We talked about this the last time we had Winn on The CyberHood Watch Radio, CHWR…The Perfect Storm. Think of this perfect storm as digital Bits & Bytes aligning. Cyberspace is strategically positioning and connecting more than four billion users to broadband by 2012. Moreover, security was developed addressing the PC and laptop operating systems in mind, not mobile devices.
Another contributing factor to the Perfect Storm is the insecure phone companies. Why? Well, the phone companies’ mission has been to deliver silence, to hear a pin drop, not connect security.
Unfortunately, smart phones need smart users. Another factor contributing to the storm, too many clueless, uninformed, and unsecured digital devices all connected to banking, insurance, government, health care, and more. Be assured this is already happening, and according to Winn, ignoring the problem and failing to secure mobile platforms will have national and international consequences for all of us.
Cybercrime and cybercriminals are excited about the opportunity to connect four and a half billion mobile devices to broadband. Have you ever imagined the value stored in the digital vaults throughout the cyber universe. Moreover, consider the threat of its disruption…Unplugged. Now, you have to get up to change the channel on the TV – Where’s the knob? Seriously, the later mentioned circumstance is something I hope to avoid.
Here is an awareness application…
Apple does not approve apps. They verify that the app operates according to what the vendor says it does. Suppose there is, an alarm clock app that the vendor says will wake you with soothing music at the prescribed time set by you. Apple will set the time – soothing music plays at the exact prescribed time. Great, the app does what the vendor says it will do…New app available.
Unfortunately, every time that soothing music plays, it is gathering personal identifiable information and forwarding your confidential and private information elsewhere. No one is checking under the hood and verifying they are malware free apps. However, it does do what the vendor claims, it is not the obligation of Apple or the Android store to check beyond what the vendor claims.
There is an app for you?
Smart phones need smart people…there lay one of the problems. Many of the smart people are cyber criminals.
Earlier we discussed the perfect storm, and the role mobile digital devices would play in that storm. A new paradigm shift away from desktop and laptop towards the new Internet…powerful pocket rockets in the form of real time mobile devices.
As mobile devices move into the Enterprise arena, concerns for safety and security become genuine. For example, the use of small, lightweight devices (iPad) in heath care, present a real issue when exchanging medical information between hospitals, radiologists, surgeons, and remote nurses. Winn, points out that the minute you connect one of these devices to a health care enterprise all security, privacy, and what is called legal compliance that is government regulated, collapses. The only solution is to look for technology that will protect at the Enterprise level.
“Brokers, is your device compliant with the Federal Financial Security regulations? If not you are breaking laws, and potentially damaging their customers privacy”, said Winn.
What will be the affect of the “consumerization” of smart phones? Imagine the nightmare of ITs dealing with every kind of mobile device and finding the security to support it all.
Previously on CHWR, Winn talked about the explosive growth of smart phones, and how unprepared we are regarding the lack of security in place to handle the growth. Bill asked, Winn, what we might do to prepare. Unfortunately, there is no immediate answer, but this is what Winn said in his ninety-second speech at the DHS and NSA government security event in Colorado:
“Generals, in the coming years forget 2012, forget 2014. Let’s look forward to 2020, and a little bit beyond (because these guys take a little while to react).
You’re going to have five to ten billion more potential attack points coming at you.
You’re going to have five to ten billion potential more points that you have to defend against, and potentially go back and re-attack in order to shut them down, so you can defend yourself.
What are you going to do about it?
How do protect national security from five to ten billion smart phones?”
Winn then proceeded to sit down…Approximately 90 seconds.
Did you know that the cyberspace domain is the one place it is illegal to remove your adversary’s weapon? That is a thought for pause. Winn used the example about a man attacking with a knife; you can remove it and essentially use it against him in self-defense.
However, “in cyberspace, on the Internet, I am not allowed to remove your weapon. Your cyber weapon that you are attacking me with, if I attempt to remove it, I just committed a litany of crimes”, said Winn. More is said about this in the interview.
Winn’s thoughts about Craigslist and the Holidays…
This Holiday Season, Winn Schwartau wanted everyone to mindful of his recent, and personal story involving a swindle.
What is happening on Craigslist…Don’t be scammed. The overpayment fraud, occurs when you are selling an item, and buyer sends a check that is more than the agreed upon price. It appears to be an honest mistake on the buyer’s part. However, it is a deliberate attempt by the buyer to commit fraud. The buyer will attempt to get the seller to send the difference. Essentially, the buyer hopes to obtain a check for the difference, and later the seller realizes the original overpaid check is bad.
The following are important points Winn wanted to share…It will take as long as two weeks for a check to clear. It is not cleared, even after it has been deposited, and the bank allows you to draw upon the funds. If you have been a long time customer, in good standing, it is customary to allow you to draw upon the funds before actual verification.
Bottom line, Winn recommends…Don’t use checks on Craigslist, use wire transfers, PayPal, or something else reliable.
We talked about several more issues from Net neutrality to what we might expect in the next 12-18 months regarding your personal responsibility surrounding family digital security.
Your CyberHood Watch Partner
david c ballard
Radio Security Journalist
PS: I know You Care About Kids…Text* 104046 to Pepsi (73774) To Vote 4 Your Child’s Safe & Secure Digital Life. – OR – The CyberHood Watch “Good Idea”