Tag Archive for: understanding

Understanding New Frontiers in Global Conflicts

/in


COMMENTARY

In recent decades, the nature of warfare between nations has evolved substantially with the integration of offensive cyber tactics. In late 2023, Israel’s cyber-defense chief, Yigal Unna, voiced concerns that Iran would escalate the intensity of its cyberattacks on Israeli infrastructure and government agencies. This exemplifies the new reality we live in, where cyber warfare has become a critical domain alongside land, air, and sea tactics in armed conflicts across the world. 

The integration of offensive cyber operations alongside conventional military force represents a strategic shift toward what experts call “fifth generation” or “hybrid warfare.” The goal is to undermine the adversary using the tools available to achieve political and military objectives. In addition to traditional personnel and weapons, modern hybrid warfare leverages things like weaponized propaganda, election interference, and strategic hacks on critical infrastructure.

Common Forms of Cyber Warfare

One major type of cyber threat targets critical infrastructure like power grids, water systems, transportation networks, financial systems, and government systems. Successfully breaching these can allow adversaries to monitor or control systems that keep societies functioning. For example, Iranian hackers briefly took control of a small dam in New York in 2013 after stealing usernames and passwords. Should control systems or operational networks become compromised, adversaries could shut down essential services or send them into dangerous states. For example, in 2021, Israel was allegedly responsible for a cyberattack on a primary nuclear facility in Iran, which led to a blackout and damage to the region’s electricity grid. 

Aside from critical infrastructure, security gaps in everyday technologies can be used for strategic advantage during war. For example, reports suggest that poorly configured security cameras in Israel and Palestine are vulnerable to attack from adversaries or supportive hacktivists with basic skills. Access risks range from invasion of privacy through recording private spaces to manipulating feeds for espionage or to incite panic. Adversaries can also introduce wiper…

Source…

Understanding Cybersecurity on Smartphones (UCSph) Part 1

/in


The smartphone is one of the most remarkable inventions in contemporary human history and is currently the most widely utilized electronic device globally. Its evolution has transformed modern communication technology, allowing us to communicate efficiently and instantly across vast distances worldwide. This series delves into the historical evolution of the modern smartphone, shedding light on its significant contributions and addressing cybersecurity-related concerns associated with smartphones and their diverse applications (apps).

The previous series, entitled Understanding Android Malware Families (UAMF), showcased six articles focusing on Android malware’s primary categories and families, guiding readers to understand the threats’ behavior and explore mitigation procedures. It presented the findings of our ongoing Android malware analysis research project initiated in 2017, which included the creation of four datasets—AAGM2017, AndMAl2017, InvestAndMAl2019, and AndMal2020. The series also encompassed related academic articles proposing solutions and techniques for detecting and characterizing Android malware.

In this series, Understanding Cybersecurity on Smartphones (UCSSph), we will conduct an in-depth analysis of various smartphone operating systems, including iPhone, Windows, Symbian, Tizen OS, Sailfish OS, Ubuntu Touch, KaiOS, Sirin OS, and Harmony OS. This five-article series aims to provide valuable insights and recommended practices for researchers, developers, and users. The series draws from the content of the recent book, Understanding Cybersecurity on Smartphones, published by Springer this year. The first article focuses on Apple’s iOS, a global leader in mobile systems, exploring cybersecurity vulnerabilities, associated risks, malware families, attacks, and mitigation techniques.

1       iOS fundamentals.

2       Getting into cybersecurity – recognizing iOS vulnerabilities.

3       Exploring adversarial tactics in iOS..

3.1        Propagation.

3.2        Activation.

3.3        Carrier.

3.4        Execution.

3.5        Persistence.

4       Analyzing iOS malware varieties & tools.

Source…

Hack of Kyivstar exposes gap in IT understanding of cybersecurity, expert says

/in


It will take time to fully restore Kyivstar’s infrastructure after the Dec. 12 hacker attack, and the restoration will be carried out in stages, cyber security expert Kostiantyn Korsun wrote in his column for NV Business on Dec. 14.

“I think voice(calls) will be restored relatively quickly, data transmission – after that, and everything else – later,” the expert said, recalling that Russia has already made attempts to leave Ukraine without communication.

“Almost the entire infrastructure can be restored, even if a missile hits a data center, as long as people are not injured.”

“The Russians tried hard to shut down all Ukrainian operators and providers in February-March 2022, but failed,” Korsun noted.

The operators managed to pull through because the Internet access industry in Ukraine is private, he added.

Read also: Kyivstar’s competitors can only absorb a 10% increase in subscribers

“The Ukrainian Internet access industry is almost entirely private and is still not regulated by the state, which is why it retains amazing resilience,” the expert said.

“And yes, nationalizing Kyivstar is a bad idea.”

Even IT professionals may not fully comprehend cyber risks, so conclusions must be drawn from the attack on Kyivstar, Korsun wrote.

“I would advise CEOs and CISOs of large companies to change the passwords to the domain controller and corporate VPN right now, patch everything that needs to be patched, and then order an infrastructure security audit,” he said.

“This is the first step. And then conduct training with staff and separate specialized training on cybersecurity for IT specialists. Because, oddly enough, quite often an IT specialist does not understand cybersecurity.”

Russian hackers from the Solntsepek group earlier claimed full responsibility for the cyberattack on mobile operator Kyivstar. Ukraine’s SBU security service responded to this information.

Kyivstar, Ukraine’s largest mobile operator, suffered a large-scale outage on the morning of Dec. 12. Service problems have been reported throughout Ukraine.

The company announced a technical failure that may result in the unavailability of communication and Internet access services for part of its subscriber base.

The…

Source…

Understanding the Different Types of Certificate Authorities 

/in


Establishing trust online is a crucial component of collaboration in the digital age. From using a third-party vendor to shopping online to communicating via email, companies and individuals rely on this trust to do business. How can they know they are communicating with the right person and not an actor behind a phishing scheme?

A certificate authority (CA) plays a vital role in making this happen. CAs follow strict industry standards, verify identities, and issue digital certificates. Here is your guide to what a CA is, why it matters, and the different types of CAs available today.

What Is a Certificate Authority (CA)?

Certificates ensure a system is who they say they are, but the system must also be assured that the certificate itself is genuine. This is where trusted third parties come into play. Certificate authorities are independent bodies that issue and vouch for certificates.

As a vital component of the public key infrastructure (PKI), CAs create digital certificates that cryptographically link public keys with the owners’ identities. The CA is responsible for validating the identity of the entity associated with a given public key and issuing the digital certificates that attest to this identity. The CA follows specific protocols to verify the requester’s identity before issuing the certificate. This protocol involves checking official documentation or performing a background check.

CAs also have mechanisms for revoking certificates. Revocation happens when a key associated with a certificate is compromised or if the entity that was issued a certificate no longer exists.

Importance of Certificate Authorities

CAs play a crucial role in ensuring internet security. Certificates can secure digital signatures and establish secure network connections via protocols such as HTTPS. 

Here are some of the top reasons why CAs are critical in the digital world:

  • Establishing trust. CAs provide the foundation of trust on the internet. For example, when users connect to a website, their browser trusts the website if it has a valid certificate issued by a trusted CA. Without this mechanism, it’s hard to establish trust between two parties that have never interacted….

Source…