Monday, January 30, 2017

The 4 Biggest Digital Security Breaches of 2016

The global digital security realm was put in a precarious position over the past year with several serious breaches happening in countries across the world. Yahoo achieved hacking history not just once but twice. Millions of compromised DVRs and webcams crashed the Internet for users in the US, and Russian voting results were placed under scrutiny after the balloting system was allegedly hacked. And that's only a fraction of the cyber calamities that took place this past year. Let's take a look at the 'stars', maybe we can learn something and make 2017 safer.

1. Ransomware Holding Files Hostage

A fangled and very nasty new type of malware reared its head in 2016: Ransomware. Ransomware kidnaps files through encryption, holds them hostage and then demands payment before releasing them. Many variants of Ransomware made the news in 2016, the scariest one an amateurish version called Ranscam that deletes files whether you pay or not. Ransomware became so popular as a method of exploitation that it affected as much as half of all businesses in the US.


2. Yahoo was Hacked

In case you were wondering what happened with Yahoo, in September the company revealed that its users were severely compromised when over 500 million accounts were hacked. To make matters worse, it was later disclosed that the hack actually happened in 2014 - which means that hackers had access to sensitive user information for years. As if this is not enough, in December it was revealed that more than a billion users were already hacked in August 2013.


3. Apple Stopped Patching QuickTime

QuickTime was once one of the most pervasive pieces of software on PCs as it was crucial for watching videos in early days. Today of course, the situation has changed, and there are several video options to choose from, which is a good thing. Why? Because after two serious vulnerabilities were uncovered in the QuickTime software early in 2016, Apple decided that fixing these issues was too much of a mission and rather decided to condemn QuickTime for Windows. In other words, if you're using QuickTime for Windows on your PC, it might be a good idea to look for additional video viewing options.

4. SWIFT

There was also the SWIFT hack in which a Bangladeshi bank was attacked by hackers targeting their software. SWIFT very swiftly reached out to security professionals from outside to contain the widening hacking epidemic.

Believe it or not, these four major breaches were not the only serious security breaches in 2016. Even the NSA was hacked this past year. Internet security safety is rapidly becoming a very serious global issue with a veritable army of 'smart' devices linked together in the ‘cloud’, we are becoming more and more vulnerable. Let's hope that active cyber defense evolves as quickly.

Friday, January 6, 2017

How Secure are Messaging Apps?


The EFF Explores Messaging App Security

Most of us can hardly remember the time when a telegram was the quickest way to send a short message. Many don’t even know what a telegram is (or was). We now not only have mobile devices to send instant messages anywhere in the world, we also have a massive range of messaging apps to choose from. Understandably, popular apps like BBM, Hangouts, WhatsApp, Snapchat, and iMessage have millions of users around the globe with no idea whether these are secure methods of communicating or not. The Electronic Frontier Foundation (EFF) decided to find out just how secure these apps actually are and launched a campaign to achieve this.

A Secure Messaging Scorecard

The EFF developed a scorecard with which messaging apps can be rated. It uses criteria like whether messages are encrypted in transit and whether the encryption is to such an extent that the provider can’t access the content. It also looks at whether the code is available for independent review, if it has been audited, and if the security design is well documented. The scorecard is the first phase of what is known as the ‘EFF Campaign for Secure & Usable Crypto’ and the findings were quite interesting. 

Security vs. Popularity

The apps that scored the highest in terms of security included: Signal, ChatSecure, CryptoCat, and TextSecure. Have you even ever heard of any of these?st at all. On the other hand, the better-known apps like Skype, WhatsApp, Viber, Facebook chat, Google Hangouts, and BBM did not score well at all. The only mainstream app that did relatively well is Apple’s iMessage. Will this research serve as encouragement to trendy app vendors to beef up their security? Otherwise people who are conscious of security will only have the option to message likeminded people on the more secure apps, or start sending telegrams again.