mobile technologyIt's amazing to think about all the positive changes that mobile technology has made in our lives, even if you were born before the internet.

Do you remember when long distance calls were charged? This is mostly the past. You can download any number of messenger applications in less than a minute and make free calls to almost anywhere.

Although today's youth might not believe it, many of us can recall a time when we could only listen to the radio if we wanted to.

We got the 8-track a little later and shortly after, the cassette tape. The CD came along later. You can now access literally millions of songs from your mobile device. Even better, you no longer need to have a wall dedicated to your CD/tape/CD collection. Digital music is available for every song you can think of. If you don't have the sound, there are apps that can add "vinyl scratchiness", to your music!

Movies are the same. You don't need to have piles of VHS tapes and Blu-Ray discs. Streaming services are abundant and you can watch your favorite TV shows or movies anywhere you have a signal. This is true, however, not everywhere.

But it's not only fun and games that have been transformed. The world has changed forever because of mobile technology, which was tested during the Covid-19 pandemic. Tens of millions fled their offices and began working from home, often using laptop computers.

You can keep in touch with your colleagues and coworkers even when you are traveling for business. It's possible to do meaningful, real work while on the road. This wasn't always possible back in the early days of the internet. But mobile devices and the internet infrastructure have made it so much easier to do this.

Although it's difficult to predict where mobile technology will lead us, one thing we can be certain of is that there are many more benefits than we've ever imagined. The convenience of mobile technology has made our lives easier in so many ways that it's hard to count.

With the new technology comes new vulnerabilities. Our posts have shown the rise in the number of ransomware and malware attacks. Many of these are now coming through mobile devices. You can no longer afford to ignore defending your network against possible attack. Now is the time to be proactive and call Integrated Technology Systems for a complete review of you network security.

Researchers Discover a New Security Vulnerability in the CPU

cybersecurityThe Heartbleed bug allows for the theft of information that is protected by SSL/TLS encryption. This encryption is used to protect the Internet. SSL/TLS protects communication and privacy on the Internet. It is used for applications like web, email, instant message (IM), and other virtual private networks. This was a major scare we had a few years back. It was a sideways attack that was unusual and difficult to pull off. It was devastating, and it sent shockwaves around the globe.

Well, it's back and should not be ignored.

Although this back-channel attack may not be identical, it is similar enough that cybersecurity researchers who discovered it gave it the name Hertzbleed. Remote attackers can steal cryptographic keys from it by observing fluctuations in network frequency that are enabled by dynamic voltage scaling.

Hackers can also monitor your computer's electrical output and, based there, deduce your cryptographic keys.

The discovery of the new attack vector was made possible by a team from the University of Texas at Austin in collaboration with other researchers from Washington University and Illinois Urbana-Champaign.

This is what the team had to say about their discovery.

"These attacks could allow an attacker to steal cryptographic keys from remote servers previously thought to be secure. It is a serious threat to cryptographic software security."

Hertzbleed first shows that power side-channel attacks on modern networks can be converted into (even remotely!) Timing attacks--removes the need to use any power measurement interface.

Hertzbleed also shows that cryptographic code, even when it is implemented as constant time, can still leak via remote timing analysis.

This is an extremely unusual attack and would prove difficult to execute for even the most skilled hackers. Nevertheless, hackers are out there who can do this. It is therefore somewhat alarming that neither Intel or AMD has any plans to fix Hertzbleed.

According to an Intel spokesperson:

"This issue is fascinating from a research perspective. However, we don't believe that this attack can be used outside of a laboratory environment."

Although it's true, hackers are known for their obsession with bragging rights more than practicality. We believe it is only a matter time before Hertzbleed makes the news.

Are you waiting to see if your company's network will be attacked? Without the right safe guards in place, it is not a matter of if but when. Don't wait for the hackers to strike. Call us today.

Integrated Technology Systems
6 East 45th Street, Suite 400
New York, NY 10017