Fabled government backdoors into telecom networks for surveillance are now proven not only pervasive but also vulnerable to eavesdropping by cybercriminal cabals. If this sounds ominous, it is.
Armand here, your RPost product evangelist armadillo. By now you’ve probably heard about the largest (by far) cybercriminal espionage, data exfiltration, and eavesdropping campaign ever, run by the reported to be a Chinese sponsored Salt Typhoon cybercriminal cabal. This organization has (not had, but still has) continuous access to communications that parse every major telecom carrier in the United States and as some report, 80 telecom networks globally.
Because they have (among other access points) tapped into the government backdoors used for wiretapping (backdoors into telecom networks mandated by law), these cybercriminals can listen to your telephone calls, read your text messages, access your email and attachments, and see your historical connections (everyone you have communicated with via call, text, email, including from where you were doing each communication due to the telecom carrier geo-location metadata exfiltrated).
Yes, ominous. The chair of the Senate Intelligence Committee, Senator Mark Warner, has reportedly called it the “worst telecom hack in our nation’s history” and noted that it makes prior cyberattacks by Russian operatives look like “child’s play” by comparison. And, it is complex, so much so, that telecoms and government cybersecurity technicians cannot seem to rid the nefarious from accessing this information (for the tech curious, a technical description is here, however the authors are quick to state that they cannot confirm if the hack tactics described are related to this specific Salt Typhoon mass surveillance eavesdropping).
What to do?
It seems these cybercriminals are motivated by corporate and government espionage – intelligence gathering that they can then sell to bidders. If you are in the United States, Asia Pacific, Europe, Middle East, South Africa (most of the world) and you are in a government-related entity, consultancy (systems integrator, outsourcer, general consultancy, engineering, law or other professional services firm), chemical/oil/energy, transportation, among other sectors, you are a DIRECT target. If you are in any other business, you are an INDIRECT target. I’ll explain what this means shortly.
As a target, according to the FBI, you cannot consider encrypted transmissions (TLS) private from these eavesdroppers as they are essentially now part of the network. You cannot consider your secure connection via your mobile phone “hotspot” as secure since this secures information from your computer to the telecom hub but here, it is the telecom hub that is compromised.
If you care about protecting your intellectual property, strategies, supply chain information, or secrets, you will need to ensure your content is independently encrypted beyond network transmission or VPN security.
RPost tools are essential.
First, RMail email encryption has an end-to-end component, securing the message from sender’s device to recipient device through the telecom networks. This is a great option. Don’t trust opportunistic or normal TLS encryption as these will not cover important parts of the transmission journey.
If you are concerned about third-party risk (and you should be) – meaning what recipients of YOUR information do to protect YOUR information, you need to further protect sensitive attachments independently of the secure transmission.
For this, you will need to transmit your more sensitive documents using RDocs™ – RPost’s rights protected document technology, where each page of each document (attached to email, stored at the recipient, or otherwise shared downstream) is independently encrypted with access to view content restricted by page to specific authorized viewers. You can even remotely control, kill, or auto-lock access to these documents even after they are held at the recipient or in others’ systems.
And better, with the RPost Eavesdropping™ AI enabled, you can eavesdrop on the cybercriminal eavesdroppers, and see when your content is being accessed (email and document content) by this cybercriminal cabal. Further, with RPost’s AI Auto-Lock™ technology, your sensitive documents will auto-lock before the cybercriminals can see your content that has been leaked via the telecommunications networks to these Salt Typhoon modern day spies. How great is it to have a Doc-Lock™ AI, auto-locking of exfiltrated documents. (It is GREAT, in my humble armadillo opinion).
If you’re a big player (Federal Government, global consultancy, engineering, biotech, pharma, or other) with big secrets, you are a DIRECT target and this RPost technology is a must.
If you’re a regular businessperson, you are an INDIRECT target; you ought to use this RPost technology as a precaution because who knows who these cybercriminal cabals will sell your information to. Your information might not be interesting to Salt Typhoon and their sponsors, but it certainly is interesting to Black Axe and other cybercriminal cabals.
For other cybercriminals, information about who you are communicating with about what, when, where, and how can provide others the contextual information to trick staff into paying fake invoices on legitimate purchases, or worse. Even without my armadillo sixth sense, I know other cybercriminals would eagerly use your leaked private or regulated protected information (that they obtain or purchase from Salt Typhoon) against you in various extortion or ransom schemes.
The world of information protection just got a whole lot more complex. You’ll need the suite of RPost services to help you navigate this and protect you, your firm, your clients, and those in your orbit.
December 09, 2024
December 03, 2024
November 29, 2024
November 20, 2024
November 12, 2024
Blog