Zurich, because fines happenz

by Rodolfo on August 25, 2010

Zurich fined for losing customer data

On Tuesday Zurich Insurance was fined $3.5 million for losing customer confidential data, BusinessWeek reports.

The data in question was identity, bank and credit card information belonging to 46,000 customers. It was lost last year on an unencrypted backup tape misplaced by Zurich’s South African operations.

Despite the fact that there was no proof that the data has been misused or even that has been stolen in the first place, the FSA’s director of enforcement and financial crime, Margaret Cole, said “Zurich U.K. let its customers down badly“.

The FSA is Britain financial overseer, or at least it was until last month when the new government announced it was going to wind it down and place the regulatory power back in the Bank of England’s hands (see this article on the Washington Post).
The fine comes also after years of criticism leveled against the FSA (see this Telegraph article from 2005 and countless articles on the satirical magazine Private Eye)

That was a very expensive backup tape.

{ 0 comments }

Beware of geeks bearing gifts

by Rodolfo on June 30, 2010

Lebanon is in an official state of war with Israel and the countries are locked into a covert espionage.

Yesterday there was an arrest of an “Israeli spy” and what is relevant is that he was a consultant to mobile phone companies and had access to sensitive information.

Path of least resistance:

Mobile phone networks are designed to accommodate lawful interception capabilities and sometimes to prevent external access. That architecture does not take into account the insider threat from a privacy perspective, usually only the billing system is secure.

A rogue employee could get privilege access to sensitive information such as call pattern and even the content of a call. Given their size telecom networks cannot be secured without securing their endpoints.

BBC NEWS: Lebanon arrests ‘Israeli spy’ from mobile phone company

{ 0 comments }

AT&T gives Cellcrypt the green light

by Rodolfo on June 22, 2010

Big news today as AT&T certified Cellcrypt for BlackBerry on their network. It’s a big step for us and below an extract of our press release:

We are delighted to achieve AT&T solution certification, which gives further assurance to governments and enterprises seeking to protect confidential conversations that key executives and employees make on their cell phones,” said Kathleen Peters, General Manager (US) at Cellcrypt, “We are honored that Cellcrypt has been selected in this way for use on the largest GSM network in the United States, offering customers the benefit of an additional layer of voice call security for those all important confidential calls.”

{ 0 comments }

If the recent news of Wikileaks acquiring all the US diplomatic communications sent from the ambassadors in the Middle East were not enough, it is now emerging, in a report by the London Telegraph, that some of the phone calls made by US Secretary of State Hilary Clinton, as well as Pope Benedict XVI, have been wiretapped.

It is understood that in both cases these recordings happened as a result of an ongoing investigation into the other caller for alleged procurement corruption. It is worthy of note that the wiretaps were authorized and perfectly legal under lawful interception legislation. The issue here is that is was Italian lawful interception, so I am sure the US Secretary of State might still not be impressed.

This highlights the murky aspects of cross-border interests and jurisdiction especially in countries where there is a vast number of authorized wiretaps (in this case Italy, where wiretap estimates for the last 10 years are over 3 million) or countries under a dictatorial regime where the rule of law is well, more of a recommendation.

Read more about it on the London Telegraph and the Daily Mail.

{ 0 comments }

Indian tweets and phone tapping

by Rodolfo on May 28, 2010

A nice roundup from the Financial Times on the scandal that rocked India earlier this month. Long story short turns out that the whole infrastructure is being abused left and right to snoop on politicians, businessmen, regulators and the odd sportsman. All it all began to unravel with a tweet.

Read all about it on the Financial Times.

{ 0 comments }

News roundup: phone tapping, models, soccer and China

April 16, 2010

A scandal is brewing in the UK: a model named Vanessa Perroncel unleashed her lawyers over phone-tapping of a live call.
Perroncel was romantically involved with some of the footballers in the English team, it cause quite a stir in the country, and that turned the attention of the press on her life. She is now [...]

Read the full article →

Back from a short break

April 9, 2010

The Cellcrypt Blog took a small break to be on the road at several security conferences. We were at RSA in San Francisco, FOSE in Washington DC and several others. We’re back so expect to hear from us soon. (In the picture a highlight from the RIM VIP event at the Spy [...]

Read the full article →

Cellcrypt finalist for top security award

February 24, 2010

Happy to report that Secure Computing Magazine has selected Cellcrypt for its SC Awards in the “Best Encryption Product” category.
Below the full press release:
London, UK – 24th February –Cellcrypt, (www.cellcrypt.com), the leading provider of secure mobile voice calling, has been voted by panel of industry experts representing both major European and global brands [...]

Read the full article →

GSM security webinar on February 24th

February 22, 2010

Do not forget to sign up for Dr Larry Ponemon’s webcast on cell phone calls vulnerabilities with Cellcrypt and other leading industry experts.
Larry is best known for the annual reports on the Cost of Data Breach and he his now looking at the vulnerabilities in the cellular networks as well.
You can register [...]

Read the full article →

Vice Over IP: The VoIP Steganography Threat

February 17, 2010

Interesting article from IEEE Spectrum on steganography and VoIP.
Now steganography has entered a new era, with stupendously greater potential for mischief. With the latest techniques, the limitations on the length of the message have basically been removed. Consider our example involving the use of Skype. Whereas the first two examples each [...]

Read the full article →