Cloud Hosting

After amNewYork reported this week of the NYPDs plans to encrypt police radios in 2020, police officials said Thursday that it would likely not move forward with encryption for at least a year.

Moreover, police brass indicated that they are open to discussion as to who, outside of the Police Department, would have access to encrypted communications.

Encryption could potentially cut off media groups who currently monitor police radio feeds for breaking news. Outlets would then have to rely upon releases from the NYPD and statements from its officials.

Elected officials, none of whom seemed to know about the multi-million dollar encryption plan, have expressed fears of encryption, as it might significantly reduce transparency of the department. Mayor Bill de Blasios administration has emphasized greater transparency at the NYPD for most of his tenure.

Members of volunteer fire and ambulance squads around the city also use police radios to monitor for trouble, and many of them expressed doubts about the plan, fearing that they too would be cut off.

But on Dec. 19, NYPD Deputy Commissioner for Counter-Terrorism John Miller said encryption would happen in a three- to five-year transition.

So nothings happening today, nothings happening tomorrow, and probably nothings happening next year, Miller said. This is a lot of radios.

Commissioner Dermot Shea said there must be a balance between police officer safety and transparency to the public.

It is an interesting time after just what just happened in Jersey City, Shea said, referring to the Dec. 11 terrorist attack that killed six. With traditional crime and now traditional criminals using encryption, we cant have situation where criminals have better technology than police officers and detectives whether they are drug dealers or breaking into banks. Criminals are using encryption. We should certainly consider transparency, but the priority for keeping New Yorkers safe.

Miller acknowledged some investigative channels are already encrypted to safeguard investigations, as are Federal investigative channels including Drug Enforcement administration, secret service and FBI.

Any further encryption is open to more discussion at this point with a 3-5 year transition, he said. Part of the thinking and planning is where would it be advantageous to say officer safety, the integrity of investigations the commissioner gives the example of a kidnapping, how do you conduct one of those over the radio when the world is listening for entertainment? Its something we are looking at nothing that is happening right away.

Miller, a former journalist himself, noted that There have been other cities gone encrypted, and theyve made arrangements with news media that have made sense. If we ever get to the point where we are going to that level, Im sure that discussion will take place.

Miller testified Wednesday at the City Council Public Safety Committee over proposed legislation, Intro. 487, that would create comprehensive reporting and oversight of NYPD surveillance technologies. The NYPD took a stand against the bill, saying providing detailed information on technology would tip off criminals and terrorists and allow them to thwart investigations.

Sample of a police radio scanner system in action.

See the original post:
NYPD radio encryption most likely wont happen in 2020 but will soon - amNY

The FBI was way too lax when it sought a secret warrant to wiretap former Trump aide Carter Page. Yet some of the very same people who have been publicly aghast at the circumstances Page scandal are still trying to hammer companies like Apple and Facebook into compromising everybody's data security to give law enforcement access to your stuff.

You're forgiven if you missed this news, as it happened at the exact same time last week that the impeachment countsagainst President Donald Trump were revealed. Our extremely tech-unsavvy lawmakers brought in a few experts to a Senate Judiciary Committee hearing and essentially ignored what they said and yelled demands at them. Virtually every tech expert and privacy advocate under the sun has warned virtually every government official in the world that "back doors" that let police bypass encryption has the potential to cause huge harms and actually makes citizens even more vulnerable to crime. But the legislators want their back doors, dammit.

Here's Sen. Lindsey Graham (RS.C.), who just a day later would express shock that the process for the FBI to get a FISA warrant was not as thorough as he believed: "My advice to you is to get on with it, because this time next year, if we haven't found a way that you can live with, we will impose our will on you." When a witness attempted to explain how complicated an issue encryption is, Graham responded, "Well, it ain't complicated for me."

The Democrats haven't been impressive on this issue either. Sen. Dianne Feinstein (DCalif.) still holds the position that it's no big deal if tech companies just let law enforcement officials in to read encrypted material, as long as they've got a warrant. Sen. Dick Durbin (DIll.) thinks the debate is about whether encryption implemented by companies puts information "beyond the reach of the law." He doesn't seem to care about the arguments that weakening encryption and providing back doors will let hackers and hostile nations access the private data and communications of people around the world (including Americans).

The talking point both the Justice Department and the lawmakers have settled on is that they need to be able demand back doors for the children. Apparently, we all need weaker protections in order to fight child sexual abuse and trafficking.

Sen. Sheldon Whitehouse (DR.I.) asked the tech industry witnesses if they'd be willing to "take responsibility for the harm" that might be caused if law enforcement didn't have back door access. But is Congress and the Justice Department going to "take responsibility for the harm" when these vulnerabilities make it out into the wild (as they inevitably would) and are abused by criminals or by authoritarian states?

This encryption fight has been going on for years, and the back door advocates has resolutely refused to consider the possibility of abuse. Graham in particular has been unwilling to consider the possibility that FISA warrants could ever be used to secretly snoop on Americans inappropriately. But by Thursday, he had changed his tune; if nothing else, the Trump case has forced him to think about what can go wrong when the government can secretly access people's private information without their permission.

Visit link:
If You Think Encryption Back Doors Won't Be Abused, You May Be a Member of Congress - Reason

It's the time of year again where the great and good of the tech sector like to consult the tea leaves, gaze into the crystal ball, read the runes -- and of course draw on their industry knowledge -- to give their predictions for the year ahead.

So, what do they think is in store for cybersecurity in 2020?

The decline of the password has been on the horizon for a while, but Ben Goodman, CISSP and SVP of global and corporate development at ForgeRockbelieves 2020 will mark the beginning of the end. "Consumers already log in to dozens of protected resources everyday: from email, banking and financial accounts, social media, healthcare, government accounts, and beyond. Even when tools like TouchID are leveraged each of these resources currently still have an associated username and password that can be attacked. To save time and remember their credentials for all these sites, consumers reuse the same username and password across several sites. As a result, the user's exposure from any one security breach on one of those profiles dramatically increases the odds that additional accounts can be compromised as well, allowing attackers to access far more sensitive information."

This is echoed by Clayton Calvert, a consultant at IT security and risk assessment firm netlogx. "With passwordless authentication, IT reclaims its purpose of having complete visibility over identity and access management. Reuse and sharing are common issues in password-based authentication. Without passwords, there is nothing to phish, share, or reuse. The user is no longer a wild card in an organization's access scheme. It is this crucial element that gives passwordless solutions their security advantage. As an added benefit, GDPR prefers that companies use passwordless authentication to eliminate the storing and securing of passwords exchanged over the network. While consumers have used this technology for a number of years in Apple and Samsung products, companies are beginning to do so as well. Sixty percent of large enterprises and nearly all of midsize organizations will use passwordless authentication by 2020."

With the decline of the password though the rise of deepfakes becomes a greater concern. CEO of Jumio, Robert Prigge says, "With a reported 50 percent of consumers using the same credentials across multiple accounts, automated account takeover attacks will continue to run rampant in 2020. As the industry abandons outdated authentication methods that are easily susceptible to fraud, like SMS-based 2FA and knowledge-based authentication, and turn to more advanced, biometric-based authentication methods as a secure alternative, the rise of deepfake technology will become a larger concern. A deepfake superimposes existing video footage or photographs of a face onto a source head and body using advanced neural network powered AI -- and are relatively easy to create. In 2020, we will see an increase in deepfake technology being weaponized for fraud as biometric-based authentication solutions are widely adopted. Even more concerning is that many digital identity verification solutions are unable to detect and prevent deepfakes, bots and sophisticated spoofing attacks."

Deepfakes raise other concerns too according to Optiv Security, "There has been much publicity around the potential to impact elections using deepfakes (AI-doctored videos that enable individuals to make it appear people said things they never said). However, not enough attention has been paid to how cybercriminals can make money using deepfakes against businesses. This will change in 2020 as we expect to see the first deepfake attacks designed to impact stock prices, by having CEOs, financial analysts, Federal Reserve leaders or other powerful economic figures make phony statements that will cause stock market movements. Cybercriminals will use these videos to make quick killings in the market."

2020 is also set to be the year of encryption according to Peter Galvin, vice president strategy and marketing at nCipher Security. "In the US, lawmakers on Capitol Hill have re-energized a push for encryption backdoors, an initiative that is seeing bipartisan support. Internationally, the UK and Australian governments (in addition to the US government) are pressuring Facebook to scrap plans for end-to-end encryption of Facebook Messenger. Galvin adds, Consumers, meanwhile, want more control and privacy over their data yet are often left confused about what that really means and how to make it a reality. Also factoring into the encryption conversation is the protection of voter information leading up to the US election and advancements in facial recognition software."

We can also expect to see more attacks aimed at critical infrastructure and governments according to Alex Heid, chief research officer at SecurityScorecard. "Malicious nation-state actors will continue to focus on malware and ransomware attacks. Nation-state actors don't just want to sell cardholder data on the Dark Web, theyre targeting critical infrastructure such as electricity and water companies.

"In August of 2019, emails sent to US utilities companies contained a remote access trojan as part of a spear phishing campaign. The advanced persistent threat is another in a long line of attacks targeting critical infrastructure.

"With at least thirteen global presidential elections scheduled for 2020, we can expect to see more malware and ransomware attacks attempting to undermine voters confidence."

The ongoing skills shortage will add to problems says Bret Fund, head of cybersecurity at training specialist Flatiron School, "While the average pay for cybersecurity positions in North America is $90,000, pay levels in some areas -- such as local and federal government -- is below what's needed to attract and retain skilled talent. With healthcare, financial services and other large enterprises making it more lucrative for qualified cybersecurity professionals to work in their organizations, local government will be faced with a great cybersecurity skills shortage. Local government agencies will have to think creatively about how they can re-skill their current employee base to meet their cybersecurity needs."

Healthcare is set to come under attack too says Mike Riemer, chief security architect at Pulse Secure, "It is already well-understood that the healthcare industry struggles to secure its trove of sensitive data. But, even as widely discussed as this issue is, the healthcare industry has been slow to adopt effective security measures and quick to embrace an even greater influx of data during digital transformation efforts. As healthcare continues to evolve towards the convenient, self-service model that todays digital-first consumer demands, there will be serious security implications as companies try to control the release of data and information. For example, telemedicine is making patient care extremely convenient, but is the doctor-patient communication secured and encrypted? If not, anyone can intercept the data and communication in transit. How do you secure that information stored on the end-user's phone? The security of any network is only as strong as the weakest link. In this service model, the end-point device is most likely to be compromised and healthcare organizations need to ensure they are meeting all the security and regulatory requirements."

Are there other trends that you think will affect cybersecurity in 2020? Let us know.

Photo Credit: vinzstudio/Shutterstock

Visit link:
The decline of passwords, the rise of encryption and deepfakes cybersecurity predictions for 2020 - BetaNews

It seems like crimeware developers never sleep as defenses rise. They're always on the lookout for different ways of honing their weapons of attack. One of the most recent techniques is a ransomware strain that can force a Windows device to reboot into Safe Mode right before encryption begins, intending to get around endpoint protection.

This particular strain is known as Snatch owing to its authors, who refer to themselves as the Snatch Team. It was discovered by Sophos Labs researchers, who outlined their discovery together with insights into how such gangs break into enterprises and other entities on their hit list.

Were going to explain what Snatch ransomware is, how it works, and how you can remove it from your devices.

Snatch is a fresh ransomware variant whose executable forces Windows devices to reboot to Safe Mode even before the encryption process begins in a bid to bypass endpoint protection that often doesnt run in this mode.

Discovered by SophosLabs researchers and Sophos Managed Threat Response team, the snatch ransomware is among multiple malware constellation components being used in an ongoing series of carefully orchestrated attacks featuring extensive data collection.

The new strain of the ransomware uses a unique infection method that applies sophisticated AES encryption so that users whose machines are infected cant access their files.

Snatch ransomware was first noticeably active in April 2019, but it was released end of 2018. However, the spike in encrypted files and ransom notes led to its discovery and follow up by the team of researchers at Sophos.

Its crypto-virus form attacks high profile targets, but this new strain, created using Google Go program, comprises a collection of tools including a data stealer and ransomware feature. Plus, it has a Cobalt Strike reverse-shell and other tools used by penetration testers and system administrators.

Note: The variant Sophos discovered is only able to run on Windows in 32-bit and 64-bit editions from version 7 through 10.

As a file locking virus, Snatch ransomware has no connections with other strains. Still, its developers released nine variants of the threat, which append different extensions after data is encrypted with AES cipher.

The trick is to reboot machines into Safe Mode, and then the ransomware restricts access to your data by encrypting your files. After that, the hackers try to extort money from you by soliciting ransoms in the form of Bitcoin in exchange for unlocking your files and giving back data access.

Theres a reason why their trick works. Some antivirus software dont start in Safe Mode, and the developers discovered they could easily modify a Windows registry key and just boot your machine into Safe Mode. Thus the ransomware runs undetected by your security software.

The first time its installed on your device, it comes through SuperBackupMan, a Windows service, and sets up right before your computer starts rebooting so you cant stop it in time.

Once installed, the attackers use admin access to run BCDEDIT, a Windows command-line tool, to force your computer to reboot in Safe Mode immediately.

It then creates a random named executable in your %AppData% or %LocalAppData% folder, which will be launched and starts scanning your computers drive letters for files to encrypt.

There are specific file extensions it encrypts, including .doc, .docx, .pdf, .xls, and many others, which it infects and changes their extensions to Snatch so you cant open them again.

The ransomware leaves a Readme_Restore_Files.txt text file note, demanding anything between one and five Bitcoin in exchange for a decryption key, with information on how to communicate with the hackers to get your data files back.

After the ransomware scans your computer completely, it uses vssadmin.exe, a Windows command to delete all Shadow Volume Copies on it so you cant recover and use them to restore encrypted data files. The final step is to encrypt any data files on your hard drive.

Currently, infected files arent decryptable owing to the sophisticated nature of the AES encryption used. However, you still have a lifeline if your computer is infected by restoring your files from the most recent backup.

Snatch ransomware has been targeting regular users via spam emails. But today, the main targets are corporations. By paying such criminals, you not only lose money and have no guarantee that theyll send the decryption key to you, but it also encourages them to continue with their cyber criminality.

If you dont have an updated backup, theres not much else you can do other than wait until security experts come up with a Snatch ransomware decrypter. That could take a long time, but there are other ways you can protect yourself from such attacks.

One of the best ways to remove Snatch ransomware and other malware is to install good antivirus security software such as Malwarebytes or SpyHunter that can scan, detect, and eliminate the threat. Not all antivirus engines can catch it because its an entirely new malware, so its good to scan using several programs.

You can protect yourself and your devices against ransomware attacks by taking simple steps such as downloading software from trusted sources, and avoid opening email attachments from untrusted sources.

Other ways you can protect yourself and your organization from Snatch and other types of ransomware include:

Snatch ransomware may sound almost life-threatening in how it works to paralyze your files and devices. Before you think of paying that ransom, try the steps above to remove the threat and always take preventive measures to ensure this and such threats don't show up on your computer or network.

Next up: If you suspect your phone is infected with ransomware, check our next article to find out how to detect that and remove it.

Last updated on 18 Dec, 2019

Read this article:
What Is Snatch Ransomware and How to Remove It - Guiding Tech