For Security & Protection Specialists
Welcome to the second article in this series looking at cybersecurity and its interaction with the protective and wider security world.
This time we’ll be looking at a collection of tactics used by attackers to bypass security technology by targeting the weakest link – the human in the chain.
The best protection against such SIM swapping methods is simple. Buy a dual SIM phone with a second pay-as-you-go number on a separate provider, which is used only for these authentication purposes. Since nothing is tying the number directly to you, it becomes much more challenging for an attacker to carry out a SIM swap.
In part two of this article on anti-surveillance we shall look at anti-surveillance measures carried out when mobile in a vehicle or on public transport. We shall also look at the various times that a target or person will conduct anti-surveillance measures or drills in order to detect surveillance
Remember that anti-surveillance is defined as the actions that a person would take or do, in order to detect if surveillance is present. The person is aiming to draw the surveillance in by generating two things; multiple sightings and unnatural behaviour. As with our foot anti surveillance drills, when mobile in a vehicle, these drills can also be covert and subtle or overt where it obvious to the followers what you are doing. Again, a number of drills have to be carried out in order to identify surveillance. Just looking behind you does not identify surveillance – it identifies those who are behind you.
When the Data Protection Act 1998 was implemented nearly two decades ago, fewer than 10% of UK households had internet access. The technological world has moved on at an exponential pace since then, and a new law was required to reflect and address the current and foreseeable trends in technology and the use and misuse of personal data by organisations. Massive data breaches seem to be in the news every day now – and it was clear that the security of personal data was not being given a high enough priority.
Although the underlying principle of understanding ‘capability and intention’ and the objective of ‘forewarned is forearmed’ have not dramatically altered overtime, the sheer scale of intelligence available in the Open Source environment means that the greatest risk today is information overload rather than information scarcity.
It is in this context that in order to acquire and analyse asymmetric and potentially outcome-defining intelligence, analysts are required to think more laterally than ever and be able to draw both strategic and tactical conclusions from intelligence which may be independent and accurate as much as it may be deliberately misleading or presented through an emotional prism. SOCial Media INTelligence (SOCMINT) is one such instance of lateral thinking. FINancial INTelligence is another.
Over the course of my career (17+ years), I have heard my fair share of complaints from potential clients indicating that their current surveillance/investigative partner was not achieving the desired results with the budgets provided. The activities and behaviors of people are constantly changing and that forces us as investigators to change our approach and evaluate our practices in order to achieve optimal results.
Cybersecurity is often seen as a niche area which requires a lot of specialist knowledge to apply. This is partly true – in order to configure a web application firewall someone needs to understand how to work with the technology at a very low level. What is often missed, as the technologists take over, is that cyber is still security and the same fundamental principles apply to designing and building effective protections.
Working with a credible Cybersecurity professional means a company should be able to have an up to date and easily understood incident response plan, an improved level of security, both with regards to systems and personnel, and have a trusted expert they can call upon with confidence.
This past March, WikiLeaks dumped 8,761 CIA documents collectively known as “Vault 7.” These documents contained information about what was essentially the government agency’s armory of cyber threats.
They included malware, viruses and Trojans used for espionage purposes. More importantly, they had information about zero day vulnerabilities the CIA had been using to hack computers, tablets, smartphones and other devices for intelligence gathering purposes.
The majority of attacks on mobile devices focused on human exploitation, as found in the Proofpoint Human Factor Report.
