We live in an age of unprecedented interconnectivity, and this has given rise to equally unprecedented danger. The nature of technology has changed. While we regularly used devices without understanding their inner workings, (cars, microwaves) we could at least estimate the limits of their misuse.
This has changed with the personal computer. We now have a device that can tap into the biggest information network on the planet. Personal computers allow us to communicate, learn, work, and play from anywhere. However this interconnectivity comes at a cost: As we open the door to reach outward, so too can the network reach in.
Therefore we must mount cyber defenses to protect our digital information and online services, lest our information be leaked, our privacy breached, our productivity stalled, our work disrupted, and our confidentiality ruined.
Recent news in cyber security
Vulnerability: The WooCommerce plugin for WordPress has breakable authorization
WordPress is a content management system that powers approximately 30% of websites [W3Techs] on the internet. It is a complex system of interacting modules which can organize and serve content. Because WordPress is so popular, it is important to pay attention to security flaws which affect its modules, because they can be exploited by malicious actors.
The WooCommerce plugin, which powers 35% of e-commerce websites, has such a security flaw. Activating the WooCommerce platform would install privileged “Shop Manager” accounts, which have the privilege of file deletion, but their power is kept in check by a limiter within the WooCommerce plugin itself.
The problem occurs when WooCommerce is disabled. It would leave behind the privileged accounts, but would not keep the limiter on their account privileges. Therefore, shop managers could delete and reset the admin account, thereby gaining access. Additionally, shop managers can trigger the disabling of WooCommerce by deleting a specific file.
Now, this vulnerability does require that the attacker have access to a shop manager account, so it’s not like random people can just waltz into a WooCommerce website and take it over.
If you run or are associated with a WooCommerce website, please ensure that your WooCommerce plugin is updated to version 3.4.6.
Broken SSD Cryptography: Watch your hardware encryption!
Encryption is of fundamental importance in the modern era. It is a way to “lock” information, by leveraging the power of intractable mathematics. This was once exclusive to spy novels, but now it is the most popular way to secure digital data, and keeping our data private and confidential is of great importance. We need to keep our customer records safe, our bank details private, and our personal lives away from prying eyes.
However, encryption loses all its strength if not done properly. This happened recently with some Crucial and Samsung self-encrypting solid-state drives, which use hardware encryption to make it easier and faster.
The problem with hardware encryption is that it uses proprietary hardware which implements hidden cryptographic schemes, so it is difficult to verify that the manufacturer has done their homework with regard to cryptographic security.
Software encryption, on the other hand, is easily distributable, often open-source, and uses a standard encryption method such as AES, 3DES, or TwoFish. It can be done on any computational platform, so it is portable.
When given the choice, you should opt for software encryption, because it leaves fewer variables to chance. Only if you trust the diligence of the hardware manufacturer, should you use hardware encryption.
Vulnerability: Bluetooth devices from Texas Instruments using BLE protocol can be taken over
If you’ve bought a device (such as an access point) which uses Bluetooth Smart (also known as BLE), please check the websites of Texas Instruments and Cisco for security updates, or patch your router if it includes a self-patching option. If this is impractical, consider disabling Bluetooth on these devices.
From this story comes a sobering lesson about IoT technology: how can we make it resilient to remote attackers? If your appliances are connected to the internet, then how much thought is being put into defending them against malicious agents?
How to defend against cyber security threats
Tokyo Techies believes that every organization needs to raise its employees’ cyber security knowledge and capabilities. The technology is advancing fast, to the point where the employees become the weakest link in security. The best way to strengthen your defenses is to invest in your own security knowledge and awareness. We believe that all IT engineers should learn how to hack in an ethical way. By learning about hacking methods (and applying them ethically!), digital citizens and employees will learn the main methods which malicious hackers use to compromise computer systems, so they will be better equipped to defend against them.
Employees should know how their communication networks work, how to deal with wireless networks, access points, and virtual private networks. From studying communication protocols, employees will be better able to select proper communication channels.
With knowledge in encryption and brute-forcing tools, employees will be better able to make and use passwords which are resistant to such attacks. Passwords are the most popular method of authentication on the internet, so it is important that digital citizens know how to use them.
Digital citizens need to know about authentication technology so that they can be sure that they are actually communicating with real people and real companies. Knowledge about digital certificates, end-to-end encryption, checksums, and how to leverage two-factor authentication, will help you and your coworkers ensure that confidential information is not leaked.
Malware is becoming a serious issue, costing the economy billions of dollars. Malware is any software that is designed to act in a harmful way. Malware comes in many forms. Malware can spread itself automatically (virus/worm), it can steal information (spyware), it can encrypt and ransom information (ransomware), and it can overload servers or connections (botnet). Employees should proactively set up safeguards against malware and should be critical of the software on their devices, to contain and prevent infection.
Cyber Security at Tokyo Techies
At Tokyo Techies, we would like to train you to understand and defend against cyber security threats. With that, we would like to invite you to our upcoming cyber security workshop, taking place on November 26-28.
You can stay in the loop at Tokyo Techies Facebook page at https://www.facebook.com/tokyotechies/