Protéger les e-mails américains contre les pirates chinois avec la technologie HSM NFC EviCypher

Les courriels et les pièces jointes des institutions américaines font l’objet d’une attaque sans précédent qui proviendrait de pirates chinois. Comment la technologie HSM NFC EviCypher d’Andorre, développée par Freemindtronic, peut-elle les chiffrer sans contact et prévenir la corruption ? Dans cet article, vous découvrirez pourquoi les pirates ne peuvent pas lire les emails et leurs pièces jointes qui sont exfiltrés, notamment ceux du gouvernement américain qui utiliserait cette technologie qui stocke physiquement les clés de chiffrement à l’extérieur. Ainsi, seuls les utilisateurs autorisés qui disposent d’un HSM NFC Freemindtronic avec la bonne clé peuvent les déchiffrer.

2024 Digital Security

Kapeka Malware: Comprehensive Analysis of the Russian Cyber Espionage Tool

April 18, 2024

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

April 15, 2024

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

March 25, 2024

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

March 15, 2024

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

March 10, 2024

2024 Digital Security

PrintListener: How to Betray Fingerprints

February 22, 2024

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

February 10, 2024

2024 Articles Digital Security News

How the attack against Microsoft Exchange on December 13, 2023 exposed thousands of email accounts

February 8, 2024

How EviCypher NFC HSM technology can protect emails from Chinese hackers

The Chinese hack on US emails: what happened and why it matters

In July 2023, a massive cyberattack targeted email accounts belonging to US government officials, as well as private organizations and universities. The hackers, suspected of being linked to the Chinese government, exploited a vulnerability in Microsoft’s cloud service, called Exchange Server, which allows users to access their emails via the web.

According to Microsoft, the attack affected more than 30,000 organizations in the US and thousands of others around the world. The hackers used a technique called “web shell”, which involves installing malicious software on the compromised servers, giving them remote access to the data and systems of the victims.

Among the victims were the State Department, the Defense Department, the Justice Department, the Energy Department, NASA, FAA, as well as defense companies, NGOs, media and academic institutions. The hackers were able to access the emails and the attachments of the hacked accounts as well as other information stored in their email account such as contacts and calendars.

Microsoft described the attack as “highly sophisticated and targeted” and attributed responsibility to a group named Hafnium which it describes as “a state-sponsored actor backed by China”. The Chinese government denied any involvement and accused Microsoft of “slandering” China.

Microsoft released security patches to fix the vulnerability patches to fix the vulnerability and advised all Exchange Server users to apply them immediately. It also collaborated with US authorities to investigate the incident and help the victims recover from the attack.

The attack raised concerns about the security of cloud computing, which is increasingly used by public and private organizations to store and manage their data. Cloud computing offers benefits such as cost reduction, flexibility and efficiency.

How EviCypher NFC HSM technology could have prevented the Chinese hack on US emails

If you want to protect your emails from Chinese hackers or any other cyber threats, you should consider using EviCypher NFC HSM Technology. It is a technology patented especially in the United States that allows you to store and use your cryptographic keys in a contactless device. It is a simple, efficient and durable solution for securing your data and secrets. In this section, we will explain how EviCypher NFC HSM works, what are its main features and benefits, and how it can help you protect your privacy and security.

What is EviCypher NFC HSM and how does it work?

EviCypher NFC HSM is a technology developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM, which is a hardware security module that combines hardware encryption and NFC communication protocols to protect your keys and secrets.

With EviCypher NFC HSM, you can store your keys and secrets in a contactless device, such as a card, a sticker or a keychain. The device is powered by the NFC signal of the Android phone. This phone serves as terminal and user interface. The data stored in memory are encrypted contactlessly from the EviCypher NFC HSM application that performs encryption and decryption operations using advanced algorithms, such as AES 256 bits and RSA 4096 bits.

EviCypher NFC HSM also implements anti-cloning and anti-replay mechanisms to prevent unauthorized access or duplication of your secrets. The device has a patented power monitoring and protection device with black box. This device ensures the integrity and availability of the device. The device also has a patented wireless access control system that allows you to define two distinct access profiles: administrator and users, without allowing them to access each other’s secrets without their authorization. The device also has a patented segmented key authentication system that allows you to define up to 9 trust criteria for encrypting your secrets, such as geolocation, BSSID, password or fingerprint.

How EviCypher NFC HSM could have prevented the Chinese hack on US emails?

If the US government had used EviCypher NFC HSM technology with EviCore NFC HSM technology, the Chinese attack would have had no impact. Indeed, even if the hackers had succeeded in exploiting Microsoft Exchange Server’s vulnerability, they would not have been able to access emails and attachments of accounts protected by EviCypher NFC HSM. They would need the corresponding NFC device to decrypt data. Moreover, they would not have been able to clone or replay the NFC signal because EviCypher NFC HSM uses protection techniques against these attacks. Finally, they would not have been able to bypass access control or trust criteria because EviCypher NFC HSM allows you to define custom profiles and parameters for each user.

By using EviCypher NFC HSM, you can encrypt and decrypt your data with your own keys, without relying on any third-party service or provider. You can also use different encryption algorithms, such as AES 256 bits and RSA 4096 bits, to ensure the highest level of security for your data. In addition, you can share and exchange your keys with other users who have EviCypher NFC HSM devices, using secure NFC communication protocols.

How to protect your emails and messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM with different messaging applications, such as:

Webmail services: how to protect your emails and attachments with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your emails and attachments stored in webmail services. For example: Gmail, Yahoo Mail, Proton Mail, Outlook, Roundcube Webmail, HCL Domino Webmail and others. To do this, you need to install the EviCypher Webmail extension on your web browser based on Chromium, such as Chrome. The extension will automatically add buttons to encrypt and decrypt your messages via the NFC device.

Instant messaging services: how to protect your messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your messages sent or received from instant messaging services. For example: WhatsApp, Telegram, Signal, Facebook Messenger, Skype and others. To do this, you need to install the EviCypher IM extension on your web browser based on Chromium, such as Chrome. The extension will automatically add buttons to encrypt and decrypt your messages via the NFC device.

SMS: how to protect your SMS messages with EviCypher NFC HSM?

You can use EviCypher NFC HSM to encrypt and decrypt your SMS messages sent or received from your Android phone. To do this, you need to install the EviCypher SMS application on your phone. The application will automatically encrypt and decrypt your SMS messages via the NFC device.

Statistics on email attacks against the US

According to a report by Proofpoint, a cybersecurity company, email is the most common vector for cyberattacks against the US. The report states that in 2022, more than 80% of organizations in the US faced at least one email-based attack, such as phishing, malware or ransomware. The report also reveals that the US is the most targeted country by email threats, accounting for 36% of all global attacks. The report also identifies China as one of the top sources of email attacks, along with Russia, Iran and North Korea.

The report also highlights the impact of email attacks on the US economy and security. The report estimates that email attacks cost US organizations more than $20 billion in 2022, due to data breaches, business disruptions, reputational damage and legal fees. The report also warns that email attacks pose a serious threat to the US national security, as they can compromise sensitive information, disrupt critical infrastructure and undermine public trust.

The report recommends that US organizations adopt a comprehensive and proactive approach to email security, which includes:

• Educating employees on how to recognize and avoid email threats
• Implementing advanced email security solutions that can detect and block malicious emails
• Encrypting sensitive data and using strong passwords
• Backing up data regularly and having a recovery plan in case of an attack
• Reporting any suspicious or malicious email activity to authorities

What is EviCore HSM OpenPGP and how does it protect your emails from Chinese hackers?

EviCore HSM OpenPGP is a technology that transforms your Android or iPhone into a hardware security module (HSM) for encrypting and storing your cryptographic keys. It leverages the highly secure OpenPGP standard, known for its use by whistleblowers, journalists, activists and privacy advocates.

With EviCore HSM OpenPGP, you can generate and manage your own keys on your phone, without relying on any third-party service or provider. You can also encrypt and decrypt your messages with your own keys, using the EviCypher HSM OpenPGP application that supports various messaging applications, such as email, webmail, SMS, RCS and more.

EviCore HSM OpenPGP also implements anti-cloning and anti-replay mechanisms to prevent unauthorized access or duplication of your keys. The application also has a patented wireless access control system via an NFC HSM EviBadge NFC HSM that allows you to authenticate and encrypt with segmented keys the OpenPGP encryption keys or any other types of keys stored in the phone. It is also possible to add trust criteria that allow you to define up to 7 trust criteria for encrypting messages (email, webmail, SMS, MMS, RCS and others) such as geolocation, BSSID, password, fingerprint, facial recognition, segmented keys between two distinct parties.

By using EviCore HSM OpenPGP, you can protect your emails from Chinese hackers or any other cyber threats. You can also use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.

What are the advantages of EviCore HSM OpenPGP?

EviCore HSM OpenPGP offers several advantages over other encryption solutions, such as:

• Simplicity: You don’t need any additional hardware or software to use EviCore HSM OpenPGP. You only need your phone and the EviCypher HSM OpenPGP application.
• Efficiency: You can encrypt and decrypt your messages with a single tap on your phone screen. You don’t need to enter any passwords or codes to access your keys.
• Durability: You can store your keys securely on your phone memory, export them, import them, back them up on a cloud service or an external storage device. You can also use NFC HSM devices to add other trust criteria with segmented keys stored in the device.
• Compatibility: You can use EviCore HSM OpenPGP with different messaging applications, such as email, webmail, SMS, RCS and more. You can also use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.
• Security: You can protect your keys and messages from hackers, malware and physical theft. You can also control who can access your keys and messages by defining access profiles and trust criteria.

How EviCypher HSM Technology is protected by patents

EviCypher HSM technology is protected by several patents issued by various countries, including the US. Some of these patents are:

• US20210136579: A method for securing data using a contactless device that stores cryptographic keys and performs encryption and decryption operations via NFC communication with an Android phone.
• US20100188785: A method for protecting a contactless device from cloning or replay attacks by using a power monitoring and protection device with black box that detects any abnormal power consumption or interruption.
• US20180336335: A method for authenticating a contactless device by using a segmented key authentication system that allows defining up to 9 trust criteria for encrypting secrets, such as geolocation, BSSID, password or fingerprint.

These patents demonstrate the innovation and originality of EviCypher HSM Technology, as well as its compliance with the US intellectual property laws. These patents also provide legal protection for EviCypher NFC HSM Technology and EviCypher HSM OpenPGP against any potential infringement or imitation by competitors.

Conclusion

EviCore HSM OpenPGP is a new technology that allows you to turn your phone into a hardware security module for encrypting and storing your cryptographic keys. It is based on the OpenPGP standard, which is widely used for secure communication and data protection. By using EviCore HSM OpenPGP, you can protect your emails from Chinese hackers or any other cyber threats. You can also use it with different messaging applications, such as email, webmail, SMS, RCS and more. Moreover, you can use it with EviCypher NFC HSM devices, which allow you to encrypt and decrypt data in air gap mode.

We hope this article has helped you understand how EviCore HSM OpenPGP works and what are its advantages. If you are interested in learning more about this technology or ordering your own device, please visit the official website of Freemindtronic, the company that developed it. You can also watch this video that explains how EviCore HSM OpenPGP works and how to use it with different messaging applications.

Thank you for reading this article. We hope you have learned something new and useful about how to protect your emails from Chinese hackers with EviCypher NFC HSM technology. If you have any questions or feedback, please feel free to leave a comment below. We would love to hear from you.

If you enjoyed this article and found it helpful, please share it with your friends and family who might be interested in protecting their emails from Chinese hackers or any other cyber threats. Stay safe and secure with EviCypher NFC HSM technology!

Original source: https://www.washingtonpost.com/national-security/2023/07/12/microsoft-hack-china/