Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Security Concerns. Show all posts

Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations

 

A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications.

Valued at under $1,000, an employee of the Romanian Defense Ministry purchased an eight-port switch and two surveillance cameras from Hikvision, a Chinese company with purported ties to the Chinese military. Notably, both the United States and Britain have blacklisted Hikvision due to identified data and security vulnerabilities.

Although there is currently no evidence of breaches at the Deveselu military base, an investigation by RFE/RL's Romanian Service revealed that Hikvision and Dahua, another Chinese company partly owned by the government, supply surveillance equipment to at least 28 military facilities and numerous other public institutions involved in national security across Romania.

While Romanian authorities assert that the equipment is used in closed-circuit systems without internet connectivity, experts argue that vulnerabilities in firmware could still pose risks, enabling remote access, data interception, and network attacks. Despite these concerns, Romania does not impose restrictions on the use of Hikvision or Dahua equipment, unlike some NATO allies such as the United States and Britain.

Both Hikvision and Dahua refute allegations of being security risks and claim to promptly address vulnerabilities. However, critics like Romanian parliament member Catalin Tenita argue that existing legislation could justify banning these companies' products.

The Romanian Defense Ministry maintains that its surveillance systems are secure, emphasizing strict testing and evaluation procedures. Similarly, the Deveselu Naval Facility, operated by U.S. forces, declined to comment on Romanian military purchases but emphasized their commitment to regional security.

NATO, while not formally banning third-country equipment, encourages vigilance against potential security risks. Secretary-General Jens Stoltenberg cautioned against reliance on Chinese technology in critical infrastructure, echoing concerns about Hikvision and Dahua's involvement.

Despite assurances from Romanian authorities, the history of vulnerabilities associated with Hikvision and Dahua equipment raises concerns among experts. Romanian institutions, including law enforcement and intelligence agencies, defend their procurement decisions, citing compliance with national legislation and technical specifications.

Some Romanian lawmakers, like Senator Adrian Trifan, advocate for further investigation and scrutiny into the prevalence of Hikvision and Dahua equipment in national security sites, underscoring the need for immediate clarification and review of procurement procedures.

Meta Rolls Out Default End-to-End Encryption on Messenger Amid Child Security Concerns

 

Meta Platforms (META.O) announced on Wednesday the commencement of the rollout of end-to-end encryption for personal chats and calls on both Messenger and Facebook. This heightened security feature, ensuring that only the sender and recipients can access messages and calls, is now immediately available. 

However, Meta acknowledges that the process of implementing default end-to-end encryption may take some time to be fully carried out across all Messenger accounts. While users previously had the option to activate end-to-end encryption for individual messages, Meta's latest update aims to establish this advanced privacy measure as the default setting for all users. This signifies a noteworthy enhancement in safeguarding user data. 

Privacy Safety Issues 

In introducing encryption, Meta emphasized that the content of messages is now inaccessible to everyone, including the company itself, unless a user opts to report a message, as mentioned by Loredana Crisan, the head of Messenger, in a post unveiling this update. To make this decision, Meta collaborated with external experts, academics, advocates, and governmental entities. Their joint efforts aimed to pinpoint potential risks, ensuring that the enhancement of privacy goes hand-in-hand with maintaining a safe online environment, as highlighted in Crisan's announcement. 

Why Law Agencies Criticizing the Move? 

Meta Platforms' move to introduce default encryption on Messenger has drawn criticism from various quarters, with notable voices such as Home Secretary James Cleverly and James Babbage, director general for threats at the National Crime Agency, expressing concerns about its potential impact on detecting child sexual abuse on the platform. 

In a disappointed tone, Home Secretary James Cleverly highlighted the significance of Meta's decision as a setback, particularly in light of collaborative efforts to address online harms. Despite this disappointment, he stressed a continued commitment to working closely with Meta to ensure the safety of children in the online space. 

James Babbage, director general for threats at the National Crime Agency, echoed this sentiment, characterizing Meta's choice to implement end-to-end encryption on Facebook Messenger as highly disappointing. He emphasized the increased challenges their team now faces in fulfilling their role of protecting children from sexual abuse and exploitation due to this development. 

Let’s Understand E2EE 

End-to-end encryption (E2EE) in messaging ensures the confidentiality of messages for all parties involved, including the messaging service. Within the framework of E2EE, a message undergoes decryption exclusively for the sender and the designated recipient, symbolizing the two "ends" of the conversation and giving rise to the term "end-to-end." 

"When E2EE is default, we will also use a variety of tools, including artificial intelligence, subject to applicable law, to proactively detect accounts engaged in malicious patterns of behaviour instead of scanning private messages," the company wrote. 

While numerous messaging services claim to provide encrypted communications, not all genuinely offer end-to-end encryption. Typically, a message undergoes encryption as it travels from the sender to the service's server and subsequently from the server to the intended recipient. Nevertheless, in certain instances, the message may be briefly decrypted when it reaches the server before undergoing re-encryption. 

The nomenclature "end-to-end" encryption is apt because it renders it practically impossible for any intermediary to decrypt the message. Users can place confidence in the fact that the messaging service lacks the technical capability to read their messages. To draw a parallel, envisage sending a letter secured in a locked box, of which solely the sender and the recipient possess the key. This physical barrier for anyone else mirrors the digital functionality of E2EE.

ChatGPT Enterprise can Boost AI Adoption by Addressing Business Concerns


With the introduction of ChatGPT in November 2022, interest in AI has seen a massive lift. While it has made people envision the revolutionary potential for enterprises, it has also raised several concerns. 

Security concerns in regard to adopting AI have resulted in several tech giants restricting the usage of ChatGPT. One of the security concerns is the fear that their users’ information will be used by AI to enhance their model, which seems quite possible. 

Further concerns include trustworthiness, training data up to 2021, limited customization, and occasionally inaccurate responses. 

In order to allay these concerns, OpenAI has introduced ChatGPT Enterprise, designed specifically for enterprises. In addition to advanced features like customization options, this edition promises improved security and quicker replies.

According to Rowan Curran, a senior analyst for Forrester, these security updates and plugins will eventually motivate enterprises to adopt AI technology. Early adopters of ChatGPT Enterprise include Canva and PwC. Danny Wu, the head of AI products at Canva, emphasizes the advantages of productivity. Users will be able to train the AI using their own data thanks to OpenAI, which will increase its utility. 

However, it seems like ChatGPT Enterprise should also not be trusted. According to legal consultant Emma Haywood, ChatGPT Enterprise could still possess risks when generating content. Compliance with SOC 2 and OpenAI’s data usage promise enhances its status, but GDPR and contractual duties still apply.

It must also be noted that ChatGPT Enterprise is not one of its kind, since it now has several competitors from other AI platforms such as Microsoft’s Azure AI and Bard, Google’s generative AI. In order to find the most suitable AI platform, businesses look into several attributes like cost, performance, and security.

Regulatory concerns have also been raised with the developments in AI regulations made in the EU, the US and the UK. Customization could make the distinction between user and provider more hazy and complicate regulatory issues.

ChatGPT Enterprise attempts to address security and usability issues for enterprises, yet obstacles still exist, highlighting the changing face of AI in the corporate world.

Several other reasons indicate why ChatGPT might not be ready for enterprises, such as: 

  • Developing malware: Malware can be created by the same generative AI that creates ethical code. Additionally, users have discovered that they can easily get around ChatGPT's restrictions, despite the fact that it rejects requests that are overtly illegal or sinister.
  • Phishing scams: Cybercriminals may quickly create highly convincing content using generative AI, personalize it to target particular victims (spear phishing), and adapt it to match a variety of mediums, including email, direct messaging, phone calls, chatbots, social media commentary, and phony websites.
  • API attacks: It is being speculated that cybercriminals might utilize generative AI to discover the specific vulnerabilities in APIs. Theoretically, attackers may be able to direct ChatGPT to examine API documentation, compile data, and create API queries in order to find and exploit vulnerabilities more quickly and proficiently. 

Security Concerns Escalate as Unsafe VPNs Pose Major Threat to Businesses

New research conducted by Zscaler has revealed that an overwhelming majority of organizations worldwide are facing a significant issue with unsafe Virtual Private Networks (VPN). According to the report, a staggering 88% of these organizations expressed deep concerns about the potential for breaches stemming from VPN vulnerabilities. 

The primary worries among respondents were related to phishing attacks, accounting for 49% of the concerns, closely followed by ransomware attacks at 40%. These findings highlight the critical need for enhanced security measures and vigilance when using VPNs for regular business operations. 

What is VPN? 

A Virtual Private Network (VPN) plays a vital role in ensuring cybersecurity by establishing a secure and encrypted network connection for users accessing the internet via public networks. The encryption process employed by VPNs serves to safeguard sensitive data and communications, preventing unauthorized access. 

Furthermore, VPNs obscure users' online identities, making it difficult for malicious individuals to monitor their internet activities or compromise personal information. This real-time encryption and privacy mechanism offers organizations and individuals an added layer of online security, guaranteeing the confidentiality and integrity of data during internet usage. 

How VPN works? 

Imagine a Virtual Private Network (VPN) as your secret online protector. When you use a VPN, your internet traffic takes a detour through a special remote server managed by the VPN host. So, instead of your data directly coming from you, it appears to come from the VPN server. 

This clever trick hides your real IP address from your Internet Service Provider (ISP) and snoopy third parties. It's like wearing an invisible cloak online. The VPN acts like a filter, turning all your data into a secret code that nobody can understand. 

Even if someone manages to catch your data, it will be gibberish to them – totally useless. So, you can surf the web with peace of mind, knowing that your online activities stay private and secure. 

How is it becoming a threat? 

A significant number of organizations, almost half of those polled, reported being targeted by cybercriminals who exploited vulnerabilities in their chosen VPN services. The vulnerabilities mainly stemmed from using outdated protocols or experiencing data leaks. 

Over the past year, one-fifth of the organizations experienced at least one attack, while one-third encountered ransomware attacks specifically aimed at their VPNs. These findings highlight the importance of keeping VPN services up to date and implementing robust security measures to safeguard against potential threats. 

Another concerning aspect is the potential for third-party vendors to become targets of exploitation, leading to successful supply chain attacks. External users, such as contractors and vendors, often have varying security standards and may not provide adequate visibility to their partners. 

Managing external third-party access is a really tough challenge, as the researchers pointed out. Making sure these external connections are secure is super important because it helps prevent any possible breach that could mess up the entire network and compromise data integrity. It's like locking the doors tightly to keep the bad guys out.

To combat these challenges, businesses are turning to an exciting approach called Zero Trust architecture. Imagine it as a digital bouncer at the entrance of your network party. In this model, no one gets a free pass. Every user and device must prove their identity, even if they are already inside the trusted corporate network.

Picture this: before anyone can join the party, they have to show their ID, and their devices must pass a security check. Once they are in, they only get access to the areas they really need – no sneaking into the VIP section. It is all about granting the least privilege access to keep potential threats at bay.

By adopting Zero Trust, companies create a super-safe environment where everyone has to earn their place and only gets what they need. This way, the network stays protected from any unwelcome gatecrashers.


5G Security Vulnerabilities Concern Mobile Operators

 

As 5G private networks become more widely available in the next years, security may become a major concern for businesses. According to a report presented at the Mobile World Congress on Monday, significant gaps in mobile operators' security capabilities still prevail. 

According to the GSMA and Trend Micro report, 68 percent of carriers already sell private wireless networks to enterprise customers, with the rest expecting to do so by 2025. However, these may not be ready for prime time in terms of security: For example, 41% of surveyed operators claimed they are having difficulty addressing vulnerabilities connected to 5G network virtualization. 

In addition, 48% of them indicated they don't have adequate internal knowledge or resources to find and fix security flaws at all. For 39 percent of surveyed operators, a restricted pool of mobile-network security professionals is a contributing cause to the problem. 

5G Networks: Diverse Architecture, Diverse Risks 

As 5G networks are essentially software-defined and virtualized, they are a significant change from previous wireless networks. In 5G, network operations that were previously defined in hardware are transformed into virtual software capabilities that are orchestrated by a flexible software control plane. In 5G, even the radio access network (RAN) air interfaces are software-defined. The concern is that this opens the door for a slew of new exploitable flaws to appear throughout the architecture, in places where they have never been exposed before. 

William Malik, vice president of infrastructure strategies at Trend Micro, told Threatpost, “Because so much of the environment is virtualized, there will be a lot of software creating images and tearing them down – the volume of virtualization is unlike anything we have experienced so far. The risk there is that we do not know how well the software will perform under such huge loads. Every experience with distributed software under load suggests that things will fail, services will drop and any vulnerability will be wide open for exploitation.” 

“Think about the traffic at a major port – much of the work is not done by individuals but by application software coordinated by scheduling and orchestration software. If you can take this over, you can dump containers into Long Beach Harbor, or ship 2,000 pounds of Cream O’ Wheat to your neighbor. In the port of Amsterdam, the bad guys took over the scheduling software and actually had containers full of guns, drugs, and in some cases, criminals delivered without inspection into the port then smuggled onwards throughout Europe,” he added.

Moreover, rather than transmitting all data to the cloud for processing, 5G employs multi-access edge computing (MEC), which implies that data created by endpoints is analyzed, processed, and stored at the network edge. Collecting and processing data closer to the client decreases latency and gives high-bandwidth apps real-time performance, but it also creates a new footprint to secure, with new data pools distributed over the network. 

Malik added further, “We’re focusing on corporate 5G implementations, generally called NPN – non-public networks. In these environments the 5G signal is restricted to a specific area – a port, a distribution center, a manufacturing facility – so we don’t have random devices connecting, and every application and device can be authenticated (note that this is not an architectural requirement but it is a really good idea). Even with that, the 5G network will be a very efficient way to move data around the site, so if malware gets into something, it will spread fast.” 

According to the survey, MEC is a crucial part of half (51%) of the operators' plan for serving enterprises' private network demands in the next two years. Only 18% of the operators polled that they provide security for both the edge and endpoints. 

Best Practices for 5G Private Network Security:

“The bad guys will try to take over the 5G network by either sneaking some rogue software into the mix, using a supply-chain attack like SolarWinds; or sneaking past authentication to launch their own processes that can crypto mine (steal resources), exfiltrate data, or initiate a ransomware attack,” Malik predicted. 

Even though security skills are currently lacking, nearly half of the operators polled (45%) believe it is essential to invest in security to meet their long-term enterprise revenue targets – compared to only 22% in 2020. 

Due to COVID-19, 44 percent of operators have observed a spike in demand for security services from their enterprise clients, and 77 percent of operators see security as major income potential, with 20 percent of 5G revenue expected to come from security add-on services. 

The 3GPP, which is in charge of wireless network specifications, has included various security features in the 5G specification. 

According to Malik, certain security practices must be implemented: 

-employ technologies to detect activities that are malfunctioning like a process that starts encrypting everything it can touch. 

-take frequent backups and double-check that they are valid to aid recovery from an assault. 

-purchase technology from reputable sources and make use of reliable integrators to hook things up. 

Malik told Threatpost, “Best practices for securing these NPN environments would include authenticating everything and everyone – that’s the idea behind zero trust. You have to prove you are who you say you are before you can do anything on the network.”