Someone’s listening: The real reasons you need to encrypt your calls and texts - WTOP

---

Someone’s listening: The real reasons you need to encrypt your calls and texts - WTOP Posted: 01 Apr 2019 12:00 AM PDT This content is provided by Blackberry In the movies, it's easy: the federal agent answers his phone and receives a tip, then calls his wife and apologizes for missing dinner, then dials his boss and discusses urgent matters of national security, all with his personal mobile phone. But that's the movies. In real life, there are reports of fake cellphone towers in Washington D.C. scooping up conversations indiscriminately, and easily available $20 thumb drives that can turn a laptop into a listening device. Mobile phone conversations are remarkably easy to capture. It can be dangerous for federal employees and contractors to discuss even unclassified sensitive information via mobile phones, much less nuclear launch codes. But BlackBerry is trying to change that. BlackBerry has a phone application called SecuSUITE® for Government that enables government agencies to make highly – encrypted secure phone calls both mobile to mobile, as well as mobile back to a landine within the agency's network. NATO Communications and Information (NCI) Agency has recently deployed BlackBerry's SecuSUITE® for Government to encrypt the conversations of its technology and cyber leaders on standard iOS and Android devices. The main issue with secure communications up until now has been complexity. Satellite phones are large, heavy and must have line of sight to the satellite, meaning they can't be used indoors. Other custom systems designed for classified use are expensive and require multiple components to be used in concert with the phone. Some federal executives even have to have special assistants to manage their secure communications when they travel due to the complexity and size of the systems. But BlackBerry's system is much simpler. "It's basically an app that looks just like a standard cell phone dialer," said David Wiseman, Vice President of SecuSmart, BlackBerry. "You make your phone call, you have your contacts, you have your call history, you have your text messages, if someone knows how to use a cell phone to make a phone call, they know how to use the system. So it really lowers that barrier in terms of end user adoption." BlackBerry's system secures a call by running it through a centralized server owned and operated by the agency. It's a completely private, IP-based system, so the message traffic is still secured even if the phone is on WiFi. BlackBerry's system is certified compliant with the National Security Agency's National Information Assurance Partnership (NIAP) and Commercial Solutions for Classified (CSFC) program as wells as with the NIST 140-2 standard. And this is done in a manner that allows agencies to remain fully compliant with existing audit and record keeping regulations. "The way it works is, there is a centralized server, and all of the activation of the client software on people's cell phones, or tablets, is done in conjunction with that server in an out of band manner. So you are able to establish a clear chain of trust," Wiseman said. "And that's how you can be confident when receiving a call or message that it is actually from real trusted member of the network, because they have a properly certified and activated copy of the application on their device. And then whenever you make a phone call, it routes between the phones through that server with fresh encryption keys established for each call. The server's also monitoring for any potential security, voice quality or signal quality issues and addressing them. The server also has the ability to connect the mobile calls securely into the existing office phone networks so you can speak with someone as their desk." And it was not built just for encryption purposes, but also to protect from phishing and other social engineering attempts, like number spoofing. "There was recent news about some congressmen receiving texts that they thought came from the Vice President's office based on caller ID, but they didn't," Wiseman said. "We protect you from those types of social engineering attacks. Using our secure app, you can have confidence that who you're talking to is who they're supposed to be, and that what you say, is properly protected." Wiseman said BlackBerry has a few use-cases in mind for this kind of secure system. For one thing, any U.S. government employees who are stationed or operating overseas, from diplomatic staff to inspectors to law enforcement, needs a secure way to communicate with their coworkers and headquarters, especially if they're dealing with organized crime, adversarial governments or other national security concerns. Similarly, federal employees, even those working domestically, who feel as though their role might cause them to be targeted for information gathering purposes could benefit from this technology. And finally, it could allow federal employees who have to work with classified or sensitive information to telework more easily, without having to have special communications equipment installed in their homes. "There's a lot of risk right now, in terms of mobile communications, even with the latest, new LTE and 5g networks currently being deployed or planned, even those have published vulnerabilities on a large scale," Wiseman said. "People are aware of that, but they just kind of ignore it. And a lot of the reasons they ignore it is because alternatives are pretty expensive or complex to use, so what we really focused on is providing security that mitigates all of those known risks, but doing it in a way that someone is just using a regular phone, they're making a regular phone call, and they don't have to do anything special in learning how to use the system."

2020: The Year of Fake News, Covid-related Scams and Ransomware - PRNewswire Posted: 25 Nov 2020 05:30 AM PST Covid-19 Fakes and Scams In addition to fake news, Covid-19-related fake shops and malware made their rounds in 2020. A number of scams circulated, designed to take advantage of people searching for information around the virus, and associated topics such as supplies of face masks and ventilators. Avast identified malvertising campaigns being adapted to the situation, fake shops and products like cures and medication for the virus being "sold" online, the World Health Organization's name and logo being exploited to deceive people into inadvertently downloading malware in messages containing coronavirus and other related terms in malicious files spreading via email, SMS, and other malware. Also, via its mobile threat intelligence platform, apklab.io, Avast tracked more than 600 malicious apps including mobile banking trojans and spyware, posing as apps that offered some sort of a Covid-19-related service. Fake news spread during the pandemic, including fake news alleging that Bill Gates has created or financed the creation of Covid-19 in order to sell vaccines, and gain power over the world. Other examples of fake news during the pandemics include conspiracy theorists speculating democratic governments using the virus as an excuse to turn their systems into autocracies, and that 5G was responsible for the spread of the coronavirus. Ransomware attacks In the beginning of the year, Avast saw an increase in ransomware attacks in the early pandemic months. Ransomware grew by 20% during March and April in comparison to January and February this year. Multiple ransomware attacks targeted hospitals this year, despite threat actors publicly stating they would stop targeting hospitals. Avast was involved in helping hospitals and other businesses infected with ransomware, including the Brno University Hospital in the Czech Republic, which is also a testing center for the coronavirus, and was infected with Defray777. Healthcare institutions were attacked by Maze ransomware, which steals data before encrypting it and threatens to release hostage data if the ransom is not paid. This year, in what could be the first known case of a fatality linked to a ransomware attack, a patient passed away as she needed to be transferred to a different hospital after a ransomware attack affected a hospital in Dusseldorf, Germany. In addition to ransomware attacks against healthcare institutions, companies like Garmin, Jack Daniels and the Ritz London were hit with ransomware. Other notable victims of ransomware attacks in 2020, which paid ransom demands up into the millions, include the University of California San Francisco, Travelex, and defense contractor Communications & Power Industries (CPI) in California. Working From Home challenges The pandemic forced many companies to send employees home to work remotely. According to a survey conducted by the European Foundation of the Improvement of Living and Working Conditions, nearly half of the European employees surveyed worked at home at least some of the time during the Covid-19 pandemic, and of these, one-third reported working exclusively from home. Employees took their company devices home which broadened the attack surface for companies, as the home network infrastructure usually isn't as secure as an enterprise network. Also, with millions of workers around the world using Remote Desktop Protocol (RDP) daily to remotely access their business network, this tool has become a strong cyber-attack vector. In 2020, Avast has monitored a rise in attacks specifically designed to exploit RDP in order to execute widespread ransomware attacks. Deepfakes taking off Deepfakes, particularly pornographic deepfakes appeared in 2020, including explicit deepfakes of TikTok users. In a talk at Avast's Cybersec & AI, Connected virtual conference Professor Hany Farid of UC Berkeley noted that technology is evolving quickly, making it easier and easier for deep fakes to be created, and the rate at which deep fakes can spread is also increasing due to social media. Farid also noted that " nothing has to be real anymore ", meaning that people will believe fakes, especially when it comes to political deep fakes.  Phishing attacks Phishing is a lucrative way of stealing people's money and personal information and is an evergreen technique used by cybercriminals that did not slow down in 2020. While Covid-19 related phishing attacks surged in March with 7.9% using themes related to the virus in that month, the impact on overall phishing numbers was small, with less than 1% of global phishing attacks using Covid-19 as a theme throughout the year. Mobile Adware creators leveraging social media channels to promote their "products" Out of all Android threats Avast detected in 2020, adware was the dominant malware, with a share of nearly 50% in Q1, over 27% in Q2 and 29% in Q3 out of all Android threats. The HiddenAds family, a Trojandisguised as a safe and useful application but instead serving intrusive ads, stuck out in a special way, as it continuously found its way back to the Google Play Store over the course of the year. Avast also found scam apps on the Apple App Store. Avast alone found more than 50 scam apps on the Google Play and Apple App Stores in 2020, that needed to be removed by Google's and Apple's security teams. Stalkerware Stalkerware is a growing category of malware with disturbing and dangerous implications. Avast identified parallels between the use of stalkerware and the lockdown time in the spring. Stalkerware is typically installed secretly on mobile phones, without the victim's knowledge, by so-called friends, jealous spouses and partners, ex-partners, and even concerned parents, and tracks the physical location of the victim, monitors sites visited on the internet, text messages, and phone calls. The Avast Threat Labs discovered a 51% increase in Android spyware and stalkerware from March through June, in comparison to the first two months of the year. According to a paper published by researchers from Brigham Young University in the US, who compared domestic violence calls for service in 14 large US cities before and after social distancing began at the beginning of the year, there was a 10.2% increase in calls. Looking back " The pandemic did not slow down cybercriminals, instead they seized the opportunity of people spending more time online to adapt old tricks to spread various types of fakes, scams, and to target major businesses with ransomware , " continued Luis Corrons. " While technology today is a great resource for us all to stay connected and keep up communications and work, we advise people to stay extra conscious and cautious about what they see online and verify things they come across before trusting news, apps, links, sales offers, and even video content, as they could be manipulated. " About Avast: Avast (LSE:AVST), a FTSE 100 company, is a global leader in digital security and privacy products. With over 435 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company's threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Visit: www.avast.com. CONTACT: [email protected] SOURCE Avast Related Links www.avast.com

You are subscribed to email updates from "file encryption,encryption on cell phones,how to encrypt cell phone calls" - Google News. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States