5 Biometric Authentication Techniques That May Reach You Soon

Certainly, we have witnessed the growth of biometric authentication methods over these years. Some of these methods like Face recognition, fingerprint identification, retina scan, voice scan, etc. will be familiar to you. Here, let’s find out some techniques that can make a changeover on tomorrow’s biometric authentication discussions.

1. Cognitive Biometrics

It’s an authentication technique relies on a user’s reaction when brought in touch with a familiar photo, video, etc. for example. There would be equipment like Electroencephalogram, Electrocardiogram to receive these nervous responses. The stored responses will be validated with new responses created by making the same stimulus again on that person.

2. SkullConduct

This technique was actually formulated by few German scientists to provide users a more secure access to their devices. As the name SkullConduct says, it involves the use of a human skull. A head-mounted device will emit an ultrasonic sound that passes through one’s head creating waves of unique frequency bounce around their heads – so as to create noticeable patterns that unique for each person. This technology has somehow managed to enter the mainstream of biometric by its partial implementation in Google Glass.

3. Breathprint

Recently, some swiss scientist figured out an authentication technique using a breathalyzer and assigned a name for this technique – Breathprint. “Whatever we exhale is unique to us”- This is the core idea and the reason behind the development of this technique.

4. DNA Profiling

None of us would be unaware of the current DNA profiling techniques that are more commonly known by the names DNA fingerprinting, DNA testing, etc. The most acknowledged factor of this molecular level authentication is that the chance of two people having the same DNA profile is less than one in a million. Astounding developments are supposed to occur in this field in the upcoming years.  And, DNA profiling hasn’t grown much beyond forensic applications till now. However, as per the recent studies, DNA profiling can even use to predict the appearance of a person in the near future.

5. Even a Cough Can!

What more? Even the voice coming out from our throat would be used for authentication purposes in future! All types of audible emissions from your throat like a cough, gulp, etc. whichever having a particular frequency can be analyzed and use as a valid authentication method.

As the cyber world expands to new horizons, there would be more and more personal data involved around it. The current user authentication techniques are supposed to become obsolete soon. So, the less intrusive technologies with enhanced security characteristics are bound to find their places.

Beware! Any Website can be Hacked, even the Most Secure One

HEIST, it’s the name of attack technique unveiled by security researchers at KU Leuven. It’s given a definition also – HTTP encrypted information can be stolen through TCP-Windows.

Seems baffling?

Let’s try to figure out.

Recently, Mathy Vanhoef and Tom Van Goethem, PhD researchers in KU Leuven took a short briefing on this subject. They explained how they could able to track vulnerabilities of some secure websites.

I’m interested in quoting some of the main points from this briefing.

The idea of HEIST comes from the background of the number of attacks against SSL/TLS over the last few years. Without the existence of an adversary that’s capable of manipulating network traffic, it wasn’t able to figure out vulnerabilities of these SSL/TLS channels that were attacked. Here’s where HEIST came. It could able to exploit flaws in network protocols without sniffing to network traffic.

How it Works?

In HEIST, it’s possible to compromise an encrypted website using only a JavaScript file that’s hidden in a maliciously created ad. This can measure the size of the encrypted response and thus set up an attack its own. And, with another technique, it can able to pick sensitive information from encrypted data traffic including banking details.

Possible Ways to Avoid such a Situation

Tom Van Goethem also says, disabling third-party cookies in the browser is the only way to prevent attacks at least in the short term. And, it won’t be a heavy task. Most of the today’s browsers, it’ll be On by default. The internet browser used to access sensitive websites should be clean, lacking unwanted plugins or ad-ons. Other browsers can be set to receive cookies.

Conclusion

These type of studies have a great impact in indicating the vulnerabilities in network security. At least some internet browsing programs would become aware of these flaws, and some of them may bring security patches. Anyway, thanks to KU Leuven researchers for figuring out this vulnerability

How to Get Rid of a Ransomware Attack?

In a recent article, I have covered the effect of Ransomware as a cyber-security threat. Hope, all you have read it. This time, I just want to share some tips for helping you to get rid of ransomware attack.

Certainly, Ransomware attacks are on the rise, more than ever. Every day, you may read about some info on this threat, if you are a constant follower of information security related news. It has become as one among the favorite tools of cyber criminals – as it’s very profitable, making a million-dollar market. For Symantec, this number has reached even £3 million a year.

What to do After Ransomware Attack?

As you know, your computer can be infected by two types of ransomware- lock screen ransomware and file encryption ransomware. If the ransomware type infected on your machine is file encryption type, you can try to get rid of your system from that. Following steps may be useful for you then.

  • If your system is part of a network, remove it immediately from the network.
  • Check for available restore points, using which you can restore your computer to a “last known good configuration”. (Before doing this, it’s good to make a copy of encrypted files for future analysis)
  • Restart your machine in Safe Mode and Scan it using an antivirus software.
  • Know the type of Ransomware detected on your PC (You can use an online service called ID Ransomware for that).
  • If you have identified the type of Ransomware, download a ransomware decryption tool to get your data back.

Be Safe from Ransomware Attacks in Future

To minimize the chances of Ransomware attacks in future, you can take some precautions like:

  • Don’t visit unsafe, suspicious websites.
  • Don’t open email attachments from suspicious sources.
  • Beware of unsure links in emails or social media.
  • Protect your computer with a strong anti-spyware and enable Firewall.

Follow Safe with Tech Social channels for the latest updates on Cyber Security and Privacy news.

 

Ransomware- Past, Present and Future

The term “Ransomware” is quite familiar in cyber security circles now. But, imagine a situation 10 years back- where you’re seeing an alert message on your PC such that your machine/files are locked up and demanding a ransom for unlocking it. Might be hard to conceive, right?

Yes, ransomware can infect your PC’s any time if you aren’t prepared well. Once infected, they may either encrypt your personal files (like Cryptolocker) or block your entire PC access (like WinLocker).

Through various methods, a ransomware can reach on your PC – visiting malicious websites, opening spam emails, opening suspicious email attachments and through many other ways.

Rise of Geographic Tracking Ransomware

Remember Joseph Edwards, a 17-year kid from Berkshire, who hanged himself after receiving a fake police warning to pay a fine of 100 pounds for browsing illegal websites. The case was reported on 2012. It was a ransomware, Reveton (also called Police Ransomware or Police Trojan) infected on Edward’s PC.

Reveton had a specialty. It was capable of tracking geolocation of its victim. Thus, people leaving in the US used to get the warning message from FBI whereas for French people, the messages would be labelled from Gendarmerie Nationale.

CryptoLocker Arrives

It was on 2013, the infamous file encryption ransomware program CryptoLocker, hit for the first time. According to University of Kent’s 2014 security research report, 1/30 systems affected by this ransomware, and 40% of those paid the ransom.

Experts have suggested several measures to mitigate the severity of a CryptoLocker attack. But, these attacks are only increasing in number. In the very next year, CryptoWall, a close variant of CryptoLocker, affected many PCs globally.

Keith Jarvis, Dell SecureWorks counter threat unit researcher, presented a threat analysis report on these ‘CryptoWall’s. By his report, CryptoWall affected 625,000 victims within 5 months encrypting 5.25 billion files and collecting more than $1 million in ransoms!

Future of Ransomware

Joe Marshall is a security researcher at Cisco Talos. In his opinion, in future, we’ve to expect the threat from “self-propagating” malware or cryptoworms.

In a threatpost article, he has shared his thoughts on this. He says “This new ransomware is a mix of old and new. It has adopted self-propagating properties of worms and malware of the past. And it has new tricks when it comes to traversing corporate networks laterally to find the most vulnerable targets,”
Here’s an infographic on ransomware.

Ransomware - Infographic

Share this Image On Your Site

How Machine Learning is Reshaping Cybersecurity?

The growth of machine learning as a discipline is embarrassing. There’s no doubt that machine learning has shown its potential to enhance search recommendations – by effective analysis of patterns. Day by day, applications of this field are increasing- including text processing, video analysis, voice recognition, email spam filtering, search recommendations, and more.  But, a question is quite relevant here. Can machine learning make an impact on cyber security discussions?

Starting with an online retail portal. Search recommendations are mandatory for an online business. The base of all these search predictions is determined by some data points. All of a customer’s previous data- including recent searches, shopping history, etc. All these collected data sets are targeted to answer only one question; which item the customer might buy?

Many of today’s industry experts are optimistic on machine learning’s power to revolutionize cyber security aspects.

Stephen Newman, CTO at Damballa is one of those persons. He’s sure about ML’s potential to solve advanced threat problems like infected machine identification in a corporate network. In a Dark Reading article, he quotes like this

“A system can watch the traffic going to and from connected devices. While some of the outbound traffic goes to potentially malicious websites, this one piece of evidence doesn’t prove that the user device is infected. This data must be viewed and weighed in context with other evidence”

There are exceptions also.

See what Simon Crosby (CEO of Bromium inc.) has to tell. In an article published in Dark Reading, he argues “Machine Learning Is Cybersecurity’s Latest Pipe Dream”. He concludes that article like this.

“Post-hoc analysis of monitoring data cannot prevent a vulnerable system from being compromised in the first place”

In the coming years, hope we can see more interesting developments in machine learning sector. Algorithms used in machine learning should be superior- enabling us to easily take decisions on data, not from personal intuitions, and to develop a transparent cyber security policy for the firms.

Whaling and Spear Phishing: Rethinking Cyber Security at a Corporate Level

Internet Phishers are transforming –by adopting more focused, more systematic levels of cyber-attacks. Due to the same reason, the terms Whaling and Spear Phishing are more or less common in the cyber security world.

What about a time travel and dig on the roots of these terms?

Yeah. Let’s proceed.

It was in the midst of 90’s, a new type of email scam “Phishing” bewildered the internet world. From then, almost 2 decades (still continuing), it’s been a favorite method used by fraudsters to get sensitive information.

As the cyber world advances through years, the nature and volume of phishing were also changing. Spear phishing was the first. It has been here for a long period of time. Its inception can be closely tied up with the rise of social engineering channels. And this can be simply defined as an “E-mail spoofing that targets a particular organization or individual for financial benefits or to access corporate or personal information”.

Norton quotes spear phishing like this.

“The spear fisher thrives on familiarity. He knows your name, your email address, and at least a little about you.”

It was in January 2015, Charles Harvey Eccleston, a former employee of the U.S. Department of Energy, had accused of attempting spear phishing emails to many of his colleagues. All those emails were embedded with malicious programs. The systems that Eccleston targeted were contained so much sensitive information. Eventually, the case grew to a federal crime level.

Below, you can see a sample spear phishing email.

Whaling and Spear Phishing
Image credits: flickr.com

Now Whaling. Perhaps, it’d be better to refer “gambling whaling” rather than sea whaling for the origin of this term. In gambling, high-stake rollers are generally known as whalers or more simply big fishes.

Whaling is somewhat similar to spear phishing in terms of its “targeting” nature. But, Whaling’s targeting is more specific – to executive levels. Whalers unlike common phishers, do not generally target bank credentials or financial assets (At least, visibly). The intention of most of the whaling attacks would be to divulge confidential company information.

Why does Whaling need to consider more seriously?

Whaling and Spear Phishing
A sample whaling e-mail Image credits: codemakit.com

 The content of a whaling email will be hard to ignore. It might be in the form of a consumer complaint, legal subpoena or something that looks like a credible message. The source of the email will be cleverly masqueraded from a legitimate business authority. It may contain either malicious attachments or links to destructive pages.

Whaling Attacks- The beginning

Perhaps, the first reported whaling incident would be 2008 FBI subpoena whaling scam. About 20,000 corporate CEOs were attacked on this planned strike. Out of this CEOS, about 2000 executives were forced to open the whaling link. As a result, a key logger was installed on victims’ machines, and it easily took their passwords. Many of their companies had to face repeated hacking incidents after this.

Here’s a whaling incident happened on 2010.  After researching family backgrounds of a system admin, an attacker sent him an email on the discount of a premium health care plan intended for large families. Since admin had five kids, he couldn’t find anything wrong in opening the form associated with the mail. But, there was a malware embedded within the form. This allowed an attacker to intrude into admin’s corporate network and to access sensitive information easily.

Current Scenario of Whaling Attacks

Mimecast, one of the top email security providers had conducted a research in December 2015. Its results were the warnings of heightened whaling threats.

These are the results.

  • Within the last three months, the volume of whaling attacks has increased to 55%
  • Most popular type of whaling attack is Domain-spoofing (70%) while the least is top-level domain squatting (16%).
  • 72% of the whaling attacks are pretended to be the CEOs.
  • Gmail accounts (25%) are preferred by Whalers. Yahoo (8%) and Hotmail (8%) are also on the run.

Feasible Solutions a Company can take to Safeguard from Whaling and Spear Phishing Attacks

  • Awareness to Action: Senior level executives of a company should aware of the possible consequences on the specifics of this attack.
  • Client Certificates: Verify the authenticity of incoming emails by examining client certificates.
  • DNS Alerts: You can opt for DNS alerting services to know if somebody registers a domain that closely resembles with your corporate domain. If possible, consider getting all the available TLDs for your company.
  • Email Filtering: Setup an email filtering system for your company so that you can flag emails sent from close looking domains.
  • Mock Tests: Carry out mock whaling attacks within your organization. It’ll be useful to see how vulnerable your company is.

What’s your suggestion to safeguard your company’s most valuable assets?  Join a discussion on twitter with @safewithtech and @iambrianfelix.