THE TIBERIUM BLOG - recent events, threats, and all things cyber

Biding My Time

When President Biden was asked this week whether he was prepared for his summit with his Russian counterpart (President Putin), he replied  “I’m always ready,”. As answers go, an interview winner for sure.

It has been some time since the world of cyber security has been mentioned so publicly by the Capo dei capie, most memorably (to the legacy amongst us) by President Clinton in 1993 about the ridiculous proposal to out a government ‘Clipper chip’ in personal devices in order to be able to backdoor them. The fact that this was a physical chip is almost certainly amongst the reasons that the proposal came to nothing. A picture paints a thousand words. More on this later.

It has been drawn to our attention that this blog may well be in danger of turning into a Russia/Eastern Europe/China commentary mini-series. If only the majority of State sanctioned IP theft and business disruption together with organised crime driven extortion (currently led in the form of Ransomware) didn’t originate in these territories we might be able to change the record, How we wish we could.

Regular readers (we are not worthy) may recall through tormented braincells that we updated a prior blog to include the fact that, after intervention by Mr Putin, sorry – the Russian Government, the (misspelt) Russian crime outfit Conti decided to decrypt the Irish Health Service (HSE) for no fee. Would you imagine? Fancy that. A Unicorn.

In the world of surveillance and Mince Pie activity, having read loads of John le Carré, Mick Herron and even Hans Helmut Kirst, we are fairly certain that knowing party X called party Y and obviously had the number, can be nearly as important as the content of the call (“I set fire to your house” being an exception).

Back to the point. It has been reported that at the sit-down, sorry summit, Biden firmly instructed Putin to get the cyber criminals of Russia under control and, furthermore, to not interfere with American critical national infrastructure. Or else.

Unlike the usual sternly worded letters of The United Nations, which have presumably been used to kindle many a dacha fire, President Biden, flashing his massive kahunas, asked Vlad how he might feel should his oil pipelines be shut down.

Ransomware attacks were at an all time high in many sectors including healthcare and education earlier this month. Do we think that this stark threat will in any way reduce ransomware attacks from Russia? We really hope so, but think probably not that much. Time will tell and we will report on round two of the new Cold War as it happens. Shall we play a game ?

We think that ransomware attacks are not going to significantly reduce any time soon, no matter the pressure. Of course there may be a small dip as the current operators are dragged to the Gulag but in the long term, they simply make too much money.

That is why Tiberium puts ransomware prevention, detection and automated response front and central of our FROST and MYTHIC managed services. Automatically configuring your existing systems to ‘best practice’ when we deploy, often in a single day, significantly improves your security posture from the outset.

Unlike many other security providers, we measure your security posture before and after deployment and do this continuously. This is presented in our online scoring dashboards which enable you, supported by our expert team (our collaboration is driven by a world’s first Microsoft Teams integration), to make informed operational and investment security decisions.

But do not believe the flippant words of our blog, contact us at: XXXX and we would love to show you our products and explain how they deliver so much more than others, at the speed of automation.

Now, remember about the Clipper chip right back at the start of this blog? In comedy they call this a ‘callback’. There is however, nothing at all funny about the next bit.

Viewers of ‘legacy’ entertainment products, such as commercial  television and non subscribed streamed content may well have seen advertisements or ‘messages’ in the last week or so from WhatsApp.

You may recall that the reason why you moved to Signal, Wire or something you think is more secure that Facebook owned WhatsApp was because WhatsApp changed its privacy policy in order to be able to share your data.

There have been many calls from many Governments including the current UK outfit to mandate messaging software providers, like WhatsApp, to include a back door in their warez. WhatsApp is pushing back in these recent advertisements.

Obviously we are not in favour of any backdoors in messaging or anywhere else, preferring the recent takedowns of criminals using device infiltration in the case of EncroChat, or more outrageously using a former coder for gangster devices to start a whole encrypted phone business run by the FBI. Genius. Surely these have to be better than the potential for mass surveillance?

Some (well, a fair bit) of the end-to-end  encryption used by WhatsApp, Facebook Messenger and Skype use the Signal protocol designed and written, at least in part, by an anarchic (so it would seem) Moxie Marlinspike.

What many people haven’t read about is the fact that the Signal protocol was developed by a company called Open Whisper Systems (started by Marlinspike and Brian Acton). It is alleged in many circles (and corners) that Open Whisper Systems was funded, at least in part, by the United States Government via the very shady Radio Free Asia supposedly part of the even more shady ‘Broadcasting Board of Governors’ or BBG.

So do they need a backdoor at all, or are they just biding their time? People may well care less because there is no physical ‘Clipper Chip’. If you can’t see it, touch it, feel it…..

If you have time, please read all about it and make your own minds up. `We would love to have a chat about it. Who knows, we could even organise something informal after lockdown if you are interested?  Do let us know!

Share on: