ICYMI: Quantum encryption; FBI ransomware alerts; Ipv6 VPN services; Android mobiles; Ransomware
Android gets 97% of mobile malware
ICYMI: Quantum encryption; FBI ransomware alerts; Ipv6 VPN services; Android mobiles targeted; Ransomware hits 1 in 3 UK companies.
Quantum leap: Untangling Toshiba's 'unbreakable' encryption
Claims in the Japan Real Time blog that Toshiba is developing a ‘foolproof' quantum-cryptography system that cannot be breached' should be taken with a quantum of salt.
The Toshiba system uses photons delivered via custom fibre optic cables which are not connected to the internet. The one-time key is the same size as the encrypted data, so decoding without the correct key would be impossible as there will be no repeated use of the pattern; Toshiba predicts commercial use may be possible within a decade or two.
Back in 2010 MIT Technology Review reported a successful attack on a commercial quantum cryptography system, discrediting terms such as ‘foolproof', though perhaps attacks could become unviable.
More often than not, when encryption has failed it's generally because someone has done something wrong rather than the encryption itself being at fault. It is almost never the cryptographic means that are attacked and breached, it is always the implementation weaknesses. The NSA and GCHQ didn't succeed in breaking non-flawed, standard crypto... so the bottom line is that quantum crypto is solving a non-issue.
In short, quantum cryptography hasn't found its killer app yet. Until it does, it will remain something of theoretical interest only – no matter how unbreakable it is claimed to be.
FBI 'alerts world' on cryptographic ransomware spread
The FBI's own Internet Crime Complaint Center (known as IC3) has highlighted the “continued spread” of cryptographic ransomware around the world.
The FBI's alert points to the CrytoWall ransomware family that emerged in April 2014, noting the impact goes beyond the ransom fee itself as many victims incur additional costs associated with network mitigation, network counter-measures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers.
The FBI's advice if you receive a ransomware popup or message on your device alerting you to an infection, is to immediately disconnect from the Internet to avoid any additional infections or data losses.
One way businesses and individuals can minimise the impact is to keep multiple layers of security in place to block these threats in the first place and also keeping a robust back-up system that would minimise the fallout if an infection actually does occur.
VPN services at risk from IPv6 vulnerability
VPN service users could be at risk from hackers thanks to the way that providers handle IPv6 traffic.
Researchers found that 11 out of 14 popular VPN providers had a vulnerability in the way that they dealt with the emerging internet technology. The team found that many VPN providers only protect IPv4 traffic and not the newer protocol.
According to Dr Gareth Tyson, one of his researchers noticed that while a VPN service should have placed him in the US, he was still registered as being in Britain. “The service wasn't doing what it should have been doing,” he said. That prompted an investigation and his team discovered the IPv6 leakage vulnerability.
He said that it was possible to avoid the problem – (as TorGuard, PrivateInternetAccess, VyprVPN and Muilvad were doing). “There were disabling IPV6; if you were connected to the service by using IPv6 they would disable it.” Tyson said that his researches had not identified any attacks in the wild but he said there were certainly some plausible scenarios. “There are two forms of attack - a passive one, which would involve using the IPv6 leak to collect data on users or a more active attack, for example, by creating a WiFi hotspot and advertise it as The Cloud. If users want to use VPN, they'll think they're protected – but they won't be.”
Companies have been working on a fix but there has yet to be any official announcements.
97% of malicious mobile malware targets Android
While 97 percent of mobile malware threats aim at Android, iOS isn't left untouched
Ciaran Bradley, chief product officer at AdaptiveMobile, told SC that there was a philosophical difference in business models between Apple and Google. Apple runs a completely locked down ecosystem where it has complete control over what a user can install on their own phone.
“Google gives people a choice, and with that choice comes responsibility,” said Bradley. “They recommend that people always stick to official channels such as Google Play when downloading apps but they do give people the choice to install apps from other sources. Bad actors will try and get people with Android phones to install malicious apps on their phones using social engineering techniques.
David Kennerley, senior manager for Threat Research at Webroot, comments: “Like with any device on a network, threat protection should be installed and kept up to date. Communication between the organisation and its employees is also vital – the risks and potential consequences need to be understood by employees, but organisations need to understand and respect the now slightly blurred boundary between personal and private.” He said.
Nick Cook, chief innovations officer at Intercede told SC that protecting against malware and spyware is possible on many Android devices by making use of the right features of the phone. “The Trusted Execution Environment (TEE) ... is already being used by big Enterprise Mobility Management companies to enable businesses to roll out BYOD on Android devices.”
One third of UK companies beset by ransomware
More than a third of UK firms has suffered a ransomware attack by hackers, according to the research published by IT security firm Eset. The survey of 200 security professionals found that 84 per cent of respondents believed their company's reputation and infrastructure could be seriously damaged if a ransomware infection happened to them.
Nearly a third (31 percent) admitted they would pay up a hacker's demand for cash if their machines were hit by a ransomware infection because the alternative would mean losing all the data on their computer.
Mark James, security specialist at ESET, told SCMagazineuk.com that ransomware is “...so effective that once the files have been encrypted, users as well as businesses who do not protect themselves by backing up their data or using a good internet security product see no way out except to pay the ransom”.
George Quigley, partner in KPMG's cyber-security practice said “ this threat is real and it exists because of two factors. The first is that the expertise can be bought, you don't need to be an expert to do this. The second is that the economics make it more than viable. Companies should revisit their risk assessments in light of this and make sure that they are still appropriate. Remember that dealing with this will require a mixture of training and awareness and a security aware culture in addition to technology measures.”