Category: Social Media Cyber Security

Posted on

Cyber Security | Reputation Control For Regular People

triangle-e1426269017684

Cyber Security.

Reputation Control.

Two terms laden with secret meanings and often high (sometimes perceived) costs to remediate dangerous and or embarrassing situations. Bad things resulting from hacks of digital networks, devices, identity theft, corporate espionage and other digital crimes and forms of cyber attacks.

After almost 9 years of offering cyber security and reputation control services to larger companies and governments; it has become clear that there is a very specific and unmet need for regular people to get access to premier cyber security services.

I literally cannot count how many late night phone calls, emergency text messages and social media direct messages from regular people. They are people who are often part of a larger organization, but are not given access to the cyber security their company or agency purchased or only a small part. These calls and messages often involve personal cyber security questions, or ones relating to family members or friends.

Visit the Digijaks Cyber Security Store to find out which level service works for your needs. All communications and payments through the store are fully encrypted.

It is quite evident that most large companies and government agencies invest in cyber security for their networks and devices.

But regular people are often left out of the equation. Beyond the basic training needed for the specifics of their company or agency, there is little to no specific training for people to access for their own needs. That is if they get any basic training at all. Many high level executives tell us they receive a few hours a year at best of any substantial training. The lower you go in the corporate and government pecking order, the less likely people get cyber security or reputation control training at all.

Most people who work for smaller companies, NGOs, academia and or state and local governments also receive little to no specific training at the people level.

What happens if your kid has a cyber bullying issue? Or your identity gets compromised? Or you or someone in your family accidentally clicks on malware laden links, or a well crafted phishing email? Who do you turn to?

Digijaks decided to create products specifically aimed at you. To help you prepare and defend against attacks on your reputation, cyber attacks on your personal devices and or family and to help mitigate when and if something happens.

We created price points accessible to individuals and families alike. Most other cyber security companies do not offer such family cyber security. Just click on this link to get started. Thank you!

 

Posted on

Cyber Security of Weaponized Media in a Socially Engineered World

cropped-cropped-cropped-cybertalkbanner-e1508906208519.jpg

I.     Introduction

The world is seeing an ongoing multi-faceted cyber attack(s) (social engineering) that uses weaponized fake media, digital false flags and other digitally obfuscated materials. These attacks stem from nation states, paid hacker cartels and mercenary hackers globally. These cyber security attacks utilize social engineering, weaponized media and fake media. We have been studying these socially engineered attacks since 2009, and have created unique responses to them.

II.    Main body

The Green Revolution of 2009 in Iran marked the first known use of weaponized social media. The Government of Iran utilized Twitter to get western citizens to spread their propaganda.

Fast forward to 2016, where USA itself was attacked through long term, dedicated weaponized media cyber assault on our democracy; and government alike by Russia and its agents. This attack continues with multi-faceted usage of fake media, bots, fake social media and malware laden content on these sites.

The final outcome is still under investigation, but it is seen as a major win for Russia intelligence groups, and a major loss for the USA.

In the 2016 attack on the USA, innocent citizens were co-opted to spread weaponized media that had either been previously illegally exfiltrated or was fake to begin with.

Some might say this is a soft attack, not vitally important as a hard cyber attack on a network, grid or infrastructure, that is simply not true.

In fact, these attacks are proving to be just as lethal as more traditional cyber attacks. Socially engineered attacks often mask other types of attacks as well – like DDoS, MiTM and malware/wipeware.

However, socially engineered attacks now account for more than 50% of the beginnings of all cyber security intrusions and breaches.

                                                                              III.   Conclusions/future steps

How does USA protect itself from such asymmetrical attacks in future?

With explosion of IoT Devices has come a parallel explosion of attack surface areas, many of which are simply not protected.

With the explosion of social media platforms and content being shared has come a parallel explosion of attack surface areas, most of which are not secured or protected. But many social media users operate under a belief that they are fine because “the big companies are protecting us.”

This is a false belief, and users, both government and individual need to take drastic steps to protect these accounts and platforms.

Should the USA Government sponsor Human/digital trainings to help protect and defend against socially engineered attacks?

How do regular people tell difference between real media/faked media? How do leaders weed out bots, automated accounts from real?

What steps can USA take today; tomorrow to prevent ongoing and future socially engineered cyber attacks?

 

 

Based on proprietary research at www.digijaks.com and through extensive work with clients who are dealing with and or have dealt with such attacks.

Posted on

Digijaks CEO Alan W. Silberberg Interviewed by Associated Press about HBO Hack

 

2 Cyber security expert says HBO hack is huge (2)

See the video below.

Posted on

Modern Information Warfare Hits Hard

2016 was just the latest in #cyberwar; and #informationwarfare attacks where even bills were introduced in Congress. It has been ongoing as long as there have been digital mediums and technologies; and information distribution technology. My company saw it happening last year and got more and more concerned as the election grew closer. We literally wrote letters to people in government, people at the DNC and elsewhere, basically yelling as loudly as we could that the #USA was being cyber and information warfare attacked.

 

As a cyber security, and weaponized information expert – it was all too clear what was happening. It has left a feeling of being sick in the stomach for a year now, and this feeling has not abated. Because it has not ended. For millions of Americans and millions of people around the world too.

 

The Unites States is witnessing both the worst and best it can show at once. The worst by all the traitors amongst us: those pretending we were not just victims of a non lethal act of war.

 

The best by all those in and out of government banding together to excise the cancer from the nation; regardless of the risks and dangers.

 

Some cyber and information warfare players have been better than others. Some have taken a longer term perspective than others. Nation states that have invested heavily into cyber technologies and offensive information warfare technologies are multiplying every year.

 

It is not just the domain of: Russia, Iran, North Korea, China, Ukraine, the UK, France, USA and other large or technologically advanced countries. It is now the domain of any country who decides to invest in the people and the technology and take a longer term view than the average hacker for hire.

 

Sun Tzu believed that “all warfare is deception,” — but where does that leave the average person; who does not understand they are caught up in forces through control of information; that they can neither understand or ever hope to control?

 

I spoke at the US Army CyberTalks in NYC in 2016 on “Global Cyber Security on Earth and in Space.”

One of the points I made; was that almost all of our lives are not just locked up in databases in offices or on the cloud somewhere. But indeed, flying through the ether every millisecond of our lives. Hundreds of companies; and dozens or more countries have the capabilities to hack into it, to manipulate it, change it and even delete. 24 hours a day, with lots and lots of ways for data to be intercepted, changed, made into FUD. (Look it up – means F*#$ed Up Data) – or just simply deleted. Not to mention when the data flying through the ether becomes weaponized by either a Nation State or a Company or a bad actor group or individual with ill intent.

The implications on the types of information warfare that Russia is enacting on the US and the Western Coalitions; is that it is multi level, persistent, and consistent. It is coming in through a combination of weaponized social media, fake websites, fake news, automated bots as well as hacking, intrusions and exfiltrations of data that then become weaponized. It is happening in multiple countries, with a huge budget and thousands of people behind the execution of it. This was the path the Russians took in 2016: a multi pronged effort, all across the United States, focused on Federal, State, and Local authorities. This included national and state political leaders, parties and their allies, as well as election vendors and election technology across the spectrum.

To be extremely clear, the efforts that Russia leveraged as non lethal acts of War against the USA – are still ongoing. They never stopped. Indeed, 2016 was just a continuation of Russia’s long game in cyber and information warfare.

So now we need to take action steps as a country to come together. We need to put aside political partisanship and simply deal with what we have to deal with in terms of investigations and cleaning house. Of all those who played a role in the greatest act of treason since Benedict Arnold tried to give West Point to the King’s Army. All of the people in the United States who played any part in supporting this treasonous Act of War should pay.

Just like General Arnold did.

This is a time for the decision to be made. Are you Partisan, and metaphorically selling out West Point by supporting those who sold out the USA to Russia?

Or are you a Patriot — and going to fight for your country to not disappear by virtue of some digital exhaust of ongoing, persistent information warfare + cyberwar?

Nathan Hale was America’s first spy to be killed in action. When being hanged by the British – he is reported to have said this most famous quote: “I only regret that I have but one life to lose for my country.” Hopefully none of us have to be in such a dangerous position. But we are in a place in history where Patriots are already at work, saving our country.

What are you?

 

*When your kids ask you what you did to stop this non lethal act of war, what will you say?*

Posted on

Digijaks CEO Speech at US Army CyberTalks NYC

 

Posted on

#CyberSecurity #DigitalDiplomacy 2017

#Digitaldiplomacy and #Cybersecurity on a Rough Patch in 2017.

The last several years have seen an explosion of digital diplomacy tools and techniques. This is driven by an ongoing growth in technology platforms; and social media combined with the increased numbers of world Governments adopting open data and open government principles. There has also been a parallel explosion in fake social media, fake news and fake information being propagated globally.

The effect of the combined forces is that cybersecurity is now playing an even more vital role in digital diplomacy. Where digital diplomacy just a few years back was between recognized principals of Governments, now there are lots of other players trying to make that communication much more failure prone.

Additionally we now have leaders using Twitter and other tools to communicate directly with each other and or to directly go around the news media.  Just in the first few months of 2017 alone, we have witnessed multiple world leaders using Twitter to speak in ways that are different from the stated policies of their countries, or to put pressure on other countries through this most public of mediums.

There have been recent successes and failures. I wrote about some of these a few years back. We have also seen a tremendous growth in what I call “anti digital diplomacy” thru the concerted use of fake social media accounts, fake news websites, and fake statistics designed to make the role of real diplomats much harder.  While some of this is innocuous, much of it is organized and part of larger cyber deception plots being run by larger nation states.

Western European countries are currently experiencing the same types of digital attacks on their electoral systems, including the use of selective leaking of compromised materials that the US experienced in 2016. Which means that hacking, and hackers have been deeply involved too. One does not get compromised materials without someone first doing the exfiltration of the information from its original home.

Which brings the question of what role cybersecurity needs to play in digital diplomacy? It is a dynamic situation now with asymmetrical threats and increased attack surface area affecting the very direct communications that digital diplomacy allows.

Governments, Diplomats and the media alike need to be trained and continually updated on how to spot fake accounts, fake news, fake websites, and how to ensure only officially verified information is being transmitted through the digital diplomacy channels. Additionally steps need to be taken on dealing with constituents and the news media to ensure that fake information is put down quickly with the truth and facts to back it up.

Diplomats across the globe have already been caught up in re-tweeting fake news or getting trolled by fake accounts. But there needs to be a verification role too, that is played with the public, especially in terms of proving the falsity of fake information being purposely distributed.

Further, steps need to be taken to lock down accounts with two factor authentication, very strong passwords and strict internal organizational controls on who uses the digital diplomacy tools and how.  Cybersecurity needs to be incorporated into every decision and every level of communications, both internally and externally.

Finally, Governments and Companies around the world need to adopt a rapid response routine to deal with both fake news and fake information coming from non-official sources, as well as from official sources or official twitter accounts. The World now has several leaders who seem to want to try to use Twitter to go around their local politics and news media and or tell the world an un-true or incoherent story. If Diplomats are not ready to respond to falsities or cyber-attack driven leaks quickly, then they will be playing a constant game of catch up. True for the news media and global citizens alike.

Posted on

Talk at GEOINT 2016 by DIGIJAKS CEO

B4CxEZ6CUAAHCqr.jpg large

Posted on

Global Cyber Security On Earth + in Space

Networx

**Excerpt from a talk by Digijaks CEO Alan W. Silberberg at the 2016 GEOINT Symposium.**

When you think of Cyber Security you probably think about your iphone getting hacked, or your email, or your companies servers, or your credit card, or bank card or health care, or banking, or government information plus so many others…

But did you ever stop to think about how a huge chunk of all the data populating all those things actually gets there? Not in the sense of how Google asks prospective employees to describe how the internet works. But close. Think Space.

Satellites are massive growth industry, for both government and business alike. We have scaled globally from a situation 20 years ago where only a handful of countries could afford to mount in orbit operations on even one satellite.

Now there are literally thousands of satellites in space with more and more getting launched into either permanent or semi permanent orbits — along with resulting real space junk and debris following closely along.

There is a correlation of increased launches with smaller launch packages, increasingly smaller and lighter satellite platforms and lower cost; with massive increased consumption and transport of data in both up and down link; and other bands.

All of this has led to a reset of the cyber security needs surrounding ground stations, launch facilities, terrestrial platforms, satellites, rockets, and of course the data. There are multiple types of data flowing into the typical modern communications satellite. Up-link, down-link controls and management software, then data payloads of voice, video, data, etc + then often reversed in direction again. Add to this the security levels, the control levels and maintenance levels — and there is a digital river of information coming in and out of every satellite, ground station and in between.

This is one of the major targets for global cyber war efforts by governments as well as cartel hacker groups and other groups seeking only power and information to then bring money.

One of the key weakpoints is the people on the ground and their BYOD (Bring your own device) methods + practices – whether sanctioned or not.

Along the same lines is the social engineering side of hacking and cyber war and how people’s pictures, social media posts, location tags, and other digital exhausts can be combined in a detailed matrix for an attacker to figure out organizational patterns, phrases, colloquialisms and other ways to use psychology against us.

Another key weakpoint is that many of the cyber security protocols designed for this global data transfer every milli-second is that they are simply outdated and not up to the task of modern efforts to hack and crack this technology and its safeguards and firewalls.

Follow my remarks in a few more weeks to hear more on the very real risks being posed by the explosion in satellites and data flowing between Earth and Space. Indeed, Global Cyber Security is on Earth + Space.

 

Posted on

Reputation Cyber Security of IoT.

Ah, the Internet of Things.

Just the sound of it sends thrills, chills and huge question marks through both technologists and regular people alike.

Just think, you can already do the following:

  • Track your health.
  • Track your kids.
  • Track your home.
  • Talk to your fridge.
  • Talk to your car.
  • Have your fridge, oven, and tv connected to your smartphone, not to mention the video doorbell.

I could go on with this list. But why bother?

The Internet of Things, or IOT as it is called in the media, by analysts and techies alike is an amorphous concept and does not easily translate into everyday speak for the average person.

There are cybersecurity concerns with the overlapping inter-connectedness that are growing exponentially by the month; as more and more devices come on line, get connected to the Internet. Many if not most have little to zero security protocols built in.

There is no current “IOT cybersecurity standard” or anything close. As a result, the apps and tools that seemingly make your life so easy, are in most probability leaking, if not pouring personal information about you or your family onto the internet in ways you may or may not be aware of.

There are reputation control and reputation management issues arising from both the above mentioned inter-connectedness as well as from some basic common sense things that come from having devices connected to the Internet and talking to “home” or each other in ways that also reveal identity, location and other personal information. Some of these IOT apps and tools even tweet or post other social updates for you as reminders, alerts and other pushed out information into public or semi public arenas.

So ask yourself 5 Major IOT for Reputation Questions:

  1. Does everything have to be connected to everything and what happens with a point of failure or with multiple points?
  2. Even if you want to track your whole life, does it need tracking?
  3. Does the good of the device in your life outweigh the bad of the cybersecurity or reputation risks?
  4. Do your kids’ need this tracking on them and beyond knowing where they are, do you want your kids’ information in companies with weak or zero cybersecurity protections?
  5. Do you want your kids’ information broadcast out to the Internet because of auto update or bot tweeting something?
Posted on

Global Cybersecurity + Venture Capital

We live in a hyper-connected world that brings the globe to you; and you and your family to the globe at equally fast speeds. While on one hand, any one of us can access the internet, through any number of tools, platforms, technology and software and almost any combination too. But on the other hand the internet can and does access us, and all of our information, every minute of every day. Probably more than you and your family access the internet.

One thing that is growing in need and in reality is the international and cross cultural aspects of Cybersecurity. For example, businesses and governments alike in the US and in Israel face similar challenges within similar robust telecom and economic environments. 15 years ago the idea of US and Israeli Cybersecurity companies working together seemed remote or exotic. Speak to anyone in Cybersecurity, and it won’t take long for the Israeli Cybersecurity community to come up. True for Venture Capital in Israel too.

Dr. Orit Mossinson, a Venture Capitalist + founder of Dalai VC – A VC firm that specializes in Cybersecurity – had this to say: “Bringing Israeli Cybersecurity companies through capitalization to becoming the leading edge of how to combat cyberwar efforts, is just beginning. Over the next few years there is going to be massive growth in this unique space.”

My company Digijaks is constantly working with businesses and governments on Cybersecurity. What applies to big business or governments applies to people and families mostly too. That is true in the USA, Israel, UK, Canada, Japan, Singapore, etc,  or any nation considered 1st world with full internet access.

Within as long as it takes to blink an eye, you or your family can get caught up in a Cybersecurity breach leading to a Reputation and search breach. It does not take much, and is not the sole domain of big companies being targeted. Ask yourself, do you have wifi? Is it secure? Do you have devices? Run a business? Pay taxes? Do Online Banking? Any of the above could be the entry into your life by a hacker.

This might sound hard to believe in the era of downloadable feature films in a few seconds and the huge amounts of data coming “down” the “pipes” to our devices. But for every bit of data coming in; we are pouring it right back through apps, games, web browsing, file uploading, liking, tweeting, sharing, and videos and not to mention the IoT — as in your tweeting fridge and internet sharing toaster. Don’t even get started on the lack of cybersecurity for IoT globally. Because there is none. Or very little of note.

There just is not any in most of those devices or apps yet. Don’t kid yourself or mistakenly think you or your families are not being monitored and watched through the IoT. The more devices you have connected, the scale of magnitude of potential monitoring and watching is exponential.

Several years ago the digital exhaust of the average first world person with access to the internet was less than 1000 data points per person roughly. Now scale upwards and it is closer to 20,000 data points per person in their digital exhaust. How many companies are tracking these, and or reselling them to other groups? How many governments? How many hacking groups? Extortionists? Kidnappers? Digital Money Robbers?

When we get invited to address groups about Cybersecurity, they always want to know about their specific devices. Is this safe? Is that dangerous? Cybersecurity is one part hardened data, encrypted data and secure data transport. It is also one part human. Increasingly so, with socially engineered attacks such as phishing and drive by malware hosted on social media or in apps. The human element is about training employees, about families working with each other to be private and safe online and is about the fact that humans will and can get tricked by their own emotions and desires. This is what makes social engineered attacks so pernicious.

They are not about weak data points or lack of encryption. They are about our human frailty and how it gets exploited by digital tormenters.

Think about it. What if a Stuxnet-like custom designed cyber war tool; were to take out all the SCADA devices in a particular city? Or take out a particular industry like oil and gas or electrical generation; or at 50 hospitals at once? The problem is every unsecured SCADA device is also listed in multiple places to be publicly found on the internet, not even the dark web. 7 million + devices, terminals, industrial control centers, power plants, factories, utility grids and transportation and information networks are to be found just by searching.

Bring the best of the best together and create new environments in which they can work together to stop a global scourge of cybersecurity breaches and the resultant reputation and search breaches that follow every attack.  True in the USA and true in Israel. The world is looking at the very beginnings of a 3rd World War. This one is invisible mostly, harms people in real life sometimes, yet is being conducted by numerous countries, companies, and criminals all at once against each other. Now is the time to start combining the best of the best and the brightest.

0

Your Cart