Mondays With Miranda: May 21, 2018
Good morning cyber world. I hope everyone’s Monday morning is treating them well so far! Like always, I have some exciting news to share today, along with a few events that are coming up. First, I want to remind you all about an event that I have mentioned a few times now, that you will be able to catch a few NeQter Labs employees at. The “DFARS Cybersecurity 2.0: The Year of Continuous Monitoring” event is going to be put on at Raytheon’s Freedom Theater, this Thursday, May 24th, from 7:30 AM EDT until 5:00 PM. Be sure to register A.S.A.P. and find our team members there! A few other events that are coming up fairly soon include “SecureWorld Atlanta” and “Campaign Cyber Defense Workshop.” SecureWorld Atlanta takes place at the Cobb Galleria Centre in Atlanta, Georgia next week on May 30-31st. The focus of this event is “connecting, informing, and developing leaders in cybersecurity.” You have the ability to earn up to 16 course credits through educational talks and workshops by industry leaders. This event is only a week away, so if you are planning to go, you might want to register soon! The second event, Campaign Cyber Defense Workshop, is taking place in Boston, Massachusetts on June 4th, at the Federal Reserve Bank of Boston. There will be industry leaders at this event as well, and the focus of this event is to bring together leaders and experts from universities, government, and other industry professionals to discuss security and effective best practices. Subjects that will be covered include everything from data security to countering reputation attacks.
GDPR and Approaching Deadlines
If your organization is either located in the European Union, offers free or paid goods/services to European residents, or even monitors the behavior of European residents, then you are probably aware of the impending GDPR regulation. If not, you might want to find out about it, and fast. Why? Well, because this Friday, May 25th, companies that fall within the groups I mentioned above must be compliant with the GDPR. Before you begin to panic, there are a few key steps that can take to help expedite the process of becoming GDPR compliant. These steps include making your employees aware that their personal data will be processed by the organization under “legitimate interest”. Make sure that you also develop an incident response process, and make sure that your security team is aware of it and knows what to do if an incident does occur. Also, you must provide GDPR awareness and training to all members of your organization, and let them know what the GDPR means for them. Finally, make sure that your Data Protection Officer (DPO) does not have any other responsibilities besides being an expert in data protection, as this will result in a conflict of interest and violate the GDPR.
Watchguard and Honeypots
Last month, at the RSA Conference 2018 in San Francisco, CA, Watchguard had a booth that featured an interesting tactic. As people stopped by Watchguard’s booth, chances are that they connected to an open Wifi hotspot that was stationed at the booth. These hotspots were there purposefully, to log the amount of people who would actually try to connect to an open network, which ended up being an eye-opening experience for Watchguard. Watchguard was able to track the average length of time the people spent connected to these hotspots, and they found that the amount of time was long enough to compromise the connection. This plays into research done by Doug Rickert, who has been experimenting with Cowrie SSH Honeypot, an open source tool. He has seen at least 200 attempts daily, on average, with a few of them by serious hackers who tried to penetrate further into his honeypot. There are many open source products available for setting up a simple honeypot. It can be very insightful to see all of the activity trying to access your network, and I think it is a great tool for those who are simply curious.
Voice Squatting and ‘Alexa’
For those who may not know, Amazon’s Echo home smart device, which features ‘Alexa’ as the voice-controlled personal assistant, allows you to control it with your voice, telling it to play music, make phone calls, send and listen to messages, turn lights on and off in your home, provide news, weather, etc. Even though this is an extremely convenient device, is it really that safe? Researchers have recently discovered “voice squatting,” which is a new way to snoop on Google Home and Amazon Echo devices. For these home assistants, applications are commonly referred to as “skills”. To try to infiltrate these devices, hackers have been creating “malicious skills,” which are invoked when a user says specific commands. These skills can continue to record audio in a person’s home after the device is supposed to stop recording. For example, researchers registered a skill called “rap game” which sounds similar to the actual skill “rat game.” The two can be easily confused, and hackers hope that when the user asks for the “rat game,” that the attack skill will actually be registered instead, allowing them a way in. Researchers found that the devices would launch the fake/malicious skill more than 50% of the time, when the user called the actual skill. This tactic has successfully been used on both Amazon’s Echo and the Google Home devices. I don’t know about you, but this makes me want to never use any voice activated IoT devices.