FAQs About IT Security

What is malware and what different forms might it take?

Malware is short for malicious software, which is a category of programs designed to cause harm. They are mainly the bane of all who are responsible for creating our computers with weak or no security preventions that allow unauthorized programs to take control and do destructive things. For example, Microsoft founder Bill Gates due to the poor design of leaving out numerous basic security features in his Windows operating system, is responsible for the most expensive security breaches in the history of malware. While there are fewer malware attacks that occur in Linux, Unix, and Mac environments because they all paid more attention to security than Microsoft, it is important to note the IBM mainframe environment has the most comprehensive security architecture and prevents any type of malware from gaining control.

different forms of malware include viruses, worms, Trojan Horses, keyloggers, ransomware, and more.

What is a digital footprint?

A digital footprint refers to the tracks left by a person or entity using computers, phones, and online services which includes emails, text messages, file transfers, computer logs, tweets, voice and video calling, movements via cell phone location history, footage from traffic and security cameras, live chat, social media use, web searches, website visits, online and offline credit card purchases, financial transactions, medical data, criminal and civil court records, and business records kept by your service providers. In the wrong hands a person’s digital footprint can be used to obliterate a person’s anonymity, privacy, and liberty.

What is SIGINT?

Signals Intelligence. It was originally derived by monitoring and recording analog transmissions, but it has evolved during the computer age to capture all digital forms of communications as well. During World War II, an important source of information was intercepting analog signals from telephone calls and radio transmissions. SIGINT today includes all forms of computer tracking and monitoring including digital footprints.

What is the primary purpose of an intelligence operation?

Its primary purpose is to gather sufficient overt and covert information on known and potential enemies to assess their capabilities, intentions, and potential threats. The lines have been blurred since 9-11-2001 as to who is a potential enemy, what is sufficient information, and to whom are intelligence gatherers accountable.

What are the names of government intelligence operations in the USA, Israel, China, UK, and Russia?

Not referring to law enforcement agencies:

In the US there are< 16 agencies (watch 2 min video below). The more widely known are the National Security Agency (NSA), The Central Intelligence Agency (CIA), The Department of Homeland Security (DHS), and The Directorate of National Intelligence (DNI).

In Israel Mossad is the main agency, along with Aman and Shin Bet.

The Chinese Communist Party (CCP) has an intelligence wing within their People’s Liberation Army (PLA)

In the United Kingdom (UK) the main organizations are the Secret Intelligence Service (SIS or MI6), the Security Service (MI5), the Government Communications Headquarters (GCHQ) and Defence Intelligence (DI).

The KGB existed in the Soviet Union from 1953 to 1991 when it was disbanded. Today Russia operates a Foreign Intelligence Service.

Since 9-11-2001 what surveillance programs have become infamous and why?

The NSA’s Stellar Winds Project was initiated after 9/11 by President George W. Bush and was expanded significantly under President Barrack Obama. The extent of the program was leaked to the public by NSA contractor and whistleblower Edward Snowden in 2013, who said, “We are building the greatest weapon for oppression in the history of man.” His leaked documents provided proof that NSA director Keith Alexander had lied to congress when he denied masses of US citizens were being surveilled. He also released classified documents showing the NSA used equipment that was so powerful that a single device could simultaneously monitor 1 billion telephones per second. The UK’s secret Tempora system was also exposed shortly thereafter.

Also, according to Wikipedia,…PRISM began in 2007 in the wake of the passage of the Protect America Act under the Bush Administration.[10][11] The program is operated under the supervision of the U.S. Foreign Intelligence Surveillance Court (FISA Court, or FISC) pursuant to the Foreign Intelligence Surveillance Act (FISA).[12] Its existence was leaked six years later by NSA contractor Edward Snowden, who warned that the extent of mass data collection was far greater than the public knew and included what he characterized as “dangerous” and “criminal” activities.[13] The disclosures were published by The Guardian and The Washington Post on June 6, 2013. Subsequent documents have demonstrated a financial arrangement between the NSA’s Special Source Operations (SSO) division and PRISM partners in the millions of dollars.[14]

What is the Five Eyes security alliance?

The Five Eyes Alliance (FVEY) is an alliance between intelligence organizations from the United States, the United Kingdom, Canada, Australia and New Zealand. The Five Eyes Alliance were outed in 2013 when NSA whistleblower Edward Snowden leaked classified documents about its activities to the public.

What is encryption?

Encryption is the encoding of a message or data to prevent it from being accessed or read by unauthorized parties. Two types of Encryption Algorithms are the Symmetric-key algorithm, a.k.a. the secret key algorithm, and the Asymmetric key algorithm, better known as the public key algorithm. “Encrypt” comes from the ancient Greek word “kryptos” which means hidden or secret. Crypto, as used in cryptocurrency, has the same meaning.

Will passwords ever become obsolete? Considering biometrics and all the other advances in access control security, why do we still use passwords?

Passwords won’t be going away anytime soon because they still deliver the biggest bang for the buck, provided you understand the tradeoffs between productivity and security. The rules for coming up with good passwords also apply to vanity URLs used in X4 secure calls. The main goal is to come up with something random that is easy to remember but impossible to guess.

One approach is to combine unrelated words, and a symbol, with capital letters interspersed. For example: cRy!ngwoRm is very, very strong, and cRy!ngwoRmhe@Rt is even stronger.

Another thing to balance is to decide early on if the value of the item being secured warrants the cost of protecting it.

What is Pegasus from Israeli company NSO Group?

Pegasus is spyware developed for use by government agencies. The spyware infects a target’s phone and captures and sends back photos, messages, and audio / video recordings. Pegasus is available from an Israeli company called NSO Group, that claims the clandestine software can’t be traced back to the government using it.

Who is NSA whistleblower William Binney?

According to Wikipedia…In March 2012, Wired magazine published “The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)” talking about a vast new NSA facility in Utah and said, “For the first time, a former NSA official has gone on the record to describe the program, codenamed Stellarwind, in detail”, naming the official William Binney, a former NSA code breaker. Binney went on to say that the NSA had highly secured rooms that tap into major switches, and satellite communications at both AT&T and Verizon.[10] The article suggested that the supposedly-terminated Stellar Wind continues as an active program. This conclusion was supported by the exposure of Room 641A in AT&T’s operations center in San Francisco in 2006.[11]

How far back can NSA go to listen to phone calls?

Many years ago the NSA admitted to keeping 30 days of calling for selected foreign countries so they can go back in time and listen. This Washington Post article from 2014 was one of the first public glimpses into their capabilities.

"The National Security Agency has built a surveillance system capable of recording "100 percent" of a foreign country's telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden. A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance. The voice interception program, called MYSTIC, began in 2009. Its RETRO tool, short for “retrospective retrieval,” and related projects reached full capacity against the first target nation in 2011. Planning documents two years later anticipated similar operations elsewhere. In the initial deployment, collection systems are recording “every single” conversation nationwide, storing billions of them in a 30-day rolling buffer that clears the oldest calls as new ones arrive, according to a classified summary."