By Anton Scott.

Major operating systems such as Windows, Mac and Linux have never been as secure as some may believe them to be. As with any system, the main point of vulnerability is often the user; opening the wrong link/attachment, vising the wrong site, and installing suspicious software can open the floodgates for malware. These are all examples that a non-aware user can fall prey to, and in a world of growing cyber-threats, individuals & companies alike must take more precautions to avoid being targeted and taken advantage of.

Virtualisation is becoming a standard for many corporations as it provides an extra, solidified layer of defence in the event of a breach. Whilst most files or programs you open will run on your “Host” machine, virtualisation provides an isolated bubble for your OS to run in, by dedicating sectors of your hardware to create a virtual machine (VM).

Containment

This is a highly effective method of elevating your device’s security as any rogue programs running on the system will be limited to and only to the virtualised environment. Take this analogy for example. When a virus invades your body, your immune system triggers a response for white blood cells to encapsulate and isolate the foreign entity in order to prevent the spread and further damage the virus could cause to your body. This is exactly the case in the event of a virus, worm or type of malware infecting your computer system; The threat is contained within the VM and can therefore not spread or damage your host machine, which may contain your important files & personal data.

Resilience

VM’s also provide a convenient feature called “snapshotting”, where the state of the system can essentially be saved at any chosen time (known as taking a snapshot), then restored to a previous snapshot when required. This is specifically useful following a mishap such as a system failure or type of breach, as the machine can be reverted to its last known working state. Your presets & files will remain intact and your future self will thank you for it.

Privacy

Furthermore, if you are concerned with the growing issue of your online data being collected and sold by devious conglomerates (a sad but inevitable truth), you may be able to put your mind at ease by utilising a VM. “Fingerprinting” or “profiling” is a common way in which services online tie your devices and data to your identity and is used to predict your online habits, log your preferences and recommend you products/services. An entire online profile is built uniquely for you, hence the name “fingerprinting”.  Although quite impossible to avoid once you already have an online presence, operating systems like ’Whonix’ can run in a VM to promote anonymity online by relaying your network traffic through anonymous networks such as Tor.

Such setups require time to configure but can be useful if you’re serious about masking your identity online & giving a middle finger to the prying data harvesters. Ultimately, VMs are very practical systems which can offer the everyday user an elevated level of security which in turn can promote ease of mind. They are not compulsory by any means, but the growing use of them is a step in the right direction to limiting the damage caused by cyber-threats. And of course, it always helps to remember – if you protect your system, you protect yourself.

By Diana Ion.

Too many times overlooked by common security measures, side channels can offer attackers new avenues for information gathering and possibly much more. 

A simple definition of a side-channel is something that enables you to find out something about a thing without directly observing that thing.   

Think of a quiet neighborhood during wintertime.  All roofs are covered by snow, except for one. Naturally, you would think about something shady going on there and you could be right. Meth labs release a lot of heat and the effect of this on the snowy roof gives you information about what is possibly happening inside without you needing to actually look. This is an example of a thermal channel. 

Another example that should be familiar to you from one of the spy movies you have watched, is the classic trick of using a stethoscope to listen to a safe’s mechanism while rotating the dial with the obvious aim of opening the safe. The side channel in this case is the sound. 

Up to this point, it should be clear that a side-channel constitutes a consequence of a particular action. Now it comes the most interesting part.  Cryptographic implementations are based on computations at the bit/byte level. While performing these computations, computers are using electric power. If you are observing the power trace from a chip running AES or DES on an oscilloscope, you will see discernable patterns coming from the number of rounds, the memory access, or other algorithmic detail. This process is called simple power analysis and is a type of direct implementation attack.  

An implementation attack targets faults in the hardware/software implementation of an algorithm and not in the design of the algorithm per se.  

A more advanced attack that can also be used to find the key used in AES encryption is differential power analysis. Here, the attacker needs access to the device for collecting power traces during normal AES encryptions. With an available set of measurements, the attacker creates a model of the side-channel, inputs a hypothetical key, takes the given output, and performs a statistical analysis between his output and the real output. Perseverance and patience must be employed.  

I am curious sometimes and, during one lazy quarantine day, I decided to give it a try myself and break AES encryption with power analysis. I found a dataset of measurements online and wrote a Python script. The key size was 128-bits, meaning 16 bytes. Probably you know that AES-128 consists of 10 rounds with each round, except the last one, performing some particular operations (SubBytes, ShiftRows, MixColumn, AddROundKey). If these are unfamiliar to you, please do a Google search for AES rounds. To make my life easier and prove that the key is breakable, I only attempted to break the first byte of the key, after the SubBytes operation.  This means running through all the possible key values for the first byte (0 through 255), encrypting the plaintext with each one and compare the end results.

I will not go further into detail as I do not want you to get bored. My point here is that faulty implementations can leak sensitive.  Do not underestimate the ingenuity of attackers when talking about methods for speeding up computations. There are profile attacks and deep learning techniques that need only a small number of measurements to break the encryption. Common methods of combating side-channel attacks are usually divided into ‘hiding’ and ‘masking’.  These can be done at any level: transistor level, program level, algorithmic level, or protocol level. We will explore these in a future article. 

By Chloe Wood.

It has been 99 days since Boris Johnson announced to the UK that we will be going into lockdown due to Covid-19. This lockdown saw us swap our offices, to make-shift home set ups. Although lockdown rules are starting to be eased in the UK, (I’m sure we all can’t wait for a pint in the pub on the 4th), it would appear working from home is going to be our new normal, for the foreseeable future. During the pandemic, naturally our focus has been on staying safe, and protecting the NHS. However, with a 600% increase in phishing alone, a lot of us are working remotely making ourselves and our data vulnerable to cyber criminals.

So, before we get into how to protect our digital assets, let’s see why cybercrime has increased. Naturally, to work remotely we need some sort of internet connection, which of course opens a huge range of vulnerabilities. We are away from the security infrastructure of the office environment. Yes, you cannot really see the cyber security within your office but taking your device away from the office infrastructure means you no longer have the security provided by things such as firewalls and IP blacklists.

Cyber security can be hard to implement completely, even for the professionals, so this post will address the 5 common threats to remote workers and outline some simple techniques to mitigate against them.

PHISHING

As I mentioned before, phishing scams have skyrocketed since the end of March 2020. This includes traditional scams and the introduction of new scams exploiting our fear and worry of Coronavirus.

To mitigate against phishing, if possible, all work should only be carried out on corporate devices – especially if a Bring Your Own Device (BYOD) policy has not yet been thoroughly designed and delivered. Not only will this ensure you have the protection of the security controls implemented by your organisation, but it will help your IT guys manage this new, remote digital infrastructure the lockdown has created. This means the IT team can manage the corporate devices as normal, allowing them to monitor all activity on the network, which is vital if anything malicious starts appearing.

To really adopt a defence-in-depth approach against phishing we cannot just rely on the technical side of security, we can also use our own knowledge and education. It is so important to stay updated on what type of scams are going around, which can easily be done by visiting IT Governance “Catches of the Month”. By educating ourselves about this, we can stay alert when we go through our inbox. Alongside knowing the specific scams about at the moment, its always best practice to become suspicious of any emails asking to input sensitive data, such as your card details, no matter how legitimate the email appears. If you receive an email like that, always try and verify it before clicking on anything included in the email, such as messaging the person its claiming to be from in another way which is not email (phone call, skype message). Phishing scams play on a sense of urgency, forcing us to make quick decisions with huge consequences, so always take your time to verify the authenticity of the email. 

UNAUTHROISED ACCESS TO CORPORATE NETWORKS

To ensure you are not allowing anyone unauthorised to access the network, it’s best to use an encrypted network. Now, I know this can sound quite technical, but you are probably already doing it. Most up-to-date home Wi-Fi networks provide this type of security, in the form of allowing you to set up a password to your Wi-Fi connection. Make sure you have changed your password to something different than the default one you were given. This can be done simply by logging into your router, which can be done by inputting your routers IP address (usually you can find this somewhere on your router) into the address bar of your web browser and logging in. Then go to the wireless settings tab and input your desired password in the password field. Remember it is always best practice to change passwords regularly.

As you are working remotely, it would make sense to use remote access security controls, specifically two-factor authentication. This is super easy to implement, I personally like to use the Google Authenticator app on my smartphone to generate one-time codes for all my logins.

ENSURE PRIVACY WITH A VPN

To create an encrypted network connection that authenticates the user and encrypts data in transit between the user and the network, a Virtual Private Network (VPN) should be used. Most corporate devices should have this set up for you already, but do not worry if your organisation does not have a state-of-the-art tech team, most business routers and some small home routers have built in VPN capabilities.

The two VPN technologies you should be interested in are OpenVPN and IPsec. OpenVPN is for those of you still accessing a business router, whereas IPSec is supported by lower cost, home routers. Both technologies can be configured by logging into your router and, most often than not, clicking a few boxes.  Once you have OpenVPN configured, you should install apps on the device that will access your brand-new VPN. These can be found on the OpenVPN website, then install and configure them with the files generated while setting up OpenVPN on your router. If you are using IPSec VPN, this is usually built into most devices, so you won’t have to go through the same app installation process as OpenVPN.

UNAUTHORISED ACCESS TO SENSITIVE INFORMATION

With modern day laws and regulations, such as the General Data Protection Regulation (GDPR) not taking any prisoners when it comes to dishing out fines and the current economic situation not looking too great, it’s probably best we all scrub up on our data protection techniques to avoid those hefty fines.

Information leakage can be easily avoided if we take the right precautions, especially when it comes to emailing information. You should try and avoid emailing sensitive information, instead adopt the use of corporate intranet resources, perhaps a SharePoint team site, to share working files – this is also super convenient at making sure files stay up to date! Obviously, when we’re all working from home adopting a new method isn’t the ideal situation, so if using the intranet is not possible and you do have to email sensitive information make sure you apply email sensitivity classifications in your email subject.

Alongside, these preventive measures we also need to adopt detection techniques. This can be achieved by installing updated anti-malware and anti-virus software. It is always best practice to keep any software on your device updated. To do this turn on your auto-updates and regularly restart your device. I know updates often do not seem to make any different to the app, but they regularly patch against vulnerabilities found in older software versions.

STAYING SAFE DURING VIDEO CALLS I’m sure now we’re all very used to Zoom calls both for our professional and personal lives, so I don’t need to give you a run down on how easy that is to use. However, the one bit of security advice I can offer is do not share the virtual meeting URL’s on any public facing platforms, such as social media.

How do u know that you are your mother’s child?

How can you be sure that the chef in that restaurant did not spit in your lasagne after you complained that the service was too slow?