Archive for June, 2019

Trump Caves To The Chinese And Allows US Firms To Deal With Huawei

Posted in Commentary with tags on June 30, 2019 by itnerd

It appears that President Donald Trump who was talking a good game about going after Huawei has appeared to cave “big league” to the Chinese at the G20 summit. Here’s the details:

US President Donald Trump has appeared to soften his tone on Chinese communications giant Huawei, suggesting that he would allow the company to once again purchase U.S. technology. Speaking at a press conference in Osaka, Saturday, Trump said that the U.S. sells a “tremendous amount of product” to Huawei. “That’s okay, we will keep selling that product,” said Trump. “The (U.S.) companies were not exactly happy that they couldn’t sell.”

Now it isn’t a lifting of the ban that Trump signed, but it really is going to throw Huawei a lifeline. But more importantly, Trump has really made himself look stupid in his rather desperate attempt to get some sort of trade deal with China which is what I think this is all about. He’s effectively taken Huawei from being the devil incarnate to being perfectly fine to do business with. If he walks back all the security claims too, then his credibility which is already in shambles, will take a hit that he will not recover from with just a year to go before a presidential election.


Trump Administration Considering Crackdown On End To End Encryption

Posted in Commentary with tags on June 28, 2019 by itnerd

From the “worst idea ever” file comes a report in Politico that the Trump administration held a National Security Council meeting on Wednesday that weighed the challenges and benefits of encryption. And in said meeting, this happened:

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography.

“The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation,” said one of the people.

But the previously unreported meeting of the NSC’s so-called Deputies Committee did not produce a decision, the people said.

A decision to press for legislation would have far-reaching consequences for the privacy and security of tens of millions of consumers and effectively force companies such as Apple and Google to water down the security features on their smartphones and other devices.

I honestly don’t know which is worse. The fact that this is being discussed at all, or it’s being discussed behind closed doors. But in any case, Trump isn’t the first president to try this. Obama tried something like this, and before him the second George Bush tried  something like this, and Bill Clinton tried something like this too. None of those went anywhere because they all got epic pushback on various fronts. I expect that to happen here too as Silicon Valley are no fans of the Trump administration. And congress are unlikely to go along with this. Though it does bear watching as this is far from being a trivial exercise.


Martello Moves Up 20 Spots on the 2019 Branham300 Rankings

Posted in Commentary with tags on June 27, 2019 by itnerd

Martello Technologies Group Inc. announced today its inclusion in the 2019 edition of the widely respected Branham300 listing of Canada’s top ICT (Information and Communications Technology) companies. The company has moved up the list 20 spots after being ranked number 235 in 2018.

Moving up to position 215, Martello is honored to be among the country’s top performing companies by revenue in the 26th year of the comprehensive listing of publicly traded and privately held ICT companies in Canada. This year’s edition of the Branham300 recognizes year over year revenue growth for the 2017 and 2018 fiscal years.

Branham Group, a global ICT industry analyst and strategic marketing company, tracks thousands of companies throughout the year, and its annual Branham300 ranking is the most well-known and referenced listing of Canada’s ICT leaders. The companies on the Branham 300 Top 250 list generate more than half of the nation’s ICT sector revenue.

Martello’s solutions have been widely acclaimed in the industry. In September 2018, Martello received a Frost & Sullivan Leadership Award for NPM (Network Performance Management) and ranked as Ottawa’s Fastest Growing Company, at No. 28 on the Growth 500 list of Canada’s Fastest Growing Companies. The Company has expanded its solution portfolio with several acquisitions, and recently provided a business update on its market and channel expansion, product innovation, acquisitions and capital market activities.


Feroot Report Speaks To Vulnerabilities In Web Trackers & The Rise In Cross-border Data Transfers & Access To User Login Credentials

Posted in Commentary with tags on June 27, 2019 by itnerd

User-side security monitoring system Feroot today released its 2019 User Security and Privacy Report examining the hidden behaviors of external third- and fourth-party tools on the user-side for websites and web apps. Of the 13 different industries and government agency websites worldwide reviewed, the report found that:

  • 92% of major news websites across North America, the UK and Germany use ad trackers that are participating in automatic cross-border data transfer and is the only industry consistently sending user behavior data to Russia;
  • An average of 21 web trackers are active on any given website at any time creating a new and increasing surface area for an attack through chatbots, analytics, ad tech tools and others. (News industry hosts an average of 40 trackers per site while the tech industry hosts an average of 25 trackers per site.)
  • 90% of e-commerce login pages are susceptible to attack and can potentially provide external tools with unrestricted visibility of user passwords.

What this means:
The challenges faced by most security professionals is the constant growth of the tech stack: third- and fourth-party vendors, web trackers, and homegrown technology tools are always in flux as new tools and trackers are added daily for marketing and sales purposes. This poses ongoing data security and privacy threats because side-loaded code can be modified by third-parties at any time opening the possibility for a Man-in-the-middle (MITM) attack vector.

Feroot scanned more than 1.1 million unique web pages across 365 organizational websites in 13 different industries focusing on the US, Canada, UK, France, Spain, and Germany, including government agencies, to take a closer look at:

  • Automated personal data collection and cross-border data transfers on public facing websites and web apps;
  • Data collection practices of web tracking tools across industries;
  • The impact of third- and hidden fourth-party tools and behavior tracker activities on GDPR, CCPA, PCI-DSS, HIPAA, and other obligations.

Simulated visits were conducted between April 19 and May 31, 2019, using the Feroot user- (client) side security monitoring system, and were repeated multiple times, limited to approximately 90 pages per website per day. For the full report visit here.

NordVPN Announces NordPass Password Manager

Posted in Commentary with tags on June 27, 2019 by itnerd

NordVPN is creating a new generation password manager NordPass. NordPass will have a full range of features to ensure that passwords are as secure as possible. Its easy-to-use interface makes staying secure effortless.

NordPass will remember and autosave all passwords, autofill online forms, and allow to save private notes. Additionally, the new tool will generate strong passwords on the spot. NordPass will support major operating systems, offering browser extensions as well as native mobile and desktop apps.

NordPass is created using the latest security practices and industry standards. It uses powerful Advanced Encryption Standard (AES-256-GCM) encryption with Argon2 for key derivation, which is virtually unbreakable. Additionally, the new tool will have zero-knowledge encryption process to ensure ultimate security.

At the moment, NordPass is going through internal stress-tests. It is expected that the first beta version will be released this autumn. Signup for early access is now available on NordPass’s official website:

NordVPN is a trusted online privacy and security solution, used by over 12 million internet users worldwide. It offers military-grade encryption with advanced privacy solutions and is recognized by the most influential tech sites and IT security specialists.

A few weeks ago, NordVPN introduced another cybersecurity tool – NordLocker. NordLocker will secure files stored on a user’s computer or in a cloud with end-to-end encryption. It is expected, that first beta version of this product will be released this July.

Cities Pwned By Hackers Pay Out Massive Sums To Save Themselves

Posted in Commentary with tags on June 27, 2019 by itnerd

In the last week, not one but two Florida cities have been pwned by hackers who used ransomware to cripple their networks. And in both cases, the hackers got paid. And I do mean paid. First up on the list was Riviera City Florida who paid $600,000 USD in Bitcoin to get their data back:

The city’s decision, as reported by CBS News, came after officials came to the conclusion that there was no other way to recover the city’s files. Access to Riviera City data has been locked since May 29, this year, when a Riviera Beach police department employee opened an email and unleashed ransomware on the city’s network. The ransomware locked files and shut down all the city’s services. Operations have been down ever since, with the exception of 911 services, which were able to continue to operate, although limited. The city’s website, email server, billing system, and everything else has been down ever since, with all city communications being done in person, over the telephone, or via posters. The city has been having a hard time recovering from the incident ever since.

Then less than a week later, Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand of 42 bitcoins, worth nearly $500,000 after they got pwned:

The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month, on June 10, which the city described as a “triple threat.” Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems, with the exception of the police and fire departments, which ran on a separate network.

A ransom demand was made a week after the infection, with hackers reaching out to the city’s insurance provider — the League of Cities, which negotiated a ransom payment of 42 bitcoins last week. City officials agreed to pay the ransom demand on Monday, and the insurer made the payment yesterday, on Tuesday, June 25, local media reported. The payment is estimated to have been worth between $480,000 to $500,000, depending on Bitcoin’s price at the time of the payment. The city’s IT staff is now working to recover their data after receiving a decryption key.

I have some random thoughts on this.

  • You have to take steps to protect yourself. Such as using advanced threat protection from companies such as Darktrace or Microsoft as the latter has advanced threat protection for Office 365. And it goes without saying that you need up to date AV software on every device on your network.
  • You also have to make sure your data is backed up. And that at least some of those backups are off site. That way you have a fighting chance of getting back up and running if you get pwned.
  • You have to limit what users do because they are the weakest link. By that I mean that they cannot be allow to simply do whatever they want with computers like install their own software. Because you’re just asking for trouble when you allow that.
  • You have to make sure that you’re on top of every patch that comes out for whatever OS you are using and install them as quickly as possible. Ditto for applications. That way you limit the attack vectors that this sort of threat leverages, and you also limit how broad it could spread if it got onto your network.

But the big random thought that I have is that the more that these hackers get paid, the more that they will do this. And the bigger the ransoms will be. So if this is to stop, companies have to take away the incentive to do this by doing the above and perhaps more. By doing that there is no incentive to pay the hackers and the hackers in question will go away and find something else to do.

Huawei Gear Is Open To Pwnage By Hackers Says Report

Posted in Commentary with tags on June 26, 2019 by itnerd

In an ironic twist, telco gear made by China’s Huawei is far more likely to contain flaws that could be leveraged by hackers for malicious use than equipment from rival companies, according to new research by cybersecurity experts that top U.S. officials said appeared credible.

Over half of the nearly 10,000 firmware images encoded into more than 500 variations of enterprise network-equipment devices tested by the researchers contained at least one such exploitable vulnerability, the researchers found. Firmware is the software that powers the hardware components of a computer. The tests were compiled in a new report that has been submitted in recent weeks to senior officials in multiple government agencies in the U.S. and the U.K., as well as to lawmakers. The report is notable both for its findings and because it is circulating widely among Trump administration officials who said it further validated their policy decisions toward Huawei.

“This report supports our assessment that since 2009, Huawei has maintained covert access to some of the systems it has installed for international customers,” said a White House official who reviewed the findings. “Huawei does not disclose this covert access to customers nor local governments. This covert access enables Huawei to record information and modify databases on those local systems.” The report, reviewed by The Wall Street Journal, was prepared by Finite State, a Columbus, Ohio-based cybersecurity firm.

If you buy into this report, you don’t have to worry about getting pwned by Huawei if you use their gear. Instead, the pwnage will come from others and the Huawei gear is just the vehicle for the pwnage. Lovely. Assuming that this is true. We’ll have to see if this report is fact of fiction and hopefully the clarity will come via a third party that can be trusted.