Cellebrite: Low Profile Outfit Shares Some High Value Information
March 27, 2020
Cellebrite, now owned by Japanese interests, is not a household word. That’s good from DarkCyber’s point of view. If you want to know more about this company, navigate to the company’s Web site.
“Cellebrite Unveils the Top Global Digital Intelligence Trends for 2020” provides observations / finds in its Annual Digital Intelligence Industry Benchmark Report for 2020. Our video program will consider some of these findings in the context of cyber intelligence. However, there are four items of interest which DarkCyber wants to highlight in this short article.
Intelligence and other enforcement agencies are slow to adapt. This finding is in line with DarkCyber’s experience. We reported on March 24, 2020, in our DarkCyber video that the Canadian medical intelligence firm Bluedot identified the threat of the corona virus in November 2019. How quickly did the governments of major countries react? How is the US reacting now? The “slowness” is bureaucratic friction. Who wants to be identified as the person who was wrong? In terms of cyber crime, Cellebrite’s data suggest “43 percent of agencies report either a poor or mediocre strategy or no digital intelligence strategy at all.” [emphasis added].
Government agency managers want modernization to help attract new officers. The Cellebrite study reports, “Most agency managers believe police forces that embrace mobile tech to collect digital evidence in the field will help reduce turnover and be significantly more prepared to meet the digital evidence challenges of 2020.” DarkCyber wants to point out that skilled cyber professionals do not grow on trees. Incentives, salaries, and work magnetism are more important than “hopes.”
Budgets are an issue. This is a “duh” finding. DarkCyber is not being critical of Cellebrite. Anyone involved directly or indirectly in enforcement or intelligence knows that bad actors seem to have infinite scalability. Government entities do not. The report says, “With the deluge of digital devices and cloud data sources, examiners face an average 3-month backlog and an average backlog of 89 devices per station. The push for backdoors is not designed to compromise user privacy; it is a pragmatic response to the urgent need to obtain information as close to real time as possible. Cellebrite’s tools have responded to the need for speed, but for many governments’ enforcement and intelligence agencies, a 90 day period of standing around means that bad actors have an advantage.
DarkCyber will consider more findings from this report in an upcoming video news program. Watch this blog for the release date for the program.
Stephen E Arnold, March 27, 2020
Want a Line Up of AI-Fueled Cybersecurity Firms?
March 25, 2020
Artificial intelligence and cybersecurity seem like a natural pairing. Check out a list of firms that think so, too, in Built In’s write-up, “30 Companies Merging AI and Cybersecurity to Keep us Safe and Sound.” Reporter Alyssa Schroer explains:
“By the year 2021, cybercrime losses will cost upwards of $6 trillion annually. It’s no surprise, then, that the cybersecurity industry is exploding as it grows to protect the networks and systems on which companies and organizations operate and store data. Because effective information security requires smarter detection, many cybersecurity companies are upping their game by using artificial intelligence to achieve that goal. A new wave of AI-powered solutions and products keep bad actors on their toes while giving IT teams much needed relief. Here are 30 companies merging artificial intelligence and cybersecurity to make the virtual world safer.”
Navigate to the article for the names of all 30 companies. They include well established firms like Symantec, Darktrace, and Fortinet alongside many less familiar names. Several serve specific industries. Schroer lists the location of each entry and describes how it is applying AI tech to cybersecurity. For example, for Shape Security she writes:
“Shape Security provides software that fights imitation attacks like fake accounts, credential stuffing and credit application fraud for businesses in retail, finance, government, tech and travel. Shape’s machine learning models have been given access to data resembling attackers, enabling the system to learn what human activity looks like against fraud. The company’s solutions, Enterprise Defense and Blackfish, use this AI to identify the differences between real and artificial users and then block, redirect or flag the fraudulent source.”
Hacking tools and procedures have become prolific and incredibly efficient. It makes sense to fight them with well-crafted machine learning solutions. Any organization looking to employ one of these (or similar) firms should do its research and choose a well-designed solution that meets its particular needs.
Cynthia Murrell, March 25, 2020
DarkCyber for March 24, 2020, Now Available
March 24, 2020
DarkCyber for March 24, 2020, covers four stories. You can view the video on YouTube or on Vimeo.
The first story explains that phishing is a contentious issue in many organizations. Managers see phishing one way; information and security professionals often have a different view. The divide can create more vulnerabilities for organizations ignoring the escalating risk from weaponized email.
The second story provides some information about Banjo (a US firm engaged in providing specialized services to law enforcement) and BlueDot (a Canadian company applying advanced analysis to open source and limited access medical information). The story makes clear that the methods of these firms provide excellent insight into how some specialized software systems deliver high value intelligence to law enforcement and intelligence professionals worldwide.
The third story provides information about a Department of Justice report aimed at Dark Web researchers. The document is available without charge from the url provided in the program. Failure to follow the guidelines in the document can convert a researcher into a bad actor.
The final story reviews recent steps taken by the Russian government to exert tighter control over Internet applications. The affected software includes Tor and the Telegram Open Network. Mr. Putin has become Russia’s first digital tsar.
Kenny Toth, March 24, 2020
Secret No More: An Alternative to VPNs
March 20, 2020
Dor Knafo founded Axis Security. (The name may create some confusion for those familiar with an event planning outfit.) The company seeks to deliver what Tech.eu reported as:
a single managed solution for access, security, control, and scalability without the complexity…. Built on a zero trust approach, the startup’s Axis Application Access Cloud offers an agentless model that connects users on any device to private apps, without touching the network or the applications. This separation shrinks the attack surface, or reduces the chances of a cyber attack.
Don’t VPNs deliver this?
Nope.
The Axis approach is an SaaS solution. Here’s the explanation in “Israeli startup Axis Security emerges from stealth mode with $17 million Series A.”
Built on a zero trust approach, the startup’s Axis Application Access Cloud offers an agentless model that connects users on any device to private apps, without touching the network or the applications. This separation shrinks the attack surface, or reduces the chances of a cyber attack.
The funding comes from, according to the write up:
Ten Eleven Ventures’ Alex Doll led the round, joined by Cyberstarts, Palo Alto Networks, Check Point, Imperva, among others. Angel investors include Dan Amiga, founder of Fireglass, and board of director member Michael Fey, former president of Symantec and Blue Coat.
Note that Mr. Knafo previously Symantec.
Net net: The solution has been rumored for more than a year. With its more public approach, the company is likely to signal a flow of related start up innovations for cyber security markets.
Stephen E Arnold, March 20, 2020
DOJ Suggestions for Threat Research and Cyber Intelligence Gathering
March 13, 2020
DarkCyber spotted “Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources.” The Department of Justice has assembled what a mini best practices for those who are gathering certain types of cyber security information; for example, Dark Web fora.
The document states:
The application of federal criminal law to activities occurring online can be complicated.
That should be a yellow warning signal to those who embark on digital journeys into certain parts of the datasphere. The document provides some information about different ways to gather information from online discussion groups.
Online storefronts can appear to provide a way to purchase products or services which, in some jurisdictions, are problematic.
The document is informative and, in DarkCyber’s opinion, a useful contribution to the literature related to obtaining threat intelligence.
Net net: Don’t intentionally or unintentionally become what some authorities would consider a criminal. Plus, any spelunking in certain areas of the datasphere can change a curious eager beaver into a target for bad actors.
Stephen E Arnold, March 13, 2020
Phishing Faces a Tough Competitor
March 13, 2020
DarkCyber spotted a factoid which could be marketing dressed up in factual finery or a datum which is accurate. You will have to figure out which.
Navigate to “Adware Accounts for 72% of Mobile Malware: Avast.” The write up states:
Adware or software that hijacks a device in order to spam the user with unwanted ads now accounts for 72 per cent of all mobile malware, says a new report from cybersecurity firm Avast.
But what about the other 28 percent of digital legerdemain?
The remaining 28 per cent consist of banking Trojans, fake apps, lockers, and downloaders, according to statistics gathered by Avast’s Threat Lab experts.
The write up points out:
Adware often disguises itself in the form of gaming and entertainment apps, or other app types that are trending and therefore are interesting targets with a high potential to spread far. These apps may appear harmless, but once they have infected a device they will surreptitiously click on ads in the background. Sometimes, adware also serves ads with malicious content.
Phishing may lose its pride of place among bad actors.
By the way, the data in the write up, if on the money, does not explain how malware on a mobile phone can perform a number of other useful services for the developer. These services can be helpful to certain types of professionals working in field other than Madison Avenue pursuits.
Stephen E Arnold, March 13, 2020
DarkCyber for March 10, 2020, Now Available
March 10, 2020
DarkCyber for March 10, 2020, includes four stories. The first is a look at how BriefCam’s smart software generates video synopses of surveillance viden. The second presents information about the geotracking capabilities enabled by aggregated data from vendors like Venntel and Oracle, among others. The third story dips bnack into phishing-rich data flows. There’s is a reason why bogus email exploits are increasing. Watch to find out the reason. The final story discloses the Amflyfi and Deep Web Technologies mergers. Is a new intelware giant taking shape. Check out this week’s video to learn what DarkCyber thinks.
Kenny Toth, March 10, 2020
UK Authorities: A Stiff Upper Lip
February 18, 2020
They were not going to tell anyone what had happened. A confidential report reveals the United Nations fell victim to a massive data breach last year, we learn from The New Humanitarian’s report, “Exclusive: The Cyber Attack the UN Tried to Keep Under Wraps.” Why the organization felt justified keeping this information secret even from those it affected is a mystery, but the cover up does emphasize the power of diplomatic immunity. TNH senior editor Ben Parker describes what his team learned about the extent of the damage:
“Although it is unclear what documents and data the hackers obtained in the 2019 incident, the report seen by TNH implies that internal documents, databases, emails, commercial information, and personal data may have been available to the intruders – sensitive data that could have far-reaching repercussions for staff, individuals, and organizations communicating with and doing business with the UN. The compromised servers included 33 in the UN Office at Geneva, three at OHCHR in Geneva, and at least four in the Vienna office. According to the report, the breach also grabbed ‘active directories’, with each likely to list hundreds of users as well as human resources and health insurance systems, other databases, and network resources. The three affected offices have in total about 4,000 staff. The report, prepared by the UN Office at Geneva in the midst of containment efforts, suggests the cyber attack most seriously affected their office, which houses 1,600 staff working in a range of political and development units, including Syria peace talks, the humanitarian coordination office (OCHA), and the Economic Commission for Europe.”
The scope of the UN’s operations makes such a breach particularly troubling, but it is not entirely unexpected. An audit in 2012 identified an “unacceptable level of risk” in the organization’s cybersecurity. Despite taking measures to address the concerns, a 2018 review found its security-assessment project to be severely lacking.
News of the breach is sure to concern anyone in sensitive regions working with the United Nations, particularly on human rights issues. In many countries, those who share information with the UN’s human rights office can be subject to surveillance, imprisonment, and even torture. Though it is not known who was behind the attack, it is said to look like the work of a “sophisticated threat actor”—a good description of nation states’ hacking programs. Failing to prevent the breach is bad enough. Refusing to notify everyone who might have been affected, notes Parker, is a dangerous breach of trust.
Cynthia Murrell, February 18, 2020
New Security System: Science Fact or Science Fiction?
February 15, 2020
It is an understatement that digital security is a growing concern, but that could change with a new invention. The Eurasia Review discussed the latest in the security field in the article, “New Security System To Revolutionize Communications Privacy.” An international research team of scientists from the University of St. Andrews, King Abdullah University of Science and Technology, and Center for Unconventional Processes of Sciences created an unshakable security system and is described as will “revolutionize communications privacy.”
How does the revolutionary system work?
“The international team of scientists have created optical chips that enable information to be sent from user to user using a one-time un-hackable communication that achieves ‘perfect secrecy’ allowing confidential data to be protected more securely than ever before on public classical communication channels. Their proposed system uses silicon chips that contain complex structures that are irreversibly changed, to send information in a one-time key that can never be recreated nor intercepted by an attacker.”
The optical chips offer perfect secrecy on a global scale and the costs are estimated to be feasible. Current cryptographic techniques are fast and easy to share, but advanced computers with quantum algorithms can crack them. The new encryption systems is supposedly unbreakable, uses existing communication networks, and takes up a lot less space.
Theoretically the system is perfect, because the chip generates keys that unlock each message. The keys are never stored, communicated, nor ever be created. It adds an extra security level that the regular cryptographic technology does not have.
The new security system inventors or academics, not from big technology companies, and they work at organizations in the United Kingdom, Saudi Arabia, and the United States. They are not for-profit organizations, but the scientists are searching for commercial applications for the security system.
Whitney Grace, February 15, 2020
LexisNexis: Expanding Its Cyber and Policeware Capabilities
February 10, 2020
LexisNexis, once holder of an exclusive with the New York Times, has been working to retain its government and commercial customer revenue. The cyber online business is booming, but legal information remains a difficult business. Lose a Top 50 US law firm as a client, and the canny marketers have to convert a couple of hundred smaller outfits. Why’s this sector difficult? Free or lower-cost legal content and Reed Elsevier’s principal competitor Thomson Reuters.
LexisNexis has not been standing still, but it has been chugging along in the cyber security sector and policeware markets for many years. Oh, you didn’t know? Well, LexisNexis marketing is on a par with Google’s ad group. That’s the creative team which delivered an ageing parent downer to a Super Bowl audience.
LexisNexis announce on February 2, 2020:
[Its] Risk Solutions, part of RELX, today announced it has entered into an agreement to acquire Emailage®, a global provider of fraud prevention and risk management solutions. Emailage will become a part of the Business Services group of LexisNexis Risk Solutions. Founded in 2012 and based in the Phoenix metro area with offices across the globe, Emailage helps organizations reduce online fraud by building multi-dimensional profiles associated with customer email addresses to render predictive risk scores.
DarkCyber interprets this a helping entities deal with phishing. The reference to predictive analytics is in line with other companies offering alert services.
We noted this statement from the new LexisNexis human resource:
Rei Carvalho, CEO of Emailage, said, “LexisNexis Risk Solutions is laser-focused on providing its customers a 360 degree view into an identity, which aligns with our mission to help customers who seek fast, low-friction, global digital identity fraud solutions to combat fraud without sacrificing consumer experience. We are thrilled to be recognized as a pioneer in email intelligence-based fraud risk scoring solutions and look forward to aligning our solutions to help organizations fight fraud on a more comprehensive level.”
The “360” references a customer’s ability to see “around” an issue, not from the point of view of other “360” cyber security vendors. LexisNexis has a large collection of content upon which to draw. Cyber security services could be a larger, more sustainable market than the pursuit of search licenses from law firms. There are many lawyers, but not many spend for online as they did in the good old days. Today’s clients often cap research fees. Fear and must have defense are more potent tools in the security sector than the glories of online search when an “answer” may not be found.
For information about this cluster of services, navigate to www.relx.com.
Stephen E Arnold, February 10. 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
