Wednesday, January 3, 2018

Counterespionage Tip # 022: The Encryption & Password Mistake

An excerpt from the Forever 21 press release last week...
...After receiving a report from a third party in mid-October 2017 suggesting there may have been unauthorized access to data from payment cards that were used at certain Forever 21 stores, we immediately began an investigation. We hired leading payment technology and security firms to assist. The investigation determined that the encryption technology on some point-of-sale (POS) devices at some stores was not always on... more
The setting to enable encryption may never have been set to on. If it was, the setting may not have been password protected, thus allowing the encryption to be turned on and off.  Costly mistakes.

This happens frequently on devices which are introduced after the initial set-up of similar devices. It's similar to the not changing the default password syndrome.

Counterespionage Tip # 022: When installing new devices:
  1. Change the default password.
  2. Review all the settings. Turn off all the eavesdropper and espionage friendly settings.
  3. Pay particular attention to security-related settings.
  4. Enable encryption.
  5. Change the administrator's password if the device has one.
  6. Deter physical access to internal memory and components using security tape. Check often for tampering.
Removing an unencrypted printer drive for covert duplication.
Murray Associates case history photo.
You may be surprised how many devices offer password protection and encryption these days...
  • Point-of-sale (POS) devices.
  • Wi-Fi Access Points.
  • Audio and video teleconferencing equipment.
  • Networked print centers.
  • Stand-alone printers with Wi-Fi capabilities.
  • VoIP telephone systems.
  • Interactive white boards.
  • Fax machines with memory vaults.
  • Computers, tablets, mobile phones.
  • Manufacturing equipment.
  • Medical devices.
  • CCTV cameras and recording systems.
Your list of vulnerable devices may have additional items. All are hacker/espionage/criminal catnip. 

Security settings on items in your environment should be checked periodically. A knowledgeable Technical Surveillance Countermeasures (TSCM) team can do this for you. It should be part of their inspection for electronic surveillance devices and information security loopholes. 

If you don't have a TSCM team already, or are not sure of their capabilities, give me a call. ~Kevin