Category Archives: DataShielder

image_pdfimage_print

DataShielder Defense NFC HSM: Protect Your Sovereign Communications

DataShielder Defense NFC HSM Protect your Sovereign Communications by Freemindtronic Andorra
DataShielder Defense NFC HSM – Jacques Gascuel: This article will be updated with any new information on the topic.

Why You Need DataShielder Defense NFC HSM

DataShielder Defense NFC HSM, a patented solution, ensures maximum confidentiality and anonymization of communications from sovereign entities. Using NFC technology, this HSM manages up to 200 secrets offline, contactless and shareable via any communication method, including email and SMS. A GreenTech innovation, it is interoperable, backward compatible and versatile, designed to immediately respond to various specific needs and customizable for enhanced secret security.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

DataShielder Defense NFC HSM: How to Protect Your Sovereign Communications with a Revolutionary Solution

The protection of sovereign entities and the enhancement of existing defense and intelligence systems are crucial challenges in today’s world. Sovereign communications, such as those between heads of state, diplomats, military personnel, or secret agents, are constantly exposed to threats of interception, hacking, or manipulation. These threats can compromise the security, integrity, and confidentiality of sensitive information, and have serious consequences for national and international security.

To address these challenges, a revolutionary solution has been developed by Freemindtronic, a andorran company specialized in data security and encryption. This solution is called DataShielder Defense NFC HSM, and it is the ultimate solution for protecting all forms of communications of sovereign entities. This innovative and cutting-edge solution, protected by two patents, guarantees an unparalleled level of confidentiality and trust among humans, without compromise. With DataShielder, your secrets and sensitive data remain inaccessible and indecipherable, even in case of compromise of the equipment and information and communication systems.

In this article, we will explain how DataShielder Defense NFC HSM works, what are its features and benefits, and how it can be customized to suit your specific needs. We will also show how this solution could have influenced several major events in the history of communication security, and how it has received international recognition and awards for its excellence.

How DataShielder Defense NFC HSM Works

DataShielder Defense NFC HSM is a device that uses Near Field Communication (NFC) technology to create, store, and use up to 100 different secrets in a single device. A secret can be anything that you want to protect, such as an encryption key, a password, a PIN code, a cryptocurrency key, a bank account information, or a message. DataShielder allows you to share your encrypted secrets via all the means of communication available in the world, such as postal mail, webcam, email, SMS, MMS, RCS, messaging, or directly between two NFC HSM devices.

To use DataShielder, you need an Android NFC phone or tablet, and the DataShielder app, which is available for free on the Google Play Store. You also need a DataShielder Defense NFC HSM device, which is a small and discreet card that can be customized to fit different formats and accessories. The device does not require any battery or external power source, as it uses the energy of the NFC signal of the phone to operate on demand.

To create a secret, you simply need to tap your phone on the device, and choose the type of secret you want to create. You can either generate a random secret, or import an existing one. You can also add specific trust criteria for each secret, such as BSSID, geographical area, password, fingerprint, QR code or barcode scan, and phone UID. The absence of any of these criteria makes the access to the secret impossible, ensuring maximum and personalized security.

To use a secret, you simply need to tap your phone on the device, and choose the secret you want to use. You can either use it directly on your phone, or send it to another device or person. You can also use the secret to unlock secure USB or SSD keys, to log in to your favorite websites, to make secure voice calls and SMS, to manage your banking information, to generate and use cryptocurrency wallets, and more.

To share a secret, you simply need to tap your phone on the device, and choose the secret you want to share. You can either share it directly with another NFC HSM device, or encrypt it with the RSA-4096 public key of the recipient, and send it via any means of communication. The recipient will need to decrypt the secret with their NFC HSM device, using the EviSCP HSM (ZKP) protocol, which is a patented technology that ensures a secure and confidential exchange of secrets.

Differentiating Benefits of DataShielder Defense NFC HSM

DataShielder Defense NFC HSM offers a complete and adaptable solution to your needs, thanks to the set of advanced and efficient features that it incorporates. These features are based on different technologies, each with a specific name and function. Here is a summary of the main features and benefits of DataShielder:

 

Feature Technology Function Benefit
Random generation of symmetric and asymmetric encryption keys EviCypher NFC HSM Encrypt all types of data (texts, images, videos) in post-quantum AES-256. Use the RSA-4096 public key to exchange encrypted secrets between distant NFC devices. Protect your data and secrets from unauthorized access and decryption, even in case of quantum computing attacks.
Random generation of identifiers and passwords EviPass NFC HSM Generate automatically complex and complicated passwords up to 48 characters based on the 95 ASCII characters, or on bases 16, 58, 64 or 85. Import and store manually login identifiers, PIN codes, PUK, lock codes, TPM2.0 passwords, BitLocker… Log in automatically to your favorite websites. Secure your online accounts and devices with strong and unique passwords. Save time and avoid typing errors with automatic login.
Create a segmented key EviAuth NFC HSM Divide your secret into two segments and store them on two different NFC HSM devices. Require the presence of two people to reconstitute the secret. Increase the security and confidentiality of your secret by adding a human factor. Prevent the access to the secret by a single person or device.
Management of secret OTP keys EviOTP NFC HSM Store securely the secret OTP keys whose one-time passwords based on time (TOTP) or HMAC (HOTP) to generate a secondary authentication factor (2FA). Enhance the security of your online accounts and services with a second factor of authentication. Avoid the risk of losing or compromising your OTP keys.
Secure voice calls and SMS EviCall NFC HSM Store your phone contacts and make a voice call from the NFC HSM without leaving any trace in the phone history. Communicate securely and discreetly with your contacts. Avoid the interception and recording of your voice calls and SMS.
Secure management of banking information EviPay NFC HSM Store, manage and use securely the information related to credit cards and bank accounts. Protect your financial information and transactions from fraud and theft. Access and use your banking information easily and securely.
Unlocking of secure USB or SSD keys without contact EviKey NFC HSM Manage the administrator, user and temporary user PIN codes to unlock the secure USB/SSD keys without contact. Secure your external and internal storage with a contactless unlocking system. Manage the access rights and permissions of the USB/SSD keys.
Generation of cryptocurrency wallets EviSeed NFC HSM Automatically and directly create from a blockchain the secret BIP39 key, its derived key, its public key and the public address. The balance verification is done directly on the blockchain. Create and use cryptocurrency wallets securely and conveniently. Store your cryptocurrency keys in an inviolable and encrypted manner. Verify your balance directly on the blockchain.
Automatic import of private keys EviVault NFC HSM Import derived private keys by scanning their QR codes from five blockchain platforms including Bitcoin, Ethereum, Polygon, Binance Smart Chain and IOTA. Create and save also the BIP39 PassPhrases. Import and use private keys from different blockchain platforms easily and securely. Scan the QR codes and store the keys in an encrypted manner. Create and save also the BIP39 PassPhrases.
Management of authentication cards EviCore NFC HSM Scan and store the barcode or QR code of any type of card that uses this type of identification (access cards, loyalty cards sometimes linked to a payment system). Store and use authentication cards securely and conveniently. Scan the barcode or QR code and store it in an encrypted manner.
NFC HSM pairing key manager EviCore NFC HSM Manage the NFC HSM fleet within a sovereign entity. Manage and control the NFC HSM devices within your organization. Assign and revoke pairing keys for the devices.
Data encryption EviCrypt NFC HSM Encrypt your texts and files upstream before sending them to your recipients using your usual messaging services. Encrypt your data before sending it via any means of communication. Ensure that only the intended recipients can decrypt and access your data.
Use on all computer systems EviCore NFC HSM Browser Extension Use your NFC HSM with the free Freemindtronic browser extension based on Chromium and Firefox. Find the DataShielder NFC HSM functions on all your computers. Use your NFC HSM on any computer system.
Use of a virtual USB Bluetooth keyboard EviKeyboard BLE Use a virtual keyboard for secure and discreet input. Extend the use of secrets in HID mode on various computer systems, TPM2.0, BitLocker, Windows, Linux, Apple, proprietary software and web browsers. Don’t touch the keyboard. Enter a free line of code up to 52 characters. Entering BIOS passwords. Easy to use

Stealth Customization Options

The manufacturer Freemindtronic offers a customization service specially designed for sovereign entities, combining discretion and functionality.

Discreet Formats: Modified standard PVC and PCB cards for effective camouflage.

Stealth Accessories: Labels, key rings, promotional pens, and cufflinks subtly integrating NFC HSM devices.

USB Dummy Keys: Mini USB keys functioning as secret containers for the NFC HSM devices.

NFC On/Off Card: PCB cards with switchable NFC antenna for increased stealth.

These options guarantee invisible security, ideal for special operations and covert missions.

Complementary Accessories

  • Secure NFC EviKey USB and SSD Keys: These devices offer secure external and internal storage, perfectly integrated with DataShielder NFC HSM for enhanced data protection.
  • Bluetooth Virtual Keyboard EviKeyboard BLE: An innovative keyboard for secure and discreet input, complementing the DataShielder NFC HSM by an additional layer of security in data entry.

International Distinctions and Awards

The EviCypher NFC HSM technology, essential to DataShielder, has received worldwide recognition, marked by several important awards.

  • Gold Medal 2021 of the Geneva Inventions: EviCypher Technology awarded among hundreds of international inventions.
  • Three Global InfoSec Awards 2021: Awarded for being the best data security solution by Cyber Defense Magazine “Next-Gen in Crypto Security”, “Most Innovative Hardware Password Manager”, “Next-Gen in Secrets Management”.
  • Two E&T Innovation Awards 2021: Distinguished for the best communication and IT solution, as well as for the best cybersecurity solution.
  • Two nominations for the National Cyber Awards 2021 of the United Kingdom: Finalist in two categories “The Innovation in Cyber Award 2021” and “The Cyber Defense Product of the Year 2021”.
  • Gold Globee Award 2022: Cyber Computer NFC winner of a Cyber Security Global Excellence Awards®.
  • Fortress Award 2023: Awarded for its excellence in encryption and privacy protection.

Conclusion

DataShielder Defense NFC HSM is a revolutionary solution for protecting your sovereign communications. It offers a high level of security, confidentiality, and trust, without compromise. It is compatible with all types of data and communication means, and can be customized to suit your specific needs. It is also environmentally friendly, durable, and interoperable. It has received international recognition and awards for its excellence and innovation. If you are looking for a solution that can protect your secrets and sensitive data from any threat, DataShielder Defense NFC HSM is the solution for you. Contact Freemindtronic today and get your DataShielder Defense NFC HSM device. You will not regret it.

FormBook Malware: How to Protect Your Gmail and Other Data

FormBook Malware: how to protect your gmail and other data
Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

  • Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
  • Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
  • Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
  • Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
  • Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

  • Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
  • Enable 2FA for your Gmail account on the Google website.
  • Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
  • Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

  • FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
  • FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
  • FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
  • FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

  • The number of organizations affected worldwide
  • The type and amount of information stolen
  • The ability to download and execute other malware
  • The ability to remotely control the infected device
  • The evasion techniques used
  • The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware Number of organizations affected Type and amount of information stolen Ability to download and execute other malware Ability to remotely control the infected device Evasion techniques used Ease of detection and removal
FormBook 4.5% in August 2021 Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Trickbot 4% in August 2021 Credentials, passwords, banking information, personal data, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Agent Tesla 3% in August 2021 Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
LokiBot 1.5% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
Raccoon 0.8% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

  • Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
  • Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
  • Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
  • Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
  • Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

Type of Formbook MalwareAttacks

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

 

FormBook PassCypher DataShielder
Keylogger ✔️ ✔️
Password stealer ✔️ ✔️
File transfer ✔️
Screenshot ✔️ ✔️
Remote control
Phishing ✔️ ✔️
Exploit kit
Drive-by download
Removable media ✔️
Social media

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

Are fingerprint systems really secure? How to protect your data and identity against BrutePrint

Fingerprint Systems Really Secure - How to Protect Your Data and Identity
Fingerprint Systems Really Secure by Jacques Gascuel: This article will be updated with any new information on the topic.

Fingerprint Security

You will surely be amazed by our discoveries! These systems verify your identity on smartphones and other devices by using the unique patterns of your finger. But is their security level? In this study, we explore the weaknesses of these systems and how various actors, from cybercriminals to sovereign entities, can exploit them. We looked at 25 techniques for corrupting fingerprint authentication systems. We will also introduce an effective dual-use defense solution: DataShielder HSM solutions to protect your secrets and sensitive data even if this biometric authentication system becomes compromised.

Fingerprint Biometrics: An In-Depth Exploration of Security Mechanisms and Vulnerabilities

It is a widely recognized biometric authentication system for identity verification. In this overview of fingerprint authentication systems, we will explore comprehensively to understand the complex world of fingerprint biometrics. Our goal is to provide a detailed exploration of these systems, their inner workings, vulnerabilities, and countermeasures.

Demystifying Fingerprint Systems: A Thorough Examination

Two fundamental components make up these systems: the fingerprint sensor and the comparison algorithm.:

The Fingerprint Sensor: Where Biometric Data Begins

These systems rely on an essential component: the fingerprint sensor. It captures the finger image and converts it into a digital format. Different types of sensors exist, each with their advantages and disadvantages:

  1. Optical sensors: They use light and a camera to create a high-resolution image.
  2. Capacitive sensors: They use an array of small capacitors to measure the differences in electrical charge between the ridges and valleys.
  3. Ultrasonic sensors: They use sound waves to create a three-dimensional image.
  4. Thermal sensors: They detect the heat emitted by the finger to generate an image.

The Comparison Algorithm: The Gatekeeper of Access

The comparison algorithm is a critical software component that analyzes the captured fingerprint image. Its role is vital:

  • Image Analysis: The algorithm scrutinizes the fingerprint image, extracting its unique features.
  • Template Comparison: It then compares these features to one or more stored templates, serving as reference fingerprints for authorized users.
  • Threshold Criteria: Access is granted if the algorithm determines a significant similarity between the captured image and a stored template, surpassing a predefined threshold. If not, the system considers the fingerprint invalid and denies access.

Fingerprint System Vulnerabilities and Attack Techniques

First, before evaluating attack techniques against fingerprinting systems, let’s explore different attack types, techniques, motivations, and strategies. In our thorough analysis of fingerprint system vulnerabilities, we must acknowledge numerous attack techniques employed by various actors. These techniques, driven by diverse motivations ranging from personal gain to malicious intent, illuminate the complexities of fingerprint system security. We’ve identified a total of twenty-five (25) distinct attack types, categorized into five groups in this study: “Electronic Devices for Biometric Attacks,” “Additional Fingerprint Attacks,” “Advanced Attacks,” “Attacks on Lock Patterns,” and “Attacks on Fingerprint Sensors.”

Attacks on Fingerprint Sensors

Fingerprint sensors, a common biometric authentication method, are vulnerable to several attack types and techniques update 23 february 2024:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Residual Fingerprint Attack Recovers the smartphone owner’s fingerprint left on surfaces, reproducing it. Identity theft, unauthorized access, or malicious purposes. Exploits traces of fingerprints on surfaces using materials like gelatin, silicone.
Code Injection Attack Injects malicious code to bypass fingerprint sensor security. Compromises device security for data theft or illicit activities. Exploits software vulnerabilities for unauthorized access to biometric data.
False Acceptance Attack The system accepts a fingerprint that doesn’t belong to the authorized user. Identity theft, unauthorized access, or malicious intentions. Can occur due to poor sensor quality, a high tolerance threshold, or similarity between different individuals’ fingerprints.
False Rejection Attack The system rejects a fingerprint that belongs to the authorized user. Identity theft, unauthorized access. Can occur due to poor sensor quality, a low tolerance threshold, environmental changes, or alterations to the user’s fingerprint.
Substitution Attack Tricks the system with an artificial fingerprint. Identity theft or unauthorized access. Can be done using materials like gelatin, silicone, latex, or wax.
Modification Attack Tricks the system with a modified fingerprint. Identity theft or to conceal the user’s identity. Can be done using techniques like gluing, cutting, scraping, or burning.
Impersonation Attack Tricks the system with another user’s fingerprint, either with their consent or by force. Identity theft using force, threats, bribery, or seduction. Uses the fingerprint of another user who has given consent or has been coerced into doing so.
Adversarial Generation Attack Tricks the system with images of fingerprints generated by an adversarial generative adversarial network (GAN). Bypasses liveness detection methods based on deep learning. Mimics the appearance of real fingerprints.
Acoustic Analysis Attack Tricks the system by listening to the sounds emitted by the fingerprint sensor during fingerprint capture. Can reconstruct the fingerprint image from acoustic signals. Use noise cancellation techniques, encrypt acoustic signals, or use liveness detection methods
Partial Print Attack Tricks the system with a partial fingerprint from the registered fingerprint. Increases the false acceptance rate by exploiting the similarity between partial prints of different users. Can use a portion of the registered fingerprint.
Privilege Escalation Attack Exploits vulnerabilities in the operating system or application to obtain higher privileges than those granted by fingerprint authentication Can access sensitive data, manipulate system files, perform unauthorized actions, or bypass security measures Use strong passwords, enforce multi-factor authentication, limit user privileges, patch system vulnerabilities, monitor user activities, and audit logs
Spoofing Attack Imitates a legitimate fingerprint or identity to deceive the system or the user Can gain access, steal information, spread malware, or impersonate someone. Use liveness detection methods, verify the authenticity, avoid trusting unknown sources, and report spoofing attempts
PrintListener: Side-channel Attack Utilizes acoustic signals from finger friction on touchscreens to replicate fingerprints Gain unauthorized access to devices and services protected by fingerprint authentication Implement noise interference, use advanced fingerprint sensors resistant to acoustic analysis, enable multifactor authentication, regularly update security protocols

For more information on new attack type “PrintListener” (a specific acoustic analysis attack), readers are encouraged to explore the detailed article at https://freemindtronic.com/printlistener-technology-fingerprints/.
These attacks expose vulnerabilities in fingerprint sensor technology and underline the need for robust security measures.

Attacks on Lock Patterns (For Lock Screen Authentication)

Lock patterns, often used on mobile devices for screen unlocking, are susceptible to various attack techniques:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Brute Force Attack Attempts all possible lock pattern combinations. Gains unauthorized device access. Systematically tests different pattern combinations.
Replica Fingerprint Attack Uses a 3D printer to create a replica fingerprint. Unauthorized access or identity theft. Produces a replica for sensor authentication.
Sensor Vulnerabilities Exploits sensor technology vulnerabilities. Compromises device security for malicious purposes. Identifies and exploits sensor technology weaknesses.
BrutePrint Attack Intercepts messages, emulating the fingerprint sensor. Gains unauthorized access, often with hardware components. Exploits communication protocol vulnerabilities.

These attacks target the vulnerabilities in lock pattern authentication and underscore the importance of strong security practices.

Advanced Attacks

Advanced attacks employ sophisticated techniques and technologies to compromise fingerprint systems:

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Presentation Attack Presents manipulated images or counterfeit fingerprints. Espionage, identity theft, or malicious purposes. Crafts counterfeit fingerprints or images to deceive sensors.
Rapid Identification Attack Uses advanced algorithms to swiftly identify fingerprints. Corporate espionage, financial gain, or enhanced security. Quickly identifies fingerprints from extensive datasets.
Digital Footprint Attack Collects and analyzes the online data and activity of the target, using open source intelligence tools or data brokers Can obtain personal information, preferences, habits, or vulnerabilities of the target. Use privacy settings, delete unwanted data, avoid oversharing, and monitor online reputation

These advanced attacks leverage technology and data to compromise fingerprint-based security.

Network-Based Attacks

Network-based attacks are those that target the communication or data transmission between the device and the fingerprint authentication system. These attacks can compromise the integrity, confidentiality, or availability of the biometric data or the user session. In this section, we will discuss four types of network-based attacks: phishing, session hijacking, privilege escalation, and spyware.

ATTACK TYPE TECHNIQUE MOTIVATIONS STRATEGIES
Phishing Attack Technique: Phishing attacks involve sending fraudulent messages to victims, enticing them to click on a link or download an attachment. These malicious payloads may contain code designed to steal their fingerprints or redirect them to a fake website requesting authentication. Motivations: Phishing attacks are motivated by the desire to deceive and manipulate users into revealing their fingerprint data or login credentials. Strategies: Phishing attackers employ various tactics, such as crafting convincing emails, spoofing legitimate websites, and using social engineering to trick users.
Session Hijacking Attack Technique: Session hijacking attacks aim to intercept or impersonate an authenticated user’s session, exploiting communication protocol vulnerabilities or using spyware. Motivations: Session hijacking is typically carried out to gain unauthorized access to sensitive information or systems, often for financial gain or espionage. Strategies: Attackers employ packet sniffing, session token theft, or malware like spyware to compromise and take control of active user sessions.
Spyware Attack Technique: Spyware attacks infect the device with spyware to capture fingerprint data. Motivations: Spyware attacks are driven by the objective of illicitly obtaining biometric data for malicious purposes, such as identity theft or unauthorized access. Strategies: Attackers use spyware to secretly record and transmit fingerprint information, often through backdoors or covert channels, without the victim’s knowledge.
Predator Files Infects Android phones with a spyware application that can access their data, including fingerprint information. Sold to multiple governments for targeting political opponents, journalists, activists, and human rights defenders in over 50 countries. Use spyware detection and removal tools, update system software, avoid downloading untrusted applications, and scan devices regularly

As we can see from the table above, network-based attacks pose a serious threat to fingerprint authentication systems and users’ privacy and security. Therefore, it is essential to implement effective countermeasures and best practices to prevent or mitigate these attacks. In the next section, we will explore another category of attacks: physical attacks.

Electronic Devices for Biometric Attacks

Some electronic devices are designed to target and compromise fingerprint authentication systems. Here are some notable examples:

Device Description Usage STRATEGIES
Cellebrite UFED A portable device capable of extracting, decrypting, and analyzing data from mobile phones, including fingerprint data. Used by law enforcement agencies worldwide. Used by law enforcement agencies to access digital evidence on mobile phones. Applies substances to damage or obscure sensor surfaces.
GrayKey A black box device designed to unlock iPhones protected by passcodes or fingerprints using a “brute force” technique. Sold to law enforcement and government agencies for investigative purposes. Sold to law enforcement and government agencies for investigative purposes to unlock iPhones. Use strong passwords, enable encryption, disable USB access, and update system software.
Chemical Attacks Alters or erases fingerprints on sensors. Prevents identification or creates false identities. Use fingerprint enhancement techniques, verify the authenticity, and use liveness detection methods

These devices pose a high risk to biometric systems because they can allow malicious actors to access sensitive information or bypass security measures. They are moderate to high in ease of execution because they require physical access to the target devices and the use of costly or scarce devices. Their historical success is variable because it depends on the quality of the devices and the security of the biometric systems. They are currently relevant because they are used by various actors, such as government agencies, law enforcement, or hackers, to access biometric data stored on mobile phones or other devices. This comprehensive overview of attack types, techniques, motivations, and strategies is crucial for improving biometric authentication system security.

BrutePrint: A Novel Attack on Fingerprint Systems on Phones

Fingerprint systems on phones are not only vulnerable to spoofing or data breach attacks; they are also exposed to a novel attack called BrutePrint. This attack exploits two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA) framework. BrutePrint allows attackers to bypass the attempt limit and liveness detection mechanisms of fingerprint systems on phones. It also enables them to perform unlimited brute force attacks until finding a matching fingerprint.

How BrutePrint Works

Fingerprint Systems Really Secure : BrutePrint

BrutePrint works by hijacking the fingerprint images captured by the sensor. It applies neural style transfer (NST) to generate valid brute-forcing inputs from arbitrary fingerprint images. BrutePrint also exploits two vulnerabilities in the SFA framework:

  • Cancel-After-Match-Fail (CAMF): this vulnerability allows attackers to cancel the authentication process after a failed attempt. It prevents the system from counting the failed attempts and locking the device.
  • Match-After-Lock (MAL): this vulnerability allows attackers to infer the authentication results even when the device is in “lock mode”. It guides the brute force attack.To perform a BrutePrint attack, attackers need physical access to the phone, a database of fingerprints, and a custom-made circuit board that costs about 15 dollars. The circuit board acts as a middleman between the sensor and the application. It intercepts and manipulates the fingerprint images.

How to Prevent BrutePrint

BrutePrint is a serious threat to phone users who rely on fingerprint systems to protect their devices and data. It shows that fingerprint systems on phones are not as secure as they seem. They need more robust protection mechanisms against brute force attacks. Some of the possible ways to prevent BrutePrint are:

  • Updating the phone’s software: this can help fix the vulnerabilities exploited by BrutePrint and improve the security of the SFA framework.
  • Using multifactor authentication: this can increase the level of security and reduce the risks of spoofing or brute force attacks. It combines fingerprint authentication with another factor, such as a password, a PIN code, a pattern lock screen ,or other trust criteria that allows patented segmented key authentication technology developed by Freemindtronic in Andorra .
  • Use of DataShielder HSM solutions: these are solutions developed by Freemindtronic in Andorra that allow you to create HSM (Hardware Security Module) on any device, without a server or database, to encrypt any type of data. DataShielder HSM solutions also include EviSign technology, which enables advanced electronic signing of documents. DataShielder HSM solutions are notably available in Defense versions, which offer a high level of protection for civil and/or military applications.

Assessing Attack Techniques: Ease of Execution and Current Relevance

In our pursuit of understanding fingerprint system vulnerabilities, it is crucial to assess not only the types and forms of attacks but also their practicality and current relevance. This section provides an in-depth evaluation of each attack technique, considering factors such as the ease of execution, historical success rates, and their present-day applicability.

Attack Techniques Overview

Let’s analyze the spectrum of attack techniques, considering their potential danger, execution simplicity, historical performance, and present-day relevance.

Attack Type Level of Danger Ease of Execution Historical Success Current Relevance
Residual Fingerprint Attack Medium Moderate Variable Ongoing
Code Injection Attack High Moderate Variable Still Relevant
Acoustic Analysis Attack Medium Low Fluctuating Ongoing Concerns
Brute Force Attack High Low Variable Contemporary
Replica Fingerprint Attack Medium Moderate Fluctuating Still Relevant
Sensor Vulnerabilities High Moderate Variable Ongoing Significance
BrutePrint Attack High High Variable Continues to Pose Concerns
Presentation Attack High Moderate Diverse Still Pertinent
Rapid Identification Attack High Low Variable Ongoing Relevance
Digital Footprint Attack High Low Fluctuating Currently Pertinent
Chemical Attacks High Low Variable Ongoing Relevance
Phishing Attack High Moderate Variable Modern Threat
Session Hijacking Attack High Low Variable Ongoing Relevance
Privilege Escalation Attack High Low Variable Remains Significant
Adversarial Generation Attack High Moderate Variable Still in Use
Acoustic Analysis Attack (Revisited) Medium Low Fluctuating Ongoing Concerns
Partial Print Attack Medium Low Variable Currently Relevant
Electronic Devices for Biometric Attacks High Moderate to High Variable Currently Relevant
PrintListener (Specific Acoustic Analysis Attack) High Moderate Emerging Highly Relevant

Understanding the Evaluation:

  • Level of Danger categorizes potential harm as Low, Moderate, or High.
  • Ease of Execution is categorized as Low, Medium, or High.
  • Historical Success highlights fluctuating effectiveness.
  • Current Relevance signifies ongoing concerns in contemporary security landscapes.

By assessing these attack techniques meticulously, we can gauge their practicality, historical significance, and continued relevance.

The type of attack by electronic devices for biometric systems is very dangerous because it can allow malicious actors to access sensitive information or bypass the protections of biometric systems. Its ease of execution is moderate to high, as it requires physical access to target devices and the use of expensive or difficult-to-obtain devices. Its historical success is variable because it depends on the quality of the devices used and the security measures implemented by the biometric systems. It is currently relevant because it is used by government agencies, law enforcement or hackers to access biometric data stored on mobile phones or other devices.

Statistical Insights into Fingerprint Systems

Fingerprint systems have found wide-ranging applications, from law enforcement and border control to banking, healthcare, and education. They are equally popular among consumers who use them to unlock devices or access online services. However, questions linger regarding their reliability and security. Let’s delve into some pertinent statistics:

According to Acuity Market Intelligence, 2018 saw more than 1.5 billion smartphones equipped with fingerprint sensors, constituting 60% of the global market.

The IAFIS Annual Report of 2020 revealed that more than 1.3 billion fingerprint records were stored in national and international databases in 2019.

According to the National Institute of Standards and Technology (NIST), the average false acceptance rate of fingerprint systems in 2018 was 0.08%, marking an 86% decrease compared to 2013.

These statistics shed light on the widespread adoption of fingerprint systems and their improved accuracy over time. Nevertheless, they also underline that these systems, while valuable, are not without their imperfections and can still be susceptible to errors or manipulation.

Real-World Cases of Fingerprint System Corruption: Phone Cases

Fingerprint system corruption can also affect phone users, who rely on fingerprint sensors to unlock their devices or access online services. However, these sensors are not foolproof and can be bypassed or exploited by skilled adversaries. These attacks can result in device theft, data breaches, or other security issues.

Here are some examples of fingerprint system corruption that involve phones:

  • German hacker Jan Krissler, alias Starbug, remarkably unlocked the smartphone of the German Defense Minister Ursula von der Leyen in 2014 using a high-resolution photo of her thumb taken during a press conference. He employed image processing software to enhance the photo’s quality and created a counterfeit fingerprint printed on paper.
  • A terrorist attack at the Istanbul airport killed 45 people and injured more than 200 in 2016. The investigators found that the three suicide bombers used fake fingerprints to enter Turkey and avoid security checks. They copied the fingerprints of other people from stolen or forged documents.
  • Researchers from Tencent Labs and Zhejiang University discovered in 2020 that they could bypass a fingerprint lock on Android smartphones using a brute force attack, that is when a large number of attempts are made to discover a password, code or any other form of security protection.
  • Experts from Cisco Talos created fake fingerprints capable of fooling the sensors of smartphones, tablets and laptops as well as smart locks in 2020, but it took them a lot of effort.
  • A case of identity theft was discovered in France in 2021, involving the use of fake fingerprints to obtain identity cards and driving licenses. The suspects used silicone molds to reproduce the fingerprints of real people, and then glued them on their fingers to fool the biometric sensors.
  • Researchers from the University of Buffalo developed a method in 2021 to create artificial fingerprints from images of fingers. These fingerprints can fool the sensors of smartphones, but also more advanced biometric systems, such as those used by police or airports.
  • A report by Kaspersky revealed in 2021 that banking apps on smartphones are vulnerable to attacks by falsified fingerprints. Attackers can use malware to intercept biometric data from users and use them to access their accounts.

These cases highlight the significant threats posed by fingerprint system corruption to phone users. Therefore, it is important to protect these systems against external and internal threats while integrating advanced technologies to enhance security and reliability.

DataShielder HSM: A Counter-Espionage Solution for Fingerprint System Security

You have learned in the previous sections that fingerprint systems are not foolproof. They can be corrupted by attacks that expose your secrets and sensitive data. To prevent malicious actors from capturing them, you need an effective and reliable encryption solution, even if your phone is compromised.

Freemindtronic, the leader in NFC HSM technologies, designed, developed, published and manufactured DataShielder HSM in Andorra. It is a range of solutions that you need. You can use either EviCore NFC HSM or EviCore HSM OpenPGP technology with DataShielder HSM. It lets you encrypt your data with segmented keys that you generate randomly yourself. The key segments are securely encrypted and stored in different locations. To access your secrets and your sensitive data encrypted in AES 256 quantum, you need to bring all segments together for authentication.

DataShielder HSM has two versions: DataShielder NFC HSM for civil and military use, and DataShielder NFC HSM Defense for sovereign use. DataShielder NFC HSM Defense integrates two technologies: EviCore NFC HSM and EviCore HSM OpenPGP. They allow you to create a hardware security module (HSM) without contact on any medium, without server, without database, totally anonymous, untraceable and undetectable.

DataShielder HSM is a user-friendly and compatible solution with all types of phone, with or without NFC, Android or Apple. It can be used for various purposes, such as securing messaging services, encrypting files or emails, signing documents or transactions, or generating robust passwords.

DataShielder HSM is a counter-espionage solution that enhances the security of fingerprint systems. It protects your data and secrets from unauthorized access, even if your fingerprint is compromised.

Current Trends and Developments in Fingerprint Biometrics

Fingerprint biometrics is a constantly evolving field. It seeks to improve the performance, reliability and security of existing systems. But it also develops new technologies and applications. Here are some current or expected trends and developments in this field.

  • Multimodality: it consists of combining several biometric modalities (fingerprint, face, iris, voice, etc.) to increase the level of security and reduce the risks of error or fraud. For example, some smartphones already offer authentication by fingerprint and facial recognition.
  • Contactless biometrics: it consists of capturing fingerprints without the need to touch a sensor. This technique avoids the problems related to the quality or contamination of fingerprints. And it improves the comfort and hygiene of users. For example, some airports already use contactless scanners to verify the identity of travelers.
  • Behavioral biometrics: it consists of analyzing the behavior of users when they interact with a biometric system. For instance, the way they place their finger on the sensor or the pressure they exert. This technique adds a dynamic factor to identification. And it detects attempts of impersonation or coercion. For example, some banking systems already use behavioral biometrics to reinforce the security of transactions.

Standards and Regulations for Fingerprint Systems

The use of fingerprint systems is subject to standards and regulations. They aim to ensure the quality, compatibility and security of biometric data. These standards and regulations can be established by international, national or sectoral organizations. Here are some examples of standards and regulations applicable to fingerprint systems.

  • The ISO/IEC 19794-2 standard: it defines the format of fingerprint data. It allows to store, exchange and compare fingerprints between different biometric systems. It specifies the technical characteristics, parameters and procedures to be respected to ensure the interoperability of systems.
  • The (EU) 2019/1157 regulation: it concerns the strengthening of the security of identity cards and residence permits issued to citizens of the European Union and their relatives. It provides for the mandatory introduction of two fingerprints in a digital medium integrated into the card. It aims to prevent document fraud and identity theft.
  • The Data Protection Act: it regulates the collection, processing and storage of personal data, including biometric data. It imposes on data controllers to respect the principles of lawfulness, fairness, proportionality, security and limited duration of data. It guarantees to data subjects a right of access, rectification and opposition to their data.

Examples of Good Practices for Fingerprint System Security

Fingerprint systems offer a convenient and effective way to authenticate people. But they are not without risks. It is important to adopt good practices to strengthen the security of fingerprint systems and protect the rights and freedoms of users. Here are some examples of good practices to follow by end users, businesses and governments.

  • For end users: it is recommended not to disclose their fingerprints to third parties, not to use the same finger for different biometric systems, and to check regularly the state of their fingerprints (cuts, burns, etc.) that may affect recognition. It is also advisable to combine fingerprint authentication with another factor, such as a password or a PIN or other trust criteria that allows the patented segmented key authentication technology developed by Freemindtronic in Andorra.
  • For businesses: it is necessary to comply with the applicable regulation on the protection of personal data, and to inform employees or customers about the use and purposes of fingerprint systems. It is also essential to secure biometric data against theft, loss or corruption, by using encryption, pseudonymization or anonymization techniques.
  • For governments: it is essential to define a clear and consistent legal framework on the use of fingerprint systems, taking into account ethical principles, fundamental rights and national security needs. It is also important to promote international cooperation and information exchange between competent authorities, in compliance with existing standards and conventions.

Responses to Attacks

Fingerprint systems can be victims of attacks aimed at bypassing or compromising their operation. These attacks can have serious consequences on the security of people, property or information. It is essential to know how to react in case of successful attack against a fingerprint system. Here are some recommendations to follow in case of incident.

  • Detecting the attack: it consists of identifying the type, origin and extent of the attack, using monitoring, auditing or forensic analysis tools. It is also necessary to assess the potential or actual impact of the attack on the security of the system and users.
  • Containing the attack: it consists of isolating the affected system or the source of the attack, by cutting off network access, disabling the biometric sensor or blocking the user account. It is also necessary to preserve any evidence that may facilitate investigation.
  • Notifying the attack: it consists of informing competent authorities, partners or users concerned by the attack, in compliance with legal and contractual obligations. It is also necessary to communicate on the nature, causes and consequences of the attack, as well as on the measures taken to remedy it.
  • Repairing the attack: it consists of restoring the normal functioning of the fingerprint system, by eliminating the traces of the attack, resetting the settings or replacing the damaged components. It is also necessary to revoke or renew the compromised biometric data, and verify the integrity and security of the system.
  • Preventing the attack: it consists of strengthening the security of the fingerprint system, by applying updates, correcting vulnerabilities or adding layers of protection. It is also necessary to train and raise awareness among users about good practices and risks related to fingerprint systems.

Next Steps for Fingerprint Biometrics Industry

Fingerprint biometrics is a booming field, which offers many opportunities and challenges for industry, society and security. Here are some avenues for reflection on the next steps for this field.

  • Research and development: it consists of continuing efforts to improve the performance, reliability and security of fingerprint systems, but also to explore new applications and technologies. For example, some researchers are working on artificial fingerprints generated by artificial intelligence, which could be used to protect or test biometric systems.
  • Future investments: it consists of supporting the development and deployment of fingerprint systems, by mobilizing financial, human and material resources. For example, according to a market study, the global market for fingerprint systems is expected to reach 8.5 billion dollars in 2025, with an average annual growth rate of 15.66%.
  • Expected innovations: it consists of anticipating the needs and expectations of users, customers and regulators, by offering innovative and adapted solutions. For example, some actors in the sector envisage creating fingerprint systems integrated into human skin, which could offer permanent and inviolable identification.

Conclusion

Fingerprint systems are a convenient and fast way to authenticate users, based on their unique fingerprint patterns. They have many applications in device protection and online service access. However, these systems are not immune to attacks by skilled adversaries, who can manipulate and exploit them. These attacks can lead to unauthorized access, data breaches, and other security issues.

To prevent these threats, users need to be vigilant and enhance security with additional factors, such as PINs, passwords, or patterns. Moreover, regular system updates are crucial to fix emerging vulnerabilities.

Fingerprint systems are still a valuable and common form of authentication. But users must understand their weaknesses and take steps to strengthen system integrity and data protection. One of the possible steps is to use DataShielder HSM solutions, developed by Freemindtronic in Andorra. These solutions allow creating HSM (Hardware Security Module) on any device, without server or database, to encrypt and sign any data. DataShielder HSM solutions also include EviSign technology, which allows electronically signing documents with a legally recognized value. DataShielder HSM solutions are available in different versions, including Defense versions, which offer a high level of protection for civil and military applications.

Pegasus: The cost of spying with one of the most powerful spyware in the world

Pegasus The Cost of Spying with the Most Powerful Spyware
Pegasus by Jacques Gascuel: This article will be updated with any new information on the topic.

Pegasus: The Cost of Spying

Pegasus is a powerful spyware that has been used by several countries to spy on political figures, journalists, human rights activists or opponents. How does it work, who has been spied on, what are the consequences, and how much does it cost? Find out in this article.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

Pegasus: The Cost of Spying with the Most Powerful Spyware in the World

Pegasus is a spyware developed by the Israeli company NSO Group. It allows to remotely monitor the activities of a mobile phone. According to an investigation conducted by a consortium of international media, several countries have used this software to spy on political figures, journalists, human rights activists or opponents.

The scandal of Pegasus has provoked a global outcry. It has raised many questions about the legality, the ethics and the consequences of this cyber-surveillance. How does Pegasus work? Who has been spied on by Pegasus? Who is responsible for the spying? What are the consequences of the spying? And most importantly, how much does Pegasus cost?

In this article, we will try to answer these questions in detail. We will use reliable and verified sources of information. We will also present some statistics and comparisons to give you an idea of the scale and the impact of Pegasus.

What is Pegasus?

Pegasus is a spyware, also called spy software. It allows to remotely monitor the activities of a mobile phone. It can access the messages, the calls, the contacts, the photos, the videos, the location, the microphone or the camera of the target phone. It can also activate or deactivate certain functions of the phone, such as Wi-Fi or Bluetooth.

Pegasus: a spyware that raises many questions

Pegasus is a powerful spyware that the NSO group designed. It can monitor and steal data and activities from mobile phones secretly. The NSO group is an Israeli company founded in 2010 by former members of Unit 8200; the Israeli military intelligence service. The company claims that its software aims to fight terrorism and organized crime; such as pedophiles or cartel leaders. It also claims that it only sells it to governments or authorized security agencies; with the approval of the Israeli Ministry of Defense. The countries that acquire these systems must respect their commitments stipulated in the license.

However, a consortium of international media outlets revealed that many countries have used Pegasus for other purposes. They have monitored various people, including politicians, journalists, human rights activists and political opponents. This raises many questions about the protection of privacy and human rights in the digital age. It also exposes the vulnerabilities and challenges of cybersecurity in a world where surveillance technologies are becoming more powerful and discreet.

Pegasus works by exploiting security flaws in the operating systems of phones, such as iOS or Android. It can infect a phone in two ways: either by sending a malicious link to the target phone, which must click on it to be infected; or by using a technique called “zero-click”, which allows to infect a phone without any interaction from the user.

Pegasus is a very sophisticated and discreet software. It can self-destruct or camouflage itself to avoid being detected. It can also adapt to security updates of operating systems to continue working. According to NSO Group, Pegasus is able to target more than 50,000 phone numbers in the world.

Unveiling Pegasus Attack Vectors: Stealth and Subterfuge in Cyber Espionage

In the Shadows of Cyber Espionage: Pegasus Strikes Unseen

In the realm of cyber espionage, Pegasus has mastered the art of covert infiltration, employing a spectrum of attack vectors designed to leave its targets unaware and defenseless. As a specialized journalist in the field of espionage, we delve into the clandestine world of Pegasus, shedding light on the methods it employs to breach digital fortresses.

Email: The Trojan Horse

Pegasus’s espionage campaign often commences with a seemingly innocuous email. The target receives a carefully crafted message, concealing a malicious payload. This deception operates with remarkable subtlety, bypassing traditional safeguards. Victims unknowingly execute the payload, granting Pegasus a foothold into their digital lives.

SMS Intrigue: Texts That Betray

SMS messages can become instruments of betrayal when wielded by Pegasus. Crafted to exploit vulnerabilities in messaging apps, these seemingly harmless texts harbor malicious intent. Clicking on a compromised message can be all it takes for Pegasus to silently infiltrate a device.

Web of Deceit: Navigating Vulnerabilities

Pegasus’s reach extends into the very fabric of the internet. Web browsers, portals to information and connectivity, can become gateways for intrusion. By exploiting unpatched browser vulnerabilities, Pegasus sidesteps user interaction, infiltrating systems silently.

WhatsApp’s Vulnerable Connection

Even encrypted platforms like WhatsApp are not impervious to Pegasus’s advances. The spyware capitalizes on vulnerabilities in this widely used messaging app. A simple call on WhatsApp can translate into a gateway for Pegasus’s covert surveillance.

Zero-Click: A Stealthy Intrusion

The pinnacle of Pegasus’s subterfuge is the “Zero-Click” attack vector. Unlike other methods, “Zero-Click” requires no user interaction whatsoever. It preys upon deep-seated operating system vulnerabilities. Pegasus slips in unnoticed, operating in the shadows, and evading all user alerts.

The Stealth Within Pegasus: An Unseen Hand

Pegasus’s ability to infiltrate devices without leaving a trace raises profound concerns regarding detection and defense. Victims may remain oblivious to their compromised status, and traditional security measures struggle to counteract this stealthy foe.

Pegasus Continues to Threaten iPhone User Privacy and Security

In the ever-evolving landscape of digital security, the Pegasus spyware remains a significant threat to iPhone users’ privacy and security. Despite Apple’s rigorous efforts to enhance iOS safeguards, the sophisticated surveillance tool developed by the Israeli firm NSO Group has continually adapted, finding new ways to infiltrate the defenses of one of the world’s most popular smartphones.

Apple’s Proactive Measures Against Pegasus

Apple has been at the forefront of the battle against cyber threats, releasing timely security updates and patches aimed at thwarting Pegasus’s advanced techniques. The company’s commitment to user privacy has led to the development of new security features designed to protect sensitive information from unauthorized access. However, the dynamic nature of cyber threats, exemplified by Pegasus, poses an ongoing challenge to even the most secure platforms.

The Impact on iPhone Users

For iPhone users, the threat of Pegasus spyware is more than just a privacy concern; it’s a direct attack on their freedom of expression and the security of their personal data. The ability of Pegasus to covertly monitor conversations, access encrypted messages, and even activate cameras and microphones without consent has raised alarms worldwide. This level of surveillance capability not only endangers individual users but also threatens the integrity of global communications networks.

Recent Revelations in Jordan Amplify Global Pegasus Concerns

In 2024, shocking reports emerged, spotlighting Jordan’s use of Pegasus against journalists and activists. This development underscores the pervasive reach of NSO Group’s spyware. Allegedly, the Jordanian authorities targeted individuals crucial to civil society. These actions have stoked fears about privacy invasions and press freedom suppression. Amidst Israel-Jordan tensions, this move signals a worrying trend of using cyberweapons to stifle dissent. Consequently, global watchdogs are calling for stringent controls on spyware sales and usage. This incident not only highlights the urgent need for robust digital rights protections but also raises significant ethical questions about surveillance technologies’ global impact.

India’s Pegasus Scandal: A Deep Dive into Surveillance and Democracy

The year 2023 brought to light India’s alleged surveillance of journalists and opposition figures using Pegasus. This revelation has sparked a nationwide debate on privacy, press freedom, and democratic values. High-profile journalists and political dissenters reportedly fell victim to this covert tool, leading to widespread condemnation. Despite government denials and a lack of cooperation with Supreme Court probes, the issue remains unresolved. Such use of Pegasus not only threatens individual freedoms but also undermines the very fabric of democratic societies. As countries grapple with the dual use of surveillance technologies, the call for transparent, regulated, and ethical practices has never been louder. This situation serves as a crucial reminder of the delicate balance between national security and personal liberties.

How Pegasus spied on the Catalan independence movement and the Spanish government

Pegasus, a powerful spyware designed by the NSO Group, has the capability to clandestinely monitor and steal data and activities from mobile phones. A consortium of international media outlets exposed the fact that numerous countries have employed Pegasus to conduct surveillance on various individuals, including political figures, journalists, human rights activists, and political opponents.

In Spain, the Pegasus scandal unfolded, implicating over 60 individuals associated with the Catalan independence movement. According to a report from Citizen Lab, Pegasus was utilized to target these individuals between 2017 and 2020. In an alarming twist, the Spanish government itself accused Pegasus of spying on its own officials in 2021.

The Catalan independence movement under surveillance

The Catalan independence movement represents a political and social endeavor that aims to secure Catalonia’s independence from Spain. This movement gained significant momentum in 2017 when the Catalan government conducted an unauthorized referendum on self-determination. In response, the Spanish government took action by suspending Catalonia’s autonomy and apprehending several of its leaders.

Citizen Lab’s report revealed that Pegasus had specifically targeted more than 60 individuals associated with the Catalan independence movement from 2017 to 2020. This list includes notable figures such as three presidents of the Generalitat of Catalonia: Artur Mas, Quim Torra, and Pere Aragonès. These individuals have taken legal action, filing a complaint against Paz Esteban and the NSO Group. Paz Esteban serves as the director of CNI, Spain’s intelligence service.

Additional alleged victims encompass Members of the European Parliament, lawyers, journalists, and activists. For example, Carles Puigdemont, the former president of Catalonia who sought refuge in Belgium following the referendum, was also subjected to Pegasus surveillance. The list further includes Roger Torrent, the former speaker of the Catalan parliament, and Jordi Cañas, a pro-union Member of the European Parliament.

The Spanish government under attack

The situation escalated in significance when the Spanish government disclosed that Pegasus had also surveilled its own officials in 2021. The government attributed this to an “external attack” but refrained from identifying the perpetrators. Various media outlets hinted at the possibility of Moroccan involvement, occurring against the backdrop of a diplomatic standoff between the two nations.

Prime Minister Pedro Sánchez and Defense Minister Margarita Robles were among the primary targets. In February 2021, while on an official visit to Morocco, their mobile phones fell victim to Pegasus infections8. This compromise allowed the spyware access to their messages, calls, contacts, photos, videos, location, microphone, and camera.

Additionally, Foreign Minister Arancha González Laya and Interior Minister Fernando Grande-Marlaska faced Pegasus surveillance in May 2021. This intrusion occurred during their management of a migration crisis in Ceuta, a Spanish enclave in North Africa that witnessed a mass influx of Moroccan migrants.

The outcry of the victims

Those who have potentially or definitively fallen victim to Pegasus expressed their outrage and concerns surrounding this spying scandal. They vehemently decried it as a grave infringement upon their fundamental rights and vociferously demanded both explanations and accountability. Furthermore, they sought access to the findings of the judicial investigation and the data collected by the spyware.

For example, Quim Torra expressed feeling “violated” and “humiliated” by the intrusive spying. He squarely pointed fingers at the Spanish state and demanded an apology from Prime Minister Sánchez. Torra also declared his intent to pursue legal action against NSO Group and CNI.

Likewise, Pedro Sánchez conveyed his profound worry and anger regarding the spying. He committed to seeking clarifications from Morocco and Israel while simultaneously reinforcing his government’s cybersecurity measures.

What are the consequences of the spying?

Spying by Pegasus inflicted severe consequences on the victims, as well as society and democracy. It violated the victims’ right to privacy, freedom of expression, freedom of information, and presumption of innocence. Additionally, it jeopardized the security, reputation, and well-being of the victims.

Pegasus’ spying activities also eroded trust and cooperation among various actors and institutions. It fostered an atmosphere of suspicion and hostility between Spain and Morocco, neighboring countries with historical and economic ties. Furthermore, it deepened divisions between Madrid and Barcelona, two regions with political and cultural distinctions. The spying undermined the credibility and legitimacy of the Spanish government and its intelligence service.

Moreover, Pegasus’ spying efforts raised awareness and concerns regarding the dangers and abuses of cyber-surveillance. It revealed the lack of control and accountability over the use of spyware by governments and private companies. The spying underscored the necessity for enhanced protection and regulation for human rights defenders, journalists, activists, and other vulnerable groups.

The cost of Pegasus by country: an estimation based on the available sources

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware capable of infecting smartphones and accessing their data, including messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, effectively turning it into a spying tool. But how much does it cost to use Pegasus? And which countries can afford it? This section will attempt to answer these questions based on the available information.

Firstly, the cost of using Pegasus depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract signed with NSO Group. According to The Guardian’s estimate, which relies on internal documents from NSO Group dating back to 2016, a license to monitor 50 smartphones cost 20.7 million euros per year at that time. Similarly, a license for monitoring 100 smartphones cost 41.4 million euros per year. It remains uncertain whether these prices have changed since 2016 or if NSO Group has offered discounts or rebates to certain clients.

Subsequently, the estimated cost of Pegasus by country derives from the number of phones targeted and the operation’s duration, using the average cost provided by The Guardian. These data are approximations and may vary depending on the sources. For instance, Saudi Arabia targeted approximately 15,000 numbers with Pegasus, according to Le Monde, but The Washington Post suggests a figure of 10,000. Likewise, Le Monde indicates that Morocco commenced using Pegasus in 2017, whereas Citizen Lab asserts it was in 2016.

Here is a summary table of the estimates of the cost of Pegasus by country:

Country Number of Phones Targeted Duration of Operation (years) Estimated Cost (in millions of euros)
Spain 60 6 248.4
Saudi Arabia 10 000 5 2070
Azerbaijan 5 000 4 828
Bahrain 3 000 3 372.6
Kazakhstan 1 500 2 124.2
Mexico 15 000 2 1242
Morocco 10 000 5 2070
Rwanda 3 500 4 579.6
Hungary 300 4 49.8
India 1 000 3 124.2
United Arab Emirates 10 000 5 2070

Finally, the total estimated cost of Pegasus for these ten countries would be about 10.5 billion euros over a period of five years.

The cost of Pegasus compared to other indicators

In addition to these estimates, we can also compare the cost of Pegasus with other indicators or expenditures, such as the average income or the budget of a country. This can help us to gain insight into the scale and impact of Pegasus.

For instance, according to Statista, Spain’s average annual income per capita in 2020 was $30,722. El País reported the budget of the Spanish Intelligence Agency (CNI) to be $331 million in 2020, while El Mundo stated that Catalonia’s budget was $40 billion in the same year.

Here is a summary table of the data:

Source Estimated Cost of Pegasus
Le Monde $7 to $20 million per year for 50 to 100 smartphones
TEHTRIS $9 million for 10 targets, $650,000 for a single target
Alain Jourdan $500 million for Spain (Source credibility unclear)
Average Income in Spain (2020) $30,722 per year
Budget of CNI (Spanish Intelligence Agency, 2020) $331 million
Budget of Catalonia (2020) $40 billion

The table demonstrates that Pegasus costs are very high compared to other indicators or expenditures. For instance, according to our previous estimation in the preceding section, Spain would have expended about 248.4 million euros over six years to monitor 60 phones with Pegasus. This amount equals approximately 8 times the budget of the Spanish Intelligence Agency (CNI) in 2020 or about 6% of Catalonia’s budget in the same year. Furthermore, this sum is equivalent to about 8,000 times the average annual income per capita in Spain in 2020.

In conclusion comparison

This comparison highlights that Pegasus represents a significant expense for its users, funds that could have been allocated to other purposes or needs. Moreover, it emphasizes the disproportionate nature of Pegasus costs concerning its victims, often ordinary citizens or government employees.

Assessing the cost of Pegasus with certainty is challenging because it depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract NSO Group signed. To obtain a clearer and more comprehensive view of the cost and scope of Pegasus use, access to NSO Group’s and its clients’ internal data would be necessary.

Statistics on Pegasus: a glimpse into the scale and diversity of Pegasus espionage

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware. Pegasus can infect smartphones and access their data, such as messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, turning it into a spying tool.

But who are the victims of Pegasus? And how many are they? In this section, we will present some statistics based on the available data.

It is important to note that these statistics are not comprehensive, as a sample of 50,000 phone numbers selected by NSO Group’s clients as potential targets forms the basis for them. Forbidden Stories and Amnesty International obtained this sample and shared it with a consortium of media outlets that conducted an investigation. The actual number of Pegasus targets may be much higher, as NSO Group claims to have more than 60 clients in 40 countries.

According to The Guardian’s analysis of the sample:

  • More than 1,000 individuals in 50 different countries have been confirmed as successfully infected with Pegasus.
  • Over 600 politicians and government officials, including heads of state, prime ministers, and cabinet ministers, were identified as potential targets.
  • More than 180 journalists working for prominent media outlets like CNN, The New York Times, Al Jazeera, or Le Monde were selected as potential targets.
  • Over 85 human rights activists, including members of organizations like Amnesty International and Human Rights Watch, were identified as potential targets.

According to Le Monde’s analysis of the same sample:

  • Morocco selected more than 15,000 individuals as potential targets between 2017 and 2019.
  • Mexico selected over 10,000 potential targets between 2016 and 2017.
  • Saudi Arabia selected more than 1,400 potential targets between 2016 and 2019.
  • India selected over 800 potential targets between 2017 and 2019.

Here is a summary table of the key findings from both sources:

Data Source Key Findings
The Guardian (Sample of 50,000 Numbers) Over:

  • 1,000 infections in 50 countries
  • 600 politicians and government officials targeted
  • 180 journalists selected as potential targets
  • 85 human rights activists identified as potential targets
Le Monde (Sample of 50,000 Numbers) Over:

  • 15,000 potential targets in Morocco (2017-2019)
  • 10,000 potential targets in Mexico (2016-2017)
  • 1,400 potential targets in Saudi Arabia (2016-2019)
  • 800 potential targets in India (2017-2019)

These statistics reveal Pegasus surveillance’s extensive reach and diversity, affecting a wide range of individuals and countries with varying motivations and interests. Moreover, they show that Pegasus surveillance has been ongoing for several years without anyone detecting or stopping it.

In conclusion, these statistics provide a glimpse into the scale and diversity of Pegasus espionage. However, they are not exhaustive and may not fully reflect the true extent of Pegasus surveillance. To have a clearer and more complete picture of the victims and the consequences of Pegasus, access to the internal data of NSO Group and its clients would be necessary.

Pegasus Datasheet: a summary of the features and capabilities of Pegasus spyware

Pegasus is a spyware developed by the Israeli company NSO Group, designed for remote monitoring of mobile phone activities. Pegasus can infect smartphones and access their data, such as messages, calls, contacts, photos, videos, location, microphone, and camera. Pegasus can also control some functions of the phone, such as enabling or disabling Wi-Fi, Bluetooth, and more. Pegasus can infect phones through different methods, such as malicious link delivery or the insidious “zero-click” technique, which does not require any user interaction. The duration and frequency of Pegasus surveillance depend on the contract signed with NSO Group, which can vary from client to client.

Below is a datasheet detailing Pegasus, including price estimates and periodicity:

CHARACTERISTIC VALUE ATTACK VECTOR
Name Pegasus  
Developer NSO Group  
Type Spyware  
Function Remote monitoring of mobile phone activities  
Infection Method Malicious link delivery or the insidious “zero-click” technique Email, SMS, Web Browsing, WhatsApp, Zero-Click
Data Access Messages, calls, contacts, photos, videos, location, microphone, camera  
Function Access Capable of enabling/disabling Wi-Fi, Bluetooth, and more  
Periodicity Varied, dependent on contract duration and frequency of updates  
Price Estimate $7 to $20 million per year for 50 to 100 smartphones

Assessing the Pegasus Threat Level After Security Updates and Utilizing Anti-Pegasus Tools

Pegasus is a spyware that exploits security flaws in the operating systems of phones, such as iOS or Android. To reduce the level of threat of Pegasus, one of the ways is to update and patch these operating systems regularly, to fix the vulnerabilities that Pegasus can use.

How security updates can protect the devices from Pegasus

In September 2021, Apple released iOS 14.8 and macOS 11.6 as security updates to protect its devices from the zero-click exploit used by Pegasus. Citizen Lab discovered this exploit, called FORCEDENTRY, in August 2021. FORCEDENTRY allowed Pegasus to infect iPhones without any user interaction. Apple urged its users to install the updates as soon as possible to protect themselves from Pegasus.

Google also released security updates for Android devices in August 2021, according to Linternaute. These updates fixed several vulnerabilities that Pegasus or other spyware could exploit. Google did not specify if these vulnerabilities were related to Pegasus, but it advised its users to update their devices regularly to ensure their security.

However, updating and patching the operating systems may not be enough to prevent or detect Pegasus infections. Pegasus can adapt to security updates and use new exploits that security experts have not yet discovered or fixed.

Advanced Detection and Protection Against Pegasus Spyware

In the ongoing effort to combat the sophisticated Pegasus spyware, cybersecurity experts have developed advanced tools and methods to detect and neutralize such threats. Kaspersky, a leader in global cybersecurity, has recently unveiled a groundbreaking approach that enhances our capability to identify and mitigate the impact of iOS spyware including Pegasus, as well as newer threats like Reign and Predator.

Kaspersky’s Innovative Detection Method

Leveraging the untapped potential of forensic artifacts, Kaspersky’s Global Research and Analysis Team (GReAT) has introduced a lightweight yet powerful method to detect signs of sophisticated spyware infections. By analyzing the Shutdown.log found within the iOS sysdiagnose archive, researchers can now identify anomalies indicative of a Pegasus infection, such as unusual “sticky” processes. This method provides a minimally intrusive, resource-efficient way to pinpoint potential spyware compromises.

Empowering Users with Self-Check Capabilities

To democratize the fight against spyware, Kaspersky has developed a self-check tool available to the public. This utility, based on Python3 scripts, allows users to independently extract, analyze, and interpret data from the Shutdown.log file. Compatible with macOS, Windows, and Linux, this tool offers a practical solution for users to assess their devices’ integrity.

Comprehensive User Protection Strategies

Beyond detection, protecting devices from sophisticated spyware demands a multifaceted approach. Kaspersky recommends several proactive measures to enhance device security:

  • Reboot Daily: Regular reboots can disrupt the persistence mechanisms of spyware like Pegasus, which often relies on zero-click vulnerabilities for infection.
  • Enable Lockdown Mode: Apple’s Lockdown Mode has shown effectiveness in thwarting malware infections by minimizing the attack surface available to potential exploiters.
  • Disable iMessage and Facetime: Given their popularity as vectors for exploitation, disabling these services can significantly reduce the risk of infection.
  • Stay Updated: Promptly installing the latest iOS updates ensures that known vulnerabilities are patched, closing off avenues for spyware exploitation.
  • Exercise Caution with Links: Avoid clicking on unsolicited links, a common method for delivering spyware through social engineering tactics.
  • Regular Checks: Utilizing tools like MVT (Mobile Verification Toolkit) and Kaspersky’s utilities to analyze backups and sysdiagnose archives can aid in early detection of malware.

By integrating these practices, users can significantly bolster their defenses against the most advanced spyware, reducing the likelihood of successful infiltration and ensuring greater digital security and privacy.

Technological Innovations in Spyware Defense: The Case of DataShielder NFC HSM

As nations grapple with policy measures to regulate the use of commercial spyware, technological innovators like Freemindtronic are stepping up to offer robust defenses for individuals against invasive tools like Pegasus. The DataShielder NFC HSM Defense, equipped with EviCore NFC HSM technology, represents a leap forward in personal cybersecurity, offering a suite of features designed to safeguard data and communications from sophisticated spyware threats.

DataShielder NFC HSM: A Closer Look

DataShielder NFC HSM Defense utilizes contactless encryption and segmented key authentication, securely stored within an NFC HSM, to protect users’ digital lives. This groundbreaking approach ensures that secret keys, the cornerstone of digital security, remain out of reach from spyware, thus maintaining the confidentiality and integrity of sensitive information across various communication protocols.

DataShielder NFC HSM Defense: a solution against spyware

Another technology can help users protect themselves from Pegasus and other spyware. This is DataShielder NFC HSM Defense with EviCore NFC HSM, a solution that effectively fights against applications and spyware such as Pegasus. It is an alternative that secures contactless encryption and segmented key authentication system stored encrypted in NFC HSM. Thus, the secret keys are physically externalized and not accessible to the spyware. DataShielder NFC HSM Defense with EviCypher NFC HSM encrypts all types of sensitive data without ever logging the data unencrypted. The user can encrypt all types of data from his contactless phone in volatile memory, including Email, SMS, MMS, RCS, Chat, all messaging in general, all types of messaging, including satellite, without ever saving his texts unencrypted. DataShielder NFC HSM also works in air gap as well as on all types of NFC, Wifi, Bluetooth, Lan, Wan, Camera communication protocols that it encrypts end-to-end from NFC HSM

DataShielder NFC HSM Defense: additional features

In the Defense version of DataShielder NFC HSM, it integrates EviCall NFC HSM technology, which allows users to physically outsource phone contacts and make calls by automatically erasing the call histories of the phone, including encrypted and unencrypted SMS linked to that call number.

DataShielder NFC HSM also includes Evipass NFC HSM contactless password manager technology. It is therefore compatible with EviCore NFC HSM Browser Extension technology. In particular, it carries out all types of autofill and autologin operations. Thus, DataShielder NFC HSM not only allows you to connect by autofilling the traditional login and password identification fields on the phone, whether through applications or online accounts. But also also and on the types of online accounts (lan and wan), applications, software. DataShielder NFC HSM Defense also includes EviKeyboard BLE technology which also extends the use of keys greater than 256 bit. This virtual Bluetooth keyboard allows you to authenticate on the command line, on all types of home automation, electronic, motherboard bios, TMP2.0 key, which accepts the connection of a keyboard on a USB port. All these operations are end-to-end encrypted from NFC HSM up to more than 50 meters away via Bluetooth encrypted in AES-128.

To encrypt sensitive data from their phone, the user will do it from their secret keys only stored in their NFC HSM. They can also do it from their computer using the NFC HSM. This is possible thanks to the interoperability and backward compatibility of the DataShielder NFC HSM Defense ecosystem, which works independently but is interoperable on all Android computer and telephone systems with NFC technology. For example, users can encrypt files, photos, videos, and audio on their phones without ever exposing them to security breaches on the phone or computer.

This is the EviCypher NFC HSM technology dedicated to the encryption and management of AES 256 and RSA 4096 encryption keys.

Similarly, DataShielder also includes EviOTP NFC HSM technology, also in DataShielder NFC HSM Defense, which secures and manages OTP (TOTP and HOTP) secret keys.

Here are all the links : EviPass NFC HSMEviOTP NFC HSMEviCypher NFC HSMEviCall NFC HSM, EviKeyboard BLE

DataShielder NFC HSM Defense vs Pegasus: a comparison table

Data Pegasus DataShielder NFC HSM Defense
Messages, chats Can read and record them unencrypted Encrypts them end-to-end with keys physically externalized in the NFC HSM
Phone contacts Can access and modify them Externalizes and encrypts them in the NFC HSM
Emails Can intercept and read them Encrypts them with the OpenPGP protocol and signs them with the NFC HSM
Photos Can access and copy them Encrypts them with the NFC HSM and stores them in a secure space
Videos Can watch and record them Encrypts them with the NFC HSM and stores them in a secure space
Encrypted messages scanned from the camera Can decrypt them if he has access to the encryption key Encrypts them with the NFC HSM and does not leave any trace of the encryption key
Conversation histories from contacts stored in the NFC HSM Can access and analyze them Erases them automatically after each call or message
Usernames and passwords Can steal and use them Externalizes and encrypts them in the NFC HSM with EviPass technology
Secret keys of OTP Can compromise and impersonate them Externalizes them physically in the NFC HSM with EviOTP technology

Bridging the Gap Between Technology and Privacy

In an era where spyware like Pegasus poses unprecedented threats to personal privacy and security, solutions like DataShielder NFC HSM Defense emerge as essential tools in the individual’s cybersecurity arsenal. By leveraging such technologies, users can significantly mitigate the risk of spyware infections, reinforcing the sanctity of digital privacy in the face of evolving surveillance tactics.

The level of threat of Pegasus in different cases

The level of threat of Pegasus depends on many factors, such as the type and version of the operating system, the frequency and quality of the updates and patches, the availability and effectiveness of the tools, and the behavior and awareness of the users. It is therefore difficult to measure it precisely or universally, as it may vary according to different scenarios and situations.

However, we can try to give some estimates or ranges of levels, based on assumptions or approximations. For example, we can use a scale from 1 (lowest) to 10 (highest) to indicate how likely it is for a device to be infected by Pegasus in different cases:

Case Level of threat
A device with an outdated operating system that has not been updated for a long time 9/10
A device with an updated operating system that has been patched recently 5/10
A device with an updated operating system that has been patched recently and uses antivirus software 3/10
A device with an updated operating system that has been patched recently and uses antivirus software and VPN software 2/10
A device with an updated operating system that has been patched recently and uses antivirus software, VPN software, and anti-spyware software 1/10
A device with an updated operating system that has been patched recently and uses DataShielder NFC HSM 0/10

Latest affairs related to Pegasus

Since the revelations of Forbidden Stories and Amnesty International in July 2021, several new developments have occurred in relation to Pegasus spying. Here are some of them:

  • October 2023, The former head of the Spanish intelligence services has been charged with spying on the regional president of Catalonia, Pere Aragonès, using the Pegasus software, the Spanish justice announced on Monday. Paz Esteban, who was dismissed last year by the government of Pedro Sánchez after the scandal broke out, has been summoned by the Barcelona judge in charge of the case on December 131. The judge said that the facts reported by the moderate separatist leader have the “characteristics” of “possible criminal offenses such as illegal wiretapping and computer espionage
  • In October 2021, Paz Esteban López, the former head of CNI, was charged with crimes against privacy and misuse of public funds for allegedly ordering the spying on Catalan politicians with Pegasus. She is the first high-ranking official to face legal consequences for using Pegasus in Spain.
  • In September 2021, NSO Group announced that it was temporarily suspending its services to several government clients after being accused of facilitating human rights abuses with Pegasus. The company did not specify which clients were affected by this decision.
  • In August 2021, Apple released an urgent security update for its devices after discovering a zero-click exploit that allowed Pegasus to infect iPhones without any user interaction. The exploit, called FORCEDENTRY, was used by NSO Group to target activists, journalists and lawyers around the world. Apple urged its users to install the update as soon as possible to protect themselves from Pegasus.
  • In July 2021, the French government launched an investigation into the alleged spying on President Emmanuel Macron and other senior officials by Morocco using Pegasus. Morocco denied any involvement in the spying and sued Amnesty International and Forbidden Stories for defamation. France also summoned the Israeli ambassador to Paris to demand explanations about NSO Group’s activities.
  • In July 2021, the Israeli government formed a task force to review the allegations against NSO Group and its export licenses. The task force included representatives from the defense, justice and foreign ministries, as well as from the Mossad and the Shin Bet. The task force was expected to report its findings within a few weeks.

These developments show that Pegasus spying has triggered legal, diplomatic and political reactions in different countries. They also show that Pegasus spying has exposed the vulnerabilities and the challenges of cybersecurity in the digital age.

International Policy Measures Against Spyware Misuse

In a landmark move reflecting growing global concern over the misuse of commercial spyware, the United States announced in February 2024 its decision to impose visa restrictions on individuals involved in the abuse of such technologies. This policy, aimed at curbing the proliferation of weapons-grade commercial spyware like Pegasus, marks a significant stride in international efforts to safeguard against digital espionage threats to national security, privacy, and human rights.

The US Stance on Spyware Regulation

The Biden administration’s policy will potentially impact major US allies, including Israel, India, Jordan, and Hungary, underscoring the administration’s commitment to countering the misuse of spyware. This comes on the heels of earlier measures, such as placing Israel’s NSO Group on a commerce department blacklist and prohibiting the US government’s use of commercial spyware, signaling a robust stance against the unregulated spread of spyware technologies.

Global Implications and Diplomatic Efforts

Secretary of State Antony Blinken’s statement linking the misuse of spyware to severe human rights violations highlights the gravity with which the US views the global spyware issue. The policy introduces a mechanism for enforcing visa restrictions on those believed to be involved in or benefiting from the misuse of spyware, sending a strong message about the US’s intolerance for such practices.

A Step Towards Greater Accountability

By targeting individuals involved in the surveillance, harassment, and intimidation of journalists, activists, and dissenters, the US aims to foster a more accountable and ethical global spyware industry. This visa ban, applicable even to individuals from visa waiver countries, represents an “important signal” about the risks associated with the spyware sector, emphasizing the need for international cooperation in addressing these challenges.

Spyware with multiple detrimental impacts

Pegasus is not only a spyware with a high financial cost for its users, but it also entails, whether it is used legitimately or not, a human, social, political and environmental cost for its victims and society as a whole. It is difficult to precisely quantify the cost of the damages caused by the use of Pegasus due to numerous factors and variables that can vary across countries, sectors and periods. However, we can provide some rough estimates and examples to illustrate the scope and diversity of the impacts of the use of Pegasus.

Financial Cost

The financial cost of the damages inflicted by Pegasus can be measured on several fronts:

  • Cost to Victims: Individuals spied on by Pegasus may suffer direct or indirect financial losses, stemming from breaches of their privacy, disclosure of personal or professional information, manipulation, or theft of their financial or tax-related data. For example, a journalist might lose their job or credibility due to information revealed by Pegasus; a lawyer could lose a lawsuit or a client due to a disclosed strategy, and an activist might lose funding or security due to an exposed campaign.
  • Cost to Businesses: Companies targeted by Pegasus may face direct or indirect financial losses related to intellectual property violation, unfair competition, industrial espionage, corruption, and more. For instance, a business could lose a contract or market share because of exposed bids; its reputation and trustworthiness could suffer due to a Pegasus-related scandal, and its competitiveness and profitability could diminish from a compromised trade secret.
  • Cost to States: Nations subject to Pegasus espionage may experience direct or indirect financial losses tied to sovereignty violations, threats to national security, interference in domestic and foreign affairs, among others. An example includes a country’s stability or legitimacy being jeopardized due to a Pegasus-facilitated coup; a nation losing influence or alliances because of negotiations undermined by Pegasus; or a state’s development or environment suffering from a Pegasus-sabotaged project.

Geopolitical Cost

The geopolitical cost of Pegasus-induced damages can be measured on various fronts:

  • Cost to International Relations: The use of Pegasus by some states to spy on others can lead to diplomatic tensions, armed conflicts, economic sanctions, and cooperation ruptures. For example, the espionage of French President Emmanuel Macron by Morocco triggered a crisis between the two nations; spying on Indian Prime Minister Narendra Modi by China escalated their border dispute, and Israeli espionage of Iranian President Hassan Rouhani compromised the nuclear agreement between the two countries.
  • Cost to International Organizations: Pegasus’ deployment by certain states to spy on international organizations can result in violations of international law, human rights abuses, and hindrances to multilateralism. For instance, spying on UN Secretary-General Antonio Guterres by the United States undermined the organization’s independence and impartiality. Similarly, espionage targeting the International Criminal Court by Israel threatened international justice and peace, while spying on the World Health Organization by China disrupted pandemic management.

Economic Cost

The economic cost of the damages caused by Pegasus can be assessed across different dimensions:

  • Cost to Economic Growth: The use of Pegasus by certain states or private actors to spy on other states or private actors can lead to market distortions, productivity losses, capital flight, and offshoring. For example, the espionage targeting the airline company Emirates by Qatar reduced its competitiveness and profitability. Similarly, spying on the oil company Petrobras by the United States triggered an economic and political crisis in Brazil. Additionally, spying on Mexico’s central bank by Venezuela facilitated money laundering and terrorism financing.
  • Cost to Innovation: The utilization of Pegasus by certain states or private actors to spy on other states or private actors can result in patent theft, counterfeiting, hacking, and cyberattacks. For instance, spying on pharmaceutical company Pfizer by China allowed the latter to replicate its COVID-19 vaccine. Simultaneously, espionage against technology giant Apple by North Korea enabled the creation of its smartphone. Furthermore, spying on space company SpaceX by Russia allowed the latter to sabotage its launches.

Human, Social, and Environmental Cost

The human, social, and environmental cost of Pegasus-induced damages can be measured across several aspects:

  • Cost to Human Rights: The use of Pegasus by certain states or private actors to spy on vulnerable individuals or groups can result in violations of the right to life, freedom, security, dignity, and more. For example, the spying on journalist Jamal Khashoggi by Saudi Arabia led to his assassination. Similarly, espionage targeting activist Edward Snowden by the United States led to his exile. Additionally, the espionage of dissident Alexei Navalny by Russia resulted in his poisoning.
  • Cost to Democracy: The deployment of Pegasus by certain states or private actors to spy on political or social actors can lead to infringements on pluralism, transparency, participation, representativeness, and more. For instance, spying on French President Emmanuel Macron by Russia attempted to influence the 2017 French presidential election. Similarly, spying on the Yellow Vest movement by Morocco aimed to weaken the French social movement in 2018. Additionally, espionage against President Joe Biden by Iran sought to infiltrate his transition team in 2020.
  • Cost to the Environment: The use of Pegasus by certain states or private actors to spy on organizations or individuals committed to environmental protection can result in damage to biodiversity, climate, natural resources, and more. For example, spying on Greenpeace by Japan hindered its efforts against whale hunting. Similarly, espionage against the WWF by Brazil facilitated deforestation in the Amazon. Additionally, the spying on climate activist Greta Thunberg by Russia aimed to discredit her climate movement.
  • Cost to Intangibles: The use of Pegasus by certain states or private actors to spy on individuals or groups with symbolic, cultural, moral, or spiritual value can result in losses of meaning, trust, hope, or faith. For instance, espionage against Pope Francis by Turkey undermined his moral and religious authority. Similarly, spying on the Dalai Lama by China compromised his spiritual and political status. Additionally, the espionage of Nelson Mandela by South Africa tarnished his historical and humanitarian legacy.

The Risk of Diplomatic Conflict Arising from Pegasus

The utilization of Pegasus by some states to spy on others can give rise to the risk of diplomatic conflict, which can have severe consequences for international peace and security. The likelihood of diplomatic conflict depends on several factors, including:

  • Intensity and Duration of Espionage: The more extensive and prolonged the espionage, the more likely it is to provoke a strong and lasting reaction from the spied-upon state.
  • Nature and Status of Targets: More important and sensitive targets are more likely to trigger a strong and immediate reaction from the spied-upon state. For instance, spying on a head of state or a minister is more serious than spying on a bureaucrat or diplomat.
  • Relationship and Context Between States: States with tense or conflictual relationships are more likely to provoke a strong and hostile reaction from the spied-upon state. For instance, espionage between rival or enemy states is more serious than espionage between allied or neutral states.

The risk of diplomatic conflict can manifest at various levels:

  • Bilateral Level: This is the most direct and frequent level, where two states clash due to espionage. Possible reactions include official protests, summoning or expelling an ambassador, breaking or freezing diplomatic relations, etc.
  • Regional Level: This level involves a state seeking support from its neighbors or regional partners to bolster its position or condemn the espionage. Possible reactions include joint declarations, collective resolutions, economic or political sanctions, etc.
  • International Level: At this level, a state calls upon international organizations or global actors to support its position or condemn the espionage. Possible reactions include referring the matter to an international court, resolutions by the UN Security Council, humanitarian or military sanctions, etc.

The risk of diplomatic conflict can have various consequences:

  • Political Consequences: It can lead to a deterioration or rupture of relations between the involved states, a loss of credibility or legitimacy on the international stage, internal political instability or crisis, etc.
  • Economic Consequences: It can result in reduced or suspended trade between the involved states, a loss of competitiveness or growth, capital flight or frozen investments, etc.
  • Social Consequences: It can lead to increased or exacerbated tensions or violence among the populations of the involved states, a loss of trust or solidarity, a rise or reinforcement of nationalism or extremism, etc.

Conclusion: Navigating the Pegasus Quagmire with Innovative Defenses

The saga of Pegasus spyware unveils a complex tableau of financial, human, social, political, and environmental ramifications. Pinpointing the exact toll it takes presents a formidable challenge, given the myriad of factors at play. Throughout this article, we’ve endeavored to shed light on the extensive impacts, offering insights and quantifications to bring clarity to this global concern.

Moreover, Pegasus not only incurs a direct cost but also sows the seeds of potential diplomatic strife, pitting states against each other in an invisible battlefield. The severity of these confrontations hinges on the espionage’s scope, the targets’ sensitivity, and the intricate web of international relations. Such conflicts, manifesting across various levels, can significantly strain political ties, disrupt economies, and fracture societies.

In this digital quagmire, the innovative counter-espionage technologies developed by Freemindtronic emerge as a beacon of hope. They offer a testament to the power of leveraging cutting-edge solutions to fortify our digital defenses against the invasive reach of spyware like Pegasus. By integrating such advanced protective measures, individuals and organizations can significantly enhance their cybersecurity posture, safeguarding their most sensitive data and communications in an increasingly surveilled world.

This piece aims to illuminate the shadowy dynamics of Pegasus spyware, drawing back the curtain on its profound implications. For those keen to explore further, we invite you to consult the sources listed below. They serve as gateways to a deeper understanding of Pegasus’s pervasive influence, the ongoing efforts to counteract its invasive reach, and the pivotal role of technologies like those from Freemindtronic in these endeavors.

In a world where digital surveillance perpetually evolves, staying informed, vigilant, and equipped with the latest in counter-espionage technology is paramount. As we navigate these challenges, let us engage in ongoing dialogue, advocate for stringent regulatory measures, and champion the development of robust cybersecurity defenses. Together, we can confront the challenges posed by Pegasus and similar technologies, safeguarding our collective privacy, security, and democratic values in the digital age.

Sources

In crafting this article, we have drawn upon a selection of reputable and verified web sources. Our sources are chosen for their commitment to presenting facts objectively and respecting the presumption of innocence.

This article has been meticulously crafted, drawing upon a diverse array of reputable and verified web sources. These sources have been selected for their unwavering commitment to factual accuracy, objective presentation, and respect for the presumption of innocence. Our investigation delves deep into the complex web of surveillance technology, focusing on the notorious Pegasus spyware developed by NSO Group and the global efforts to detect, regulate, and mitigate its invasive reach. The article sheds light on groundbreaking detection methods, international policy measures against spyware misuse, and the pressing need for enhanced cybersecurity practices.

We analyzed many sources including:

In summary

Additional references from a range of international publications provide further insights into the deployment, implications, and countermeasures associated with Pegasus spyware across various countries, including Saudi Arabia, Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Hungary, India, and the United Arab Emirates. These articles collectively highlight the global challenge posed by Pegasus, the evolving landscape of digital espionage, and the concerted efforts required to safeguard privacy and security in the digital age.

Estimating the Global Reach and Financial Implications of Pegasus Spyware

The deployment of Pegasus spyware across various nations reveals not only the extensive reach of NSO Group’s surveillance tool but also underscores the significant financial and ethical costs associated with its use. The following insights, derived from reputable news sources, offer a glimpse into the scale of Pegasus’s deployment worldwide and its impact on targeted countries:

  1. According to the French Le Monde, Saudi Arabia targeted about 15,000 phone numbers with Pegasus. The cost of one license can be as high as Rs 70 lakh. With one license, multiple smartphones can be tracked. As per past estimates of 2016, for spying on just 10 people using Pegasus, NSO Group charges a minimum of around Rs 9 crore.
  2. The American The Washington Post reported that Saudi Arabia started using Pegasus in 2018. The FBI also confirmed that it obtained NSO Group’s powerful Pegasus spyware in 2019, suggesting that it bought access to the Israeli surveillance tool to “stay abreast of emerging technologies and tradecraft”.
  3. The British The Guardian stated that Azerbaijan aimed at about 5,000 phone numbers with Pegasus. The country is among the 10 governments that have been the most aggressive in deploying the spyware against their own citizens and those of other countries.
  4. As per the American The Washington Post, Azerbaijan began using Pegasus in 2019. The country has been accused of using the spyware to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  5. In the case reported by the French Le Monde, Bahrain focused on about 3,000 phone numbers with Pegasus. The country has been using the spyware since 2020 to target dissidents, human rights defenders, and members of the royal family.
  6. Mentioned in the American The Washington Post, Bahrain initiated Pegasus use in 2020. The country is one of the NSO Group’s oldest customers, having signed a contract with the company in 2016.
  7. As disclosed by the British The Guardian, Kazakhstan directed attention towards approximately 1,500 phone numbers with Pegasus. The country has been using the spyware since 2021 to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  8. According to the American The Washington Post, Kazakhstan commenced Pegasus usage in 2021. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2020.
  9. According to claims made by the Mexican Aristegui Noticias, Mexico targeted about 15,000 phone numbers with Pegasus. The country is the largest known client of NSO Group, having spent at least $61m on the spyware between 2011 and 2017.
  10. As reported by the American The Washington Post, Mexico began Pegasus use in 2020. The country has been using the spyware to target journalists, activists, lawyers, and politicians, as well as the relatives of the 43 students who disappeared in 2014.
  11. As detailed in the French Le Monde, Morocco focused on about 10,000 phone numbers with Pegasus. The country is one of the most prolific users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  12. Confirmed by the Canadian organization Citizen Lab, Morocco initiated Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2014.
  13. According to findings reported by the British The Guardian, Rwanda honed in on around 3,500 phone numbers with Pegasus. The country has been using the spyware to target dissidents, journalists, and human rights defenders, as well as foreign critics and rivals.
  14. As indicated by the American The Washington Post, Rwanda started Pegasus usage in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  15. In the report from the French Le Monde, Hungary aimed at about 300 phone numbers with Pegasus. The country is the only EU member state known to have used the spyware, having targeted journalists, activists, lawyers, and opposition figures.
  16. As conveyed by the Hungarian Direkt36, Hungary initiated Pegasus use in 2018. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2017.
  17. As outlined in the Indian The Wire, India directed attention towards approximately 1,000 phone numbers with Pegasus. The country is one of the largest users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as the leader of the main opposition party.
  18. According to the British The Guardian, India began Pegasus use in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  19. According to the information provided by the French Le Monde, the United Arab Emirates honed in on around 10,000 phone numbers with Pegasus. The country is one of the most aggressive users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  20. Confirmed by the Canadian organization Citizen Lab, the United Arab Emirates started Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2013.
  21. According to the European Parliament recommendation of 15 June 2023, the EU and its Member States have been affected by the use of Pegasus and equivalent surveillance spyware, which constitutes a serious threat to the rule of law, democracy, human rights and fundamental freedoms. The recommendation calls for a global moratorium on the sale and use of such technologies until robust safeguards are established.
  22. According to the article by Malwarebytes, Pegasus spyware and how it exploited a WebP vulnerability, the spyware exploited a vulnerability in the WebP image format, which allows for lossless compression and restoration of pixels. The article explains how the attackers created specially crafted image files that caused a buffer overflow in the libwebp library, used by several programs and browsers to support the WebP format.
  23. According to the article by ZDNet, ‘Lawful intercept’ Pegasus spyware found deployed in 45 countries, the spyware has been used by government agencies across the world to conduct cross-border surveillance, violating international law and human rights. The article cites a report by Citizen Lab, which identified 45 countries where Pegasus operators may be conducting surveillance operations.
  24. According to the article by The Guardian, Experts warn of new spyware threat targeting journalists and political opponents, a new spyware with hacking capabilities comparable to Pegasus has emerged, developed by an Israeli company called Candiru. The article cites a report by Citizen Lab, which found evidence that the spyware has been used to target journalists, political opposition figures and an employee of an NGO.

Electronic Signature HSM OpenPGP

Electronic Signature from DataShielder

Electronic signatures are increasingly being used to authenticate and protect documents online. But did you know that there are different levels of security for electronic signatures? According to the eIDAS regulation, there are three types of electronic signatures: simple, advanced and qualified. Each type offers a different degree of reliability and safety. In this article, we will look at simple electronic signatures and explain how HSM OpenPGP can make them more secure.

Simple Electronic Signatures

A simple electronic signature is the most basic form of electronic signature. It has no specific criteria defined by the eIDAS regulation. It is based solely on the express or implied consent of the author of the document. For example, a simple click on an “I agree” button or entering a name in a form field can be considered a simple electronic signature.

Simple electronic signatures are used for documents that do not require increased security, such as newsletters, surveys or contact forms. They have limited legal value, as they do not guarantee the identity of the signer or the integrity of the document.

Simple electronic signatures present several risks for data security. First of all, they are easy to forge or usurp. It is enough to know the name or email address of the signer to be able to sign in his place. Then, they are vulnerable to computer attacks. A hacker can intercept, modify or delete the signed document without the signer or the recipient noticing. Finally, they are difficult to verify. There is no simple and reliable way to prove the authenticity and validity of a simple electronic signature.

Il is a tool that allows you to sign your electronic documents in compliance with the eIDAS regulation. HSM OpenPGP offers you several advantages to enhance the security of your simple electronic signatures:

HSM OpenPGP uses an asymmetric cryptography system to protect your data. Each signer has a pair of keys: a public key and a private key. The public key is used to verify the signature, while the private key is used to sign the document. The private key is stored in a secure digital vault and is only accessible to the signer. HSM OpenPGP generates a timestamp for each signed document. The timestamp is an indelible proof of the date and time of the signature. It ensures the integrity of the document and prevents tampering or repudiation. HSM OpenPGP allows you to choose the level of security of your electronic signature according to your needs. You can opt for a simple, advanced or qualified electronic signature. Each level offers additional guarantees on the identity of the signer and the validity of the document. It is therefore a tool that allows you to sign your electronic documents with confidence and compliance. If you want to learn more about HSM OpenPGP and its features, feel free to visit our website or contact us.

Advanced Electronic Signatures

Electronic signatures are increasingly used to authenticate and protect online documents. But not all electronic signatures are equal. According to the eIDAS regulation, there are three types of electronic signatures: simple, advanced and qualified. Each type offers a different level of reliability and security. In this article, we will focus on advanced electronic signatures and explain how HSM OpenPGP can make them safer.

An advanced electronic signature is a form of electronic signature that offers a higher level of security than a simple electronic signature. It is based on a digital certificate issued by a trusted third party, called a qualified trust service provider (QTSP). This certificate allows to authenticate the identity of the signer and to ensure the integrity of the signed document. To be considered as an advanced electronic signature, the signature must meet several criteria defined by the eIDAS regulation. It must be:

  • Uniquely linked to the signer;
  • Capable of identifying the signer;
  • Created using signature creation data that the signer can use under his exclusive control;
  • Linked to the signed data in such a way that any subsequent modification of the data is detectable.

Advanced electronic signatures are used for documents that require increased security, such as contracts, invoices or tax declarations. They have a stronger legal value than simple electronic signatures, because they can prove the origin and integrity of the document.

It is an encryption key management application that provides unparalleled security and privacy to users. It is compatible with all messaging services and offers end-to-end encrypted instant messaging via segmented key authentication SMS. It also has a file encryption and data signing system with signature self-verification.

  • eIDAS compliance: By using HSM OpenPGP for advanced electronic signatures, you can be sure that your signatures meet the requirements of the eIDAS (Electronic IDentification, Authentication and Trust Services) regulation, which was established in July 2016 to define the criteria for an electronic signature process within the European Union.
  • Timestamp of signed documents: HSM OpenPGP generated a timestamp for each signed document. The timestamp is indelible proof of the date and time of the signature. It ensures the integrity of the document and prevents falsification or repudiation.
  • Choice of security level: HSM OpenPGP also allows you to choose the level of security of your electronic signature according to your needs.
  • Advanced features for data security and privacy: In addition to meeting eIDAS requirements for advanced electronic signatures, HSM OpenPGP also offers other data security and privacy benefits. For example, it allows you to generate, store, and use all types of symmetric and asymmetric keys offline for Open PGP encryption algorithms. The user can freely choose the algorithm he wants to use from AES 128 192 256 or RSA 2048 3072 4096 Open PGP. They can also import or export existing keys for storage, management, sharing, or use with HSM OpenPGP.

By using HSM OpenPGP for advanced electronic signatures, you not only benefit from a high level of reliability and security in accordance with the eIDAS regulation, but also additional protection for your data thanks to the advanced features offered by HSM OpenPGP.

Compliance with eIDAS Regulation

It is an innovative application for managing encryption keys and signing files. Although HSM OpenPGP offers an interesting approach to electronic signatures, it is important to note that its approach differs from the requirements for a qualified electronic signature under the eIDAS regulation.

The eIDAS Regulation (No 910/2014) was adopted on 23 July 2014 by the European Parliament and the European Union Council. It aims to strengthen trust in electronic transactions within the internal market by establishing a common foundation for secure electronic interactions between citizens, businesses and public authorities. According to this regulation, a qualified electronic signature must be created using a secure signature creation device (DSC) that ensures that the signature creation data is under the exclusive control of the signatory. It must also be based on a qualified electronic signature certificate that attests to the identity of the signatory and is issued by a qualified trust service provider (PSC) meeting applicable technical and regulatory requirements. Finally, it must allow the signatory to be identified and any subsequent changes to the signed data to be detected.

To learn more about the eIDAS Regulation, you can visit the EUR-Lex website at the following address:

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32014R0910

HSM OpenPGP does not generate a qualified electronic signature within the meaning of the eIDAS Regulation because its approach does not rely on the use of a secure signature creation device (DSC) or a qualified certificate for electronic signatures issued by a qualified trust service provider (PSC).

However, It’s offers an innovative approach in the field of file signing and data encryption. HSM OpenPGP allows the signatory to generate, store and share their own public key and signature hash without relying on an external trusted third party. HSM OpenPGP uses technology patented by Freemindtronic on segmented key authentication to provide users with an unparalleled level of security and privacy. HSM OpenPGP also allows you to choose the level of security for your electronic signature based on your needs.

In short, although HSM OpenPGP does not generate a qualified electronic signature within the meaning of the eIDAS Regulation, it offers an innovative approach to simple and advanced electronic signatures with a high level of security and privacy.

According to the eIDAS Regulation, an advanced electronic signature must meet the following criteria:

  • It is uniquely linked to the signatory.
  • It allows the signatory to be identified.
  • It is created using data that the signatory can use under their exclusive control.
  • It is linked to the data to which it relates in such a way that any subsequent changes to the data can be detected.

It is appears to meet these criteria by allowing the signatory to generate their own private key using an application on their phone. The private key is encrypted and stored in the keychain (Apple) or key store (Android) and is only accessible to the signatory. The signatory creates their signature in .asc format from their private key after authenticating by entering at least one key or two or three. The signatory then sends the signature and their public key to the recipient so that they can verify that the file has not been corrupted.

By using HSM OpenPGP for advanced electronic signatures, you not only benefit from a high level of reliability and security in accordance with the eIDAS Regulation, but also additional protection for your data thanks to HSM OpenPGP’s advanced features. For example, it has a file encryption system and data signing with self-verification of signatures. The user can freely choose which algorithm they want to use among AES 128 192 256 or RSA 2048 3072 4096 Open PGP. They can also import or export existing keys for storage, management, sharing or use with HSM OpenPGP.

In conclusion, although HSM OpenPGP does not generate a qualified electronic signature within the meaning of the eIDAS Regulation, it offers an innovative approach to simple and advanced electronic signatures with a high level of security and privacy. It is appears to meet the criteria for an advanced electronic signature by allowing the signatory to generate their own private key using an application on their phone and providing users with an unparalleled level of security and privacy thanks to its patented technology. By using HSM OpenPGPfor advanced electronic signatures, you not only benefit from a high level of reliability and security in accordance with the eIDAS Regulation, but also additional protection for your data thanks to HSM OpenPGP’s advanced features. For example, it has a file encryption system and data signing with self-verification of signatures. The user can freely choose which algorithm they want to use among AES 128 192 256 or RSA 2048 3072 4096 Open PGP. They can also import or export existing keys for storage, management, sharing or use with HSM OpenPGP.