Author: armour

New year, new office.

While everyone else was still coming to terms with a New Year, we at Armour have moved down river to splendid new offices in Aldgate. At time of writing everyone is now safely ensconced, with their own desks and pot plants installed, and we all just about know where the coffee machine is.

Strong Revenues and Growth

The move comes at the end of another great year for Armour where our revenue and profits continued to do well year-on-year. We continued to roll out new use cases for several of our significant customers (you know who you are), and we are developing relationships with a number of key alliance partners. Our ranks have been swelled with several new hires across the business covering development and support, and we welcomed our new VP of Sales and Marketing, industry veteran, Richard Brooks.

Impersonation-based and DeepFake threats

We are seeing a step change in the market for secure communications as security conscious organisations realise the risks of impersonation-based attacks, and deepfakes, which are only going to become more believable and more dangerous thanks to AI. The recent deepfake message purporting to be Joe Biden urging voters not to cast their ballots in the New Hampshire Democratic primary is a graphic example: https://time.com/6565446/biden-deepfake-audio/  

Our technology is already poised to help organisations overcome some of these risks. The benefits of identity-based authentication (in our case, the NCSC’s MIKEY-SAKKE protocol) where users must authenticate before they can join a call, send a message or join a video conference, are finally becoming more widely understood and demand for them is clearly growing.

Continued focus on R&D

2023 saw a focus on interoperability. We’ve delivered specific developments for customers that need to communicate with colleagues within the same organisation, but using different channels such as Skype, WhatsApp and Matrix, while maintaining robust security.  Some of these developments will be finding their way into the main product line later this year.

On the industry accreditations front, we maintained and renewed our ISO27001 certification.

Future projects currently under way include work on NCSC’s Principles Based Assurance – watch this space for further announcements.

It’s going to be a busy year, and one that we are looking forward to with relish – especially now that we have posh new digs!

Scottish Covid inquiry finds that Nicola Sturgeon appears to have deleted ALL her WhatsApp messages.

Hot on the heels of the revelation that WhatsApp messages between the then UK prime minister Boris Johnson, and Paymaster General and leader of the Commons Penny Mordaunt, had mysteriously disappeared, we now hear that ex-Scottish First Minster Nicola Sturgeon seems to have suffered a similar fate.

The BBC has reported that Jamie Dawson KC, counsel for the inquiry, stated that the former first minister appeared to “have retained no messages whatsoever”.  The inquiry was also told that her deputy John Swinney had his WhatsApp messages set to auto-delete.  In addition, the inquiry heard how no corporate or central record was made or retained either.  All of this despite some of their discussions being ‘FOI [Freedom Of Information] discoverable’, such that there was a requirement to keep a copy for future reference.

NCSC approved alternative to consumer apps

As we have stated many times before, there is really no excuse for the use of consumer apps by those in public office when there is an NCSC approved alternative that is every bit as engaging and easy to use.  Not only do consumer apps, such as WhatsApp and many others, lack enterprise-grade security features, such as identity-based authentication (which tackles the issues of impersonation-based attacks/spoofs, etc.), but as this case demonstrates yet again, such apps lack any central management of messages and conversations.

Plausible deniability should not be a goal!

The inquiry further heard that a civil servant, while reminding ministers of the FOI requirements, also made the remark: “plausible deniability is my middle name”.

Had ministers been using an approved secure communications platform, such as Armour Mobile, there would be no question about what happened to messages: they would all be archived and available for review by suitably approved and authenticated auditors. It would have been much easier and faster for the inquiry to discover exactly what went on, saving time and public money.

Furthermore, licences for the secure comms platform can be given to trusted colleagues in third party organisations. This would enable ministers and civil servants to communicate with whoever they need to, with the data remaining in the control and ownership of the government.

NCSC’s Secure Communications Principles

The NCSC has published principles dealing with secure communications which are:

• Protect data in transit
• Protect network nodes with access to sensitive data
• Protect against unauthorised user access to the service
• Provision for secure audit of the service
• Allow administrators to securely manage users and systems
• Use metadata only for its necessary purpose
• Assess supply chain for trust and resilience

 

In an election year, if politicians and civil servants want to take a step towards repairing their somewhat tarnished reputations, following their own government’s guidelines about what constitutes secure communications, would be a good place to start.

For more information about what to look for read our Secure Communications Buyer’s Guide to discover the 10 questions you should be asking: https://armourcomms-25743375.hubspotpagebuilder.eu/buyers-guide-landing-page-2

Some of the world’s largest consultancy firms (including the ‘Big 4’) are asking staff to use burner phones when they visit Hong Kong – but is this really the right solution?

A recent article in the Financial Times highlighted the growing concern about the risk to commercial data and the dangers of working in potentially unfriendly regimes. As Beijing continues to exert more control over the previously semi-autonomous international business centre of Hong Kong, more organisations are suggesting that company executives should take extra care when visiting the city, due to increased risks of hacking and unauthorised access to client data if work devices are used. In short, companies like Deloitte and KPMG are asking staff to use burner phones when in Hong Kong. And this is not being received well by some senior executives who prefer not to travel to the region due to the inconvenience of needing extra devices and leaving their usual phones and laptops at home.

This isn’t the first time that such an edict has hit the headlines. In January 2022 athletes from the US and UK were advised to use burner phones during the Beijing Winter Olympic Games due to concerns about an app provided by the Chinese government for use by all Olympics attendees that had significant security flaws.

This most recent example of organisations taking a stand against the dangers of state-sponsored hacking is equally applicable to many global organisations who have their Asia-Pacific headquarters in Hong Kong, or indeed any untrusted regime. Some of the firms affected have expressed concerns about the legal liability associated with leaks of client data, and the commercial implications should clients’ data be stolen or compromised.

Burner phones – a solution or a risk?

This all raises an important question: What are the pros and cons of burner phones? From the user’s viewpoint, it is inconvenient to have to use a temporary phone, possibly with only a subset of the apps they are used to using. Conversely, if the phone is bought in country, then it might be considered unsafe because its provenance cannot be certain. For cost reasons such phones are usually Androids, which makes them more susceptible to having been ‘jailbroken’ (modified to remove restrictions imposed by the manufacturer, to allow the installation of unauthorised software) or already contain potentially malicious apps from local carriers or distributors. While more secretive users might choose a burner phone because it helps their traffic blend in with the local phone communications, the primary purpose of using a burner phone is to be able to dispose of it when it is no longer required, such that whatever malware it contained, or picked up while in use, is not brought back into the user’s organisation. So, a burner phone is always a short-term solution to manage communications risks.

How Armour® helps

Armour Mobile™ and SigNet by Armour® can protect your mobile communications and data whether you choose to take your normal phone into a potentially hostile environment, or you need a secure communications solution that can be easily deployed on a burner phone.

Armour’s solutions completely isolate the communications and any associated data, metadata or files (attachments such as documents, images, video clips). In addition to end-to-end security over-the-air, all data is encrypted and secured at-rest within the app, protecting your contacts, messages and attachments from malware on the device or if the device is lost or stolen. The ultimate goal is to minimise your organisation’s risk by reducing the residual data held on the device. Armour’s products are ‘Secure by Design’, for example technology in the app requires sole use of the microphone ensuring rogue apps are not ‘listening’ into voice or video calls.

In addition, before the app can be used, the Armour software checks to see if the device has been jailbroken, if so, the user will not be able to use the Armour app.

Armour provides its own viewers for certain types of attachments, so as not to share information with the operating system or third-party viewers, and preventing the user from deliberately, or accidentally, sharing the attachment (and its sensitive information) outside of the Armour app, thus avoiding the potential for data leakage.

To minimise the use of the public internet and untrusted, insecure networks, the Armour apps can be installed in a variety of ways. Depending on the specific use case requirements this can include via SD card or via a completely closed VPN network (using additional technology from Armour technology partners).

Armour Mobile and SigNet also include many security features within the app to protect against data leakage.  This includes the Message Burn and Disappearing Messages features, where the sender of a message can set it to automatically delete at a set time, either after it has been read, or after it has been sent.  This feature can be deployed as a standard setting across chat groups or communities of users.  In addition, if a phone is lost, stolen or compromised, all data held within the Armour platform can be wiped remotely.

For more information about how Armour can help your organisation protect corporate and client information while travelling in untrusted regimes, contact us today.

Or read our Buyer’s Guide to find out what you should be looking for: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/  

The French Prime Minister, Elisabeth Borne has banned the use of consumer messaging solutions WhatsApp, Signal and Telegram by government ministers and their teams.  The ban cites security vulnerabilities, something that we at Armour have been talking about for a number of years now!

Many organisations still commonly use mass-adoption platforms for communicating, when there is an alternative that is every bit as convenient and easy to use as a consumer-grade app, and is approved by the UK’s National Cyber Security Centre (NCSC).  This solution, Armour Mobile, is widely used throughout the MOD, and parts of the government that require higher assurance.

Why are mass-adoption services so unsecure?

Any messaging, communications or collaboration platform that allows anyone to join can not be considered secure, simply because without strong, identity-based authentication, participants cannot be sure that they are really communicating with who they intended to.  Account theft, SIM swapping and simply renaming one’s social media account to look like someone else makes it very easy for people, including government personnel, to get phished and accidentally leak sensitive information.  The exponential increase in the power of AI to generate deep-fake impersonations mean that this is going to be an escalating issue. Our recent blog explains the dangers of impersonation-based attacks and how to mitigate them.

On top of this very significant security flaw, there are a number of other issues such as:

A tempting target

Mass-adoption platforms, due to the very nature that everyone uses them, are a lucrative target for hackers, activists, cyber criminals and nation-state sponsored attacks.  This means that any organisation using WhatsApp, Signal, Telegram, or Teams, Zoom, GoogleMeet could easily get caught in the cross-fire, and suffer lost data, or inability to communicate, even if they are not the intended target.

No data sovereignty

You have no control over where your data goes, what server it is held on and who might have access to it.  At the very least, this raises data privacy concerns, for example, GDPR compliance, quite apart from the issues around handling sensitive data that, if exposed, could put an organisation at a commercial disadvantage, or even compromise national security.

No control over where your information is sent

With social media apps, once a communication has been sent to a third party, the sending organisation has no control over what the recipient then does with that information.  Ex-Health Minister Matt Hancock’s published WhatsApp messages demonstrated this point admirably.  The fierce back-and-forth arguments between Boris Johnson and Dominic Cummings are another such example. Read more here, complete with fruity language https://www.bbc.co.uk/news/uk-67275967    

 

How Armour Comms delivers secure communications

In answer to the issues outlined above, Armour Comms delivers a secure communications platform with all of the convenience and usability of a consumer-grade app, but with enterprise-grade management features.  Such as:

• Managed communities meaning that only verified people can join, so users can be confident they will only be communicating with authorised and authenticated users.
• All information is protected within the Armour environment. Armour can be hosted in the secure Armour cloud, or on-premises (e.g. within a government or other known data centre), so that you know exactly where your data is being held, delivering your data sovereignty requirements.
• Message Burn and automated message deletion mean that any conversations can be set to automatically delete after a set time to ensure sensitive data doesn’t accumulate on a device. Additionally, individuals can set a message to delete at a certain time after it has been read, or after it has been sent.
• For any device that is lost, stolen, or compromised, all data held within the Armour environment can be remotely wiped.
• Secure auditing capabilities mean that all communications are securely recorded for secure review at a later date, even if the messages have been deleted from the original device, delivering compliance needs, such as Public Records, the Freedom of Information Act and other industry specific regulations.

Armour Mobile is approved by the NCSC and NATO.  It is widely in use across the MOD and defence contractors, as well as areas of the UK government that require higher assurance.

Read our buyer’s guide for more information about how Armour Comms’ secure communications platform can help, and what questions you should be asking. DOWNLOAD HERE

When the lights go out, what happens to your secure comms capabilities? And how do you ensure legislative compliance – particularly in regulated industries?

If you are working in a location prone to power outages, how do your employees continue working and communicating securely if your corporate business systems are out of action? How do you ensure operational resilience?

In many areas around the world, power transmission can’t be taken for granted. Power cuts are an all too frequent occurrence in some geographic locations, for numerous different reasons. People and organisations adapt and generally speaking business continues.

But stop and think for a minute.  Exactly how do your staff continue working?  If they are using their own devices, and non-corporate means of communicating what happens when people are sharing company-confidential information over unmanaged networks to unmanaged devices? All the issues associated with the use of shadow IT during normal operations (lack of oversight, accountability and traceability, and heightened data security risks) are magnified when there is a power outage.

A particular risk for financial services organisations is the punitive fines and loss of reputation should employees be found using non-sanctioned apps such as WhatsApp.  Our previous blogs outline the details of nearly $2 bn in fines levied by the US Securities and Exchange Commission (SEC) and the Commodity Futures Trade Commission (CFTC) for the use of unauthorised apps.  More recently, the UK energy regulator Ofgem fined US bank Morgan Stanley for failing to keep records of communications after energy market traders used WhatsApp to discuss the details of energy deals.

How confident are you that your intellectual property, corporate data, trade secrets, sensitive customer information and commercially valuable information isn’t being put at risk?

Are Satellite Services the answer

For those used to travelling to remote locations where landlines are non-existent and mobile coverage can be patchy, satellite services have long provided an alternative. Today satellite bandwidths are much greater and hence signals more reliable than even just 5 years ago, and while reception can be affected by atmospheric conditions (rain), services are now far more consistent.

As well as providing an alternative means of communication, using satellite services can, in some respects, be a more secure option because it does not rely on the open internet. In fact, in the US’s National Institute of Standards and Technology (NIST) Computer Security Incident Handling Guide (SP800-61) https://csrc.nist.gov/pubs/sp/800/61/r2/final, in Section 3.1.1 Preparing to Handle Incidents it states that “…smartphones are one way to have resilient emergency communication and coordination mechanisms. An organization should have multiple (separate and different) communication and coordination mechanisms in case of failure of one mechanism.”

When combined with a built-for-purpose, Secure by Design secure communications platform, a satellite service can provide a strong solution for business resilience.

What do we mean by Secure Communications

Secure communications are defined as a means by which people can share information with a strong degree of certainty that the communications remain completely private. Third parties cannot intercept or overhear what was said, and that information shared remains in the control of the sender (for example, information cannot be forwarded to other unauthorised parties).

Typically truly secure communications run on an independent platform that does not rely on mass-use consumer technology to operate.  Secure communications should include:

• Voice
• Instant Messaging
• Video calls and conferencing
• Sending attachments and files while conversing

Ideally, the secure communications platform runs over a variety of networks including 3/4/5G, Wi-Fi and satellite, and will also interoperate with SIP-based PBXs, providing secure communications right to the desktop.

What exactly should you be looking for?

Consumer applications all claim end-to-end encryption, but there is a lot more to security than just encryption, so when looking for a secure communications solution there are multiple aspects to consider. Understanding the likely threats in this environment and solving each one combined with providing an application that is as easy to use as, say, a consumer application, is key to most organisations decision making. This is an important point made by the UK’s National Cyber Security Centre (NCSC) in its document Secure communications principles which highlights key points to look for in a secure communications solution.

Popular collaboration apps, such as MS Teams, Zoom, GoogleMeet etc. may not provide end-to-end encryption because they often decrypt the data at the server in order to provide an audit capability.  And if power is down, the services cannot be relied upon to be operational, even if your employees can gain access to them.

Our Buyers’ Guide provides a list of pertinent questions applicable to commercial organisations, government, defence, and the wider public sector. It covers key points recommended by NCSC as well as some additional questions that are particularly relevant to the protection and preservation of data in regulated industries such as financial services.

10 Questions to Ask?

1. How is data protected, both at rest on the device, and in transit?
2. How does the app prove identity? Can it protect against deep fake scams?
3. Where is the data stored? Does it provide data sovereignty?
4. Can you separate business and personal communications? Is it suitable for use on a BYOD device?
5. Is the app designed with security in mind (Secure by Design), from the ground up? Are the default settings secure?
6. What are the archiving and audit options?
7. Are there different levels of security to handle different classifications of data? And can people from different entities or groups communicate across the app?
8. How does it handle video conference calls? Does it provide higher levels of security for conference calls?
9. How would your IT/business continuity teams communicate in the event of a severe cyber breach?
10. Do your existing comms and messaging arrangements meet the NCSC 7 principles for secure communications?

 

Ensuring compliance with industry regulations

In the event of a severe power outage, or other critical incident, being able to communicate securely is of paramount importance for keeping business running.  Many organisations rely on employees using their own phones in an emergency, but when the dust has settled and the lights are back on, it will be extremely difficult to analyse what information was sent where.  And with no audit trail, there will be no possibility of complying with data privacy, Know Your Customer, DORA, MiiFID, GDPR or any other form of industry regulation, and little opportunity to learn from mistakes.

Armour Comms has published the Securing Communications Channels – A buyer’s guide  to help organisations identify the key points they should look for.

Download your copy here: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/

 

Just how secure is your Video Conferencing service?

The National Cyber Security Centre (NCSC) has recently launched its Exercise in a Box online tool for organisations of all sizes, in all sectors, to test how resilient they are to a cyber attack. The free-to-use tool provides a range of exercises that give organisations the chance to practice how they would respond to a cyber attack in a safe environment.  As they develop their internal processes, they can repeat the exercises to see how their cyber resilience stance has improved.

How secure is your video conferencing service?

One of the exercises is: Securing video conferencing services. A key question to ask is;

Can your video conferencing service be separated from your existing communications infrastructure to ensure resilience? Will it work as a standalone system when a critical incident occurs and your communications infrastructure has been compromised?

Organisations should be aware that any mass-adoption messaging and collaboration tool is likely to be the target of malicious hackers itself, because it presents such a vast attack surface, and the spoils of a successful attack can be considerable. Often these mass adoption collaboration tools are part of the very infrastructure that is subject to a cyber attack, and once compromised the infrastructure can no longer be trusted for important communications with external suppliers, partners, customers or law enforcement. Ask yourself, what would happen if your email system went down?.  Also these tools don’t solve the issue of communicating with external parties securely which you need to do in the event of an incident.

Mass-adoption desktop platforms that include messaging and collaboration tools are often the basis for an entire enterprise technology infrastructure with many critical dependencies. For example, if your main systems were attacked so that your Active Directory or Identity and Access Management systems were no longer working, how would the business operate?  What would be the ramifications for your employees trying to do their jobs and communicate with colleagues?

An organisation using a compromised service doesn’t need to be the subject of the attack, they can become collateral damage despite not being a target, simply by relying on the service and not having a secure alternative.

Therefore, for all organisations it is crucial to have a back-up comms channel (often referred to as out-of-band) that can be used to marshal a response to any attack or major incident, and organise recovery processes.

What do we mean by ‘out-of-band’?

An out-of-band communications channel is one that does not rely on the standard enterprise infrastructure. It is a system that can operate completely on its own as a standalone solution. It doesn’t rely on email, Microsoft Office/365, or any mainstream system to access the open internet. An out-of-band comms platform can work when all other systems are compromised.

As we’ve explained in some detail in our blog In the midst of a Cyber Attack who you gonna call – and how?, you can’t rely on a compromised system to communicate (assuming it still operates which is a big assumption), because your adversaries could be monitoring it, keen to see how the organisation is responding so that they can reap even more havoc. In addition an organisation’s ability to respond to a breach is severely diminished if its communications are compromised as part of a larger attack.

So when assessing your video conferencing service for security and resilience, what should you be thinking about?.

5 Questions you need to ask about your Video Conferencing service

1. Do you have a video conferencing platform that uses identity-based encryption to authenticate both end points?

If you rely on a mass-adoption collaboration platform then you almost certainly don’t!

2. Can you control who can initiate or join a video call?

Are you able to manage who joins your video conferencing platform? When there are only known users allowed, participants on a call can be sure who they are sharing potentially sensitive information with.

3. Do you know where your data is stored and who has access to it?

Do you retain complete control of your data, including chat, and files shared within a call?  Do you know where your data is stored, i.e. does it meet the requirements for data sovereignty and GDPR compliance? If you use a system that allows third party access to your users’ contact lists, it is unlikely to be GDPR compliant.

4. Can you be sure who you are communicating with?

Identity-based attacks are on the increase, with deepfake and AI-generated impersonation attacks hitting the headlines more often.  A video conferencing platform that uses the NCSC recommended MIKEY-SAKKE protocol for identity-based encryption authenticates users, so that you can be sure who you are communicating with.

 5. Do you have pre-arranged incident response secure federated call groups set up?

Both NIST and the Digital Operational Resilience Act (DORA) suggest that incident response groups with key contacts/structures are pre-defined and set up before an incident occurs, so that communications can begin immediately on the secure channel. Groups can be internal and external, typically including suppliers, law enforcement, internal groups, employees and key stakeholders and the SOC team, etc. If your organisation relies on mass-adoption infrastructure for critical communications, it can be difficult to communicate with external parties without trusted, secure federated groups already in place. Indeed, NIST SP800.61 recommends having multiple back up communications solutions in place.

If the answer is NO to any of the 5 questions above, then you should be looking for an additional, out-of-band secure communications channel that your key people can use to communicate between themselves, and critically, with external third parties in the event of a serious incidents and cyber attacks.

How Armour can help

Armour Unity™ extends the highly successful Armour® ecosystem to provide secure, pre-defined or on-the-fly enterprise-level mobile video conferencing, screen sharing and in-app messaging for iOS and Android devices. Documents and chats associated with a conference call benefit from the trusted security of the Armour platform. This can be achieved as an on-premises or cloud solution to suit your business needs.

With the Armour Comms platform, organisations are able to create internal and external user groups and integrate them into business continuity processes.

In common with Armour Mobile™, Unity uses MIKEY-SAKKE identity-based encryption, which is recommended by the UK National Cyber Security Centre (NCSC).  This innovative approach means that participants on a call can be certain that only authenticated and invited attendees are able to join the conference.

Secure Communications Buyer’s Guide

For more comprehensive information about what you should be looking for in a secure communications platform, download our Buyer’s Guide: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/

Proof of Concept or Pilot Offer

For those undertaking the NCSC Exercise in a Box, Armour offers a free Proof of Concept or Pilot project, subject to conditions.  Contact us today for more details.