Sign up to save your podcasts
Or
Share episode one, Signal Gate, from a Cyber Security and Operational Security Point of View
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
episode one, Signal Gate, from a Cyber Security and Operational Security Point of View
Welcome to the Prehnetics Network and device security Podcast,
Episode one, Signal Gate, from a cyber security and Operational Security Point of view
I’d like to discuss the Signal gate leak, we will try toavoid any legal or political discussions.
The Three Main Aspects of Cyber Security are abbreviated (CIA)
C for Confidentiality
Restricting Access and Disclosure of Sensitive Information
I for Integrity
Accuracy, Consistency, and Reliability of Information.Signal does not have an error checking mechanism.
A for Availability
Ability of Authorized users to Access and use Informationwhen Needed
• CIA in relation to Signal
• C Confidentiality
• Signal relies on its encryption to limit access to the information , and signal relies on the members of the group to limit access to the information.
• I Integrity
• Not a Signal feature
• A Availability
• Signal deletes messages after they are read, messages not easily retrievable
Where was the Opsec?
Operational Security
• Protecting sensitive information from unauthorizedaccess
• Ensuring that adversaries cannot gain an advantage by understanding an organization's capabilities and intentions
• Confidentiality was not met, the press was given access to the group chat, potentially exposingUS intentions
• It is not clear if the breach was a hack, the results of a malicious insider, or amistake by the group admin(s)
• The contact data of some on the group chat, is accessible on the internet, makingthe group an attractive target, if it was a hack
• Obscuring contact data is a key component of Opsec, since most of the members were public figures before they were given access to sensitive information, they should have gotten secondary contact information.
How can I beef up my Opsec?
Identify Critical Information
• Determine which information, if disclosed to an adversary, could cause the most harm or lead to the most damaging exploitation.
• Use a graded approach when protecting information
Critical Information could include travel plans, negotiationstrategies, deployment strategies
Analyze Threats
• Identify potential adversaries and their capabilities and intentions to collect,analyze, and exploit critical information. Often this will be non alliedforeign entities
Analyze Vulnerabilities
• This involves identifying weaknesses in your organization's security that could be exploited by an adversary.
Vulnerabilities to include publicly available information, password strength
Assess Risks:
• Evaluatethe likelihood and impact of an adversary exploiting dentified vulnerabilities
• Riskis often defined as consequences (1-4) times consequences (also 1-4) and may include monetary risk, reputational risk, operational risk
Apply Appropriate Countermeasures
• Implement countermeasures to mitigate identified risks and protect critical information.
Counter measure to include stronger admin controls,awareness, DLP (Data Loss Prevention) stronger passwords, 2 factor identification (authenticator stronger then text) purging publicly available information
Remember, if you like this podcast, tell your friends andhit the like button, and subscribe. If you think there are things I can improve, please comment here, or in my youtube podcast Prehnetics, Network and device security. Thanks for listening.
View all episodes
By John PrehnWelcome to the Prehnetics Network and device security Podcast,
Episode one, Signal Gate, from a cyber security and Operational Security Point of view
I’d like to discuss the Signal gate leak, we will try toavoid any legal or political discussions.
The Three Main Aspects of Cyber Security are abbreviated (CIA)
C for Confidentiality
Restricting Access and Disclosure of Sensitive Information
I for Integrity
Accuracy, Consistency, and Reliability of Information.Signal does not have an error checking mechanism.
A for Availability
Ability of Authorized users to Access and use Informationwhen Needed
• CIA in relation to Signal
• C Confidentiality
• Signal relies on its encryption to limit access to the information , and signal relies on the members of the group to limit access to the information.
• I Integrity
• Not a Signal feature
• A Availability
• Signal deletes messages after they are read, messages not easily retrievable
Where was the Opsec?
Operational Security
• Protecting sensitive information from unauthorizedaccess
• Ensuring that adversaries cannot gain an advantage by understanding an organization's capabilities and intentions
• Confidentiality was not met, the press was given access to the group chat, potentially exposingUS intentions
• It is not clear if the breach was a hack, the results of a malicious insider, or amistake by the group admin(s)
• The contact data of some on the group chat, is accessible on the internet, makingthe group an attractive target, if it was a hack
• Obscuring contact data is a key component of Opsec, since most of the members were public figures before they were given access to sensitive information, they should have gotten secondary contact information.
How can I beef up my Opsec?
Identify Critical Information
• Determine which information, if disclosed to an adversary, could cause the most harm or lead to the most damaging exploitation.
• Use a graded approach when protecting information
Critical Information could include travel plans, negotiationstrategies, deployment strategies
Analyze Threats
• Identify potential adversaries and their capabilities and intentions to collect,analyze, and exploit critical information. Often this will be non alliedforeign entities
Analyze Vulnerabilities
• This involves identifying weaknesses in your organization's security that could be exploited by an adversary.
Vulnerabilities to include publicly available information, password strength
Assess Risks:
• Evaluatethe likelihood and impact of an adversary exploiting dentified vulnerabilities
• Riskis often defined as consequences (1-4) times consequences (also 1-4) and may include monetary risk, reputational risk, operational risk
Apply Appropriate Countermeasures
• Implement countermeasures to mitigate identified risks and protect critical information.
Counter measure to include stronger admin controls,awareness, DLP (Data Loss Prevention) stronger passwords, 2 factor identification (authenticator stronger then text) purging publicly available information
Remember, if you like this podcast, tell your friends andhit the like button, and subscribe. If you think there are things I can improve, please comment here, or in my youtube podcast Prehnetics, Network and device security. Thanks for listening.