Category: Blog

What is Kubernetes and why is the new Armour Core server-side platform based on it.

Initially released in 2015, amid the usual hype and hoopla of an exciting new technology, Kubernetes has now completed the ‘hype cycle’ and is firmly in its maturity phase. And after a lot of work to master this powerful concept to bring the very best benefits to our customers, we are now ready to announce the availability of Armour Mobile Kubernetes edition.

Armour Mobile Kubernetes is an enhanced version of the Armour Mobile infrastructure that delivers robust secure scalability to support the fast deployment to, potentially, thousands of users at a time. This can be achieved on premises, cloud or hybrid cloud. As requirements change, deployments can be scaled back equally as fast to save resources and costs.

Kubernetes was first developed by a team at Google and later donated to the Cloud Native Computing Foundation (CNCF ). It is an open-source platform to manage containerised workloads and services.

But what is Kubernetes?  Why does it matter and more importantly what benefits can it deliver to your business?  Here we explain why the Kubernetes container orchestration platform is one of the fastest moving projects in the history of open-source software.

1.Building blocks – reusing resources

To understand why we need Kubernetes, we must first understand containers. A container is a unit of software that can be isolated for security or scalability, usually performing a specific task, with control over its access to the underlying operating system (OS) and hardware resources. Multiple containers can be combined to build an application and because containers can be reused across different applications, new functionality can be developed more quickly. As well as faster time to value for new features and functions, reusing resources also saves time and costs.

Containers are lightweight and virtualise processing, memory, storage and network resources at the OS level, rather than hardware level. As containers are virtual environments that share the kernel of the host operating system, they can more easily be ported to run on a range of hardware platforms that support containerisation (compared to more traditional virtualisation technologies such as virtual machines, i.e. VMS).

2.Scale and management – supporting super-fast deployment

Kubernetes delivers a framework to run distributed systems by automating the deployment, scaling and management of containers. In the case of Armour Mobile, we can define how we need the platform to operate; for example if hardware fails, or if traffic load is high, Kubernetes is configured to ensure resilience without the need for manual intervention. Additionally, Kubernetes is self-healing, restarting containers that fail and killing and replacing containers that fail to respond to defined health checks.

All of this provides the ability to scale up rapidly, which supports fast mass deployments, which may be required, for example, during emergency situations, troop manoeuvres, launching a new business division, or project, or coordinating a government enquiry, as well as many other business cases.

Security by Design is the ethos by which we develop all Armour solutions. Security is achieved by the way in which we use Kubernetes and processes incorporated within Armour solutions. Kubernetes allows us to set policies at a cluster-level to prevent or restrict processes or data access which we might consider a security risk.

3.Resilience and reliability

Kubernetes is a proven technology that allows Armour to deliver a platform that is more powerful, robust, and extensible. We can deliver features such as monitoring, load balancing, and failover, high availability and much more. This makes the provision of Armour Mobile more flexible, more resilient and more reliable for our customers. Even when under load from a high volume of concurrent users or high network traffic, Kubernetes can load balance and distribute the network traffic so that the deployment is stable.

4.Delivered to suit your needs

Armour customers will benefit from our use of Kubernetes, whatever their current choice of deployment, be it on premises, cloud, or hybrid. Using Kubernetes has delivered an array of improvements to our existing development cycle which will benefit our customers.

Kubernetes also allows for a hybrid cloud approach for customers who require it. The Armour Mobile solution can be managed using Kubernetes tools, both in-house on bare metal and in the cloud.

For more information about how Armour Comms can help your organisation to adopt a more secure approach to communications and collaborative working, contact us today.

 

 

 

 

With CyberUK, billed as the UK government’s flagship cyber security event, taking place at the ICC, Birmingham later this week, The Times published a pertinent article over the weekend. The piece in question entitled “Russia targets British soldiers’ mobile phones”, states that UK troops have been warned about the risk of Russian agents spying on their mobile phones. While this has long been suspected, during recent NATO battle exercises in Estonia, troops were once again reminded of the dangers around using mobile phones while in theatre.

Fake base stations – on old attack vector still in use

An investigation has indicated that Russian forces are using transportable antenna (fake base stations launched via drones – see our previous blog on how an IMSI catcher attack works) to access data sent by devices, and in some cases to erase information held on phones. As long ago as 2017 soldiers were reporting ‘strange things’ happening to their phones such as contacts disappearing.  Troops have been warned against posting content online, even to restricted profiles visible only to friends, because such posts can easily be accessed by uninvited third parties.

The very real threat from Russian cyber-attacks was also demonstrated a couple of months ago when an RAF plane carrying Defence Secretary Grant Shapps reported that its GPS had been jammed.

In early March the BBC reported that Germany admitted to a hack by Russia of a military meeting where officers discussed giving Ukraine long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087.  The hack was helped in part by the fact that they were not using a secure communications channel.

The growth of Artificial Intelligence (AI), impersonation-based attacks using deepfakes is also an attack vector that is becoming more prevalent.  Video calls are becoming so believable that in February a finance worker in a multinational company was duped into paying out $25 million after a video call with a deepfake chief financial officer. https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html  Not only was the CFO on the call a deepfake, so were all the other participants, all of whom were known to the finance worker.

Cyber-warfare affects us all

There are lessons here for the rest of us.  Cyber-warfare is increasingly becoming an all too real occurrence, and so too are impersonation-based attacks.  We all need to take care. While our mobile phones, which have the computing power undreamt of just a few decades ago, are for many of us pivotal to running our lives, they also carry many threats to privacy and safety.  Not least among these are what do we do if/when systems go down. If GPS were down for example, people would need to navigate using paper maps again.

We can all do our bit by protecting our own privacy and that of our family, friends, and colleagues by being careful about our use of social media apps.  For example, being more aware about how we communicate and the importance of keeping business and personal lives separate. Using a secure means of communication that is Secure by Design and has attributes such as identity-based encryption and authentication, not only protects users from impersonation-based attacks, these platforms also help to protect users contact lists, thereby safeguarding friends and family as well as work colleagues.

To learn more about how Armour Comms can help your organisation protect sensitive business communications, visit us at Cyber UK, or email us: sales@armourcomms.com

Can we get anything in here about deep fake and impersonation based threats?

With Cyber UK just a couple of weeks away, the UK’s National Cyber Security Centre (NCSC) has announced new guidance for using mobile devices in high-threat organisations.

In a blog published on 1 May, NCSC outlines its new Advance Mobile Solutions (AMS) risk model, architecture patterns and associated technologies that will allow high-threat organisations to stay connected while ‘on the go’.

It explains how the use of special or hardened mobile phones is expensive and has proven extremely difficult to maintain. We see from anecdotal evidence that people don’t like using them either. However, consumer grade devices can be a realistic alternative, when combined with the AMS model to mitigate as many of the threats as possible.

The starting premise of the AMS risk model is that mobile devices cannot be trusted, and that organisations must assume that a device may be compromised, and that information held on it could be at risk. The risk model goes on to state that core networks and services must be protected, and that sensitive information should not be aggregated in the mobile infrastructure.

The AMS architecture

The AMS architecture enables secure mobile working taking into account the associated risks.  The architecture aims to:

• Protect consumer mobile devices as well as possible.
• Prevent data from being aggregated in mobile infrastructure.
• Provide robust protections for core systems using hardware-based, cross domain technology.

 

Key elements of the architecture include:

• Protecting the device.
• Protecting data on global networks.
• Protecting the remote access zone.
• Protection for core networks and systems.
• And, assume compromise.

 

The use of Armour Mobile™ can help in a number of ways from preventing data within the Armour ecosystem being leaked or accessed by other apps on the device; preventing information from being forwarded or shared to unsanctioned individuals; central user management which ensures that only invited people can join a chat group; identity-based encryption that helps to positively authenticate users (combats deepfakes and impersonation-based attacks); and should a device be compromised, remote wipe of all information held in the Armour platform on the device.

Secure mobile is difficult to achieve and it’s certainly not one size fits all.  For more information about Advance Mobile Solutions and how Armour® Comms could help your organisation see us at Cyber UK, 13 – 15 May, ICC, Birmingham Register here: https://www.cyberuk.uk/2024/about

The management of messaging apps within an organisation is often non-existent, reminiscent of how cyber security was treated 30 years ago. Back in the day, cyber security was often an afterthought with very little focus on controlling data, and even less on where and how users were saving data (remember the two disks containing personal details of 25 million UK citizens were lost by HMRC anyone?).

We are seeing a return to the days of the wild west in the way that un-sanctioned messaging apps have been allowed to proliferate under the radar for business use. People love these consumer apps because they are easy to use and they already have them on their personal devices, so why not use them for business too. Another reason for their popularity is that users can build their own chat groups, and have conversations with colleagues without any oversight, avoiding scrutiny by their organisation (government, political, or corporate). This enables individuals, departments or whole organisations to invoke ‘plausible deniability’ as a defence because messages are mysteriously lost (or deleted) when they should have been saved, documented or archived in official organisational systems.

Taking control of data to provide oversight should be a rite of passage

As organisations grow and professionalise their operations by taking control of their data, ad-hoc and ‘shadow IT’ arrangements are replaced with built-for-purpose applications, that provide more powerful enterprise features and can be centrally managed. The same should be true for messaging apps. Indeed, in the financial services industry authorities have been cracking down on the use of unregulated communications channels for a number of years. Numerous financial institutions have been fined, and some high-profile bankers have even lost their jobs as a result. Unfortunately the same cannot be said for some government organisations where use of consumer apps still appears to be widespread.

Emails of government employees and ministers are securely stored and have been for many years. So, with the ubiquity of instant messaging, why are these communications not treated in the same way? Many other countries’ governments have banned the use of consumer apps such as WhatsApp, Telegram and Signal, with France making an announcement last year.  Given the amount of resources invested in IT systems, surely no organisation should be relying on free-to-use apps over which they have absolutely no control for business/government communications.

Consumer apps pose serious security risks but that’s not all

It’s not just that the use of un-sanctioned messaging apps to discuss state secrets pose a serious security threat, (as demonstrated recently when Russia hacked a German military video call that subsequently put British troops in danger) using these apps for business contravenes GDPR.  These apps can also put individuals at risk from phishing and impersonation-based attacks that could result in compromise due to blackmail, as happened just a few weeks ago to a number of ministers, staffers and a political journalist.

Furthermore, consumer and mass-adoption apps do not meet the NCSC’s 7 Principles for Secure Communications, which translates to many government and public sector organisations NOT following the recommendations of the UK’s own technical authority for cyber security.

All this emphasizes the need for organisations to keep control of their own data – something that the use of consumer apps simply doesn’t allow.

Choose your secure comms platform carefully

When it comes to enterprise secure comms, organisations should avoid the lure of ‘shadow IT’ – just because people like it and everyone uses it does not make it acceptable, particularly when there are credible alternatives. A built-for-purpose, Secure by Design secure comms platform can provide an equally slick user experience plus the ability to manage and control data.  Whether on-premises or a secure hosted solution, an enterprise-grade secure comms platform that covers voice calls, instant messaging and video conferencing ensures data sovereignty (your data stays on sovereign soil, i.e. you know where it is being held) and data separation (no mixing of data, be that different classifications of data, or business and personal).

Enterprise secure comms platforms provide additional services such as archive and audit, which enable the review of communications at a later date, to ensure compliance with regulations (GDPR, FOI, for example). None of this is available from consumer apps.

In short, our government officials and politicians should be leading by example, following the guidance of their own organisations. To understand how Armour Comms can help your organisation to take control of its data, even on BYOD devices, download our Buyer’s Guide, which includes 10 Top Questions you should be asking, or visit us at Cyber UK, 13 – 15 May, ICC, Birmingham.

How can you be sure who you are really talking to?

The most recent story to hit the headlines of politicians’ use of consumer grade apps carries with it yet another warning for us all. 12 people including ministers, politicians, staffers and a political journalist have been targeted in a highly personal and potentially compromising attack. Politico, a news website, reported https://www.bbc.co.uk/news/uk-politics-68731683.amp that one senior MP was targeted via a dating app, and tricked/blackmailed into sharing contact details of colleagues that also worked in Westminster with their new ‘beau’.  By the time that the victim realised what was happening the account of the perpetrator had disappeared.  12 people have now admitted to receiving unsolicited approaches via WhatsApp in what appears to be a highly co-ordinated and well planned attack.

When personal life gets mixed up with business

Call it catfishing, spearfishing or social engineering, this incident demonstrates the dangers of mass adoption messaging apps, particularly for those holding public office. It is vitally important for people to be aware of the importance of checking the identity and to be sure that they are communicating with who they think they are. While using a secure messaging platform would probably not have helped in this instance as the situation developed in someone’s personal life, it does show just how quickly business life can become mixed up with personal.  And it certainly highlights just how easily mass adoption apps such as WhatsApp can be subverted, making them totally unsuitable for business, where any amount of sensitive information, potentially putting at risk national security, could be at risk.

Dealing with AI and deepfake secure identity is key

In the age of AI and deepfakes these type of attacks are likely to become more prevalent and everyone needs to up their game in terms of thinking more carefully about where information is coming from, and who they are dealing with.

Keep your personal life to yourself and your business life professional

The Armour Secure Comms platform provides a closed secure environment where people can only join the platform if authorised to do so by their organisation, are allowed only to access the user groups that they need to, and built-in identity-based encryption and authentication ensures that everyone they communicate with is, indeed, who they say they are. Plus, if needed, these communications can be stored for audit, compliance or public records.

If you are discussing matters of state, commercially valuable information, or sensitive client/partner information, better to do it over an environment that your organisation has complete control of.

Read our Buyer’s Guide to find out what you should be looking for, and the questions you should ask of any vendor.  https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/

As UK Government calls out China for state-affiliated actors for malicious attacks.

NCSC has this week upgraded its Defending Democracy guidelines with additional detailed information on how to reduce the risk of cyber attacks in the light of latest findings.

The UK government has called out China state-affiliated actors for carrying out malicious cyber activity targeting UK institutions and individuals important to democracy.  The National Cyber Security Centre (NCSC) assesses that the China state-affiliated cyber actor APT31 was almost certainly responsible for targeting UK parliamentarians.

Paul Chichester, NCSC Director of Operations, said:

“The malicious activities we have exposed today are indicative of a wider pattern of unacceptable behaviour we are seeing from China state-affiliated actors against the UK and around the world.

“The targeting of our democratic system is unacceptable and the NCSC will continue to call out cyber actors who pose a threat to the institutions and values that underpin our society.

“It is vital that organisations and individuals involved in our democratic processes defend themselves in cyberspace and I urge them to follow and implement the NCSC’s advice to stay safe online.”

The publication of new Defending Democracy guidance follows the release of fresh advice for high-risk individuals published by NCSC in December.

What is a high-risk individual?

The NCSC’s definition of a high-risk individual in a cyber-security context is those whose  work or public status means they have access to, or influence over, sensitive information that could be of interest to nation state actors. High-risk individuals include those working in political life (including elected representatives, candidates, activists and staffers), academia, journalism and the legal sector.

NCSC states that in recent years there have been a number of targeted cyber attacks against high-risk individuals in the UK, to attempt to gain access to their accounts and devices. This has resulted in the theft and publication of sensitive information, which can also cause reputational damage.

Advice about the use of Messaging Apps

As well as the usual advice around the use of social media and wherever possible only using corporately managed accounts and devices, NCSC gives specific advice around the use of messaging apps such as such as WhatsApp, Messenger and Signal. When using these types of mass-adoption application, for personal use on a personal device, it recommends:

• The use of disappearing messages that automatically delete after a set period. This may limit what an attacker might access, should they be successful. However, while some consumer-grade apps do have disappearing messages, they will not necessarily be deleted from all devices, if they have been saved, or forwarded to a third party.
• Be careful who you are communicating with as impersonation-based attacks can be very convincing, as can deepfakes powered by AI. Can you be certain that you are communicating with who you think you are?
• Be mindful of who else is in the chat group – unless it is a closed group, you probably don’t know who else is in the group for certain.
• Avoid accepting message requests from unknown accounts – consider calling first to verify who they are
• Ensure that the latest security updates are installed and set up two-step verification (2SV) for when you log in.

 

WhatsApp et al are not suitable for organisational use

As we’ve stated many times before, personal messaging apps are not secure enough for business use.  An enterprise-grade secure communications platform should be used for business communications as this provides a much higher level of protection and avoids many of the issues with mass-adoption apps.

How Armour® helps

Armour Mobile™ protects mobile communications and data on corporately owned and BYOD devices.

Centrally managed, identity-based encryption and authentication

Armour’s solutions are centrally managed, so only those invited can join a group. Armour uses identity-based encryption and authentication so users can be sure that they are communicating with who they think they are, and not an impostor or a deepfake.

Keeps communications separate – avoids data leakage to other apps

The Armour platform completely isolates the communications and any associated data and files (attachments such as documents, images, video clips). In addition to end-to-end security over-the-air, all data is encrypted and secured at-rest within the app, protecting contacts, messages and attachments from malware, either on the device or if the device is lost or stolen.

Armour provides its own viewers for certain types of attachments, so as not to share information with the operating system or third-party viewers, and preventing the user from deliberately, or accidentally, sharing the attachment (and its sensitive information) outside of the Armour app, thus avoiding the potential for data leakage.

Secure by Design, Secure by Default

Armour’s products are ‘Secure by Design’ and ‘Secure by Default’, out of the box.  The end user does not need to select a secure setting, it is already configured.  For example technology in the app requires sole use of the microphone ensuring rogue apps are not ‘listening’ into voice or video calls.

Secure provisioning routines, and closed VPN

To minimise the use of the public internet and untrusted, insecure networks, the Armour apps can be installed in a variety of ways. Depending on the specific use case requirements this can include via SD card or via a completely closed VPN network (using additional technology from Armour technology partners).

Message Burn – manage messages even after they are sent

The Armour platform includes many security features within the app to protect against data leakage.  This includes Message Burn/Disappearing Messages features, where the sender of a message can set it to automatically delete at a set time, either after it has been read, or after it has been sent.  This feature can be deployed centrally as a standard setting across chat groups or communities of users. Optionally, the app can be set to delete all messages after a set period, for example, 30 days, so that old messages are not hanging around for longer than they need to. In addition, if a phone is lost, stolen or compromised, all data held within the Armour platform can be wiped remotely.

Engaging user experience

Armour applications are every bit as intuitive and engaging to use as consumer and mass-adoption communication apps. The Armour platform is quick to deploy and communities can be up and running within hours.

For more information about how Armour can help your organisation defend democracy and protect sensitive corporate and client information contact us today.

Or read our Buyer’s Guide to find out what you should be looking for: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/   

How secure are your sensitive video calls?

The BBC reports that Germany has admitted to a hack by Russia of a military meeting where officers discussed giving Ukraine long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087  Elsewhere it was reported that British forces involved with transporting the missiles could therefore be at additional risk.

It has been confirmed by the German government that the call was authentic and, has been leaked by the Russians on the dark web.

There are so many levels on which this worrying story gives rise for concern.  Not least is the highly insecure practice of using a non-secure channel for discussing military secrets. And it comes hot on the heels of a story that broke in January that US security company Ultra Intelligence and Communications fell victim to a cyberattack that, amongst others, affected the Swiss Air Force, when thousands of documents were stolen and made available on the dark web.

This isn’t necessarily a case of Russian intelligence being particularly clever, by not using a secure communications platform designed specifically to protect sensitive conversations, people are making it easy for them!

For protecting the most sensitive of conversations, such as the military secrets discussed in this instance, there are highly secure, on-premises communications solutions that could have been used. By running an on-premises solution organisations significantly reduce the potential attack vectors, as well as keeping total control of every aspect of their sensitive communications,

Armour Unity secure video conferencing

One problem facing many security conscious organisations is how employees handle data of mixed classifications. When sharing information that can be OFFICIAL, OFFICIAL-SENSITIVE, NATO Restricted or even SECRET, what are the appropriate/approved collaboration tools to use?  And, how do you ensure data sovereignty.

Armour Unity™ provides an alternative to consumer grade applications. Unity delivers secure conferencing in an easy-to-use app for mobile and desktop use, with enterprise security features not provided by free-to-use consumer products including a choice of cloud or on-premises installation to ensure data sovereignty. Unity is available in several configurations to ensure the level of security matches the sensitivity of the conversation. Unity combats the issue of ghost callers that may eavesdrop on sensitive conversations by highlighting to all users whether a participant has joined the call via an app, or securely via a browser –browser options often increase vulnerabilities.

Award-winning Armour secure communications

• Given its multi-domain, multi-organisation structure with strictly siloed security Armour can augment and broaden secure communications and collaboration capabilities.
• OFFICIAL SENSITIVE collaboration can be provided via Armour’s Secure Cloud extending to include desktops, workstations and unified comms systems.
• The Armour installation can be hosted and managed on-premises to give the organisation total data sovereignty.
• All users of the Armour ecosystem are centrally managed, and only those invited are able to join a communications group.
• Identity-based encryption and authentication means that users can be confident that they are communicating with trusted colleagues, rather than impostors.
• Remote wipe means that all sensitive information can be removed from the Armour ecosystem should a user or a device be compromised.
• The organisation keeps control of its data because messages and documents cannot be forwarded to third parties outside of the platform.
• Message Burn enables the sender to set a message to self-delete after a specific time either after it has been sent, or after it has been read.
• Central admin can set all messages for all users to auto-delete after a set period, for example, 7 days, or a month.
• Armour Recall™, a secure audit capability, is available as an additional service, where conversations and associated files are archived for future reference by a suitably security-screened auditor. The files are securely preserved even if the original messages have been deleted or lost.

Not on the High Street

This type of robust secure collaboration is not available from mass-adoption communication tools such as MS Teams, Zoom, GoogleMeet and WebEx. They all claim end-to-end encryption, however, as we’ve mentioned on numerous occasions, there is a lot more to security than just encryption. When looking for a secure communications solution there are multiple aspects to consider. Understanding the likely threats in this environment and solving each one combined with providing an application that is as easy to use as, say, a consumer application, is key to most organisations’ decision making. This is an important point made by the UK’s National Cyber Security Centre (NCSC) Seven Principles for Secure Communications.  For more information on this topic, read our blog:  https://www.armourcomms.com/2021/04/21/replacing-whatsapp-advice-from-ncsc/

Armour® provides highly usable and engaging solutions, so your users will have no reason not to use them.  Our Buyer’s Guide gives advice as to what you should be looking for: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/

12 March, Digital Security Authority, Nicosia, Cyprus

Our CTO, Dr. Andy Lilly is presenting at the Cyber Security in Telecom Summit: Safeguarding the Digital Frontier, being held in Nicosia, Cyprus on the 12 March.

Organised by the Cyprus Computer Society and the British High Commission Cyprus, with support from the Digital Security Authority, this is set to be a groundbreaking event. The conference aims to bring together leading experts, professionals, and enthusiasts to explore and exchange insights into the latest trends, challenges, and solutions in the dynamic field of cyber security and telecom.

The Threat in your Pocket

Andy will be presenting a session about the threat in your pocket – your mobile phone. Almost everyone carries a computer in their pocket, or handbag, with access to every aspect of our personal lives, financial, medical and – in some cases – very sensitive commercial, defence, or government data. Andy will present a summary of the broad range of attack vectors against mobile devices, from the network level down to the threats within the device itself. Not least is the significant threat from common messaging applications.  Andy will explain the UK’s NCSC principles for secure communication and provide guidance on mitigating the serious risks from consumer grade messaging apps.

For more information and register visit here: https://ccs.org.cy/el/news/conference-on-cybersecurity-in-telecommunications-614

We look forward to seeing you there.