Forces, police departments, and private sector. She is also an avid reader and a source of knowledge in foreign policy, political affairs, demographic trends, socio-cultural dynamics, transnational gangs, indigenous groups, conflict resolution, and cultures in Latin America, Africa, Europe, and Eurasia, as well as in creating strategic models and analysis of predictability for countries and non-state organizations.

    View my profile on LinkedIn

    Archives

    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016

    Categories

    All

    RSS Feed

Home

About

Services

Menu

Contact

Copyright © 2017 Meta Intelligence/Meta Enterprises, LLC proprietary information
  • Home
  • Cyber Intelligence / Digital Risk Management
  • Courses
  • About Us/Contact
  • Blog