Connect with us

Cyber Security

Alleged Member of Neo-Nazi Swatting Group Charged

Avatar

Published

on

Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in “swatting” attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.

In July 2018, KrebsOnSecurity published the story Neo-Nazi Swatters Target Dozens of Journalists, which detailed the activities of a loose-knit group of individuals who had targeted hundreds of individuals for swatting attacks, including federal judges, corporate executives and almost three-dozen journalists (myself included).

A portion of the Doxbin, as it existed in late 2019.

An FBI affidavit unsealed this week identifies one member of the group as John William Kirby Kelley. According to the affidavit, Kelley was instrumental in setting up and maintaining the Internet Relay Chat (IRC) channel called “Deadnet” that was used by he and other co-conspirators to plan, carry out and document their swatting attacks.

Prior to his recent expulsion on drug charges, Kelley was a student studying cybersecurity at Old Dominion University in Norfolk, Va. Interestingly, investigators allege it was Kelley’s decision to swat his own school in late November 2018 that got him caught. Using the handle “Carl,” Kelley allegedly explained to fellow Deadnet members he hoped the swatting would get him out of having to go to class.

The FBI says Kelley used virtual private networking (VPN) services to hide his true Internet location and various voice-over-IP (VoIP) services to conduct the swatting calls. In the ODU incident, investigators say Kelley told ODU police that someone was armed with an AR-15 rifle and had placed multiple pipe bombs within the campus buildings.

Later that day, Kelley allegedly called ODU police again but forgot to obscure his real phone number on campus, and quickly apologized for making an accidental phone call. When authorities determined that the voice on the second call matched that from the bomb threat earlier in the day, they visited and interviewed the young man.

Investigators say Kelley admitted to participating in swatting calls previously, and consented to a search of his dorm room, wherein they found two phones, a laptop and various electronic storage devices.

The affidavit says one of the thumbs drive included multiple documents that logged statements made on the Deadnet IRC channel, which chronicled “countless examples of swatting activity over an extended period of time.” Those included videos Kelley allegedly recorded of his computer screen which showed live news footage of police responding to swatting attacks while he and other Deadnet members discussed the incidents in real-time on their IRC forum.

The FBI believes Kelley also was linked to a bomb threat incident in November 2018 at the predominantly African American Alfred Baptist Church in Old Town Alexandria, an incident that led to the church being evacuated during evening worship services while authorities swept the building for explosives.

The FBI affidavit was based in part on interviews with an unnamed co-conspirator, who told investigators that he and the others on Deadnet IRC are white supremacists and sympathetic to the neo-Nazi movement.

“The group’s neo-Nazi ideology is apparent in the racial tones throughout the conversation logs,” the affidavit reads. “Kelley and other co-conspirators are affiliated with or have expressed sympathy for Atomwafen Division,” an extremist group whose members are suspected of having committed multiple murders in the U.S. since 2017.

Investigators say on one of Kelley’s phones they found a photo of he and others in tactical gear holding automatic weapons next to pictures of Atomwaffen recruitment material and the neo-Nazi publication Siege.

As I reported last summer, several Deadnet members maintained a site on the Dark Web called the “Doxbin,” which listed the names, addresses, phone number and often known IP addresses, Social Security numbers, dates of birth and other sensitive information on hundreds of people — and in some cases the personal information of the target’s friends and family. After those indexed on the Doxbin were successfully swatted, a blue gun icon would be added next to the person’s name.

One of the core members of the group on Deadnet — an individual who used the nickname “Chanz,” among others — stated that he was responsible for maintaining SiegeCulture, a white supremacist Web site that glorifies the writings of neo-Nazi James Mason (whose various books call on followers to start a violent race war in the United States).

Deadnet chat logs obtained by KrebsOnSecurity show that another key swatting suspect on Deadnet who used the handle “Zheme” told other IRC members in March 2019 that one of his friends had recently been raided by federal investigators for allegedly having connections to the person responsible for the mass shooting in October 2018 at the Tree of Life Jewish synagogue in Pittsburgh.

At one point last year, Zheme also reminded denizens of Deadnet about a court hearing in the murder trial of Sam Woodward, an alleged Atomwaffen member who’s been charged with killing a 19-year-old gay Jewish college student.

As reported by this author last year, Deadnet members targeted dozens of journalists whose writings they considered threatening to their worldviews. Indeed, one of the targets successfully swatted by Deadnet members was Pulitzer prize winning columnist Leonard G. Pitts Jr., whose personal information as listed on the Doxbin was annotated with a blue gun icon and the label “anti-white race/politics writer.”

In another Deadnet chat log seen by this author, Chanz admits to calling in a bomb threat at the UCLA campus following a speech by Milo Yiannopoulos. Chanz bragged that he did it to frame feminists at the school for acts of terrorism.

On a personal note, I sincerely hope this arrest is just the first of many to come for those involved in swatting attacks related to Deadnet and the Doxbin. KrebsOnSecurity has obtained information indicating that several members of my family also have been targeted for harassment and swatting by this group.

Finally, it’s important to note that while many people may assume that murders and mass shootings targeting people because of their race, gender, sexual preference or religion are carried out by so-called “lone wolf” assailants, the swatting videos created and shared by Deadnet members are essentially propaganda that hate groups can use to recruit new members to their cause.

The Washington Post reports that Kelley had his first appearance in federal court in Alexandria, Va. on Friday.

“His public defender did not comment on the allegations but said his client has ‘very limited funds,’” The Post’s courts reporter Rachel Weiner wrote.

The charge against Kelley of conspiracy to make threats carries up to five years in prison. The affidavit in Kelley’s arrest is available here (PDF).

Tags: Atomwaffen Division, Chanz, Deadnet, Doxbin, fbi, John William Kirby Kelley, Zheme

Source: https://krebsonsecurity.com/2020/01/alleged-member-of-neo-nazi-swatting-group-charged/

Cyber Security

Cybersecurity Degrees in Texas — Your Guide to Choosing a School

Avatar

Published

on

In total, 15 schools deliver cybersecurity certificates. Many of them were experts in Network Security, Computer Networking, and other related fields. A few examples include Houston Community College, San Antonio College, and South Texas College.

Online cybersecurity certificate programmes in Texas

In Texas, there are several options for online credential programmes. Central Texas College offers a variety of undergraduate degrees, with over 100 online-only degree programmes available in a variety of fields. As an example, a credential to become an Information Security Specialist is available.

As previously reported, Sam Houston University provides a variety of graduate certificates, including a Cybersecurity certificate and a Data Assurance Certificate. It also provides a certificate in Digital Investigation, which is aimed at criminal justice professionals who want to integrate their cybersecurity knowledge with the latter’s career emphasis.

Texas cybersecurity boot camps

Cybersecurity boot camps, in addition to the programmes mentioned above, are another viable choice for people interested in pursuing a career in cybersecurity.

Cybersecurity boot camps are frequently built for professionals with a technical background in computer science or information technology who need to rapidly retool and master cybersecurity-specific tools and technologies. Cybersecurity boot camps are built to teach in-demand skills to everyone, whether a new graduate or a seasoned professional.

Cybersecurity boot camps offer participants the skills they need to take common certifications like the CompTIA Security+ or Certified Ethical Hacker, in addition to helping them jumpstart a cybersecurity professional network that can contribute to potential job opportunities.

Regardless of the programme, the curriculum for these bootcamps is somewhat similar. The key lessons are broken down into thematic modules such as security basics, systems management, networks and network security, protective security, offensive security, test prep, and final projects.

Participants will also learn about the new tools and applications in the field, such as Wireshark, Kali Linux, Metasploit, Nessus, and more, at boot camps.

Here are some of the services that are available in Texas:

  • Rice University in Pearland, Texas, offers a 24-week part-time cybersecurity bootcamp programme. Every week, classes are held from 6:30 p.m. to 9:30 p.m. on two weekdays and from 10 a.m. to 2 p.m. on Saturdays.
  • Cybersecurity boot camp in Austin, Texas — The University of Texas at Austin offers a part-time, 24-week cybersecurity boot camp on weekday evenings and Saturdays.
  • SMU offers a part-time cybersecurity boot camp targeted for working professionals in Dallas, Texas. Cohorts meet for 24 weeks on weekday evenings and weekends.

A more comprehensive list of cybersecurity boot camps in Texas can be found here.

Cybersecurity jobs in Texas

Texas offers many training options for cybersecurity practitioners, but what happens after they graduate?

The opportunities are plentiful. In Texas alone, there are approximately 43,000 cybersecurity job vacancies, compared to an estimated cybersecurity workforce of approximately 83,000. To put it another way, Texas has a very low supply of cybersecurity jobs, with a supply/demand ratio of 1.9, compared to 2.0 nationally.

In essence, these raw figures show that Texas still has a lot of cybersecurity growth to do, which ensures that businesses would be willing to pay top dollar for expertise that can help them improve.

These positions range from entry-level to full-fledged management and architectural positions. Cybersecurity engineers, researchers, security consultants, IT auditors, software developers, vulnerability analysts, or network engineers and architects are some of the more common available positions for cybersecurity professionals in Texas. This is fantastic news for cybersecurity professionals who want to remain in the sector for the majority or all of their careers; with so many open positions, it’s entirely feasible to start at the bottom of a company’s ladder and work your way up to a management role solely on merit.

What are the pay rates for cybersecurity workers in Texas? It’s all good news at this point. According to the Bureau of Labor Statistics, the average annual salary for computer and information technology workers is about $86,000. In Texas, for example, the median annual salary for cybersecurity professionals is around $104,000 a year, with an average wage of around $50 per hour.

These figures accurately represent Texas’ willingness to pay for qualified cybersecurity specialists, and they should provide enough opportunity to attract new talent in the coming years. Since certain parts of Texas have such a low cost of living, the above wages might go much further, raising the quality of living for cybersecurity professionals who can operate remotely and reside in affordable towns.

Cybersecurity in Texas at the city level

San Antonio-New Braunfels

San Antonio is, without a doubt, the best city in the country for young cybersecurity professionals to visit. Because of its economic growth and concentration on those fields, it has earned the titles of Military City USA and Cyber City USA; indeed, the military has several cybersecurity recruitment centres in San Antonio to find graduates fresh out of college. Furthermore, since the Air Force has a strong presence in San Antonio, work openings in both the private and public sectors are likely to be plentiful.

CyberSeek has more data to analyse:

  • There are currently 6627 cybersecurity job openings.
  • There are actually 10,737 cybersecurity staff working.
  • Cybersecurity employees have a 1.6 supply/demand ratio and a 2.3 geographic concentration. This is significantly higher than the national average of 1.0.

Austin-Round Rock

Austin is another rapidly growing metropolis, both in terms of cybersecurity and jobs in general. It has more than doubled its cybersecurity workforce in the last ten years as a tech hub and one of the most modern cities in the state. Since Austin is the state’s capital, you can guarantee that this development will continue as long as Texas’ economy continues to improve.

Let’s examine what the CyberSeek data shows:

  • 6506 cybersecurity job openings
  • 10,694 currently employed cybersecurity workers
  • 1.6 apply/demand ratio for cybersecurity workers
  • 2.2 geographic concentration of cybersecurity jobs

Houston-The Woodlands-Sugar Land

While its metropolitan area supports a greater number of suburban communities and smaller cities and towns, Houston is also increasingly expanding in the cybersecurity sphere. As a result, in one of these nearby territories, more affordable housing is available within a drivable distance of the Houston metropolitan area.

CyberSeek has some more data we can examine:

  • 6720 total cybersecurity job openings
  • 16,517 currently employed cybersecurity workers
  • 2.5 supply/demand ratio for cybersecurity workers
  • 0.8 geographic concentration for cybersecurity jobs, lower than the national average

Dallas-Fort Worth-Arlington

The metropolitan area of Dallas is similarly bustling, and its proximity to the Fort Worth airport provides numerous economic opportunities for many airlines, especially American Airlines and Southwest Airlines, which both have primary hangers in the area. In other words, for cybersecurity professionals looking to move into aviation or government contracts, this field should be a top priority; Lockheed Martin maintains a presence here as well.

Let’s look at the CyberSeek data for this region:

  • There are 20,176 work vacancies.
  • There are currently 31,384 cybersecurity employees working.
  • The supply/demand ratio for cybersecurity staff is 1.6.
  • 2.0 concentration of new work opportunities

While all of these major metropolitan areas would be a good fit for new cybersecurity practitioners, the three most likely to find work are San Antonio, Austin, and Dallas.

Texas and Cybersecurity

Throughout its history, Texas has been a state characterised by the frontier. While the physical frontier may have passed into history, the digital frontier is still being blazed. Young cybersecurity professionals who want to achieve their full potential and increase their employment opportunities should study in Texas and look for jobs there after graduation.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/cybersecurity-degrees-in-texas-your-guide-to-choosing-a-school/

Continue Reading

Cyber Security

Cybersecurity Degrees in Massachusetts — Your Guide to Choosing a School

Avatar

Published

on

cybersecurity

This guide provides a quick overview of Massachusetts’ cybersecurity colleges. Other cybersecurity training resources, such as online degrees and certification programmes, are included in the guide.

Massachusetts is best known for Boston, Cape Cod, and Martha’s Vineyard, but the tiny northeastern state has much more economic clout than its small size suggests.

The Commonwealth of Massachusetts, also known as The Bay State, has by far the largest economy in New England. While its centuries-old and thriving shipping industry contributes to its strength, the state has reinvented its economy many times over the years.

It now has vibrant business communities in the fields of technology, finance, healthcare, education, and tourism. The Boston metropolitan area, which includes world-class healthcare and higher education institutions, accounts for roughly 80% of the state’s economy.

State authorities have long assumed that Massachusetts will play a leading role in whatever social and economic patterns are shaping society as a whole. It was technology and healthcare in the late twentieth century. Later on, the state was at the forefront of environmental reform and, most recently, universal healthcare insurance.

One of the state’s main goals right now is to become a leading force in cybersecurity, both in terms of its own planning and in terms of attracting the best cybersecurity minds and businesses to call Massachusetts home. Although Massachusetts’ long and illustrious past is often discussed, its present and future in the field of cybersecurity appear to be very promising.

Table of Contents

Growing importance of cybersecurity in Massachusetts

Healthcare and financial services have long been two of Massachusetts’ most powerful economic powers. They’re also one of the most common targets for cyber criminals these days. The state of Massachusetts is home to 12 Fortune 500 firms. State Street Corp., Liberty Mutual, and Massachusetts Mutual Life Insurance Company are three of the financial intermediaries. In addition, the state is a hotbed for venture capitalists.

In the late twentieth century, Massachusetts made a concerted effort to attract technology companies of all kinds and establish itself as a technology hub. The efforts yielded positive results. General Electric, Boston Scientific, Raytheon, Biogen, and Thermo Fisher Scientific are among the Fortune 500 companies headquartered in Massachusetts.

In recent years, the state government has made efforts to educate government employees and people about the dangers of information security. It has also provided educational services to assist local governments in protecting their structures and data. In September 2017, it also launched MassCyberCenter. Its goal is to ensure that citizens and businesses in the state are prepared for cyber threats, as well as to nurture the state’s cybersecurity ecosystem and place it as a leading provider of information security services and study.

Cybersecurity education in Massachusetts

As the state government works to place Massachusetts as a cybersecurity pioneer, new educational opportunities are emerging. The number of high-quality higher-education institutions in Massachusetts, especially in the Boston area, is one of the major draws for students. Several prestigious universities, including Harvard, Worcester Polytechnic, and Northeastern, are located in this area. All three of these universities have established cybersecurity degree programmes.

Although the number of degree and credential programmes available in Massachusetts is not overwhelming, students do have a lot of choices. Both Harvard and Northeastern are completely committed to training the next generation of cybersecurity professionals. There are also a number of other well-known institutions in the mix.

Whatever degree path students select, they will enter a rapidly expanding job market with an insufficient number of eligible applicants for open positions.

ASSOCIATE’S DEGREE

The cybersecurity job market is rapidly changing, and bachelor’s and master’s degrees are in higher demand than ever.

Associate’s degrees, on the other hand, have a place in the sector, thanks to a lack of trained cybersecurity practitioners. There are many entry-level work opportunities that only require an associate’s degree, which can help those who don’t have the time or money to complete a bachelor’s degree get a foot in the door.

Associate’s degree coursework can be applied as credit for a bachelor’s degree, reducing the time and resources needed to complete a four-year degree.

Campus-based associate’s degrees in Massachusetts

At the moment, four colleges deliver associate’s degrees in cybersecurity through campus-based programmes. In the table below, these are mentioned.

Online associate’s degrees in Massachusetts

Associate’s degrees in cybersecurity are also available online for those who prefer a more flexible option than attending classes on campus. However, in Massachusetts, there are currently only two such choices.

  • An associate of science degree in cybersecurity is available online via Massachusetts Bay Community College.
  • Quinsigamond Community College offers a computer science engineering technology associate’s degree online with a forensics programme.

BACHELOR’S DEGREE

Bachelor’s degrees are now necessary for the majority of information security jobs. Although a degree in almost any technology or STEM discipline is usually appropriate, cybersecurity degrees give applicants an advantage. And, as master’s degrees and Ph.D.s become more in demand from cybersecurity employers, a bachelor’s degree is usually needed to apply for postgraduate degrees.

Campus-based bachelor’s degrees in Massachusetts

At the time of publication, five different Massachusetts colleges offered five different bachelor’s degree programmes. Worcester Polytechnic Institute and Northeastern University are the frontrunners in this party. The complete list can be found below.

Online bachelor’s degrees in Massachusetts

There is currently only one online choice for obtaining a cybersecurity bachelor’s degree in Massachusetts. This Bay State University programme offers a bachelor’s degree in criminal justice with a focus on digital forensics and cybersecurity.

MASTER’S DEGREE

Master’s degrees in cybersecurity are becoming more popular, and for senior cybersecurity practitioners in a corporate environment, they are unquestionably the preferred route. Many employers are also demanding master’s degrees for advanced information security positions, such as Chief Information Security Officer. Master’s degrees are also widely recommended for careers in cybersecurity consulting, academia, or study for those destined for non-corporate environments. Continuing on to a Ph.D. would, of course, help advance an infosec career even more.

Campus-based master’s degrees in Massachusetts

Massachusetts has six campus-based cybersecurity master’s degree programmes, as shown in the table below. Boston University offers four of these options. Northeastern University and Worcester Polytechnic Institute offer the other two programmes. The table below contains more detail on these degree choices.

Online master’s degrees in Massachusetts

Master’s degrees in cybersecurity are also available via online delivery at Massachusetts colleges. There are currently six online options available from reputable institutions, the most well-known of which is Harvard. For more detail and links, see the sections below.

Ph.D. DEGREES

Currently, only one Massachusetts university offers a cybersecurity Ph.D. programme. A Ph.D. in computer science with a cybersecurity emphasis is available on campus at Worcester Polytechnic Institute. There are currently no Ph.D. programmes for cybersecurity practitioners offered by Massachusetts institutions.

CERTIFICATIONS

Some cybersecurity certifications are intended to include an introduction to information protection and, in some cases, a foot in the door, or at the very least, a stepping stone toward a degree. Other credential programmes are designed for cybersecurity professionals who want to advance their education or even replace a full advanced degree. Massachusetts learning institutions offer all types of qualifications, with a focus on specialised certificates.

Campus-based cybersecurity certifications in Massachusetts

Massachusetts colleges offer seven different cybersecurity certification options. For more statistics, see the table below.

Online cybersecurity certifications in Massachusetts

Massachusetts colleges offer nine certification programmes that can be completed entirely online. The following are some of them:

Cybersecurity jobs in Massachusetts

Massachusetts and New York stand out as cybersecurity hotspots in the Northeast United States. Massachusetts makes up for its lack of physical size with economic clout. One of the reasons for the importance of cybersecurity is the economy’s emphasis. According to research conducted by the United States Bureau of Labor Statistics, healthcare and education organisations were by far the biggest employers in the state in 2019. Because of the vast amount of personal and sensitive information they collect and store, healthcare organisations have become a favourite target for hackers. Technical and business services, which are also abundant sources of confidential data, are Massachusetts’ second largest job market.

The state of Massachusetts, like the rest of the world, is suffering from a cybersecurity skills shortage. According to Cyberseek, Massachusetts had just over 25,000 people working in cybersecurity-related jobs from October 2018 to September 2019, with around 13,400 cybersecurity work vacancies posted by Bay State employers. More than 11,600 of those jobs were in the Boston metropolitan area. Boston is home to a large number of health and educational institutions, as well as being the Northeast’s second largest financial hub after New York City.

According to the US Bureau of Labor Statistics, cybersecurity analysts in Massachusetts receive an average hourly wage of $52.11 and an annual income of $108,400 as of May 2018. Both wage rates are far higher than the national average. The high cost of living and high tax burden in Massachusetts are the only drawbacks. Both are among the country’s best. Nonetheless, there will be plenty of lucrative job opportunities in Massachusetts, especially in the Boston area, for many years to come.

The following job titles are at the top of the list of cybersecurity job titles in Massachusetts:

  • Cybersecurity Engineer
  • Cybersecurity Analyst
  • Cybersecurity Administrator/Manager
  • Software Developer/Engineer
  • Cybersecurity Consultant
  • Penetration Tester/Vulnerability Assessor
  • Network Engineer/Architect
  • Systems Engineer
  • IT Auditor

Cybersecurity in Massachusetts

Massachusetts has always defied its small scale, even when it was a colony, and has been a major economic power. Despite the apparent benefit of having access to the Atlantic Ocean, the citizens of Massachusetts continue to adopt a leadership mentality. Today, the Commonwealth is focused on becoming a cybersecurity pioneer, and there is no reason to suspect that it will succeed.

There are plenty of highly respected, if not prestigious, colleges and universities in the state that can train and educate tomorrow’s cybersecurity leaders. And the government is fully committed to developing the technologies and capacity needed to protect Massachusetts’ data. There is still a shortage of skilled professionals, as there is anywhere else, and demand is increasing rapidly.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/cybersecurity-degrees-in-massachusetts-your-guide-to-choosing-a-school/

Continue Reading

Cyber Security

U.S. and the U.K. Published Attack on IT Management Company SolarWinds

Avatar

Published

on

Hackers

On Friday, US and UK government agencies released a joint report with more information on the activities of the Russian cyberspy community suspected of being behind the attack on IT management firm SolarWinds. After some of their operations were revealed, the hackers began using the open-source adversary simulation system Sliver, according to the paper.

The SolarWinds attack was carried out by the Russian threat actor APT29 (also known as the Dukes, Cozy Bear, and Yttrium), according to the FBI, NSA, CISA, and the UK’s NCSC. The SolarWinds attack resulted in hundreds of organisations’ systems being breached by malicious updates served from compromised SolarWinds systems.

The agencies have previously released numerous reports on the activities of the organisation, which they say is under the control of the Russian Foreign Intelligence Service, or SVR.

The new report provides further information on the cyberspies’ strategies, methods, and procedures (TTPs), as well as some of the improvements made by the community in response to previous studies.

Last year, government agencies identified APT29 operations targeting organisations involved in SARSCoV2 coronavirus vaccine research and development in the United States, the United Kingdom, and Canada. Malware such as WellMess and WellMail were used in the attacks.

The hackers started using an open-source platform called Sliver to retain access to existing WellMess and WellMail victims after their activity targeting vaccine makers was exposed.

Bishop Fox, an aggressive security assessment agency, created Sliver as a legitimate tool. It’s billed as an adversary simulation and red team tool that companies can use to conduct security testing.

SVR operators also used separate command and control infrastructure for each victim of Sliver, as found in the SolarWinds incidents, the agencies said.

The Snort and Yara rules in the study are aimed at assisting danger hunters in detecting Sliver. The agencies cautioned, however, that since Sliver is a legal penetration testing tool, its existence does not inherently imply an APT29 assault.

APT29 has started exploiting CVE-2021-21972, according to the latest cybersecurity advisory, which lists nearly a dozen vulnerabilities that have been exploited by the community. VMware’s vCenter Server product is vulnerable to this crucial flaw. In February, organisations were alerted that hackers had begun searching the internet for compromised servers just one day after VMware declared the patches’ availability.

APT29 has reportedly begun searching for Microsoft Exchange servers that have been compromised by the vulnerabilities that have been abused by several threat groups over the last two months.

The study also details the effect of the attack on email security firm Mimecast, which was carried out as a result of the SolarWinds hack.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/u-s-and-the-u-k-published-attack-on-it-management-company-solarwinds/

Continue Reading

Cyber Security

Privacy Protection: How Secure is Telegram Messenger?

Avatar

Published

on

Jan Hajek Hacker Noon profile picture

@janhajekJan Hajek

Develop websites and blogs as a hobby. Once bought 250 domains and still don’t know what to do with them.

Telegram is a cross-platform, cloud-based instant messenger that is available for free. End-to-end secure video communication, VoIP, file sharing, and various other functionality are also accessible. First released for iOS on August 14, 2013, and for Android in October 2013, Telegram messenger is a basic instant messaging app that is quick, convenient, efficient, and can sync across all user’s devices. With over 500 million daily users, it is one of the top ten most downloaded applications in the world. According to the developers of telegram messenger, it is a secure and easy-to-use application. Telegram features such as media, groups, and chat are encrypted with a combination of 256-bit symmetric AES encryption algorithm, 2048-bit RSA encryption, and secure Diffie–Hellman key exchange.

Is Telegram Secure?

Exploring the security perspective of messengers, we focus on technologies that are secure by default. Although Telegram supports end-to-end encryption (E2E), it must be enabled on a conversation-by-conversation basis by using a secret chat. As a result, Telegram’s default conversations are much less secure.

Telegram explains the reason for this opt-in as “convenience”; regular messages in Telegram are encrypted in the cloud and can be synced through different devices, while the chat creator must manually back up secret chat. Moreover, Telegram group chats are not encrypted; any participant can silently download video and audio files. Furthermore, in terms of security, open-source has many benefits, mainly transparency, which is the foundation of confidence. Telegram is partly open-source; the client-side programs are open source, but the server-side is closed source.

Data Storage

Except for secret chats, Telegram chats are saved on the cloud by
default. Telegram intends to provide data storage through distributed networks and highly encrypted cloud data. The security key is shared throughout regions to avoid information leakage by a single nation or small community of allies requesting details or a key. There are also a few issues with this technique.

Because the encryption keys are stored on the server, Telegram will technically decrypt communications stored on the cloud. Second, in the event that Telegram’s infrastructure is compromised, an adversary may access encryption keys to decode conversations.

Telegram’s prominence, especially in different states, makes it an attractive
target for nation-states. As a result, the whole security model of Telegram
cloud is based on trusting a centralized authority, which is a vulnerable
strategy from a security perspective.

Encryption Method in Telegram

Cryptography researchers have criticized Telegram for using MTProto, a non-standard cryptographic protocol. Certainly, confidence cannot be gained for an algorithm until the scheme has undergone years of in-depth research, thorough testing, and extensive review, which MTProto has not achieved. Several security bugs in MTProto have been found, but the majority of them are theoretical. Despite the criticism, the Electronic Frontier Foundation’s safe communications scorecard has scored Telegram’s hidden chat as 7/7. Likewise, in a whitepaper titled “Automated Symbolic Verification of Telegram’s MTProto 2.0,” researchers concluded that the protocol is sound and MTProto 2.0 does not present any conceptual fault, but they also addressed the probability of implementation bugs and side-channel threats.

Legal Issues

Telegram encompasses public networks for broadcasting messages to a
large number of users. Telegram has a background of interacting with the
Iranian and Russian governments. As, at the behest of the government, Telegram shut down an Iranian opposition channel in 2017 for encouraging violence; additionally, Telegram decided to ban several bots, including stickers in Iran.

Similarly, Telegram was banned in Russia in April 2020 due to noncompliance with the FSB’s requirement to issue encryption keys. The ban was lifted in June 2020 after Telegram agreed to engage in the investigation as required. Despite this, Telegram has stated in its privacy policy that it still has to report a single instance of data disclosure at the government’s behest.

Since Telegram collects and preserves a great deal of information for its service distribution, the data may be of considerable importance to a country, and Telegram may be obliged to provide information under court order. 

Privacy Protection

According to Telegram’s privacy policies, they gather information such as IP addresses, device information, history of username changes, Telegram applications you’ve used, and more as part of their spam and misuse protection protocol. If this data is processed, it is kept for 12 months before being discarded. Twelve months is a huge time for malicious third parties to access user’s data.

Besides, Telegram moderators are allowed to read regular chat messages tagged for spam and bullying to decide whether or not the statement is accurate. Although this is a fair practice, it still implies that someone will read what you’ve written on anyway.

Furthermore, the app can save compiled metadata in order to better customize your experience. For instance, it creates a customized list of contacts by calculating a ranking based on whom you message the most often when you open the Search menu. In the digital world, none of these three ideas are novel. However, when exchanging personal data on an app, users should be mindful of how the data is treated. 

Telegram transfers the whole address book to the Telegram cloud to be
notified if someone on the contact list signs up for Telegram service. Telegram knows from user’s social graph in this manner, including people who do not utilize their service. Telegram defines two additional possible data sources in section 8 of its Privacy Policy titled Whom Your Personal Data May Be Shared With, in addition to the other users you want to connect with through the app.

Telegram exchanges its user’s personal details with its parent company and a community member who provides funding for its services. On the other hand, Telegram retains the freedom to reveal your IP address and phone number to the appropriate authorities. That occurs after the organization issues a legal order claiming that a customer is guilty of terrorist activity. That has not happened yet, but it’ll be recorded in a transparency survey if it happens. 

Although Telegram is encrypted on several layers, which adds an extra
layer of encryption to user details, it is not a reliable messenger in terms of
privacy and protection. As the messenger collects a lot of metadata from the users, it can be exploited by attackers. Malicious third parties may also
misuse the metadata of app users. For all those people whose main concern is the privacy and confidentiality of their data, Telegram messenger is not secure for them. 

by Jan Hajek @janhajek. Develop websites and blogs as a hobby. Once bought 250 domains and still don’t know what to do with them.My tech and SEO blog

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://hackernoon.com/privacy-protection-how-secure-is-telegram-messenger-ot3r35xq?source=rss

Continue Reading
Esports19 mins ago

Wishiwashi Pokémon Snap: How to Get an Illumina Photo of Wishiwashi

Esports2 hours ago

How to Get Catwoman Zero Skin in Fortnite Season 6

Esports2 hours ago

How to Complete the Bell Puzzle in Resident Evil Village

Russia
Esports3 hours ago

Gambit secure DreamHack Masters Spring grand final spot over G2

Esports3 hours ago

Should you use NVIDIA Reflex?

Esports4 hours ago

Super Mario Odyssey Price Drop!

Esports4 hours ago

DWG KIA show signs of weakness in last-minute comeback victory over Detonation FocusMe at MSI 2021

Cyber Security6 hours ago

Cybersecurity Degrees in Texas — Your Guide to Choosing a School

Cyber Security6 hours ago

Cybersecurity Degrees in Massachusetts — Your Guide to Choosing a School

Blockchain8 hours ago

Miten tekoälyä käytetään videopeleissä ja mitä tulevaisuudessa on odotettavissa

Energy11 hours ago

Growatt wins TÜV Rheinland’s All Quality Matters Award for its ARK battery

Aviation11 hours ago

Ryanair Goes Full Steam Ahead On Portugal Capacity Expansion

Cyber Security12 hours ago

U.S. and the U.K. Published Attack on IT Management Company SolarWinds

Aviation12 hours ago

What Happened To Lufthansa’s Boeing 707 Aircraft?

IOT13 hours ago

Argo AI Develops LiDAR to Advance Autonomous Delivery

Aviation14 hours ago

Kenya Airways Partners With South Africa’s Airlink

Blockchain News15 hours ago

Nasdaq-Listed Metromile Backs Bitcoin for its Insurance Products

Blockchain15 hours ago

DOGE Co-founder Reveals the Reasons Behind its Price Rise

SaaS15 hours ago

SaaS15 hours ago

SaaS15 hours ago

SaaS15 hours ago

SaaS15 hours ago

Coinpedia15 hours ago

Analyst Predicts the Future of Dogecoin and XRP! Says XRP Price Will Pump the Hardest!

Fintech15 hours ago

The Spanish fintech Pecunpay strengthens its position as a leader in the issuance of corporate programs

Blockchain15 hours ago

JOSÉ FONTE AND EDER BECOME THE FIRST FOOTBALLERS IN THE WORLD TO LAUNCH NFTs

Blockchain15 hours ago

JOSÉ FONTE AND EDER BECOME THE FIRST FOOTBALLERS IN THE WORLD TO LAUNCH NFTs

Esports16 hours ago

Best Talon build for League of Legends season 11

Business Insider16 hours ago

Green drive scales new peaks

Energy16 hours ago

PNM and AVANGRID Formally File New Mexico Stipulation with Additional Parties

Trending