Russian soldiers stole 5 million worth of agricultural equipment from the Ukrainian city of Melitopol. dollars, but after transporting it to Chechnya, they realized that they could not use it - the American manufacturers John Deere tracked the tractors by GPS and blocked them remotely. Meanwhile, the Ukrainian watched on his Apple account as Russian soldiers left for Belarus with his stolen AirPods. These are just two examples that remind us of the burning question – do you really always know what information your technology is collecting and transmitting about you?
"Modern smart technologies have wide possibilities, one of them is to determine the location of missing devices, even if they are in another country or turned off," says Laimonas Krivickas, director of the international transformative technology company Zenitech.
On the one hand, it helps to find lost or stolen items, but on the other hand, is it always safe for the users themselves? Information security expert, docent-practitioner, dr. Tautvydas Bakšys notices that these everyday risks are not always understood, so we need to talk more about the security of devices.
How is the technique tracked?
The location of the stolen AirPods in Belarus allowed a Ukrainian to be traced using the Find My technology developed by Apple - the headphones were registered in this program and linked to an Apple account. Technologies based on a similar principle have been implemented by other manufacturers, for example, Samsung has Find My Mobile.
Find My technology allows you to locate devices using Bluetooth beacon technology and based on nearby Apple devices with GPS functionality and Internet access. New-generation Apple products with Bluetooth functionality (eg iPhone, iPad, iPod touch, Apple Watch, AirPods, AirTag, iPhone Leather Wallet) send a specialized Bluetooth signal at a frequency set by the manufacturer, technological messages that fixed nearby Apple devices," explains Dr. T. Bakshys.
When a device detects this Bluetooth message, the data, including its GPS coordinates and information identifying the device that sent the message, is encrypted and automatically transmitted over the Internet to Apple's servers. A user signed in to their Apple account can then see the location of the device - even if the phone is turned off, for example.
The approximate location of a mobile phone can be determined even if it does not have GPS functionality - but only if there is a call. "When making a connection, the mobile device connects to the nearest mob. communication base station - based on the power and propagation characteristics of the signal sent by it, its distance from the station can be roughly estimated," explains Dr. T. Bakshys.
However, if flight mode is turned on and mob. connection, the ability to determine the location of the device using mobile. connection characteristics information does not remain.
How to protect yourself?
Although the technologies that help to find the technique are important, convenient and modern protection mechanisms are applied to them, dr. T. Bakšys warns: there are cyber security loopholes, and they can be used against users.
How to protect yourself from it? First of all, according to an information security expert, when choosing equipment, you should pay attention to the manufacturer's reputation - how it deals with issues related to cyber and information security, whether there are any signs that allow you to doubt the manufacturer's reliability.
"For example, Apple has implemented data protection solutions in Find My technology - the devices use quite complex encryption mechanisms to prevent third parties from identifying or tracking devices based on its Bluetooth signal, and also limit Apple's ability to track the devices' location." , says dr. T. Bakshys.
It is no less important to track software updates and install them, follow the manufacturer's recommendations for using the technology when using the technique.
"Also, those technological solutions that connect and transfer data to countries that do not apply the General Data Protection Regulation (GDPR) or other corresponding laws protecting the privacy of user data should be carefully evaluated," the information security expert emphasizes.
Damage is not always easy to spot
According to dr. T. Bakšios, applications with installed malicious functionality - viruses, spyware, ransom packages, etc. pose an extremely great threat to user security.
"The worst thing is that it is often difficult to notice the beginning of the malicious activity of such applications. Applications can carry out harmful activities (such as collecting and sending private data to third parties, destroying or illegally encrypting information on the device, etc.) with a relatively low intensity, compressing the data (which makes it possible to reduce the visibility of the outgoing data stream) and send it via an encrypted connection. In certain cases, it is possible to receive control instructions remotely at any time, which will allow the application to perform harmful activities," the information security expert warns.
There are also known cases where an application with no direct malicious functionality collected and sent potentially redundant information (including GPS) from a user's mobile device to third-party servers registered in countries where the GDPR is not in force.
"The very first step to protect yourself is to pay attention to its manufacturer, country of origin, and to familiarize yourself with the rules of use before installing the application. This can help to create a picture of the application being installed and to assess its potential risks", recommends Dr. T. Bakshys.
New challenges due to the war in Ukraine
According to the expert, the war in Ukraine undoubtedly aggravated the situation in cyberspace, and not only in warring countries. For example, a large-scale cyber attack on a satellite military link in Ukraine on the day of the invasion also had a negative impact on the pan-European satellite network.There are also known cases where an application with no direct malicious functionality collected and sent potentially redundant information (including GPS) from a user's mobile device to third-party servers registered in countries where the GDPR is not in force.
"The very first step to protect yourself is to pay attention to its manufacturer, country of origin, and to familiarize yourself with the rules of use before installing the application. This can help to create a picture of the application being installed and to assess its potential risks", recommends Dr. T. Bakshys.
New challenges due to the war in Ukraine
According to the expert, the war in Ukraine undoubtedly aggravated the situation in cyberspace, and not only in warring countries. For example, a large-scale cyber attack on a satellite military link in Ukraine on the day of the invasion also had a negative impact on the pan-European satellite network.
"This attack indirectly affected several thousand devices in around 20 European countries. One example of this is that the remote monitoring and control of almost 6,000 wind turbines in one member state was affected," points out Dr. T. Bakshys.
Currently, according to him, the situation in the cyber space in Lithuania and the region is stable, but the risk of cyber incidents remains high, especially since the spectrum of attacks can be very wide: they can be directed against the systems of the state, companies or private individuals.
According to dr. T. Bakšio, today the biggest danger is equipment management systems that are not updated, factory login passwords that have not been changed, poorly managed policies for providing remote access, and possible large-scale disinformation attacks.
"In order to reduce cyber risks, it is necessary to use reliable software products, in the development of which security quality control is ensured in addition to functionality elements. The responsibility of decision makers is one of the key elements that ensure the reliable and safe operation of products", - the expert is convinced.
The head of Zenitech, L. Krivickas, notices that there is currently an increased concern about cyber security in the market - customers apply for ensuring the security of their infrastructure resources, installing additional system monitoring and attack detection elements, asking for secure remote work (video teleconferencing platforms, VPN, user management and etc.), on cloud service security (WAF, Multi-Cloud, High Availability, etc.), interested in complex system security audit services.
"Although modern security issues are complex, complex and require responsibility in solving them, with proper and timely implementation of cyber risk mitigation measures, systems remain secure even during stressful times. At Zenitech, we have offered an innovation - security solutions are integrated in product development at all stages of work - programming, testing, installation, administration and support. This changes the flawed approach, when the security of the system is concerned only after it is installed and started in working mode", says L. Krivickas.
Zenitech provides end-to-end business solutions to its customers worldwide, helping them achieve digital transformation by offering cutting-edge digital solutions and software products. The company operates in the United Kingdom, Hungary, Romania and Lithuania.
Post a Comment