Wednesday, July 28, 2010

Is your Blackberry a National Security Threat?


Perhaps, if you live in these countries...
According to the BBC, the United Arab Emirates (UAE) has described RIM’s device as a threat posing “serious social, judicial and national security repercussions” due to the country’s inability to successfully eavesdrop on users, and the fact that transmitted data is stored offshore.
The same concerns have also been expressed by India, Kuwait and Saudi Arabia, with market analysts contributing the timing of these comments to yesterday’s decline in RIMM shares...

When discussing UAE’s obsession with RIM’s device, it’s worth emphasizing on the fact that the country unsuccessfully attempted to install spyware application on the devices of Etisalat users in 2009, pitching it as a “performance-enhancement patch. Instead, the SS8 Interceptor drained the batteries of the users who installed to the point where they became suspicious about its true nature...

The bottom line - are BlackBerries a threat to the national security of any country? They are, but only to the country that’s attempting to decrypt the data itself, instead of targeting the weakest link - in this case the user who now more than ever has to be aware that he’s become the primary target, not the encryption protocol itself. (more

"The bottom line" is worth noting. The more you protect one info-conduit, the more your adversary will be forced into attacking your lesser protected conduits. Hence, businesses need a counterespionage consultant on-board who has a holistic view of the espionage possibilities. The days of "they swept, they left" TSCM teams are long gone. 

If you have read this far, you the foresight to see why this story is a valuable cautionary tale. Good consultants are only as far away as the websites which bring you Kevin's Security Scrapbook.