One of the things I like the most about the cryptocurrencies model is that it gives an alternative. An alternative to the standard financial model, where you have a centralized certification authority and issuer, which issues new coins, banknotes, or whatever is the name of the payment object for the payment system. One big problem with that system is that it leads to centralization and naturally converts the places with issuer rights (aka central banks) into cosmopolitan districts. The traditional banking system gives them much more economic power than the smaller and more rural communities.
In comparison with cryptocurrencies, everyone can open a bank. We even can choose whether to have a distributed or centralized issuing model. In Bitcoin, for example, the issuing model is a distributed one, and this choice regularly leads to significant fluctuations in the exchange rates with the standard fiat-based currencies. Additionally, there is a cap on the number of Bitcoins, which can be issued, and this way, there is no realistic option for fighting inflation or even speculations. Having that in mind, I think we could agree that the Bitcoin model is far from ideal and could only play a digital alternative for gold, which automatically means that Bitcoin is not a currency in the traditional sense.
On the diagram, you can see a standard blockchain architecture, where the ledger is distributed, leading to distributed transaction signing and verification
Let’s analyze what will happen with the other model of a centralized issuer and no cap for issuing new coins. Still, it is essential to note that the transaction verification will remain distributed, such as in Bitcoin, but we will centralize only the issuing part. For sure, the model will need a legal way to inject itself into the standard fiat financial model and play nicely with it. At the same time, if we want to increase the local communities’ economic power, we shall need a solid local legal government-based entity doing the coin generation. And such a legal entity is the local area municipality.
Such an idea will effectively transform every municipality into a local central bank issuing new coins based on the economic stats for the metropolitan area governed by it. Additionally, at the moment, all the taxes are sent to the centralized bank. Once per year, the government decides how to distribute these taxes to all different city areas’ budgets. As an alternative, with the proposed model, we could choose to receive 30% of our income in the local municipality cryptocurrency and even pay our taxes on this 30% to the local municipality-based bank. Furthermore, the municipality could use this money to plan its budget.
In conclusion, cryptocurrencies can give us quite interesting financial alternatives. For sure, the exchange rates system between the different local municipality-based currencies will be an exciting problem to solve. However, we should keep in mind that we are already solving this problem globally, and we could take inspiration from how it is already solved. Some smaller cities and towns already tried issuing their cryptocurrencies. But, without the local taxes part, such endeavors are not economically viable and will not lead to any mass scale change.
We are almost two years into the COVID-19 world, and we saw a good number of ways to control the pandemic. We now have vaccines, which will hopefully become better and better with time, and finally, the pandemic will be over. With the bright light in the tunnel, there are some disadvantages to our privacy. Many governments decided to issue digital vaccination certificates and grant access to part of the locked-down social services such as cinemas, bars, hotels, concerts, etc. However, we need to understand that such a solution comes with its burden, especially if it is not appropriately designed.
But what are the different methods of actually issuing a digital certificate for any data? We need a CA (certification authority) to sign somehow our data. In the paper world, this happens using the signature and the stamp of a notary. In the digital world, the certificate is signed by a computer machine using modern cryptography methods. There are different mediums for this digitally signed certificate, and I shall cover them in a shortlist:
On the diagram, you can see a standard NFC solution technical diagram. The reader is sending energy and data using electric magnetic fields. The NFC data storage is passive and usually does not have a battery.
A printed certificate with QR code: For many years, the aviation industry has used QR codes for authentication purposes and a faster onboarding experience. The QR code contains a signed data read by the boarding gate, and if adequately verified, the gate allows the passenger to pass through. This method gives good privacy from a privacy point of view, but you will need to keep the paper with you constantly. And this is especially true in the case of a vaccination certificate. Additionally, everyone can read the QR code.
A digital record based on your data: Almost every person on the Earth has a personal identification number issued by his/her country of origin. The government could use this data to base the vaccination certificate on it and record your number of shots into an online server. However, this is the most terrible method in terms of privacy, because usually vaccination plan is personal data and must have a proper authentication mechanism defending it.
NFC-based certificate: Modern digital ID cards use this technology to keep a signed copy of your data. This way, everyone with an NFC reader can read the data from your card and verify it using the stored digital x509 certificate. As opposed to the paper solution, the NFC one is reprogrammable, which means we could reuse the same card/chip to update the data with more medical information, and everything stays locally in the card. This option is the best in terms of privacy. However, you will need an NFC reader-protected purse or backpack to keep the data safe.
In conclusion, digital vaccination certificates can help governments control the pandemic. However, there are many privacy issues in the long term, which could affect the general population. For example, what happens if hackers manage to collect data for everyone, whether vaccinated or not, and create illegal lists with people, which employers can later use to decide whether to hire or not a given candidate. There are already cases with illegal chronic diseases-based lists distributed on the black market. We could easily see a similar future for our vaccination passports data.
One of the biggest cybersecurity threats for companies is internal attacks. To function correctly, companies need trust. You could have the best access control level system in the World, but this will not help you if your system administrator is compromised. Yes, multi-factor authentication and secret key split algorithms can help you mitigate part of these threats. However, they are not widely used. Most SMEs do not have the resources and knowledge to implement a proper access control system and thus are pretty vulnerable to inside attacks.
On the diagram, you can see the different use cases companies can use cryptography. Modern access control frameworks use cryptography heavily to ensure access to data is more restricted than ever.
Following are some of the internal security attack vectors through which attackers can gain access to information;
Information leakage: One of the most common and frequently used methods by cyber attackers is a simple leakage of information. Or, in other words, industrial espionage. Many employees could use this approach to avenge themselves.
Illegal activities: A company must be aware of any illegal activities going in their system. Some organization members could use this approach to frame the company or use it as a proxy when hacking.
Downloading malicious internet content: Most of the time, employees do not intentionally download malicious content; however, this happens. In both cases, a proper access control mechanism will mitigate or at least reduce the damage.
Social engineering: One of the most common ways for attackers to gain access to a network is by exploiting the trusting nature of the company’s employees. An information awareness course could quickly mitigate this attack.
Malicious cyberattacks: Technically proficient employees can use their system access to open back doors into computer systems or leave programs on the network to steal information and wreak havoc. The best protection against this sort of attack is monitoring employees closely and being alert for disgruntled employees who might abuse their positions. In addition, experts advise immediately canceling network access and passwords when employees leave the company to avoid remote access to the network in the future.
In conclusion, unfortunately, because of the enormous rift in the trust between employees and employers, internal attacks can become the new trend. Companies must be aware of that and do their best to implement proper access control systems. Access to resources must be given appropriately and audited for every organization member, no matter whether CEO or a utility person.
Tracking hackers is not a fast and straightforward activity these days. Yes, most governments’ monitoring and data analytics capabilities are indeed becoming better and better. However, the privacy tools are becoming better and better, as well. There is a constant debate whether people must give more of their online privacy for safety. On the other side giving more power to centralized authorities can lead to dystopian states and not functional societies.
One scientific branch helping the governments to catch cybercriminals is cyber criminology. As a discipline, cyber criminology encompasses a multidisciplinary field of inquiry – criminology, sociology, psychology, victimology, information technology, and computer/internet sciences. But in short, its primary goal is to standardize the way we catch cybercriminals. As we can see, most of these disciplines are coming from the social criminology world, and they are primarily used to make a psychological profile of the attacker. On the other side, the technical aspects are crucial if we want to catch the hacker and how he/she managed to hack the system. Without cyber forensics and, most notably, computer science, we don’t have a proper way to understand what happened and how to catch hackers.
One of the main ways to hit criminal organizations properly is to target and track their infrastructure. Without a decent infrastructure, one can not do much in cyberspace. Sure, a hacker attack can steal a lot of data and create havoc, but they need computers, servers, and other equipment for all of this. The stolen data must be stored somewhere, analyzed, and eventually used for blackmail or released to the public. Like cloud providers, hackers need backup and retention plans for the stolen data, and nothing is for free.
One interesting case for such infrastructure is a former NATO bunker used to host Dark Net websites. The German police stormed the place allegedly used to host websites offering drugs, child pornography, and devices to breach computers. Over 600 police personnel were involved in the raid on what they termed a “cyber bunker data center” in the western German city of Traben-Trarbach. Seven people were arrested, with 13 more sought, although none were taken into custody at the site. The arrests occurred at a local restaurant and in the town of Schwalbach, near Frankfurt. Other raids co-occurred in Poland, the Netherlands, and Luxembourg.
This case is quite interesting because cybercriminals usually do not have so many resources to create a whole data center. Hacking has an asymmetric nature, and most of the time, attackers have fewer resources than the defenders. And these smaller criminal cells are targeting SMEs. In that case, a significant criminal group, most probably part of the mafia, owned a whole data center.
You can see how a standard privacy-oriented user would store their data in the cloud on the diagram. Criminals use the same techniques to ensure everything stored in the cloud is adequately encrypted and hard to track
In conclusion, we should track and hit cybercriminals by finding their data infrastructure and destroy it. Acquiring infrastructure is one of the most expensive parts of a hacker operation. It can take months to years to accumulate it. And here comes the cyber criminology value. We can use this interdisciplinary field to find where the infrastructure is located and destroy it.
In this series of articles, we shall discuss one of my old projects. During that time, I had a consulting company working in IT, and this project was part of my initial steps in cybersecurity. The project started around the middle of 2015 and ceased to exist at the end of 2016. It is in body cameras, and actually, it was a competition to systems such as Axon Body 3 camera. During the lifecycle of this project, Axon cameras did not support LTE-based streaming.
The team around the project and I managed to produce a working prototype of the system, and in this series, I shall present to you how we implemented the prototype. At the end of the articles, I shall show you the actual budget for doing this prototype and analyze why it was unsuccessful.
The topic of this part will be an analysis of the advantages and disadvantages of the current video streaming network protocols. We shall start with the standard video streaming protocols, and at the end of the article, we shall discuss our modified, more secure protocol.
There are multiple different protocols for video streaming. Part of them do not support encryption, and we shall focus ourselves on those which support it.
RTMPe
Real-Time Messaging Protocol or RTMP is used to stream multimedia data – audio and video – between Flash Media Server and Flash Player. The chief utility of the RTMP stream is in the optimization of the audio and video data transfer between the server and player.
Encrypted RTMP (RTMPE) wraps the RTMP stream session in a lightweight encryption layer. Through Encrypted RTMPE, the streaming protocol provides low-level stream encryptions for high-traffic sites. RTMPE uses the Anonymous Diffie-Hellman key exchange method. In this algorithm, two parties – the media server and the flash player – establish a shared secret key over an insecure channel.
The standard RMTP protocol uses TCP, and RTPMe uses an encryption model based on a shared secret.
HTTP Live Streaming Encryption Methods
While the HLS supports AES-128 encryption, there are two different ways to implement the standard in practice.
Broadcasters can use one key to encrypt the entire video stream, but that also means the whole stream is unprotected if an unauthorized third party intercepts the secret key.
Alternatively, each segment of a stream can be encrypted with a different key. That way, users can access only a few seconds of video with each specific key. Broadcasters might choose this method if the video content their sharing is highly sensitive.
As it comes from its name, HTTP Streaming uses HTTP to resemble MPEG-DASH. It works by breaking the overall stream into a sequence of small HTTP-based file downloads, each downloading one short chunk of a broad, potentially unbounded transport stream. A list of available streams, encoded at different bit rates, is sent to the client using an extended M3U playlist. HTTP is a TCP-based protocol, as well.
MPEG DASH Encryption
Dynamic Adaptive Streaming over HTTP (DASH), also known as MPEG-DASH, is an adaptive bitrate streaming technique that enables high-quality streaming of media content over the Internet delivered from conventional HTTP web servers. Similar to Apple’s HTTP Live Streaming (HLS) solution, MPEG-DASH works by breaking the content into a sequence of small segments, which are served over HTTP. Each piece contains a short interval of playback time of content that is potentially many hours in duration, such as a movie or the live broadcast of a sports event.
MPEG DASH supports a Common Encryption mode (CENC), which Bento4 implements. Encrypted MPEG DASH presentations should also include the proper signaling in the MPD to inform the player of what DRM(s) can be used to obtain the decryption keys for the streams. An MPD can contain DRM signaling for several DRMs (either just one or multiple entries if the same stream can reach players with different DRM technologies).
Again MPEG Dash is based on HTTP, aka TCP. In that case, DRM encryption is usually based on a public, private key encryption scheme.
On the diagram, you can see a standard AVI container. The video data objects are x264/h264 frames, which most of the streaming protocols encrypt, encode, and stream.
Our Modified Streaming Protocol
As you can see from the upper paragraphs, every standard encryption protocol was designed to stream data from a centralized server to a list of devices. Most of them use the traditional HTTP delivery networks to speed up their streaming. In our case, we had an entirely different problem. We had to stream encrypted content from multiple body cameras to a centralized server and, after that, restream the video from the server to a web browser-based dashboard. LTE networks can be quite fast when you have proper coverage, but when your signal drops, your network speed drops significantly, as well. So we decided to design our video streaming protocol, and I shall list our requirements:
Based on UDP: Sending TCP data through LTE can hurt your performance a lot. That’s the reason we decided to establish our protocol on UDP and to implement packet control.
Based on X264: X264 is an open-source implementation of the H.264 protocol. It is already implemented in most Android devices and is supported natively. The encoding rate is reasonable.
Codec agnostic: In the future, we wanted to support H.265 and its open-source implementation. Thus the protocol had to be code agnostic.
To use hybrid encryption: Most of the listed protocols do not use a hybrid encryption approach. We wanted our protocol to have better authentication and encryption mechanism, and that’s why we decided to use hybrid-based encryption on top of RSA and AES-GCM. We changed the keyphrase and IV for AES on every packet frame sent to implement the encryption correctly.
Binary-based: Keeping in mind that LTE is usually sold using monthly plans. These plans are generally only a couple of gigabytes. So we ended up making a binary-based protocol. Any other protocols, and especially the semantic-based ones, would result in more significant data consumption.
Adaptive Bitrate: The LTE network bandwidth depends on how strong a radio signal your device has. The weaker the signal, the lower the bandwidth. We had to implement an adaptive bitrate strategy, which lowered the resolution in a weaker signal. This way, you could receive frames no matter how strong is your LTE cell signal.
Our proof of concept implementation managed to fulfill these requirements. The finished network protocol was fast enough and binary compatible. It supported adaptive bitrate and was code agnostic.
On the diagram, you can see a sample datagram of this protocol. The MTU was 1500 bytes to support all kinds of equipment, but not only with jumbo frames.
We used an UUIDv4 and RSA signature for authentication purposes. After that, you have multiple fields as a counter in the index, date, packet size, and an array of bytes. The implementation stripped down an h.264 frame to multiple UDP packets and sent them together. The server combined them back to the h.264 packet and appended them to corresponding files.
We saw that it is better to have adaptive logic on the codec level during our tests for the protocol. For example, a simple JPEG stream was much better when the signal was weaker.
In the next part, we shall discuss how we created our body camera device and its software. We shall discuss our streaming server implementation in the final third part, give you a budget, and explain why the whole business model did not work as expected.
The killer of IPO, the new fintech revolution, the path to decentralization – all of these were the nicknames of ICO. But, what is an ICO? The initial coin offering (ICO) is a financial mechanism for a company to raise new capital. Usually, the reason for that event is to fund new services or business opportunities. Sometimes is to provide an alternative for financing early-stage digital innovations through crypto-assets.
Failure of ICO
Unfortunately, an initial coin offering is not always successful in attracting enough traction and investment. According to official research, around 800 cryptocurrencies are declared dead since 2018. It is a considerable decline in trust in ICO.
Some examples of initial coin offering failures;
Swiss coin: Swisscoin was designed for a broad audience and the needs of small investors and traders. Using Swisscoin was to build up a payment system in which soon over a billion people will participate. However, it failed, and there is no traction for the last three years.
Enigma: Enigma is a decentralized data marketplace protocol and cryptocurrency created by a team of Massachusetts Institute of Technology graduates and researchers and incubated at MIT Media Lab. The Enigma protocol is a second-layer, off-chain network that aims to solve scalability and privacy issues on the blockchain. However, they got hacked.
The DAO: The DAO was a decentralized autonomous organization (DAO) launched in 2016 on the Ethereum blockchain. After raising $150 million worth of ether (ETH) through a token sale, The DAO was hacked due to vulnerabilities in its codebase. The Ethereum blockchain was eventually hard forked to restore the stolen funds. However, not all parties agreed with this decision, which resulted in the network splitting into two distinct blockchains: Ethereum and Ethereum Classic.
To participate in ICO, people must have crypto wallets. After the initial coin offering, the coin is usually transferred to your wallet. You can use them to pay for something as soon as someone is ready to take your tokens.
Is the presence of an IPO the reason for the failure of ICO?
Yes! The main reason behind the failure of ICO is IPO. Most investors trust IPO instead of ICO. Companies do not back Bitcoin and Ethereum, so they are more community-based, which is entirely another financial mechanism. In the case of IPO and ICO, we usually speak about investors. Primarily, ICO deals with early investors who are interested in investing in new projects. However, most investors think that ICO is less reliable than IPO because of two reasons:
No regulation: To list your company on the stock exchange and make an IPO, your company must endure an exceptionally detailed and harsh financial audit. With ICO, this is not the case. There is no regulation, and you have to believe in the company owners’ words and vision.
No attachments: In case of company bankruptcy, there are legal attachments between the shareholders and the company owners with IPO. With ICO, this is not the case. If the currency is dead, there are no legal consequences.
In conclusion, I am personally a big fan of cryptocurrencies as technology. However, from the financial point of view, they are a little bit of a nightmare. Without regulation and centralized authority, you can not control inflation. And unfortunately, a community-based cryptocurrency will most probably end the same way as Bitcoin and Ethereum are behaving at the moment.
After we finished our two pieces for physical cybersecurity in this and the next one, we shall discuss how to defend your computer network. For a long time, I wondered whether to start with computer and mobile phone devices security first or start with the network security perimeter. In the end, I decided to follow the standard technical approach a computer hacker will use to penetrate your defenses – intelligence recon, network penetration, and finally, device exploits. In social engineering, the hacker will skip network penetration and directly exploit your devices.
So network security, here we go.
Computer network protocol design is not with security and privacy in mind. After decades of cybercrimes and research on how to stop them, we finally have a solution for these problems. The zero-trust security model is almost 12 years old, with Google using it since 2009. However, despite the good news, the model has its use mainly in big corporates so far. I firmly believe that small organizations and teams can use this model or parts of it.
But what is the idea of this approach? It is not something new – you have to understand that you can not trust any data in transit, including your own smartphone or laptop apps. Zero trust dictates that the whole network or application path between your application and the server could be malicious, including all the hardware devices along this path – network routers, switches, servers, laptops, and smartphones.
Still, despite the zero-trust paradigm, I think that people must make sure that the hardware devices under their control are as secure and patched as possible. I market this work approach because the more layers of security you have, the harder it will be for an attacker to penetrate you. Or in short, zero trust does not invalidate other security practices. It just adds new tools to your defensive cybersecurity toolset.
So let’s start with the different network devices and their attack vectors:
Routers
So what is a router? A router’s standard definition is a hardware device, which connects different computer networks and forward packets between them. In the case of your home or office router, this is your home/office network and the Internet. Every network packet going to or from the Internet comes and goes through this router.
In terms of network security, routers are your first line of protection versus network penetration attempts. Or, in simple words, they are your cyber gateway to cyberspace. Additionally, they offer a different range of services regarding your protection. Such services are Firewalls, Intrusion detection systems, NAT service, Syslog server, and many more.
It is essential to treat your router as a highly specialized computer system. As a computer system, it inherits some of the security problems your personal computer has. Let me list the different attack vectors, which an attacker can use to penetrate your router.
On the diagram, you can see a standard small office deployment. Both of the firewalls are connected in CARP mode, and they become a virtual router. Usually, every firewall is deployed on a standalone hardware device.
Misconfiguration: Sometimes, routers not come with the best configuration in terms of cybersecurity. For example, enabled remote access functionality can be pretty helpful for system administrators, but at the same time, it exposes your router to attackers.
Outdated software: Usually, home routers run on quite obsolete software. It is rare, a home user to upgrade the software version of their router. Unfortunately, this leads to systems without proper security patches and gives the attackers an excellent opportunity for hacking the router.
Exposed services: Most of the modern routers support additional services such as VPN and IPSec servers. It is essential to understand that every exposed service can be an attack vector for our attacker. In the case of VPN, this is usually not true, but there are exceptions.
Switches
Next in line is the network switch. By definition, a network switch is a network device, which connects different network devices into a local computer network by using packet switching to forward and receive data to the destination device. The network switch learns the identities of connected devices and then only delivers data to the port connected to the device to which it is addressed.
In other words, think about the router device as a controller of the local network and about the switch device as an intelligent extender of a local network segment. Still, every switch is a highly specialized computer system, and it inherits the cybersecurity problems other computer systems have. Let me list them.
Most modern companies use cloud providers for their services and do not waste their time deploying hardware. However, the bigger your become, the more hardware you have to set up because it becomes cheaper for you. However, the same principles for cybersecurity apply both to your home office and a multi-national corporation.
Network Flood: A malicious actor can try flooding the local network with packets and making it not responsible. Usually, this happens with older switches. Most of the modern ones have protection in place.
VLAN sniffing: Most modern switches support network isolation by tagging the packets. This way, different computers in your local networks can not listen to packets living in other virtual networks. Still, if the switch tagging the packets got penetrated, the attacker can listen to all network packets.
Remote Access: Newer and more expensive network switches have an entire operating system built inside. It supports remote access features for system administrators and many more. Still, the more one device is intelligent, the bigger the attack surface it has.
