Internet Security Threat Report 2013 : Recommendations from Symantec

The Internet Security Threat Report for the year 2013 has been released by Symantec , which of-course is alarming. The report is well organized and also provides recommendations and possible solutions to the listed threats. I am quoting the recommendations from Symantec straight from the report.

Protect Yourself Against Social Engineering. 

For individuals as well as for businesses, it’s essential that people learn to spot the telltale signs of social engineering, which can include undue pressure, titillation or a false sense of urgency, an offer that is literally too good to be true, bogus “officialese” in an attempt to make something look authentic (for example, lengthy reference numbers), implausible pretexts (for example, a Microsoft  representative” calls to tell you that your computer has a virus), and false quid-proquo offers (for example, receive a free gift when you provide personal or confidential information).

Avoid Ransomware. 

Avoid marginal websites and, in particular, pirate software and adult sites. Do not install unsolicited plug-ins or executables if prompted to do so, even on legitimate websites. Consider using advertising blocker software in your browser. Ensure that your computer is up to date with the latest patches and updates to increase your resistance to drive-by Web infections. Keep backups and recovery disks so you can unlock your computer in an emergency. And, of course, have effective, up-to-date security software.

Think Before You Click. 

That unsolicited email from a known acquaintance, such as your mother or coworker, may not be legit. Their account may have been compromised, if they’ve fallen for a social engineering trick.

Antivirus on Endpoints Is Not Enough.

On endpoints (desktops/laptops), signature-based antivirus alone is not enough to protect against today’s threats and Web-based attack toolkits. Deploy and use a comprehensive endpoint security product that includes additional layers of protection, including:

•  Endpoint intrusion prevention that protects against unpatched vulnerabilities from being exploited, protects against social engineering attacks, and stops malware from ever making it onto endpoints;
•  Browser protection for protection against obfuscated Webbased attacks;
•  Heuristic file-based malware prevention to provide more intelligent protection against unknown threats;
•  File and Web-based reputation solutions that provide a risk-and-reputation rating of any application and website to prevent rapidly mutating and polymorphic malware;
•  Behavioral prevention capabilities that look at the behavior of applications and malware and prevent
malware;
•  Application control settings that can prevent applications and browser plug-ins from downloading unauthorized malicious content;
•  Device control settings that prevent and limit the types of USB devices to be used.


Note: The entire article is available at the symantec website. 

Are GSM phone calls secure?

Its 2010 and its time to double check the security of GSM phone calls. GSM (Global System for Mobile communications: originally Groupe Spécial Mobile) is the most widely used standard for mobile communication . The GSM encryption algorithm which was designed 20 years back is of no match to today's computing power or technological advances. GSM's A5/1 function uses a 64 bit encryption key to secure the phone calls which is too insecure considering the cpu power and storage of todays machines.

The algorithm must have seemed a lot more secure twenty years back when cpu cycles were expensive. Nobody cared to replace the A5/1 function when researchers first discusssed practical attacks on GSM.

German security expert Karsten Nohl demonstrated how easy it really is to hack into GSM cell phones,(Read news here) including those used by AT&T and T-Mobile customers in the U.S. He had launched an open-source, distributed computing project designed to crack GSM encryption and have successfully compiled it into a code book that can be used to eavesdrop on gsm phone calls. It is open source and is open to public. This can also mean that your neighbor might be already listening to your calls.

Anyone including you can listen to someone else's phone call. According to the German security expert "All you need is Two USRP radios, a beefy gaming computer, and a handful of USB sticks can already decrypt many calls". Here it goes. You record a call and then decrypt it. Recording requires some radio equipment, which can cost you $1,500[will get cheaper now] . The device is called a Universal Software Radio Peripheral device. One direction of a call can potentially be intercepted from a kilometer away while catching both directions requires you to be in the vicinity of the victim. Decryption is then done using the code book the community produced. The more you spend on the hardware, the faster you can decrypt the call. Commercial interceptors can decrypt within seconds [means less than the time taken by someone to answer an incoming call].

This post is just to make people aware about the insecurities of using a GSM network and is not intended to encourage hacking into it. if more people are aware about this they can force the operators to do something to enhance their security levels. The next generation function : The A5/3 which is used in 3G networks are still considered more secure as they have not been cracked yet.

So in this new year keep your confidential matters in 3G. Happy 3Ging.

TechiSolutions wishes you all a Happy and secure year ahead
L1F3, k33p 1t 51mpL3


References
A5/1 Security Project
Insecurity Complex