Category: View All

Part of TechUK Cyber Security Week

David Holman, Director of Armour Comms explains why an independent secure comms channel is particularly crucial when recovering from a cyber attack

Cyber threats are wide ranging

Every enterprise, great or small; every public sector organisation, national or local has sensitive information crucial to operations. It is imperative that this is protected. From customer lists, to employee data, corporate intellectual property and commercial secrets, a cyber breach could prove catastrophic.

The UK Government’s Cyber Security Breaches Survey 2022 updated in July provides a snapshot of the cyber threats faced by UK organisations each year. 39% of organisations identified a cyber attack, and of these 83% were phishing attempts. One fifth were sophisticated attacks including denial of service (DDOS), malware, ransomware etc. A third of businesses are attacked every week. One ray of sunshine is that 80% of boards recognise that cyber security is an important issue.

Are your communications about attacks secure?

Secure mobile communications play an increasingly important role in protecting sensitive data every day. Less well understood is their role in effectively responding to, and recovering from, cyber attacks. It is imperative that a secure comms channel can be used for the organisation to communicate without the hackers potentially eavesdropping. Don’t rely on the very channels that have just been hacked, because your adversaries will be monitoring them.

Are the hackers listening in?

It is very common when hackers have compromised a system for them to watch for the responses from the IT resources tasked with countering their attack. Typically this includes monitoring and subverting any communications channels the IT team are using, including voice calls, email or messaging apps. It is not unusual for hackers to send spoof messages to try to assess just how well the IT team understands the nature of the attack, to capture updated passwords or other changes to security, and prevent key security messages from being delivered.

During the initial investigation phase of a cyber attack it is difficult to know what systems have been compromised, so it is best not to rely on any of them, if possible.

Safeguard your comms with an independent secure channel

By protecting the communications of the IT and digital forensics team, you are blocking a very useful source of information from being intercepted or modified by the hackers. In addition, by using a secure communications platform, such as Armour Mobile or SigNet by Armour, and having the secure comms hosted by a third party, you are further isolating the IT team’s comms from the potentially compromised systems that they are trying to recover.

Even on BYOD devices

In addition, enterprise-grade secure communications apps like those provided by Armour Comms can also be used on BYOD devices. All information is sandboxed within the Armour app, meaning it can’t be shared, deliberately or otherwise, with anyone other than trusted colleagues in the same secure group, keeping sensitive information protected. After the incident has been dealt with, information can be securely wiped.

For third party ‘blue teams’ brought in to handle such hacking situations it makes perfect sense for them to bring their own secure comms solution with them – and this is a question that you should be asking any would-be supplier when tendering for such services.

Armour is now working with a number of organisations that can provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance, to incident management and response, and technical security research.

Of course, Armour’s apps can also protect all your organisation’s sensitive communications, from the board room to protecting your teams when travelling overseas.

 

Regulated industries need to introduce secure comms with audit and archive to reduce risk of fines and take back control of data

Eleven of the most powerful financial services businesses have been fined nearly $2bn for failing to meet record keeping regulations due to communications using unauthorised and unmonitored channels. The fines were levied by the US Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC).

As well as the fines, the firms involved are also subject to cease and desist orders. Read the full story here:  https://www.bbc.co.uk/news/business-63056677   

“Finance, ultimately, depends on trust. By failing to honour their recordkeeping and books-and-records obligations, the market participants we have charged today have failed to maintain that trust,” said SEC chair Gary Gensler.

Bankers are losing their jobs

The investigations, which have been ongoing, and first made public last year, rocked Wall Street when some bankers lost their jobs (see our previous post about JPMorgan Chase). The regulators concluded that the use of off-channel communications, using personal mobile devices and apps such as WhatsApp and Signal, were widespread.

And that’s not all – using consumer apps for business typically contravenes GDPR

In the UK and Europe, any organisation found to be using consumer-grade apps for business are likely to be in contravention of GDPR because under the regulations personal details cannot be shared without the owners’ express permission.

The inherent functionality of typical consumer apps include sharing contacts between users (and with the service provider) as well as storing documents or pictures in unprotected locations on a device with no protection against these being shared onwards to any other user of that service (outside the originating organisation). The Terms & Conditions of such apps have ‘cop out’ clauses such as “You will not use (or assist others in using) our Services in ways that […] involve any non-personal use of our Services unless otherwise authorized by us.” which is legalese for “You can’t use this app for any business purpose”.

 

Significantly reduce the risk of regulatory fines

Taking back control of mobile communications by providing a viable alternative to consumer apps will enable financial institutions to prove they are taking appropriate steps to ensure staff compliance and so significantly reduce the risk of fines or data leakage, and the negative publicity associated with non-compliance.

Armour Comms has been positioned as a leader in the Secure Communications, Q3 2022 – The 12 Providers that Matter Most and How They Stack Up report by a major industry analyst.  Our flagship Armour Mobile together with Recall by Armour delivers a highly usable solution to replace the ‘shadow IT’ of consumer-grade apps.

Available as on on-premises solution to provide data sovereignty, Armour Mobile and Recall provide all of the security, monitoring and archiving features required by regulated industries. What’s more, its enterprise-grade capabilities mean that Armour Mobile can be deployed at pace with one-click provisioning, making it quick and easy for users to be up and running with an approved channel for business communications within minutes, even on BYOD and un-managed devices.

With Armour Mobile, employees have the tools they need to communicate even the most sensitive of market intelligence safely and efficiently.

Recall by Armour – How it works

Armour Mobile and Desktop support an integrated and secure audit capability enabling communications (text, audio) to be captured in their entirety within the centralised audit log, allowing detailed retrospective analysis of all conversations.   Each entry within the audit log is encrypted using keys unique to the user to whom the entry relates, and access to the decrypted content can only be gained by an Administrator with access rights to the audit tools to securely retrieve the key material and perform the necessary decryption tasks.

With Recall, all communications via Armour Mobile are protected and preserved automatically, the user doesn’t need to do anything extra. This supports the NCSC ethos of Secure by Design, making security easy for the end user.

For more information about how Armour Comms can help your organisation preserve, check and interrogate secure and sensitive conversations, ensure compliance, protect brand reputation (and avoid hefty fines), contact us today. sales@armourcomms.com

Team building, Innovation and Accelerated Development

We recently ran our first ever Hackathon, with some great results.

The idea was to encourage innovation and creativity by getting everyone in the office, sorting people into teams and getting them to tackle a variety of challenges.

Team Building

After two years of working from home and then hybrid working, we’re rarely all in the office together.  The first aim was to foster team spirits and remind everyone they’re all part of the same great company, so we mixed people up! This meant they were collaborating closely with colleagues they wouldn’t necessarily work with directly. We included everyone – so sales and customer-facing roles as well – to help ensure a focus on customer experience and generate a fresh perspective. For new employees, this was a great way to get to know their colleagues.

Product focus

Each team was set a task which would ultimately help with accelerating development across the product range.  The teams were looking at areas including improved encryption, our Unity video conferencing system, automated Chatbots, Broadcasts/Alerts and System Metrics.  Each team delivered a packet of work that will be used within future product developments.

Fun, Fun, Fun

Throughout the day, there were competitions and on-the-spot prizes and awards. We also asked people what they liked best about working at Armour. As you can imagine, the responses were many and varied.  Here are some of the responses that we received:

• Working with the latest cyber security technology
• Getting to work with some interesting customers
• Helping to protect national security
• Working on difficult problems
• Working on Government contracts
• Helping in the fight against cyber crime
• Knowing that people’s lives may depend on our tech (people working in hostile regimes, etc.)
• Great camaraderie
• Crap coffee, but we can get takeout!

 

The first day included pizza and we finished the second day with a buffet and drinks at a local pub.

We are delighted to announce that Armour Comms has been selected for the ‘Scale’ stream of the Cyber Runway accelerator.

Now, in its second year, Cyber Runway is the largest government-backed cyber start-up accelerator in the UK. It is delivered by Plexal in association with Deloitte and the Centre for Secure Information Technologies (CSIT), and is funded by the Department for Digital, Culture, Media and Sport (DCMS). The accelerator is part of the government’s mission of making the UK a responsible and democratic cyber power, as laid out in its National Cyber Strategy 2022. https://www.gov.uk/government/publications/national-cyber-strategy-2022/national-cyber-security-strategy-2022

Cyber minister Julia Lopez stated: “We are backing businesses on the frontline defending the UK against cyber threats. Our investment in these innovative British startups helps create skilled jobs and a more diverse workforce, which strengthens our national security as well as our booming tech industry.”

David Holman, Director and Co-founder of Armour Comms said: “Armour will take part in the Cyber Runway Scale stream which is for the UK’s fast-growth cyber start-ups and scale-ups. Our inclusion in this prestigious accelerator programme is testament to our continued commitment to developing highly usable solutions that protect mobile communications. We use different technologies to provide innovative solutions including NCSC approved and Signal-based for a range of business use cases.”

“Having secured contracts with some of the largest government departments in recent years, we are now expecting to enter a phase of accelerated growth.  The in-person and virtual mentoring, technical product development support and connections to investors and enterprises that the Cyber Runway offers will be instrumental in helping us to achieve our growth goals and aspirations.”

Are you storing up trouble today for a future when hackers have access to quantum computing and new decryption capabilities? Bad actors could be harvesting securely encrypted data today, as an investment for when quantum computing enables them to decrypt it and use it in the future. That’s why organisations should be identifying the risks now and another reason why keeping the doors firmly locked against today’s cyber attacks is vital.

Widely used public-key encryption systems, which rely on mathematics that even today’s fastest computers find impossible to solve, ensure websites, messages and data stay secure from unwelcome third parties. However, with quantum computing on the horizon, there is the very real possibility that some types of encryption could be cracked wide open in a matter of hours in the not too distant future.

The very different technology used by quantum computers, could solve the maths problems used for some of today’s encryption systems so much more quickly than current computers, that it would allow hackers to easily defeat current security capabilities. While you may think you have lots more pressing issues to think about now and worries about future cyber hacking can surely be placed on the pile marked ‘Fix tomorrow… or the next day’. Unfortunately that’s not the case.

Are you creating problems for the future?

The problem is that bad actors taking a long term view could harvest encrypted data today and keep it untouched until they have the decryption capabilities provided by quantum computing sometime in the future. In 5 or 10 years time a lot of current data will be out of date, and its exposure could be mildly embarrassing, however, there will be plenty of data that is still pertinent. Plans of infrastructure and system designs, financial, personnel and medical records all have long term value with the possibility for enabling criminals to cause mayhem, damage and fraud well into the future. And while data flows grow exponentially each year, and data storage is not infinite, intelligent adversaries will pick and choose what encrypted data is worth keeping.

Leaving the door open to cyber attacks today could be storing up catastrophic problems and even existential threats for decades to come. What’s worse is that you might not even know that your data has been breached as the perpetrators could take no immediately visible actions, lulling you into a false sense of security.

Creating new protections for the quantum age

In July, 2022 the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced that it had chosen the first group of encryption tools designed to protect against assaults utilising the power of future quantum computers. These emerged from a call out in 2016 to the world’s academic and commercial cryptographers to devise encryption methods that could resist future attacks. 82 entries from 25 countries were submitted. Four winning methods and a further four backup approaches were selected.

The CRYSTALS-Kyber algorithm was selected for general encryption, such as that used when accessing secure websites. NIST has selected three further algorithms: CRYSTALS-Dilithium, FALCON and SPHINCS+ for digital signatures, which are needed to verify identities during digital transactions or to sign documents remotely. More details on the algorithms and the selection processes are detailed on the NIST website.

Combatting the ‘harvest today, decrypt tomorrow’ attacks

It’s comforting to know that the likes of NIST are working to secure our futures, but cyber criminals, with plans to harvest data now then decrypt it in the future using the enhanced power of quantum computers, are effectively attacking your communications and systems today. With these sort of evolving threats to the cyber landscape, it is vital to apply the most stringent cyber security standards and methods currently available. With this in mind, it’s good practice to work with companies (such as Armour) who have a long term, vested interest, in protecting their customers, and who have a holistic view of security, from “secure by design” to “secure by default”.

When quantum computing is with us, it’s likely that a hybrid approach to encryption will be best. Instead of replacing existing encryption, retaining the currently used algorithms and topping these up with quantum age methods will deliver the highest levels of protection. Investments in today’s security and encryption will pay double dividends – protection from data harvesting today and as part of a belt and braces approach in the future.

For more information on how best to encrypt your data today, watch our short podcast on the differences between AES128 v AES256 bit encryption: https://www.armourcomms.com/2021/02/15/aes128-and-aes-256-encryption-v-quantum-computing/

 

Useful Links:

• NIST announcement: https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms

NIST algorithm selections: https://csrc.nist.gov/Projects/post-quantum-cryptography/post-quantum-cryptography-standardization/round-3-submissions

What is Kubernetes and why is the new Armour Core server-side platform based on it.

When IT pros start talking about containers, the term Kubernetes, or K8s, is often mentioned. Initially released in 2015, Kubernetes has only recently become more mainstream, and the latest tech speak buzz word.

But what is Kubernetes?  Why does it matter and more importantly what benefit can it deliver to your business?  Here we go under the covers of Kubernetes and explain why this platform is one of the fastest moving projects in the history of open source.

Building blocks

To understand why we need Kubernetes, we must first understand containers. A container is a unit of software that can be isolated for security or scalability, usually performing a specific task, with control over its access to the underlying OS and hardware resource. Multiple containers can be combined to build an application and because containers can be reused across different applications, new functionality can be developed more quickly.

Containers are lightweight and virtualise CPU, memory, storage and network resources at the operating system (OS) level, rather than hardware level. As containers are virtual environments that share the kernel of the host operating system, they can more easily be ported to run on a range of hardware platforms that support containerisation (compared to more traditional virtualization technologies such as Virtual Machines).

Scale and Management

Kubernetes was first developed by a team at Google and later donated to the Cloud Native Computing Foundation (CNCF). It is an open-source platform to manage containerised workloads and services. As Kubernetes is open-source, it has a vast ecosystem of contributors that find and fix bugs and vulnerabilities as well as improving and adding features and functionality.

In a nutshell, Kubernetes delivers a framework to run distributed systems. It automates the deployment, scaling and management of containers. In the case of Armour Mobile, we can define how we need the platform to operate; for example if hardware fails, or if traffic load is high, Kubernetes is configured to ensure resilience without the need for manual intervention. Additionally, Kubernetes is self-healing, restarting containers that fail and killing and replacing containers that fail to respond to defined health checks.

Security by design is the ethos by which we develop all Armour solutions. Security is achieved by the way in which we use Kubernetes and processes incorporated within Armour solutions. Kubernetes allows us to set policies at a cluster-level to prevent or restrict things which we might consider a security risk.

Resilience and reliability

Kubernetes is a proven technology that allows Armour to deliver in Armour Core v5.0 a platform that is more powerful, robust, and extensible. We can deliver features such as monitoring, load balancing, and failover, high availability and much more. This makes the provision of Armour Mobile more flexible, more resilient and more reliable for our customers. Even when under load from a high volume of concurrent users or high network traffic, Kubernetes can load balance and distribute the network traffic so that the deployment is stable.

Delivered to suit your needs

Armour customers will benefit from our use of Kubernetes, whatever their current choice of deployment, be it on premises, cloud, or hybrid. Using Kubernetes has delivered an array of improvements to our existing development cycle which will benefit our on premises customers.

Kubernetes also allows for a hybrid cloud approach for customers who require it. The Armour Mobile solution can be managed using Kubernetes tools, both in-house on bare metal and in the cloud.

For more information about how Armour Comms can help your organisation to adopt a more secure approach to communications and collaborative working, contact us today.