This document discusses cyberespionage and cryptography in the modern IT era. It notes that communications are now digital and pervasive, making mass wiretapping cheap. It recommends choosing a secure voice and text communication solution that uses open internet standards and protocols to protect information, as mobile networks are insecure and government espionage and mass surveillance are threats. The solution should balance usability, security, and allowing users their preferred devices.
How to Troubleshoot Apps for the Modern Connected Worker
Cyber Warfare - Milan 2015
1. Cyberespionage and cryptography: protecting
information in the Information Technology era
June 2015
Marco Pozzato
CTO PrivateWave Italia S.p.A.
2. Once upon a time...
In old ages
●
Paper and envelops
●
Horses or vehicles
Espionage was:
●
expensive and time consuming → no mass scale
●
invasive and visible
3. 3rd
Millennium
Nowadays
● Voice: landline and mobile
● Asynchronous messaging: SMS, email
● Instant Messaging: whatsapp, facebook
Communications are:
● digital → espionage is transparent and undetectable
● pervasive → mass wiretapping is cheap
4. Mobile Networks Are Insecure
●
GSM is broken!
●
Cracked in 2011 with 20$ hardware
●
UMTS is theoretically flawed, practically secure
●
Phones are dual mode → a jammer forces
them to GSM protocol
5. Threats
Privacy, Business and national security
threats:
●
Government espionage
●
Mass surveillance
●
Industrial espionage
Secure Voice & Text Communications
6. Choose Secure Communication Solution
●
Define Risk Context
●
Who are my attackers?
Which factors affects decision?
7. Technologies & Networks
●
Data Over Voice (DoV) codec → impractical
●
Circuit Switched Data (CSD) → phased out
●
TETRA → expensive devices and poor network
coverage
Solution is
Secure
Voice
over
Internet
Protocol
8. Usability and Devices
● Secure Phone: hard security
●
Blackberry OS 5/6/7: push email
●
Iphone: cool device
●
Android: power users and geeks
●
Blackberry 10: security & EMM
Users want their beloved smartphone and apps
9. Software VS Hardware
● HW with Crypto SD card
–
Expensive
–
No SD card trend in new devices
–
Not replaceable
● SW only
–
Cheap
–
Flexible
–
Easily replaceable