Inflection Point | OpSec Failures: A Constant Threat
Did you see the recent news of Proton Mail disclosing a user’s recovery email to the Spanish police that was then used to identify and arrest a pro-Catalan protester?
Did you realize that Proton Mail didn’t violate its own policies, or technology, when it did that?
Unfortunately, the recovery email address was an Apple iCloud address. Deliberately set by the activist.
And, as required by law, Apple then handed over identifying information connected to this account to law enforcement.
Had the activist not used a recovery email with their Proton Mail account, no other data would have been available for Proton to hand over.
This news reminded me that operational security (OpSec) failures are often the root cause of many security breaches, not technical or service failures.
And, it doesn’t matter whether your purpose or mission is selfish or pro-community, OpSec failures can hurt you.
Let’s look at two different groups: civil rights activists and cybercriminals. Both face significant OpSec challenges, but for very different reasons.
As in the case above, many breaches were linked to email and social media vulnerabilities. Phishing attacks and social engineering were common tactics used by police and cyber-attackers.
The main causes include inadequate cybersecurity training and outdated technology. Many activists don’t understand how their messages can be intercepted or they use free or low-cost tools that lack robust security features.
The impact of these failures is intense. Compromised communication channels have exposed strategic plans and personal data, leading to increased surveillance, legal actions, imprisonment, torture, and death for some activists.
The constant threat of breaches has also caused stress and burnout, affecting morale and operational efficiency.
Cybercriminals also face OpSec failures, which have led to the downfall of many infamous ones in the past five years.
Blake Benthall’s arrest (Silk Road 2.0 - 2014) was due in part to using a personal email for server management and failing to compartmentalize his activities. This allowed the FBI to trace him easily.
Sebastien Vachon-Desjardins (NetWalker Ransomware - 2021) was arrested due to traceable cryptocurrency transactions.
The REvil group’s failure to secure their servers allowed police to gain access and take control.
The shutdown of DarkMarket in 2021 was due to traceable financial transactions and insecure communication channels.
In Operation Trojan Shield (2021) law enforcement ran a secure messaging platform called Anom, leading to over 800 arrests. Criminals failed to verify the platform’s origin and security.
Do any of these OpSec challenges remind you of your daily struggles to do your job with the people you work with?
Hit comment and let me know.
I read every comment you post.
-Kip
P.S. Please share this "Inflection Point" with someone you care about.
Subscribe here !
领英推荐
Current Podcast Episode: “Business Continuity as a Revenue Generator?”
Is overnight viral success is a kind of disruption that the business continuity (BC) discipline can help preapre you for?
Let’s find out with our guest Erika Andresen , the Founder and Owner of EaaS Consulting, LLC . Your hosts are Kip Boyle , CISO with Cyber Risk Opportunities LLC , and Jake Bernstein, CISSP, CIPP/US , Partner with K&L Gates .
RESOURCES:
By the way...
By the way, did you know that the “AI Summer 2024” sponsored by Vanderbilt Data Science is going on right now over on YouTube?
It’s excellent!
Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015, after seven years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!
113 Cherry St #92768, Seattle, WA 98104-2205
Digital Marketer | Cyber Security Practitioner (Ce-CSP) |?CISMP |?ISO 27001 |?ITF+ | CCSK
5 个月OpSec plays a crucial role in navigating the challenges faced by various groups, from civil rights activists to cybercriminals. It's vital for both selfish and pro-community missions to prioritize OpSec to avoid potential harm. How do you handle OpSec in your daily job interactions?
CISO in Residence | Advisor
5 个月Good article, Kip, and spot on observations. Goes back to people not realizing the implications of their actions. Operational security isn't sexy, but it's important.
Executive - IT Risk/Information Security| Cybersecurity| Business Resilience| Operational Risk| Enterprise Risk| Third Party Risk| Speaker| Mentor| C-Suite Advisor
5 个月Very important topic Kip Boyle !
CEO/Founder of Zenaciti and Screenopolis | Author | Industry Analyst | Cybersecurity Expert | Practical Startup Founder
5 个月Spot on analysis, Kip.