Mission Partner Network-01

IoT Encryption

IoT is Everywhere

Look around you. The normal household or office has at least one smart device (collectively called the Internet of Things, or IoT for short) nearby. Some have more. Some have many. They are useful, save time, and (let’s face it) fun. But just as the stick you played with as a child could have turned around at any moment and poked your eye out, so can the IoT devices of today puncture your Internet security without proper IoT Encryption.

Are we saying you should round up all your IoT devices and throw them into a burning cauldron? Of course not. Though they are all potential vulnerabilities, that doesn’t mean they can’t be protected.

IoT Encryption is Needed

By 2020, Cisco estimates the number of IoT devices will be around 50 billion. One year later, as Cybersecurity Ventures points out, the estimate increases so that there will be roughly three times as many IoT devices as there are people on the planet. Let that sink in for a second: three IoT devices for each human on Earth — all in just two years’ time. Three Internet vulnerabilities for each person on the planet. It’s time for action.

“But why are IoT devices so vulnerable and how did we get into this mess?” you ask aloud to Alexa and Siri. Siri isn’t listening, but Alexa offers to order you an economy pack of paper towels to clean up the “mess.” The short answer to your two-part question is money.

IoT Devices on desk

People like devices they can talk to, devices that let them do things from afar, and devices that let them take control over their world (even if just in such a small way as customizing the color of a light bulb). Companies saw this like of such devices and began pumping them out at insane speeds. Other companies ripped off (or reverse engineered or both) the tech from these first companies and started selling budget IoT devices. This is how we got to the size of the mess. But what about the actual mess?

The mess part involves the software on the devices themselves and the way this software interacts with the Internet. Quite often, especially for the budget IoT devices, the software is composed of copy/pasted, Frankenstein-ed code that accesses the device in your home or office and passes through an Internet portal. This is how you can click an app at work and turn on a light at home. These are the holes in your security we were talking about earlier.

Now, big companies are always testing, improving, and updating their code to improve their customers’ experience and, more importantly, to make their devices more secure. But sometimes they don’t. Often (for both big companies and budget IoT device companies), there is little care about the security of the product, as the company makes its money on the sale and (quite often) the service the product offers. Once the company has your money, their goal has been achieved. But this lack of updates leaves devices vulnerable. And thus, the hole in your cybersecurity becomes a tear.

IoT security

A solution is needed to protect your organization from these tears. Of course, you could just get rid of all your IoT devices, but that’s not going to happen because they are just too much fun (okay, and some are very useful). IoT devices are not just gimmicks or novelties—many have an actual use in your organization. The only solution is to protect them since they won’t protect themselves. We do this by surrounding them with the encrypted protection of Fognigma.

IoT Encryption is Here

Fognigma is a patented enterprise software solution that allows organizations to build invisible, encrypted, and secure networks. [For more information, please visit the About page at http://staging.fognigma.com/why-fognigma/.] Users connect to their organization’s Fognigma network(s) using software (desktop client or mobile app) or hardware options (a Gateway to protect an entire facility or a Wicket to protect a computer, phone, or office).

Let’s zoom in on the Wicket, since it protects devices and not facilities. A Wicket is a small, portable piece of hardware that can be installed between your router and the public Internet to protect multiple devices. Once configured, the Wicket routes all your Internet traffic through a Fognigma network, protecting it with FIPS 140-2 Validated, cascading AES-256 encryption. To protect a single device, a Wicket is configured between the device and your router to attach to a Fognigma network. This small, portable device will help plug all your IoT cybersecurity holes and tears.

An example: You plug a color-change IoT lightbulb into your desk at work so you can have a disco party each Friday. The bulb reaches out through your organization’s Internet connection to a portal run by the manufacturer and then back to the app on your phone. A third-party evildoer can see that there is a connection from your phone to the portal and from the portal to a device inside your organization’s cybersecurity shield.

IoT lightbulb

This gives the evildoer two things: the proof needed to associate you with your organization and a path to follow to breach your organization’s defenses. It’s obvious how bad the second part is, but the first is equally disastrous. [To learn more about why association can be devastating to your organization, read our blog entry on the importance of dissociation.] When connected to a Wicket, however, what a third-party evildoer can learn is decidedly different as the device is enveloped in an invisible shell of, in this case, IoT encryption.

Your app’s connection to the portal will still be visible, as will the portal passing on information to somewhere. BUT the somewhere will not be associated at all with your organization. You see, Wickets allow traffic into Fognigma, but when traffic leaves it goes through an exit point created by your organization to exist almost anywhere in the world. And once that signal passes into your Fognigma network and back to the IoT device, it is invisible to external observation.

This is how Fognigma assists with IoT encryption. This is how Fognigma can plug the holes insecure IoT devices can rip in your cybersecurity. This is why you should contact Dexter Edward today for more information or to schedule a demonstration.

Dual Encryption Methods

Dual Encryption Matters

Why Encryption?

Encryption is, quite simply, a means of ensuring your information remains your (and only your) information. It disrupts the “mind your own business” adage by attempting to make it impossible for others to mind your business. Tracing the trail of encryption (or cryptography, as they were almost synonyms until more recently as encryption has become digital) back through time, some of the very earliest encryption was used to protect military orders. This isn’t surprising, as an effective military must keep its movements secret from the enemy. The Arabs, Greeks, Romans—almost all the cultures of the ancient world, in fact—used encryption in some form, though the Arabs are thought to be the first to document the subject. Military secrets needed to remain secret.

In his history of cryptography and encryption, The Codebreakers, David Kahn describes a 3″ x 2″ tablet from around 1500 B.C. This Mesopotamian tablet described the earliest known formula for making pottery glazes, protected with a cipher to safeguard trade secrets. Information was protected with encryption.

Fast-forward through time. More people in the world meant more secrets. Religions split and collided. Sciences grew, hid, grew more, and blossomed. And during all these changes and growth spurts, information about many topics had to be kept hidden from some group or another.

Today, information is just as valuable as ever and, since there is more of it and it is more accessible, protecting information has become a job in itself. Therefore, we encrypt to protect our organizations, our intellectual property, our families, our country, and, most importantly, our security.

 

But Really, Why Encryption?

We know there is information we need to protect, but is that the only reason we encrypt things? Nope! The tree of encryption bears three other fruits: authentication, integrity, and nonrepudiation.

Authentication refers to proving the sender is who they say they are. This is simple to picture. If you receive an encrypted message from someone and it’s using the encryption you both previously decided on, then you know the person sending you the message is the person you think it is. By using encryption, the sender has provided some proof of their identity or, at least, their authority to send an encrypted message.

Dual Encryption Methods

Integrity provides assurance that the information hasn’t been altered. Again, this is simple to picture: if you take a piece of data, encrypt it, and then decrypt it, you will have the same piece of data. If anything happens to that data, it won’t decrypt properly, and you’ll have a mess of random characters. If you have a mess, you know the integrity of the information has been compromised.

Nonrepudiation is a fun word that means the sender can’t say they didn’t send the information. If only two people have the encryption keys and information is encrypted using those keys (and assuming the receiver didn’t send it to themselves), then the sender is the sender. If the sender says they didn’t send it, the fact that the encryption was used proves they did. That is, the sender is unable to repudiate (or disavow) they sent the information.

 

Dual Encryption Matters

So, your information is protected with encryption, which is great. But what if someone breaks that encryption? One virtual lock picked, and your information is now in peril. Perhaps the easiest way to visualize this is a door with both a door lock and deadbolt. Any attempted intrusion has to bypass both locks before the door can be opened. By using two levels of encryption, information is safeguarded against a single point of failure.

encryption methods to protect devices

Encryption should ensure the amount of time required to defeat the encryption is longer than the amount of time the data is of value and required to be secure. With AES-256 encryption, the current accepted standard, block lengths support 256 bits from which to create a key. Imagine guessing an ATM pin that was 256 characters long and the variations that it could contain. That’s a lot of really long numbers.

To put this in another context, breaking a symmetric 256-bit key by brute force would theoretically take longer than our universe has existed—multiplied by a billion. Now imagine two layers of AES-256 encryption and you can see why dual encryption matters: having to brute force through two layers of such a tough encryption standard borders on statistically impossible.

 

Two Heads are Better than One

Most cryptographic solutions make use of a single software library to provide encryption and decryption of data. A single software library does give you encryption, true, but also comes with the risk that in the event of a zero-day compromise of the library, the entire encryption fails.

To combat this single point of compromise, Fognigma (our enterprise software solution which gives organizations the power to build encrypted, invisible, and anonymized cloud-based networks, thus securing your communications and online activities) offers the ability to add in a completely separate secondary software library to dual layers of encryption. In the event of a zero-day exploit or other compromise of one library, the second library remains uncompromised and your data remains safe.

In addition to the standard versions of these libraries (OpenSSL and wolfSSL), Fognigma also offer a FIPS 140-2 validated version of each library (OpenSSL – Certificate #3284; wolfSSL’s wolfCrypt – Certificate #2425).  By using one or both of these FIPS-certified cryptographic libraries, Fognigma can comply with the most rigorous regulatory requirements.

Dual layers of encryption. Dual software libraries. Fognigma is ready to give you the power to protect everything your organization holds dear. Contact us today to learn more or to schedule a demo.

File Share Solutions-01

Info Sharing & Safeguarding

“It’s not reality unless it’s shared.” – Pete Blaber, The Mission, the Men, and Me

 

Information Sharing is Key

Information that just exists has almost no value. Only when information is analyzed and acted upon does it become meaningful and valuable. Information has built the world around us, and many of our most important advancements have been due to the sharing of information. In today’s hyper-connected world, where information is a valuable commodity, sharing the wrong information with the wrong people is disastrous, especially when that information is important for national security. Information sharing is inevetable, but ensuring the right security is behind it is where the focus should be.

private information key

This is why, in six of the seven objectives of the 2019 National Intelligence Strategy, controlling the sharing of information is mentioned in one form or another. Sometimes the sharing is within the Intelligence Community (IC), but quite often it is sharing with external partners. In its simplest form, external partners fall into two categories: trusted and untrusted. Trusted partners include other agencies, institutions, or organizations within our borders or those of our allies. Untrusted partners would be those same groups but in countries who are not yet our allies, or not as close as other allies, plus individual sources and informants. To make matters even more complicated, sometimes our trusted partners are in untrusted environments or the partnership is only for a single mission. So, sharing information isn’t as easy or safe as it sounds, but it can be . . . with Fognigma.

“[C]ritical decision making data will be made available through modem cloud networking, access control, and cross domain solutions to those who require access.” – Department of Defense Cloud Strategy

 

Fognigma Protects Sharing within Agencies

When Agency A collaborates with Agency B, data needs to flow back and forth in a safe and secure manner. But (and this is a really big but), it has to be tightly controlled so as to share only the information intended. That is, it can’t be everything Agency A and B know, but just those bits of information applicable to the mission at hand. This is the exact reason we call Fognigma’s traceless and encrypted networks Mission Partner Networks (MPNs).

But first, a little background. Fognigma’s patented enterprise software creates networks using strategically leased virtual machines (VMs) spread out over one or more cloud service providers. These VMs work together, forming one network that is wrapped in FIPS 140-2 validated, cascading AES-256 encryption. MPNs are as persistent or temporary as needed, created manually or on a schedule for optimum cybersecurity and conservation of resources.

mission partner networks

Now back to the MPN name, itself. When multiple agencies need to work together, they create an MPN and tailor it to their needs. Inside the MPN, they’ll have access to communication tools (such as traceless phones, secure chat messaging, and encrypted video conferencing) and protected file share.

The key here is that MPNs are brand new networks that are created when agencies need to work together. Resources and components inside the MPN can be shared between agencies and agents on a granularly controlled “as needed” basis. And then, when the mission has concluded, the MPNs are destroyed leaving no trace the networks (and, equally important, the collaboration between agencies) ever existed. This temporary nature of the MPN makes it supremely difficult to discover, which makes its protected data even more secure.

“6,515 breaches were reported [in 2018,] exposing approximately 5 billion records.” – 2018 Data Breach QuickView Report

Fognigma Protects Sharing in Untrusted Locales and with Untrusted Locals

Often on missions agents must venture into untrusted or unsecured territories—places where communicating over the public infrastructure is almost synonymous with handing third parties access to your communications (i.e., interception is a given). When using Fognigma in these scenarios, agents use any device to connect to their agency’s MPN. Once connected and inside their MPN, any data shared is encrypted and invisible to outside eyes and ears.

Information sharing with untrusted assets, such as informants or other sources, is also safer using a variety of Fognigma tools. If such an informant wants to deliver documents and photos, for example, a special link is created that allows the informant to transfer the information without being able to access anything else on the network. It’s like inviting someone into a bare room with no windows where they can store things, but there isn’t anything for them to look at or take and the only door is the one through which they entered. Containerized, for your protection.

encrypted file sharing

Fognigma’s telephony solutions provide two methods of safeguarding information over the phone: encrypted VoIP over cellular infrastructure and misattributed calling. Both methods assist communications to and from untrusted locations and assets. Organizations can create entire VoIP phone networks (complete with extensions and customized inbound and outbound numbers) for end-to-end protected calls. Misattributed calling is accomplished by creating a call chain where phone calls pass through two intermediary numbers which completely dissociates the end users and makes calls appear to be coming or going from local numbers, instead of to or from the agency itself.

“To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.” – Senate Bill S.754

 

Fognigma Protects Sharing with Global Allies

In a world where information is constantly flowing and each day brings new stories of massive data breaches, it’s more important than ever to protect data. When data is traveling between agencies or beyond our country’s borders, safeguarding it becomes crucial (often quite literally a “life or death” undertaking). Whether it’s being shared with the Five Eyes alliance (Australia, Britain, Canada, New Zealand, and the US) or any other countries we’re partnering with, international info sharing must be protected. And not just protected, but also dissociated, as global diplomacy is a precarious (at best) balancing act of working together and putting one’s own best interests first.

As illustrated in the previous sections, Fognigma is ready, willing, and able to assist international information sharing with leading-edge and patented technology, while insuring that information remains secure. Fognigma is also constantly evolving—adding more features and technologies to provide agencies the most secure communications and collaboration tools possible.

For more information on how Fognigma can assist your agency with info sharing and safeguarding, contact Dexter Edward today.

Isometric businessmen with gadgets, work on virtual screens, on-line management of electronic devices, virtual glasses, virtual reality.

Fognigma Bolsters Strategic Intelligence

Strategic Intelligence and the 2019 National Intelligence Strategy

Recently, the Office of the Director of National Intelligence released their 2019 National Intelligence Strategy. The Director of National Intelligence, Daniel R. Coats, stated in his introduction, the purpose of this strategy boils down to a singular goal: “to ultimately keep our Nation safe.” The Intelligence Community (IC) is therefore charged with venturing out into the known and unknown, the safe and dangerous, to collect and analyze the “capabilities, activities, and intentions of states and non-state entities” with the ultimate goal of protecting U.S. national security. This information is used to identify trends and developments to better plan for issues that may arise in the future (Anticipatory Intelligence).

Without the information gathered IC, the safety of our country would quickly erode, falter, and crumble. It behooves the IC, then, to use whatever tools and solutions they can find to give them a competitive advantage in the global arena of information. Fognigma is such an advantage.

Where Does the IC Look?

Since all communication and online activity produces information, the IC has a vast landscape of information to scrutinize. One of the easiest ways to gather data about a group of people is to monitor and study social media. Ah, social media – those freeform beds of communication where people express their thoughts, wants, and observations, quite often with photos and video. Social media has created a culture wherein people feel the need to share everything. For the IC, this is a veritable feast of information.

intelligence community monitoring data

But it’s not that easy. For one thing, many regions and countries have their own social media platforms — often so government agencies can monitor their populace. An outside observer probably won’t be able (or want) to create an account or access another country’s social media — the data collection would be too overt and state-based social media platforms often block outside IP addresses. It would look bad (read: suspect), for example, for an account on a Russian social media site to have a U.S.-based IP address. Fognigma gives the IC many advantages to circumnavigate these issues. How? Well…

Fognigma Gives the IC an Advantage

There are quite a number of ways Fognigma supports the IC’s mission as spelled out in the 2019 National Intelligence Strategy. But first, a quick Fognigma primer. Fognigma is patented enterprise software that gives agencies the ability to create invisible and encrypted cloud-based networks built from strategically leased virtual machines. These networks are dynamically scalable and globally accessible from any desktop or mobile device, over any available public Internet connection. Once users connect to their Fognigma network, they have access to all sorts of communication and collaboration components, such as file share, telephony, video conferencing, chat messaging, and Virtual Desktops (VDI). [We’ll delve into these components more in just a bit.]

network with capabilities

Inside the Fognigma network, users exist in a safe space wrapped in cascading AES-256 encryption. They have access (based on their admin-defined permissions, of course) to the communication tools mentioned above. Fognigma networks and components are activated and destroyed with just a few mouse clicks. They are as persistent or temporary as needed or desired. And when a user leaves their Fognigma network and reaches out to the regular Internet, their IP address will match the specially created exit point from which they egress. That is, a user could join their network in Germany, leave through an exit point in the Middle East and appear (to anyone looking) to be a computer in the Middle East. Then, in an instant, switch exit points and suddenly appear to be a computer in Japan or anywhere else the Agency has set up an exit point.

Fognigma Gives the IC Another Advantage

VDI. The ability to launch a self-contained virtual computer from any standard computer is powerful in itself, but Fognigma VDIs have even more superpowers. Just like Fognigma exit points, VDIs are built on any cloud service provider (CSP) Fognigma is integrated with (as of this writing, 8 of the major CSPs world-wide). Also, just like a user can dynamically switch exit points, so can the end points of a VDI be switched without interrupting operations.

Fognigma Networks span the globe

VDIs are important to the IC’s Strategic Intelligence mission because they are self-contained entities which exist in the cloud yet manifest themselves on any regular computer. They make OSINT activities easier — agents can research any global Internet location (those aforementioned state-specific social media sites, blogs, forums, etc.) without the risk of compromising anything else about their mission or agency.

Fognigma VDIs take the self-contained nature of VDIs to the next level. Imagine if you collected some photographs and had them on a thumb drive. You want to transfer one of them to your VDI and use it in  your operations. With a Fognigma VDI, you can just drag it from the thumb drive to the VDI, without the host computer knowing the file moved across its circuits. So, if you had to make this transfer at, say, an Internet Café, you could do so without the Café’s computer ever having a record of the file transfer. No record equals no association which, of course, is key to covert IC operations.

To go back to the 2019 National Intelligence Strategy, more information allows the IC to better analyze the capabilities and activities of states and non-state entities to learn or extrapolate their intentions. But collecting information is just part of the Strategy; agents also need to safely disseminate said information. Fognigma is ready for that, too.

Fognigma Give the IC Even More Advantages

Briefly mentioned earlier, Fognigma hides various communication and collaboration components inside its encrypted web of invisibility. Agents have access to telephony, chat, and video conferencing tools. They can safely communicate with anyone they need to inside their organization and, using some additional Fognigma solutions, external to their organization — all without exposing their local network. Fognigma keeps intra- and inter-agency communications secure by utilizing containerized communication environments.

Also, to be effective, agents must work together while appearing to be physically separated. This is the other side of the communications coin — Fognigma’s tools allow agents to work together without actually knowing where each other is located. In fact, the whole construction of Fognigma ensures that a failure at one point of contact cannot compromise the entire system. As history shows, association amongst agents can lead to disaster. When an agency uses Fognigma to its full potential, this sort of disaster can be prevented.

Conclusions

In order to advance the directives of the 2019 National Intelligence Strategy, the IC needs to be free to gather information without exposing its true location and intent. It also must be able to communicate in a protected environment to analyze and evaluate said information. Fognigma provides a full toolbox of solutions to assist the IC in its mission to protect U.S. national security.

 

To learn more about how Fognigma can assist your agency or to schedule a demo and see for yourself, contact Dexter Edward today.

bigstock-Isometric-Developing-Programmi-239531632-Converted-01

Ghost (Account) Busters

Be Afraid of These Ghosts

A whisper in an empty office; files moving without anyone there; the eyes of a portrait following you as you pass. Your office has ghosts. Not spectral hauntings that spew ectoplasm, but ghost accounts which haunt your organization’s cybersecurity. Ghost accounts are accounts which have credentials even though there are no longer any active users associated with them. To those attempting to exploit, ghost accounts are like extra doors on the outside of a building: each one is potential way into your network. Once inside, there’s no telling what things heinous exploiters will exfiltrate. Bad is a ghost account only giving an evil third-party entry into your organization; catastrophic is a ghost account which still has access to various file shares, data, and other protected parts of your network.

data leak with ghost accounts

‘But where do these ghost accounts come from?’ you wonder. Well, large organizations have a large number of users. That seems silly to mention, but it is important to spell out. By having a large number of users, quite often adding and removing user credentials take time. Well, to be honest, an organization needs to get the new user up and running as fast as possible, so those credentials and the access they entail are normally set up quite quickly. But when a user leaves an organization (either honorably or dishonorably), often the removal of those credentials is pushed to some later date or merely forgotten. And then your organization becomes a haunted house.

Ghost (Account) Busters

We’ve already written a bunch about Identity & Access Management (IAM) — the process of defining an employee’s role in the company as detailed as possible and then giving them exactly the access they need to do their job (no more, no less). IAM is extremely important for an organization’s internal security when new users are added, but it is equally as important when they leave. IAM strategies need to include the deletion of users and not just the creation. It’s second nature to make sure a departing employee gives back the keys to the office, so should it be to terminate their keys to connecting to your organization’s network.

employee cyber access

But as said before, there always seems time to help a new employee settle in, but never any time once they leave, normally because you’re preoccupied with on-boarding their replacement. And this problem compounds itself if more than one worker is leaving at the same time. All is not lost, however. Fognigma is here to not only protect your network, not only bolster your cybersecurity with leading-edge technology, but also to let you automate a little more than you thought you could.

Fognigma & Active Directory Make It Easy

Many companies use Active Directory to manage all their employees. Fognigma integrates with Active Directory to make IAM even easier. Just as Fognigma’s invisible and encrypted networks and communications help protect an organization, so can teaming it up with Active Directory.  Since Active Directory administrators already have their employees entered in, it would be silly to have them redo all that work when they add the leading-edge tech of Fognigma to their cybersecurity arsenal. That’s why Fognigma can import Active Directory users right into its console!

Active Directory is engaged to activate and deactivate the user. Fognigma, on the other hand, is where admins put users into all the groups they need to do their job. (A Fognigma network has its construction and components microsegmented, with access to each part given only to a specified group. Being in a group, then determines the amount of access a user has to Fognigma capabilities, such as file share, telephony, VDI, etc.) This means the setup of a user when on-boarding is just as easy as it always has been: create user and add permissions.

The brilliance comes when it’s time to say goodbye to a user. When that day arrives, all an admin has to do is deactivate the user in Active Directory. Active Directory then tells Fognigma about the deactivation, Fognigma deactivates the user in every group they were a part of, and the user instantly has all their access revoked at once. Fognigma and Active Directory easily eliminate the risk of ghost accounts haunting your network.

To learn more about how Fognigma, contact us today.

Smart home technology of interface with 3d plan building and internet of things or IOT connected objects. Control safety and automation of smart house. Internet of things isometric technology concept.

Fognigma’s Scheduler Automation: An Oasis in the Cybersecurity Drought

A Cybersecurity Drought

Sure, we don’t all have jetpacks or flying cars as all the science and speculative fiction of old prophesied, but one thing they sure did get right is our reliance on computers. Computers and the Internet are so completely woven into the fabric of our lives that there’s no turning back. The future is here. Yay. The only problem is: with every new technology, there come those who exploit that technology for their own evil ends. And thus, cybersecurity was born to protect the good against the threats of the bad. A big issue with cybersecurity is the manual oversight with protecting your network, imagine being able to implement network automation to more easily protect, create, and break down secure networks.

But there’s a problem which has recently come to light. Though organizations might be able to fully control their investment of time and money into their cybersecurity, they cannot control the amount of people who are qualified to actually do all the cybersecurity-ing.

There will be an estimated 3.5 million unfilled cybersecurity positions by 2021  –Cybersecurity Ventures

Sadly, it’s true: because of the rise in cybercrime, the job pool of cybersecurity professionals just can’t keep up with the demand. Security executives see one of the main reasons for this empty-ish candidate pool is prospective employees lacking the skills and training needed (less than 1 in 4 are qualified, according to a survey by ISACA).

The Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG) back this up in their own survey. Their findings show this shortage actively impacts an organization’s cybersecurity, leading 91% of respondents to conclude most organizations are cyber-vulnerable. Also highlighted in this survey is that 40% believe staff burnout and turnover (as few attempt to do the work of many) strongly contributes to the deficit of cybersecurity employees.

Office Cybersecurity

The US Government has noticed the shortage, as well, and is trying a new program to help train current employees not currently in IT fields to be the cybersecurity workforce of the future. It’s called the Federal Cybersecurity Reskilling Academy and though it’s not considered to be a complete solution, Suzette Kent (Federal CIO) has stated, “[this program] will let us understand the success rate and look to expand and industrialize [programs] across the federal government.” It’s a small step (the first class will most likely be less than thirty), but a step nonetheless in the right direction of increasing cybersecurity training.

In short, organizations need more qualified cybersecurity personnel than currently exist. However, all is not lost. If organizations were able to implement network automation to handle a majority of the usual manual work necessary, cybersecurity would become more of an everyday thing then something dreaded or caused by human error.

 

Network Automation with Scheduler

Let’s start out by saying we don’t think Fognigma is a panacea for the lack of cybersecurity staff, but it is a powerful tool in allowing organizations to better manage their resources. Fognigma (explained in more depth here) lets organizations create invisible and encrypted cloud-based networks which conceal the organization’s communications and collaboration. Fognigma’s networks are built of strategically leased virtual machines (from various cloud providers) all working as one network. Fognigma is patented, proven, and ready to take any organization’s cybersecurity to the edge and beyond.

But there is one key feature of Fognigma which provides this oasis in the cybersecurity desert in which we all find ourselves, and that is the Scheduler interface. Scheduler lets you plan out and schedule your network and component builds. Quite simply, our thought was, ‘If no one is in the house, why do the lights need to be on?’

network automation
Fognigma automates the build of networks, and the teardown of them as well

Actually, that’s not right. With Fognigma, it’s not that the lights aren’t on – it’s that the house isn’t even there and looks like it never was. Or, for example, if your network stays active but you only want your entry and exit points (i.e., where users get into and out of your network) active during business hours, then it’s like the doors on your house disappear at night and reappear somewhere else in the morning. Or, for another example (because examples are fun), you need a video conference server for just Thursday, then it’s as if an entire new room appears in your house with a home theater – but just for that one day.

What Scheduler does is allow you to control when (and where, since you can specify cloud service providers and location for some of the components) your network (in whole or in parts) actually exists. Since all the parts are specialized virtual machines, once they are destroyed, they are overwritten by the cloud provider. They truly cease to be. When you rebuild them with Scheduler, they are completely new with new IP addresses. Back to the house example, this would be like your house disappearing when you go to work and then reappearing in a different configuration in a different neighborhood when you return home, and only you know your new address each day.

Apart from the cybersecurity brownie points the dynamic nature of Fognigma gives you, there is an even more applicable bonus when applied to resources. In most organizations using a standard network, someone needs to be on call 24/7 in case something happens. Since it’s always on, that network is always visible and can be attacked at any time. Even during working hours, if a chat server, for instance, is used for team meetings every Friday, it still exists as a potential exploit for evildoers all the other days of the week. Someone has to monitor everything at all times.

Fognigma allows your cybersecurity team to do more with less. Are we saying you only need a tiny team to protect your organization if you use Fognigma? Not at all. We’re just trying to illustrate how Fognigma will let your team work more efficiently. Plus, if you think about it, there’s a major cost savings in not having everything on when it’s not needed. With an introduction of network automation to your cybersecurity strategy, it becomes less of an extra task and more of something you can depend on.

Back to the ISACA survey: 55% reported that it took at least 3 months to fill open cybersecurity positions, while 32% said it was more like 6 months or more. Whether you are in those percentages and searching to fill your cybersecurity needs or you already have your team in place and just want the most leading-edge protection possible, Fognigma is the twinkling oasis in the cybersecurity desert for which you’ve been searching.

update your software

Cybersecurity New Year’s Resolutions

Happy New Year

The New Year is here, and with it a deluge of resolutions to lose weight, watch less TV, exercise more, eat better, and all sorts of other promises which will be kept for a week or two before tapering off back into regular life. The best of us, however, will actually have the willpower to keep hold of a resolution or two and change our lives for the better. There is one resolution we all should take to heart and make sure we follow through with: bettering our cybersecurity practices.

Now, of course, this resolution isn’t just one easy thing to do. Much like “get in shape,” improving our cybersecurity habits is a multi-prong resolution. But just like “get in shape,” fostering a better total mindthink on a life-change as important as cybersecurity will only make your future easier and safer.

Simple Ways to Improve Cybersecurity

Update, Update, Update!

One of the easiest ways to improve your cybersecurity it to make sure your stuff is updated: programs and devices. Sadly, the rush to get products to consumers often means, upon release, there are holes and cracks in the software and/or hardware’s security. The suppliers of these products realize this and routinely release software updates.

update your software

These updates sometimes add functionalities to the products, but more often than not, they fix errors in the code, making the product more secure in the process. So make a schedule to check for updates for all your things and when you find them, take the time to actually update them. Not only will your stuff work better, it will also be more secure.

IAM FTW!

Identity and Access Management is very important to the cybersecurity of organizations. Basically, it’s first determining a user’s specific role in the organization (Identity) and then assigning permissions based only on what that role needs (Access). Proper Identity and Access Management (IAM) is the easiest way to limit the risk of insider threat, while also limiting external threat should the user’s credentials become compromised. IAM is tricky to implement (as users always want access to more than they need), but just like getting more exercise improves the whole body, IAM improves the security of the entire organization all at once.

Deputize Cybersecurity Rangers!

Though the bulk of cybersecurity is on the shoulders of a few in each organization, those few should make sure the many are informed and actively aware of their own cybersecurity. It is, in a way, a social contract — each user in an organization gives up a little bit of their own rights in order to maximize the safety of the organization. Every user tacitly agrees to be a part of the gestalt solution. And a big part of this resolution prong is information and training.

Cybersecurity Training

Everyone in an organization should have some cybersecurity training since every action from every user affects overall security. Training sessions should be scheduled for everyone, including management (all the way to the top). One of the first things taught should be the danger of phishing.

No Phishing!

We all know what phishing is, but getting an entire workforce always on alert for these sorts of scams is very difficult. Often, they prey on our own willingness to help someone out. An email from the boss near the holidays asking an employee to pick up some gift cards as presents for the board of directors sounds like something that could actually be real. But the knowledge to take a step back and examine the email more thoroughly, to never click on any links from a suspected phishing email, and to let admins know the suspect address the email’s sender (without forwarding any possibly risky message) is invaluable. It is this very knowledge which is important to impart to everyone within an organization. Show a person a phishing email and they’ll be safe for a day; teach them how to recognize and avoid phishing emails and they’ll be . . . well, you know.

phishing attempts

Plan Ahead!

No matter how long a person has been walking, they are bound to, at least once in their lives, trip and fall. The best way to help your organization minimize the fallout from a possible future cybersecurity trip-up is through planning. Starting with IAM plans from an employee’s onboarding, continue planning for everything. Plan for all the training, plan for all the updates. Plan for the policy if a breach is detected and what will be done to secure the breach and recover from the disaster. Make up possible worst-case scenarios and plan for those. Plan for what to do when someone leaves the organization (terminating accounts and credentials, resetting passwords, etc.). Often this last step is forgotten about, leaving a host of possible intrusion points.  And finally, plan for being surprised by something no one ever thought of – but plan on how to keep a level head while adapting to whatever happens. Always being prepared is actually extremely good advice.

Use the Best Tools!

The team behind Fognigma is proud to be creating tomorrow’s solutions for today’s cybersecurity problems. Or, rather, in creating solutions that allow organizations to deftly dodge the deluge of digital duplicity which constantly buffet the shores of security. If you care enough about your organization, your mission, and your users to safeguard them with the best leading-edge protection available, then contact Fognigma today.

Isometric dron Santas hat delivering Christmas gifts and presents. Vector illustration

Scrooge’s Three Ghosts of Cybersecurity

Three Visitations

Just as Scrooge was visited by three apparitions, so shall ye be greeted by three specters. These are not hauntings to change your feelings for the holidays, though. These diaphanous blobs of ectoplasm are here to remind you about cybersecurity and how to think about it as the holidays pass and the new year begins. They are here to show you the three directions you must always look in as you think about protecting your network, users, and organization. Do you feel that chill in the air all of a sudden? Yes, that’s right: The Ghost of Cybersecurity Past has arrived.

Ghost of Cybersecurity

The Ghost of Cybersecurity Past

There’s a knock on your office door. When you open it, you are face to face with the Ghost of Cybersecurity Past. It is small like a child, yet there’s something old about its face. It beckons you to follow it, and you both walk hand in hand into your cybersecurity past. Insert flashback special effects here.

Once in the past, you see how simple cybersecurity used to be. Organizations would set up firewalls to stop intrusion and install virus protection to deal with any viruses which found their way into your systems. Sometimes sites would be blacklisted so employees couldn’t access them. It was an early time, where organizations were slowly coming online for the first time. Things were new. And yet, it was during this time of technological change where the seeds of compromise were planted. (For a wonderful interview with the first person to create a virus, read this!)

Phishing Attempt

This was the beginning, the Ghost shows you, how organizations began to connect together, yet fought hard to remain separate and insulated. The Ghost leaves with a shiver (insert flashforward special effects here), and you are alone.

The Ghost of Cybersecurity Present

But you are only alone for a millisecond before a loud, booming knock shakes your office. It is the Ghost of Cybersecurity Present. This Ghost is not small like your first spectral visitation; this Ghost is a giant. It is the present, after all. The world is all connected, everything is attached to the Internet, and there are malicious third-parties hiding in every nook and cranny waiting to feast on your data. The present of Cybersecurity is expansive, as it strives to protect a global attack surface where over 77% of organizations have suffered some form of attack in 2018 alone.

Gone is just putting up walls and patching holes after they appear. Current cybersecurity must be proactive and seek to shore up weak spots before they become holes. It must evade and obscure, encrypt and disappear. It is as giant an undertaking as the Ghost who is by your side.

Privacy and security

You turn exhausted and you notice the Ghost is similarly spent. And yet it shows you two more things: children hiding in the robes around its feet. “These are Connectivity and Privacy – the two issues that plague all humankind now,” the Ghost explains. Each child grabs and hangs onto one of the Ghost’s arms and you watch as he attempts to balance them. You silently nod, realizing this balancing act is what makes the present state of cybersecurity so difficult: managing everyone’s interconnectivity, while respecting and protecting their privacy. Before you can say another word to the giant spirit, you are alone again.

The Ghost of Cybersecurity Yet to Come

Before you can take three breaths, you feel a presence behind you. Turning, you lift your eyes and behold a solemn Phantom, draped and hooded, coming, like a mist along the ground, towards you. If drifts along, taking you somehow with it, into the future of cybersecurity.

Clouds roll in and lightning flashes. In front of you, there are no more wires. There are just vacuum cleaners talking to microwaves talking to thermostats talking to computers talking to cars talking to cell phones talking to cloud storage talking to…. well, you understand.

Iot isometric Device


In the future, everything is connected and nothing exists in an isolated state. All new electronics access the Internet to provide more services to the user. It’s as if the digital world is made of whiffle balls — little points of access surrounded by holes that third-parties can exploit. The battlefield of the cybersecurity warrior of the future is one who instantly goes on the offensive when bringing a new device, network, or user online. One who moves their defense all around them, dynamically altering it as they go; one who appears to be one place and then another and then nowhere at all.

The future of cybersecurity is both terrifying and exciting — exciting because of the new tech which will be developed, but terrifying because each new connected device is also a new attack surface, so compromise can come from anywhere (not just the single point of entry from a modem like in the past).

But don’t be afraid. As the Ghost of Cybersecurity Yet to Come pulls back its hood revealing a sickly, skeletal form (looking ever so much like the Grim Reaper), you are reminded of the Death Tarot card. In Tarot, the Death card represents change. The Ghost is reminding you of the change that is to come in how you deal with cybersecurity, spurring you on to embrace that change. And then it is gone.

Bonus Ghost: Marley

You are left standing in the room where you started. No one is around, and no time has passed (the Ghosts have those timey-wimey, Twilight Zone skillz). There’s a lot of work to do. ‘But the title there mentions a bonus Ghost,’ you wonder, ‘where and who is this extra apparition?’

The fourth Ghost, reader, is the one writing these words. The one warning you to look to the past, present, and future as you craft your cybersecurity plans and processes. The one showing you the best way to prepare for the future is to combine the visions each Ghost showed you into one ever-evolving plan; the one who puts a little plug at the end of this night of visitations for an enterprise software product which can bring you leading-edge technology, the future of cybersecurity, today. That product is Fognigma.

Learn more how Fognigma can give your organization more than a ghost of a chance.

Isometric modern cloud technology and networking concept. Web cloud technology business. Internet data services vector illustration.

Supporting Offensive Cyber Operations

Offensive Cyber

In the 2018 Department of Defense Cyber Strategy, the DoD outlined a change in cyber defense tactics. One of the new strategies is called ‘Defend Forward’  (which we explored in a previous blog post). In short, Defend Forward charges organizations to shore up their cyber defenses and not sit around waiting for someone to attack and test them – to continue to move forward, all while fully defended. Definitely a shift in cyber defense strategy, as offensive cyber operations are on the rise

offensive cyber operations
Protecting your data is important

But the Department of Defense didn’t stop there. They also stated they “will employ offensive cyber capabilities and innovative concepts that allow for the use of cyberspace operations across the full spectrum of conflict.” Yes, the DoD is actually mentioning the need of offensive cyber operations. The new future involves not only arming one’s organization with mobile cyber armor, but also searching out and destroying threats before they can become threats. Fognigma’s patented software solutions are ready to support this new cyber defense strategy. Read on to learn more!

Fognigma Makes You Invisible

We must start by saying that Fognigma is not an offensive tool. It does, however, provide a patented and proven way for you to hide your operations from spying eyes. Fognigma gives you the power to create encrypted, cloaked Mission Partner Networks (MPNs), allowing total protection and anonymity of communications. An MPN is built from strategically leased virtual machines from one or more cloud providers, which work together as one powerful network.

With Fognigma, you completely control your MPN without any third-party interference or oversight. You run it; you own it. You exist now without anyone watching over you. Fognigma also gives you full command over your online presence. By managing your online attribution, you can craft your online appearance to separate who it looks like you are, where it looks like you are, and what it looks like you’re doing from what’s actually going on.

Secure Network Infrastructure

This invisibility of network and communications is paramount for organizations who conduct offensive cyber operations. Too often, offensive ops are compromised by parts being easily discovered and/or associated. A good example (and warning for the future) involves all the new info that’s been revealed about the big 2009-2013 CIA breach. Simple Google searches by third parties revealed sites that had similar aspects to them, leading to the correct assumption that they were, in fact, operated by the same group. This was later used for interception and exfiltration of sensitive information about offensive ops.

As previously stated, Fognigma is built from various virtual machines (VMs). These VMs only know of their immediate neighbors, so the network can’t be compromised should one VM be breached (which is statistically impossible given the nature of Fognigma’s encryption technologies). Also, organizations have the option to use Fognigma’s Portal Proxy technology (also patented) which allows them to create anonymous and disposable URLs for different Fognigma components. With Portal Proxies, organizations can give users their own URLs, so even if multiple people are accessing the same component, from the outside, it will look like they are going in different directions. This disassociates the users from the organization and from each other. And the more disassociation an organization can create during offensive operations, the less chance of activity correlation which could lead to a compromise like the aforementioned CIA operations.

Fognigma Has Global Reach

In order to properly engage in offensive cyber operations, organizations need global access. This is another area where Fognigma shines. Because of Fognigma’s structural nature, all the parts of the network and internal communication components can be built in different areas of the world. If you needed a file share residing in India, you could have just that (built in a few mouse clicks). All users granted access to that file share could access it when they connect to your MPN from wherever they are in the world.

Fogngima Networks Span the Globe

Fognigma also gives you global reach in an intelligent manner. Meaning, it normally doesn’t behoove an organization involved in operations in one part of the world to appear to be coming from another part of the world. Fognigma solves this by the properties of an MPN’s exit points. Without going into too much technical detail here, users leave an MPN by going through admin-created exit points. Once a user goes through an exit point to the Internet, their IP matches the country in which the exit point is located. This is invaluable when not wanting users to appear to be foreign to the part of the world in which they are conducting operations.

Fognigma Provides the Tools for Offensive Operations

But, Fognigma isn’t just an invisible network. Inside your MPN is a suite of communication and collaboration components which allow your operations to stay in constant contact. As soon as your device connects to your MPN, you’ll have access to: traceless telephony (with a misattributable call chain feature for safely communicating with untrusted external parties), protected video conferencing, and secure chat messaging. A file share is also hidden within your MPN for the safe storage and transfer of files.

secure telephony
Secure Telephony

And then there’s Fognigma’s superpowered Virtual Desktops (VDI). Fognigma’s VDIs have all the features of normal VDIs plus many more that only Fognigma can deliver. For instance, you can now transfer files from a USB directly to your VDI, completely bypassing the host computer. If there is a file on the host computer you wish to transfer, you can copy it to your VDI as easily as dragging and dropping it. Fognigma VDIs can be used as a super anonymous and temporary way to access other MPN. For example, you could initialize a VDI, connect to a video conference inside your MPN (assured that the audio is also safe, as Fognigma ensures all audio is proxied to ensure no IP leak), communicate with your team, and then destroy the VDI when done. When any part of an MPN is destroyed, the components are wiped clean and completely overwritten by the cloud providers, eliminating all digital forensics. It’s as if none of it ever really happened.

Fognigma is the Base Offensive Operations Need

A secure cybersecurity base for offensive operations needs to be a multi-tool, a transformer, and a cloaking device which can fit in your pocket. It needs to make the world think you are doing one thing, when you are actually doing something else. It needs to separate the connected and connect the separated. And, most of all, it needs to do all of this without anyone realizing it’s doing anything at all. That list is a good summary of reasons why Fognigma was created. We wanted to give organizations that toolbox, that utility belt, that base on which to build their operational success. And more than that, Fognigma was developed (and continues to be developed) to give the US Government and its military forces the advantage on the world stage. Fognigma puts the power of cybersecurity in the hands of those who will use our technology to make the world a safer place for all of us.

Network dissociation

The Importance of Being Apart

Playing on a Team

Working for an organization means working on a team – a group of people who, even if they are working in different sections on different projects, are all contributing to a common goal. But there are many times when a mission demands the team to not seem like a team for safety, secrecy, or other reasons. That is, the team must still work like a team but not seem to be connected to each other like a team. This is a very difficult thing to achieve – unless you’re using Fognigma! Network Dissociation or generally obscuring your identity can play a big part in thwarting people from obtaining your sensitive information.

Fognigma – In Brief

With Fognigma, your organization has the power to create your own invisible, encrypted network. Fognigma networks are constructed from randomly leased virtual machines (VMs) which reside on cloud networks in five continents. These VMs are spread out over the world, however they function as one unified network. This patented process is unique to Fognigma, and what makes it the most powerful tool for secure communication and collaboration on the planet. And it’s inside this network where your telephony, file share, chat servers, etc., all live – protected and safe. The ever-changeable nature of Fognigma networks which prevents an Internet pattern-of-life from developing (i.e., the things you do every day online which can be used to identify you). You can still do these things, but they will be separated from your online identity – who and where you really are. This is called dissociation and it is very important to the success of many organizations and missions.

Fognigma Virtual Machine
Fognigma Networks are constructed rom randomly leased virtual machines

But First, An Example of Association

If you go into Store A wearing a lime green cowboy hat on Tuesday and wear it going into Store B on Thursday, an observer will definitely see a person wearing the same unique hat. It is then a pretty safe assumption that the person who was observed on Tuesday and the person who was observed on Thursday are, in fact, the same. Once this is deduced, more connections can be made. The observer could enter the stores after you and, due to their crafty nature, discover information about what you purchased. They can then draw connections between the products you bought. If you purchased eggs, flour, baking powder, and baking soda from Store A and sugar, butter, and milk from Store B, then it could be inferred you are going to bake a cake.

Association
Private and Personal information can be shared easily, just by viewing you

But let’s pretend the observer watches more. On Friday, they view a car pull up in the park and that lime green cowboy hat come out. Now they know the make and model of your car, what state it’s registered in, that you probably have two children (based on the stick figure sticker on your rear window), your license plate, and possibly your car’s VIN number (depending on their location and the zoom power of their binoculars). They also see another person exit your vehicle and observe that you are carrying a cake. (See? They were right!) The observer watches the other person blow out candles on the cake and then the two of you share a slice, sitting quite close together. As you feed each other bits of cake, the observer views similar rings on each of your left hands. Your watcher now concludes you and this other person are married – but more than that, they know what your spouse looks like and their birthdate (give or take a few days). The observer focuses on the cake and sees the worlds, “Happy Birthday, Taylor,” and now they know your spouse’s name. All this private and personal information about you and those around you, discoverable because of associating the movements of someone wearing a lime green cowboy hat.

Why Network Dissociation is Important

As you can see in the above example, associating things is how people learn about who you are, who you’re with, and what you’re doing. For organizations, businesses, and missions, having full control over what others know about you is essential. The above example also illustrates how one tiny association can be enough for a third party to learn an awful lot about you. Now imagine how much could go wrong if you were working on a top-secret development project or part of a hostage rescue mission and adversaries were able to put pieces together and figure out not only who you are, but also information about your team, organization, mission, etc. It could spell anything from a small financial loss to a major catastrophe with casualties. The best way to approach your business is to remain as separate and as dissociated as possible.

How Fognigma Dissociates

Fognigma has multiple ways to dissociates you from everything. Let’s assume your network admin has Fognigma scheduled to automatically burn down at the end of the day and rebuild the next morning. This is the first path in your journey of dissociation. Since each day your network will be made from different virtual machines in different data centers on different clouds in different parts of the world, the network you travel on is already dissociated from every previous incarnation of itself.

fognigma globe network
Fognigma Networks Span the Globe

Since you have access to multiple exit points from your Fognigma network, you can pick a new one of those each day (or change during the day with just a click) to add even more dissociation. All your traffic will appear to emanate from the exit point. So, for instance, if you are working in Ohio, but going through an exit point in Hong Kong, it will appear to anyone watching your traffic that you are in Hong Kong. And with a simple drop-down menu change, you can instantly be in Spain, South Korea, India, the US, or anywhere else you have an exit point.

But it gets better – more disassociate-y. Your network admin has also created your Fognigma with a few dissociating joints, which your traffic passes through once you enter and before you exit to the rest of the Internet. dissociating joints do just what their name describes: they obfuscate who/where/what/why you are even more. Passing through each one shatters all your details; passing through all of them cranks your dissociation level to 11.

But it gets better. Your admin is also using Portal Proxies. This gives each user a unique URL from which to access your Fognigma network, so every single user looks like they are going to a different location. No one appears to be heading to the same place. Everyone appears to be separate. No one looks like they work for the same association (i.e., dis-association).

portal proxies
Portal Proxies are a component to Fognigma

But it gets better. You click on your unique URL and access a Virtual Desktop (VDI) on your Fognigma network. You access this VDI as an anonymous entry point, and from this VDI you exit to the Internet and do your browsing. When you are done, the VDI is destroyed, leaving no forensic footprint. You have become so dissociated by now, you might not even know who you are any more.

As you can see, Fognigma is capable of many layers of network dissociation – from what is provided by the innate structure of a Fognigma network to adding on more and more layers. Sort of like peeling an onion, but instead of peeling the layers off, you are adding them on around you, forming shell after shell of Fognigma-created power, guaranteed nothing but tears for anyone attempting to figure you out. Fognigma makes sure (callback time) to hide your lime green cowboy hat in a white box in the middle of a snow drift in the dead of night: completely invisible.