Details on how and what we do…

Information is at the heart of all successful business, the more successful the business, the more important the information and concomitantly, the more it is at risk from electronic surveillance.  There are unscrupulous people who take the saying—”wouldn’t it be great to be a fly on the wall of the XYZ company’s boardroom”—to its logical extension, by “putting the fly on the wall.”  So why invite your competitors to sit in on your meetings?

A question to ask yourself is; “would we like to know what our competitors are discussing at their board, business strategy and product launch meetings and, would that be of value to us?”  If you answered “YES,” then you can be one hundred percent sure they would like to know the same about you…!  Accordingly, a threat has been created.

We conduct Super Yacht TSCM inspections for our security conscious clients.  Yacht and aircraft examinations require a much higher degree of skill, experience and specialised equipment, combined with an understanding of exactly what one can and cannot touch.  The reasons for examining both vessels and aircraft are mostly after charters, refits or maintenance.

A full explanation covering the TSCM inspection procedure is provided to the owner, captain and/or the handling agent, followed by a written report.  The vessel’s electrical and RF systems are powered up and, in the face of some specific threats, the yacht is sometimes moved to activate such surveillance devices.

An external shore based mapping of the local radio frequency spectrum is conducted followed by a detailed internal analysis to detect transmissions from the vessel.  This procedure enables the approximate areas to be established for the detailed spectrum, fibrescopic and thermal imaging examinations, aimed at locating any transmitters, passive resonators, GSM bugs, carrier borne radio frequency signals or clandestine cameras.

The equipment used allows for spectrum analysis from <1 kHz to >25 GHz, laser detection from 700nm to 1100nm, digital telephone inspection, mains wiring analysis and thermal resolution from 6.4 µm to 14 µm.   Although always available to the team, non-linear-junction detection is not usually carried out on vessels and aircraft due to a potential for interference with on-board equipment.  We prefer to use wall radar for deeper analysis of walls.

Aircraft require a completely different approach than either offices or yachts.  The potential to cause an airworthiness certificate (CoA) to be withdrawn is always uppermost in our minds and the conduct of the examination proceeds with that risk being considered.  To ensure the integrity of the CoA we always request the fixed base operator (FBO) to provide a licensed airframe and instrument mechanic to supervise that what we are doing fully complies with all airworthiness requirements.

Additionally, we can assist with advice about secure communications with key lengths of up to 28,672-bit, for SMS, voice, TXT, emails, FTP and any document, image or video that can be stored on a Windows based PC, in any language type.

What is malware?

Malware is harmful software, plain and simple—it is code created to do something sinister to your cell phone or computer. Most of the time, it infiltrates a person’s system without their knowledge.

There are many different types of malware, and here is where it starts to get confusing. Types of malware were typically named not for their actions but for how they attack the phone. This is because computer-engineering nerds who were the first to encounter malware were more interested in the delivery method instead of the end goal, which is why one category of malware that “tricks” a system to invade it is called a Trojan Horse.

Other types of malware include viruses, which infect legitimate files, backdoors, which can open programs and steal data from your computer or cell phone and rootkits, which can spy and collect passwords. One of the more dangerous forms of malware, aptly named ransomware, literally holds your files for ransom by encrypting them. If you pay up, you “might” get the decryption key to regain access to them. If you do not, they are unavailable forever!

Another malware that is also a worry for mobile phone users is a Potentially Unwanted Program (PUP). “Potentially Unwanted Programs is a euphemism,” says Scott Wilson, Technical Product Manager at Malwarebytes,” a leading antivirus developer. These are programs you agree to install on your phone. However, the agreement is generally obtained sneakily, such as by having a pre-checked box on one of the many installation pages you need to click through. Many people find these programs most annoying, by interfering with your search behaviour or displaying unwanted advertising on your computer or cell phone—so anti-malware products help you deal with and remove such programs.”

How does anti-malware software do its job?

Many programs scan for malware using a database of known malware definitions (also called signatures). These definitions tell what the malware does and how to recognise it. If the anti-malware program detects a file that matches the description, it will usually flag it as potential malware. This is an excellent way to remove known threats, but it requires regular updates to ensure the program does not miss newly developed malware.

Heuristics

Another way anti-malware detects harmful software is through a form of analysis called heuristics. An alternative to database scanning, heuristic analysis allows anti-malware programs to detect threats that have not been previously discovered. Heuristics identifies malware by behaviour and characteristics instead of comparing it against a list of known malware.

For example, if an application is programmed to remove essential system files, the anti-malware software may flag it as malware (since applications should not be doing that). However, heuristic analysis can sometimes result in “false positives” or programs flagged as malware that are actually legitimate.

Sandboxing

Anti-malware software can find malware by running a program it suspects to be malicious in a sandbox, which is a protected space on your device. The program believes it has full access to the device when, in fact, it is running in an enclosed space while the anti-malware monitors its behaviour. If the program demonstrates malicious behaviour, the anti-malware will terminate it. Otherwise, it is allowed to execute its functionality outside the sandbox. However, some malware is clever enough to know if it is currently running in a sandbox and will mask its actual function until it is allowed free access to your computer or cell phone—very sneaky.

Removal

Thankfully, good anti-malware does not just flag malware and move on—once malware has been found on a system, it needs to be removed. The anti-malware program can delete many common threats as soon as they are detected, but not all. Additionally, some malware is purposely designed to cause further damage to your computer if it is removed. If your anti-malware suspects this is the case, the standard action is to quarantine the file in a safe area of your phone’s storage. This means the anti-malware puts the suspect file/s in a Quarantined timeout location. Quarantining a malicious file prevents it from causing harm and allows you to remove the file manually without damaging your computer or cell phone.

Warning

An ever-increasing development of “spyware” programs poses a severe threat by targeting a cell phone’s operating system (OS). These programs are sold under the guise of “checking on and protecting” employees, spouses and children. Some can be remotely loaded onto your phone and are immune to detection by anti-malware products. The loading can be accomplished by a simple near-field Bluetooth transfer or payloads on seemingly innocent TXT messages from the other side of the world.

Detection

It is possible to detect spyware, malware and ransomware on cell phones and cell-enabled tablets quickly and inexpensively. If you feel you could be the target of a malware attack, call us, and we can check for you.