Page 15 - Cyber Defense eMagazine - November 2017
P. 15

BRAZILIAN "CAR WASH" TASK FORCE: CYBER SECURITY LESSONS

               The creators of House of Cards have publicly stated that their work is Discovery Kids. Brazil
               already stars in a reality show worthy of Discovery ID. The world follows our events as if they
               were accompanying their favorite series. Since we are all attentive to this show of real horrors,
               we must learn some lessons for our day-to-day life. As Cyber Security researchers, we would
               like to alert you to the good practices (believe it is not a joke) demonstrated by some people
               who have been or are being investigated by Brazilian police forces, including with the help of the
               FBI.

               When talking about good practices in the use of Information Technology and Communication
               resources,  we  should  look  to  Daniel  Dantas  (Satiagraha)  and  Marcelo  Odebrecht  as  great
               personalities in the management of information security. We will not go into the merit of what
               kind of information these personalities protect in their digital safes. However, it is true that Mr.
               Trump, Mrs. Dilma, Mr. Nixon, Mrs. Clinton, NASA, CIA and all of us must learn to protect our
               information with the masters of real life House of Cards.




                    “Neither FBI was able to open the archives of the Satiagraha task force,


                     culminating in the nullity of the operation and the exile of the Delegate
                                             responsible for the operation”






               The success of our personalities begins in the consciousness about having sensitive data and
               the need to protect them. Next, we must learn to control our mouth. Secret that many people
               know,  well  ...  it  is  no  secret.  Remember  that  nowadays  almost  anything  can  hide  a  tape
               recorder.  Google  holds  restricted  meetings  with  any  electronic  device.  Mark  Twain  said,
               "We ought never to do wrong when people are looking".

               The use of encryption software (a way to hide text so that only the key holder can read the text)
               is  essential  for  storing  large  amounts  of  sensitive  information.  However,  that  alone  is  not
               enough. We have already published research in specialized journals and security conferences
               demonstrating  failures  in  cryptographic  systems:  Symantec  PGP,  BitDefender,  Truecrypt  and
               BitLocker  from  Microsoft,  you  can  check  in  the  Journal  of  Cyber  Security  and  Mobility  V5-2.
               These flaws, coupled with the unsafe use of systems, can put their secrets on the first page
               newspaper!

               Imagine  the  following  scenario:  You  are  a  politician,  director  of  a  large  company  or  a
               revolutionary researcher. Your life is in the security of your information. Therefore, you ask your
               director of ICT to give you an encrypted notebook.





                   15    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   10   11   12   13   14   15   16   17   18   19   20