Robsec

A number of studies have shown that the benefits that come along with a Bring Your Own Device (BYOD) policy are multiple when it comes to improving efficiency of employees. On the basis of these studies, many organizations across the globe proceeded to implement this policy but not all of them managed to carefully consider the impact such a policy would have on the cybersecurity of the organization itself.  With BYOD, you basically allow employees to bring their own devices (such as laptops) to work and connect to the company’s internal network so they can access organizational resources. It also tends to allow said employees to take the devices home and in some cases, get remote access tools installed on the personal devices to allow them to connect to the same internal organizational resources while they are not on site. As you can imagine, the benefits are quite numerous, but as cybersecurity experts, what we naturally tend to look for are weak spots in such policies and h...

Okay, so this article isn’t going to focus much on the WannaCry Ransomware that’s wreaking havoc across the globe at the moment. It’ll be more focused on trying to highlight potential cyber-security related events linked to the root of this particular deadly malware, the Equation Group. So, a little bit of backstory, the first time I ever came across the name Equation Group was some years back when I was doing research for my Master’s degree on malware development and an article was making the rounds about how they had developed a way to exploit the firmware of a hard drive! That exploit truly was a thing of beauty. Of course, they were said to be linked to the US’s NSA but that link is not exactly what this article is about as well. Moving on, I ended up keeping an eye out for any discoveries or articles to do with exploits related to the Equation Group. But then 2016 came and the world of infosec got even more exciting. A group known as Shadowbrokers apparently hacked the E...

So the most popular question I got asked by people in the past week was “what on earth is Ransomware?” So let me put it this way, imagine you wake up in the morning and you turn on the data on your phone so you can see the WhatsApp messages that came in while you were asleep. You are then greeted by a screen on your phone with a message written across the whole screen saying, “Your phone has been encrypted. To regain access to it, send 10 BTC to Bitcoin account XYZ”. You are puzzled because not only have you never seen this message before, but you don’t even know what “encrypted” means or what BTC or a Bitcoin is. Now you, assuming this is a typical “gadget” error, restart the phone (like you would any PC) and the same message pops up again. You think of Googling the problem on your phone, but then you can’t access the Google app. Then realization slowly sets in that you can no longer access your WhatsApp, your contacts list, your music or even the Date/Time app itself! That is basic...