Blog

The latest in Dark Rhino Security news

Top 7 Ways to Make Your iPhone More Secure

Top 7 Ways to Make Your iPhone More Secure

Top 7 Ways to Make Your iPhone More Secure

iPhone security plays an important part in the life of your phone. Even though the iPhone is more secure than Android, there are essential security tips security minded people need to follow.

Traditional security protocols for electronics might include antivirus software or encryption tools, but when it comes to your iPhone, physical theft is probably the most realistic danger no matter what version you have. There's a lot you can do to make sure your iPhone is safe from thieves and worst-case scenario, if your phone does go missing being about to secure your data from thieves.

Tips to Prevent iPhone Theft

There are several anti-theft tips you can employ to make sure your iPhone doesn't get stolen:

  • The obvious: Keep your iPhone close to you. Don't leave it unattended or exposed in your car when you're away.
  • Ditch your White earbuds: The trademark white Apple earbuds are well-known indicators that the headphone cord snaking into your bag is connected to an iPhone. Try a different set or style of earbuds to throw them off.
  • Don't use belt clips: Belt clips aren't great for keeping your iPhone safe in public. Since your phone is exposed on your body and potentially easy to pull off a belt clip, Its just best you don’t use them in crowded public places.
  •  Always be aware of your surroundings: When you're focused on your phone instead of what's going on around you, you put yourself at a disadvantage, and thieves have greater control over access to your phone. If you're going to bury your face in your iPhone or clock out of the real world for a while with your earbuds in, occasionally open your eyes and look around.

Create an iPhone Passcode

The 1st thing you should start with is setting up a passcode. If your iPhone is stolen, the thief needs to know the password before they can get inside it.

You can set a passcode after your phone is stolen, using Find My iPhone, but it's better to implement this security habit ahead of time.

Use Touch ID or Face ID on iPhone

If your device sports the Apple Touch ID fingerprint scanner, you should use it. The same is true of Face ID on the iPhone X.

If you do not want to give up that kind of biometrics data just remember In this digital age If you have ever been on Facebook or other sites where you upload photos you are probably already in a facial recognition database somewhere. As for your fingerprints I suppose this just a matter of if you have ever been fingerprinted or not.

Regardless, requiring your fingerprint or face scan to unlock your iPhone is much stronger security than a passcode that you might forget or that can be popped by a computer with hacking software and enough time.

Enable Find My iPhone

If your iPhone is stolen, Find My iPhone may be one way to get it back. This free iCloud feature uses the phone's built-in GPS to pinpoint its location on a map so that you (or the authorities) can track it down. It's also a great tool for finding lost devices as well.

Control Your iPhone Privacy Settings

Controlling the security of your private data is as important as the physical security of your device. These days, there are more threats than ever to data, including from apps installed on your phone. iOS has powerful, built-in privacy controls.

Don't Jailbreak Your iPhone

Many people advocate jailbreaking your iPhone because it lets you customize a phone in ways that aren't officially approved by Apple, like install apps that have been rejected from the App Store, and download paid apps for free. However, if you want your iPhone to be as secure as possible, stay far away from jailbreaking.

Apple has designed iOS with security in mind, so iPhones aren't as easily subjected to viruses, malware, and other software-based security threats that are common to PCs and Android phones.

The exception is for jailbroken phones. The only viruses that have struck iPhones have targeted jailbroken devices because, by nature, the only way to jailbreak a phone is to lower its security.

While the lure of jailbreaking may be strong, if security is important to you, don't do it.

Make Encrypted iPhone Backups

If you sync your iPhone with your computer, the data from your phone is also stored on your desktop or laptop. This means that the information is potentially accessible to anyone who can get on your computer.

Secure your data by encrypting backups. To do this, plug your phone into your computer, open iTunes, select the Encrypt iPhone backup check box, and set a password. Simple as that.

With an encrypted iPhone backup, you force potential thieves to know the password to unencrypt your data. Keeping your data out of the hands of thieves or prying eyes.

Use Security Apps on Your iPhone

There are several iPhone apps with a primary focus on security and privacy. Most are free, and some have paid options if you want more capabilities.

  • One popular and useful method for securing your iPhone web browsing habits is with a VPN. You can set up VPN access on iPhone either manually through the settings or with a VPN app. There are many VPN service providers.
  • If you're concerned about your iPhone security to the point that you want to stop government spying, you have other options in addition to a VPN. For example, to secure your text messages, use an encrypted messaging app.
  • If you browse the web on your phone, bolster your iPhone security with a private web browser. There are lots of internet browsers out there to choose from
  • Password security is also important. Should someone gain access to your phone, the last thing you want them to find is a list of passwords to your banks and other accounts. Use a password manager to make sure nobody can see passwords stored on your iPhone.

 

Reduce Risks Associated with Ripple20 (R20)

Reduce Risks Associated with Ripple20 (R20)

By: Tyler Smith

Ripple20, CVE-2020-11896 – CVE-2020-11914, is a group of 19 exploitable flaws discovered by researchers Moshe Kol and Shlomi Oberman. Both researchers are of an independent security research group, JSOF, in code created by a company named TreckAccording to Treck’s website, the firmspecializes in “designing, distributing and supporting real-time embedded internet protocols for worldwide technology leaders.” 

This collection of associated vulnerabilitieslikely earned its name from two key factors. Firstthe ‘20’. Simply put, the code library behind it was created roughly twenty years ago. Secondly – the ‘Ripple’ comes from the fact that it is estimated the library containing the vulnerabilities has been licensed for modification and reuse as a dynamic or linked libraryin the code that runs network and internet-connected devicesat a rate that consistently increased year over year. Both the aforementioned factors combined make the moniker apropos in the way it vividly encompasses the associated impact of the vulnerability which is massive and difficult to accurately determine.

According to Carnegie Mellon University Software Engineering Institute CERT Coordination Center’s Vulnerability Note VU#257161, released 16 June, 2020, 

Treck IP network stack software is designed for and used in a variety of embedded systems. The software can be licensed and integrated in various ways, including compiled from source, licensed for modification and reuse, and finally as a dynamic or static linked library. Treck IP software contains multiple vulnerabilities, most of which are caused by memory management bugs. Historically-related KASAGO TCP/IP middleware from Zuken Elmic (formerly Elmic Systems) is also affected by some of these vulnerabilitiesThese vulnerabilities likely affect industrial control systems and medical devices.

Treck’s website, which has added a page called “Vulnerability Response Information”,has already created patch fixes for the vulnerabilities. They are also working with customers to help determine what devices are impacted by the issues.

The specific impact of these vulnerabilities is dependent on several factors including the build versions and runtime options used in the creation of the device in question. More specifically, many of the impacted manufacturers have presented mitigation solutions to combat Ripple20. Directives for mitigations outlined in the CERT advisory recommend users update their products with patches from Treck. Manufacturers like Schneider Electric, Rockwell, and Caterpillar have created pages that specifically address the Ripple20 vulnerabilities.

To help reduce risks associated with Ripple20 (R20):

  • Ensure R20 impacted devices are on isolated networks separate from networks used for regular business and especially ensure they are not accessible from the internet.
  • Use dedicated laptops or tablets to perform any activities on the isolated network designated for R20 impacted devices, ensure those laptops/tablets are only used for servicing devices and not general use
  • Scan all computing devices and digital media/storage, such as DVD or USB, with Anti-virus before addition to the isolated network or use or interaction with R20 impacted devices
  • Control physical access to impacted devices
  • Work with your vendors to identify systems impacted by R20 and patch them as soon as possible 
Quantum Computing Concerns and Race to the Top

Quantum Computing Concerns and Race to the Top

Written by: Giovanna Sunseri 

Concerns with Cybersecurity

The development of quantum computing goes hand in hand with the development of growing concern about the future of cybersecurity. Quantum computing is predicted to change drug discovery, the stock market, gene sequencing, and cryptography (Sham, 2019). Quantum computing is based on the binary number concept of translating the computer’s instructions into 0s or 1s but allows this to be done at the same time allowing for computations to occur at an exponentially faster rate than conventional computers are able. Cybersecurity is built on cryptography, tools, and algorithms that add security layers allowing for secure communication along with keeping the secrecy and integrity of the data being exchanged. The unknown area of quantum computing security can be a cause of concern in regard to the CIA triad. The confidentiality and integrity of information are two-thirds of what embody the fundamentals of security and can become easily compromised due to current cryptographic algorithms becoming superannuated (Stallings and Brown, 2015).  Current cryptographic algorithms are heavily built of prime factorization to create public-private key parts. The most common cryptographic algorithms are AES-256, RSA, and SHA-256. The cryptographic algorithms relying on prime factorization bring many concerns in terms of cybersecurity with respect to quantum computing which allows the prime factorization to be broken down aggressively faster than conventional computers. Additionally, secret keys can be calculated or searched considerably quicker than a conventional computer would ever have the capability to do. This presents an uncertain landscape because even the strongest cryptographic algorithms will be considered obsolete due to this innovation. This influx of cryptographic technologies could lead to widespread security leakages. The growing new territory of quantum computing causes almost a sense of fear and it is predicted, “within the next decade, these machines [quantum computers] will be available to government agencies and large companies around the world, giving them unprecedented access and power,” (Sham, 2019). 

While defense and new security tactics are relatively unknown in regard to quantum computing as the realm of cybersecurity is relatively new itself, tech companies like Google and government agencies are continuously working on new cryptographic ways to increase security against quantum computing attacks. These include lattice-based algorithms, advanced cryptography, and white hat quantum hacking (Sham, 2019).  An advantage of all of these defense methods is that they also will work with conventional computers. Lattice-based algorithms can replace the current cryptographic algorithms altogether and are more secure because they assume the worst-case hardness of certain lattice problems. Advanced cryptography is the development of new algorithms which will be harder for quantum computers to break. Additionally, white hat quantum hacking is a continuous process of tests to find and exploit the weaknesses in emerging algorithms before they are applied in the real world. 

Another unknown with quantum computing is what functions will be created after its inception. Some hypothesize that the computers will be able to work in unison with an AI to systematically evolve the current landscape of encryption. This means we would be able to develop quantum encryption, to be used to hide the actions of these computers and prevent them from accessing secure systems. Though this is largely theory-based, it does have serious plausibility, especially one a firm understanding of the process algorithms is established. 

Race to Quantum Dominance

While there is currently no cyber warfare in quantum computing, there is an arms race between who will be the first to perfect it and put it into production. The current race for dominance is between China and the United States, who ranked second and fourth respectively for the countries with the highest technological expertise (Radu, 2020). Google has been making large advances and their quantum computer completed a mathematical equation in 3 minutes and 20 seconds that a supercomputer would not be able to complete in under 10,000 years (Metz, 2019). This advancement along with the advancements being made by IBM and Microsoft are colossal progressions for the United States, however, there are obstacles due to the millions of dollars it costs to produce these machines. On the other hand, China has spent $400 million on quantum computing and has double the patents as the United States (Metz, 2019).  The winner of this race can prove a lot as it goes further than quantum computing, due to the effects quantum computing will have with artificial intelligence. China is already leading the way on 5G technologies. For any American company to win the title of the supreme quantum machine, it could allow the United States to move ahead of China as the technological leader of the world. 

Works Cited

Metz, C. (2019, October 23). Google Claims a Quantum Breakthrough That Could Change Computing. Retrieved from https://www.nytimes.com/2019/10/23/technology/quantum-computing-google.html 

Sham, S. (2019, July 12). The Impact of Quantum Computing on Cybersecurity. Retrieved from https://www.okta.com/security-blog/2019/07/the-impact-of-quantum-computing-on-cybersecurity/ 

Stallings, W., & Brown, L. (2015). Computer security: principles and practice (Third). Boston: Pearson.

How To Keep Work Efficiency Up With A Remote Workforce

How To Keep Work Efficiency Up With A Remote Workforce

 

In this time of social distancing, it is essential to have high efficiency with a remote workforce. Central to the success of a remote workforce is that employees are self-reliant. Employee enablement has been a term that has been extensively sited in much business literature. If you have to enable employees by definition it means they are not enabled and thus, may not be as self-reliant. The following are some ideas that stem from my personal experience in running an organization that has a substantial amount of its’ function performed with remote operations.

In the cybersecurity business most of the adversaries, we are entrusted by our customers to protect against, operate remotely. As evidenced by the many articles in the press, these adversaries, do it with an efficiency leading to devasting legal, financial, and reputational losses. This is asymmetric electronic warfare and it is mind-boggling to people how very large organizations with numbers of experts in IT Cybersecurity get hacked. Unfortunately, the answer would take a book and is left better for another day.

However, one central theme we can take from the hacker's guide is to have a solid tangible outcome in mind. Hackers, for the most part, want money and secondarily to operate with impunity. This outcome drives all aspects of their behavior and makes them efficient in the exploitations of vulnerabilities. Translated to all of us, all the employees must know and understand the tangible outcomes expected of them, in the short term. In military speak, it is known as the commander's intent. All members of the team know the intent and can fulfill the mission, even if some members of the team are incapacitated.

Re-organize and re-distribute job functions and responsibilities so that they form a layered redundancy for critical functions. In our firm, Dark Rhino Security, one of the key items is ensuring that all clients are made aware of any potential cybersecurity-related incident. Normally, we would have several analysts in our securities operations center (SOC) monitoring a plethora of screens. The Coronavirus epidemic has forced us to reduce the numbers of the people in the physical SOC and enable secure remote access and verification protocols.

These protocols ensure that remote employees can connect securely in a verifiable manner into the SOC and support the customer environments and supplant personnel that may become incapacitated. We are further training up our existing team members to become cross-functional and more generalized from specialized to ensure all critical functions maintain continuity. In your own companies look at establishing multi-layered cross-functional redundancy for critical operations.

Over-communicate, with social isolation, in-office communications are greatly reduced or stopped altogether. It is essential to hold small daily team meetings. This promotes a strong sense of team. A strong sense of team is essential to understanding and fulfilling the commander's intent. Also, over-communicate with your clients. Make sure they know you are continuing to accomplish for them as you work remotely. This may seem obvious, but it is often "the obvious" that gets overlooked. Leverage the technologies of virtual groups to create channels in which your customers and employees can communicate on general needs and topics in near real-time.

 If you do the above you will likely discover gaps in your customer and employee engagement processes. Gaps that may not otherwise have been noticed or addressed. Closing these gaps will make for better customer and employee experience. It will increase the efficiency of delivery and thus revenue. It provides a lasting competitive advantage long after the Coronavirus has faded into memory.

Healthcare Companies & MSSPs: Achieve Your Goals

Healthcare Companies & MSSPs: Achieve Your Goals

Healthcare organizations can utilize MSSPs like Dark Rhino Security to achieve business goals while also reducing legal, reputational and financial risk. This can be done through the prevention of ransomware, assistance with certification requirements and protection of valuable data.

About two years ago, we began working with a healthcare data analytics firm. We implemented our security solutions and part of that suite was Next-Gen Anti-Virus (NGAV) protection. Within two weeks, we received an alert from our NGAV tool; a user attempted to download a file that matched the behavior characteristics of ransomware. Within minutes, our analysts confirmed the file was blocked outright on the user’s device. Additionally, we ensured the cyber threat was quarantined from the rest of the organization and reported the incident to the CEO.

Due to our efforts, the threat was blocked. However, if we had not stepped in, the healthcare firm could have been at the mercy of cybercriminals. They may or may not have recovered from the attack. 

Healthcare companies also leverage MSSPs to fully comply with needs such as HIPAA and Hi-Trust certifications. Based on our past experience, achieving the Hi-Trust certification leads to more business and more incentives from Blue Cross and Blue Shield. I personally assisted one of our healthcare partners to utilize our security offerings and meet the necessary Hi-Trust controls. I also provided written proof of where our technologies met the necessary control. After achieving Hi-Trust, our client said the incentives they’ve received have helped shape their business drastically.

Moreover, Healthcare companies can utilize MSSPs to protect company data and client/patient information. The most interesting case I had experienced with a healthcare partner was an insider threat. One of the company’s employees was attempting to exfiltrate company data. Although in this scenario the data in question did not include any patient information, any attempt made to leak company secrets poses a huge risk to a company’s reputation. Luckily, with our data loss tool, I was able to see the exact data being exfiltrated. I was also able to see the exact USB drive that was conducting the data extraction. We worked with the company’s legal representatives and HR department to send the necessary documentation to the user and recover the designated corporate files. We also informed the user that if this company’s intellectual property ever showed up at a future employer in a product offering, a cease and desist would be sent to the user and to the new employer. After the whole fiasco, we conducted a full recovery of all the extracted files and the user never posed as a threat to the healthcare firm at their future employer. 

Overall, more and more small to medium-sized healthcare firms are becoming larger targets for cybercriminals. Therefore, the need for cybersecurity continues to grow. This dilemma gives healthcare companies two options, they can either invest $250,000 - $500,000 in cybersecurity professionals and security software or utilize an MSSP to serve as a cost-effective means to achieve a solid cybersecurity posture. If you’re interested in reducing company risk and optimizing your business, feel free to email me back at This email address is being protected from spambots. You need JavaScript enabled to view it.

Cyber Basics: Training the End-User

Cyber Basics: Training the End-User

 

Imagine you invest millions in cybersecurity technology. Then, an untrained employee clicks on a link in an email. He just rained on your cyber parade and completely negated every measure you implemented. This scenario would be awful. However, it is not uncommon.

The most vulnerable part of any organization is its end-user.  “Knowing is half the battle,” says Nathan Horne, a senior security engineer.” If you properly train your users, a decent portion of your concern goes away.

Typically phishing or malware occurs because an employee opens an email or goes on a website a CIS admin didn’t block. Unfortunately, you cannot stop the employee from checking their emails or surfing the web on their time off. There is no 100 percent block.

“You can’t protect people from themselves,” Horne says. “Honestly what a good portion of these appliances do is attempt to protect the end-user from themselves, but there is no such thing; You need to train,” he continues.

Start strategically training and watch the incidents drop. People that have the ability to control or direct funds are the most targeted. Therefore, they should be at the top of the training priority list.

Training comes in several forms; To start you can add cybersecurity to yearly corporate compliance training. Tyler Smith, a senior software engineer, recommends educating users that violate company policy.

For example, Smith was previously the head of a DLP program for an enterprise and he would see 200-300 hits on violation of policy. His co-workers suggested staying quiet because the violators were very important and busy people. Smith did the opposite and within 90 days that number dropped by two thirds.

Smith says most of the people violating the company policies were doing so because of broken business practices.

“People want to do the right thing. They just need to know what that is,” Smith says.

News

Subscribe to Our Newsletter

Image
Image

Address (United States)

5695 Avery Road
Dublin, OH 43016

Address (United Kingdom)

31 Sapphire Rd
Bishop's Cleeve
Cheltenham
Glos GL52 7YT

Talk to us

+1 (614)-401-3025

Support