Tag Archive for: decrypt

Quantum Computing Attacks Still Years Off, but “Hack Now Decrypt Later” Presents Immediate Cyber Risk

/in


Quantum computing attacks, which are feared to utterly break modern encryption on the internet, are still about a decade from being viable. They are widely seen as an inevitability, however, and that has not stopped attackers from preparing well in advance. A new poll from Deloitte finds there is an immediate and significant cyber risk from “harvest now decrypt later” (HNDL) attacks, in which attackers steal encrypted information and simply sit on it until quantum computing advances make it trivial to crack.

Among other findings, a little over half of the IT professionals surveyed say that their organizations are presently at risk of HNDL attacks. But fewer than half are presently on top of their analysis of this emerging cyber risk, and about 11% say there will need to be a cyber incident (the point at which it is far too late) before their leadership will be driven to do something about the threat.

Seemingly distant cyber risk already in the early exploitation stages

The Deloitte poll included the input of over 400 IT professionals working at organizations that are actively considering the benefits of quantum computing, though not necessarily the new level of cyber risk that accompanies it. Only a little over 26% said that they have completed a risk assessment at this point. 18% have plans to do it this year, and 16% say that they will do it in the next two to five years. 13% say they either do not plan to do it for more than five years or have no intention of doing it at all.

Roughly the same amount of organizations that plan to perform a cyber risk assessment well before quantum computing is expected to become a threat, a little over half of all respondents, also feel that HNDL is an immediate threat to their organization. 21% do not feel it is a threat, and 28% do not know.

What would push some of the more reluctant organizations to take quantum computing threats seriously? 27% of respondents said that it would take regulatory pressure. 20% believe leadership will have to be convinced to demand change, 15% think change will be sparked if competitors are observed doing it, and 11% said it would take nothing less than getting hit with a quantum computing attack to move the…

Source…

How an app to decrypt criminal messages was born ‘over a few beers’ with the FBI

/in


Australian and US law enforcement officials on Tuesday announced they’d sprung a trap three years in the making, catching major international crime figures using an encrypted app.

More than 200 underworld figures in Australia have been charged in what Australian Federal Police (AFP) say is their biggest-ever organised crime bust.

The operation, led by the US Federal Bureau of Investigations (FBI), spanned Australia and 17 other countries. In Australia alone, more than 4,000 police officers were involved.

At the heart of the sting, dubbed Operation Ironside, was a type of “trojan horse” malware called AN0M, which was secretly incorporated into a messaging app. After criminals used the encrypted app, police decrypted their messages, which included plots to kill, mass drug trafficking and gun distribution.

graphic of padlock and tech symbols
Police used an encrypted app used by underworld figures to bust the crime network.
Shutterstock

Millions of messages unscrambled

AFP Commissioner Reece Kershaw said the idea for AN0M emerged from informal discussions “over a few beers” between the AFP and FBI in 2018.

Platform developers had worked on the AN0M app, along with modified mobile devices, before law enforcement acquired it legally and adapted it for their use. The AFP say the developers weren’t aware of the intended use.

Once appropriated by law enforcement, AN0M was reportedly programmed with a secret “back door”, enabling them to access and decrypt messages in real time.

A “back door” is a software agent that circumvents normal access authentication. It allows remote access to private information in an application, without the “owner” of the information being aware.

So the users — in this case the crime figures — believed communication conducted via the app and smartphones was secure. Meanwhile, law enforcement could reportedly unscramble up to 25 million encrypted messages simultaneously.

But without this back door, strongly encrypted messages would be almost impossible to decrypt. That’s because decryption generally requires a computer to run through trillions of possibilities before hitting on the right code to unscramble a message. Only…

Source…

Decrypt GandCrab Ransomware. How to Recover GandCrab Encrypted Files – Security Boulevard

/in

Decrypt GandCrab Ransomware. How to Recover GandCrab Encrypted Files  Security Boulevard

A step by step DIY guide of how to decrypt GandCrab ransomware encrypted files. This guide will help restore encrypted files.

“exploit kit” – read more

OneLogin Breach Shows Alarming Potential For Hackers To Decrypt Customer Data – Hot Hardware

/in

Hot Hardware

OneLogin Breach Shows Alarming Potential For Hackers To Decrypt Customer Data
Hot Hardware
Single sign-on provider OneLogin has found this out the hard way, as its systems were breached this week, potentially exposing customer data. "We detected unauthorized access to OneLogin data in our US data region," OneLogin disclosed in a blog posting …
May 31, 2017 Security Incident (UPDATED June 1, 2017) – OneLoginOneLogin
August 2016 Incident – OneLoginOneLogin
Identity Manager OneLogin Has Suffered a Nasty Looking Data BreachMotherboard
Pastebin.com –The Register
all 89 news articles »

data breach – Google News