TAG | hacking
Kaspersky recently announced the discovery of a new Advanced Persistent Threat (APT) that they are calling DarkHotel. This is in the fine tradition of giving all newly discovered hackers or vulnerabilities clever and evil sounding names. In this case they have found something quite interesting.
For the last 7 years a group has been systematically targeting executives and government officials staying at high end hotels. They hack their computers and grab their files, sniff their keyboards, and install virus that can then spread within the victim’s organization. (more…)
Two new attacks on Tor were recently announced.
UPDATE: According to Errata security the NBC story about the hacking in Sochi total BS. Evidently: They were in Moscow, not Sochi. The hack was from sites they visited, not based on their location. They intentionally downloaded malware to their Android phone. So, as a traveler you are still at risk, and my advice still stands, but evidently the environment is not nearly as hostile as reported.
According to an NBC report, the hacking environment at Sochi is really fierce. After firing up a couple of computers at a cafe, they were both attacked within a minute, and within a day, both had been thoroughly compromised.
While you are vulnerable anywhere you use the Internet, it appears that attackers are out in force looking for unwary tourists enjoying the olympics.
Make sure you take precautions when you travel, especially to major events like the Sochi Olympics.
- Enable whole disk encryption on your laptop (FileVault for Mac and TrueCrypt for Windows), and always power off your computer when you are done, rather than just putting it to sleep.
- Turn off all running applications before you connect to any network, particularly email. That will minimize the number of connections your computer tries to make as soon as it gets connectivity.
- Enable a VPN like Anonymizer Universal the moment you have Internet connectivity, and use it 100% of the time.
- If you can, use a clean computer with a freshly installed operating system.
- Set up a new Email account which you will only use during the trip. Do not access your real email accounts.
- Any technology you can leave behind should be left back at home.
The Internet has been buzzing with reports of the recently leaked NSA exploits, backdoors, and hacking / surveillance tools. The linked article is good example.
None of this should be news to anyone paying attention. Many similar hacking tools are available from vendors at conferences like BlackHat and DefCon.
We all know that zero-day exploits exist, and things like Stuxnet clearly show that governments collect them.
Intentionally introducing compromised crypto into the commercial stream has a long history, perhaps best demonstrated by the continued sales of Enigma machines to national governments long after it had been cracked by the US and others.
This reminds me of a quote I posted back in March. Brian Snow, former NSA Information Assurance Director said “Your cyber systems continue to function and serve you not due to the expertise of your security staff but solely due to the sufferance of your opponents.”
One can focus on making this difficult, but none of us should be under the illusion that we can make it impossible. If you have something that absolutely must be protected, and upon which your life or liberty depends, then you need to be taking drastic steps, including total air gaps.
For the rest of your activities, you can use email encryption, disk encryption, VPNs, and other tools to make it as difficult as possible for any adversary to easily vacuum up your information.
If you are of special interest, you may be individually targeted, in which case you should expect your opponent to succeed. Otherwise, someone hacking your computer, or planting a radio enabled USB dongle on your computer is the least of your worries. Your cell phone and social media activities are already hemorrhaging information.
OS News has an interesting article: The second operating system hiding in every mobile phone
It discusses the security implications of the fact that all cell phones run two operating systems. One is the OS that you see and interact with: Android, iOS, Windows Phone, BlackBerry, etc. The other is the OS running on the baseband processor. It is responsible for everything to do with the radios in the phone, and is designed to handle all the real time processing requirements.
The baseband processor OS is generally proprietary, provided by the maker of the baseband chip, and generally not exposed to any scrutiny or review. It also contains a huge amount of historical cruft. For example, it responds to the old Hays AT command set. That was used with old modems to control dialing, answering the phone, and setting up the speed, and other parameters required to get the devices to handshake.
It turns out that if you can feed these commands to many baseband processors, you can tell them to automatically and silently answer the phone, allowing an attacker to listen in on you.
Unfortunately the security model of these things is ancient and badly broken. Cell towers are assumed to be secure, and any commands from them are trusted and executed. As we saw at Def Con in 2010, it is possible for attackers to spoof those towers.
The baseband processor, and its OS, is generally superior to the visible OS on the phone. That means that the visible OS can’t do much to secure the phone against these vulnerabilities.
There is not much you can do about this as an end user, but I thought you should know.