WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 25, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
Co-authored by: Pratik Sinha MD PhD1,2, Alastair E Paterson3 M.Eng
With over 215,000 dead globally and with close to 26 million newly unemployed in America alone, COVID-19 has resulted in a unique amalgamative failure of economics, healthcare, and society. While pressure is mounting on politicians to restart the economy, the precise mechanism to resuming “normal” activity remains unknown. That an effective vaccine is developed is far from certain and by most estimates would take 18 months to scale.
Can mobile technology come to the rescue in the meantime and help us adapt to a ‘new normal’?
Current public health consensus seems to align on the need to test, trace and isolate infected individuals with a stepwise repeal of lock-down measures. Policy-makers are, therefore, turning their attention towards how best to instigate such programs. The infrastructure for capacity to test and trace are woefully underdeveloped worldwide.
In the US, it is estimated that 180,000 contact-tracers would be required and it is estimated only 0.5% of that number currently exist [1]. Scientists in the UK have put this number at 100,000 [10]. Moreover, contact tracing for infectious diseases has traditionally worked on the prior assumption of a slow spreading infection. Incumbent programs are not built for speed. [2]
Fortunately, this is where ‘Big Tech’ is seeking to provide some innovative solutions to address the unmet challenges of contact-tracing. A well-publicized example of this is the recently announced Apple and Google joint venture to develop a cross platform application programming interface (API) to enable contact tracing apps to use their mobile operating systems for this purpose. Several other organizations are simultaneously working on apps to facilitate contact tracing using a variety of platforms. Most of these apps propose using location data to identify contacts of infected patients.
These solutions, at first-glance seem ideal, however, they pose a significant risk to digital security and patient privacy. Outlined below are some of the most likely apps that will be used for contact tracing and the attendant threats they pose.
Broadly speaking there are four categories of apps being proposed as potential solutions for digital contact tracing (Table 1 at bottom). Technical specification aside, they vary from one another by the degree of invasiveness in terms of privacy and security. Self-reporting apps, such the one developed by King’s College, London require the user to voluntarily report their symptoms and contacts. Unfortunately, the veracity and velocity of the reporting severely limits its utility and these types of apps are going to be limited to research.
The more likely contenders are based on using smartphones’ location data or Bluetooth interactions to determine individual’s location. Critical decisions for developers of contact tracing apps is whether to publish the source code, i.e. they are ‘open source’, or keep it private and are ‘closed source’.
Closed source applications are generally considered higher risk since they cannot be so easily scrutinized for security flaws by third-parties. They have unknown privacy implications since the inner-workings of the apps will only be known to the developers and may collect un-consented data. A critical second decision that healthcare systems using such apps have to make is whether the framework on which the apps are built use a centralized system for data repository or use a de-centralized platform where most location data remains on individuals’ phones as proposed by the Google/Apple API.
Worryingly, many countries including China, Russia, The U.K., Norway and Vietnam are taking a closed source approach to developing their apps and using centralized frameworks.[3] The Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) is another closed source approach backed by at least seven European countries including France and Italy.
Further, the intention is to centralize data collection in a ‘trusted’ platform, which will likely come with associated privacy concerns since governments would potentially have access to citizen’s location data, the ‘social graph’ of all the other people they physically met, and any other data this framework chooses to store that the app is able to access from the phone. If these databases are attacked by malicious third parties, that data could end up with criminals, the private sector, or other nation states.
The trade-off between security and privacy has always been a balancing act, especially in the post-911 and post-Snowden era as governments desire broader access to prevent terrorism, while civil liberties groups protest overreach into our private lives.
For many people, as Maslow’s Hierarchy would dictate, health comes first, but privacy advocates are understandably worried about how our location data is tracked and stored, who has access to it, and what happens to it when this is all over?
To give an example, the South Korean contact tracing laws permit the government to ascertain the immigration status of infected individuals. If other countries such as the US adopted the same approach, implications may be two-fold.
First, undocumented communities may not report their problems.
Second, it is not inconceivable, that over time the same technology and laws could be used to track undocumented migrants. Once a precedent is set, governments seldom trackback on the powers granted to them in times of crisis.
Highlighting these concerns, the UK’s approach to app development has drawn criticism from over 200 UK scientists who wrote an open letter to the UK Government April 29th stating “it is vital that, when we come out of the current crisis, we have not created a tool that enables data collection on the population, or on targeted sections of society, for surveillance.”[4] In particular, there are worries that authoritarian and non-democratic leaders could use the crisis as an excuse to grab more power.
The lack of trust in these apps will carry huge implications in terms of efficacy of the intervention.
First, they may lead to a lack of uptake by the public. To be effective, it is estimated that approximately 80% of smartphone users will need to use the app,[5] emphasizing the need for public trusts and buy-in for these apps.
Second, a lack of clarity and unanimous consensus of its utility may lead to a propagation of conspiracy theories and mistrust of the app. Governments need to have greater transparency and assurances before individuals will be willing to trust these apps. To that end, citing privacy concerns, Germany was originally part of the PEPP-PT initiative but has recently dropped out and is now pursuing an open-source approach called DP-3T (Decentralized Privacy-Preserving Proximity Tracing), a rival joint initiative backed by Austria, Estonia and Switzerland based on Apple/Google’s decentralized standard discussed below.
Apple-Google are pushing a decentralized model where data will be stored at the device level rather than centralized platforms.[6] Further, given Google Android and Apple iOS jointly possess almost 99% of the global smart phone operating systems market share, it seems likely that ultimately the Apple-Google approach will be hugely influential in how the majority of contact-tracing apps operate.
In a departure from their presumed indolence to data privacy, Big Tech companies are in this case advocating a more privacy-preserving decentralized model. Paradoxically, the government of France is currently in dispute with Apple and Google asking them to weaken some of the privacy protections they have in place to help PEPP-PT implement a centralized tracking approach.[7] The resolution of this dispute will have widespread implications as it is likely to set the precedence for other countries.
Importantly, if countries do not use Apple/Google’s API they will not have access to some critical operating system functionality making the apps less effective. Singapore created their app before the API was available and this meant that iPhone users would need to keep the app running in the foreground with an unlocked phone to keep Bluetooth running.[8] The consequent debilitating demands of battery power meant that only 17% of the population used the app.[9]
It is worth emphasizing that Apple or Google not supplying an app – it is incumbent on individual countries and regions to build an app on top of their API. Given that this API is the leading global standard it is worth studying it in greater granularity.
Rather than building a huge, centralized database of every user’s locations and giving it to governments to look up, most of the data stays on individual’s phone. Each phone broadcasts an identifier over Bluetooth at regular intervals and all phones will also record which other identifiers they can pick nearby. Each phone will keep changing their identifier making it difficult to track. However, once infected, all the individual’s identifiers generated by the phone in the preceding two weeks are released.
In theory, this approach is good for privacy, since no data about the individual is stored centrally about you unless you are infected. According to early proposals, it seems that Apple or Google will not get any additional data beyond what they already currently collect. Conceptually, at first glance, the de-centralized and open-source approach appears encouraging and helps to balance access versus privacy effectively.
Regardless of the approach taken, the following critical factors must be considered:
Technology may not be the whole answer here, however, when applied thoughtfully, it may play a key part in reviving the economy and restoring livelihoods in this pandemic. It may be that in the age of COVID-19, it is Big Tech that may offer the best solutions that safeguard both our privacy and our health.
References
Table
PEPP-PT = Privacy-Preserving Proximity Tracing, API = Application Programming Interface, TCN = Temporary Contact Numbers,
DP-3T = Decentralized Privacy-Preserving Proximity Tracing