Recent Blog Posts

Malicious links could jump the air gap with the Tone Chrome extension

The new Google Tone extension is simple and elegant.  On one machine, the browser can generate audio tones which browsers on other machines will listen to and then open a website.  Brilliant.  No need to be connected to the same network, spell out a long URL to your neighbor, or cut/paste a web address into a text message for everyone to join.  But it has some serious potential risks.

Chrome Tone.jpg

Imaging being on an audio bridge, in a coffee shop, or a crowded space with bored people on their phones, tablets, or laptops.  One compromised system may be able to propagate and infect others on different networks, effectively jumping the proverbial ‘air gap’.  Malware could leverage the Tone extension and introduce a series of audible instructions which, if enabled on targeted devices, would direct everyone to automatically open a malicious website, download malware, or be spammed with phishing messages. 


Will such tones eventually be embedded in emails, documents, and texts?  A Tone icon takes less space than a URL.  It is convenient but obfuscates the destination, which may be a phishing site or dangerous location.  Tone could also be used to share files (an early usage for the Google team).  Therefore it could also share malware without the need for devices to be on the same networks.  This bypasses a number of standard security controls.  


On the less malicious side, but still annoying, what about walking by a billboard and having a tone open advertisements and marketing pages in your browser.   The same could happen as you are shopping in a store to promote sales, products, and coupons.  Will this open a new can of undesired marketing pushing into our lives?


That said, I must admit I like the technology.  It has obviously useful functions, fills a need, and shows the innovation of Google to make technology a facilitator of information sharing for people.  But, we do need controls to protect from unintended and undesired usages as well as security to protect from equally impressive malicious innovations.  My advice: use with care.  Enterprises should probably not enable it just yet, until the dust settles.  I for one will be watching how creative attackers will wield this functionality and how long it takes for security companies to respond to this new type of threat.


Twitter: @Matt_Rosenquist

IT Peer Network: My Previous Posts


Read more >

Why Ransomware will Rise in 2015

Bomb2.jpgBe afraid. Seriously. Ransomware is growing up fast, causing painful disruptions across the Internet, and it will get much worse in 2015.

Ransomware is the criminal activity of taking hostage a victims important digital files and demanding a ransom payment to return access to the rightful owner. In most cases files are never removed, simply encrypted in place with a very strong digital lock, denying access to the user. If you want the key to restore access to precious family photos, financial documents, or business files, you must pay. 

An entertaining and enlightening opinion-editorial piece in The New York Times highlighted how an everyday citizen was impacted, the difficulties in paying the ransom, and how professional the attackers support structure has become. 


Everyone is at risk. Recently, several law enforcement agencies and city governments were impacted.  Some of which paid the attackers for their “Decrypt Service.” This form of digital extortion has been around for some time, but until recently it has not been too much of a concern.  It is now rapidly gaining in popularity as it proves an effective way of fleecing money from victims both large and small. 


With success comes the motivation to continue and improve. Malware writers are investing in new capabilities, such as Elliptic Curve Cryptography for more robust locks, using the TOR network for covert communications, including customer support features to help victims pay with crypto-currency, and expanding the technology to target more than just static files.


Attackers are showing how smart, strategic, and dedicated they are. They are working hard to bypass evolving security controls and processes. It is a race. Host based security is working to better identify malware as it lands on the device, but a new variant, Fessleak, bypasses the need to install files on disk by delivering malicious code directly into system memory. TorrentLocker has adapted to avoid spam filters on email systems.  OphionLocker sneaks past controls via web browsing by using malicious advertising networks to infect unsuspecting surfers.   


One of the most disturbing advances is a newcomer RansomWeb’s ability to target databases and backups. This opens up an entirely new market for attackers. Web databases have traditionally been safe from attacks due to technical complexities of encrypting an active database and the likelihood of good backups which could be used in the event of an infection. RansomWeb and the future generations which will use its methods, will target more businesses.  Every person and company on the web could come across these dastardly traps and should be worried.

Cybersecurity Predictions


In this year’s Top10 Cybersecurity Predictions, I forecasted the growth of ransomware and a shifting of attacks to become more personal. The short term outlook is definitely leaning toward the attackers. In 2015 we will see the likes of CryptoWall, CoinVault, CryptoLocker, RansomWeb, OphionLocker, Fessleak, TeslaCrypt, TorrentLocker, Cryptobit and others, continue to evolve and succeed at victimizing users across the globe.  It will take the very best security minds and a depth of capabilities working together to stunt the growth of ransomware. 

Security organizations will eventually get the upper hand, but it will take time, innovation, and a coordinated effort. Until then, do the best you can in the face of this threat. Be careful and follow the top practices to protect from ransomware:

  1. A layered defense (host, network, web, email, etc.) to block malware delivery
  2. Savvy web browsing and email practices to reduce the inadvertent risk of infection
  3. Be prepared to immediately disconnect from the network if you suspect malware has begun encrypting files
  4. Healthy regular backups in the event of you become a victim and must recover


Alternatively, if you choose not to take protective measures, I recommend becoming familiar with cryptocurrency transfers and stress management meditation techniques.


Twitter: @Matt_Rosenquist

IT Peer Network: My Previous Posts


Read more >

Intel IoT and Jaguar Land Rover Collaborate on Autospaces 2025

The intersection of automotive technology and innovation merged on the Internet of Things (IoT) fast lane today with Autospaces 2025: Future Car Experiences, a symposium concluding an innovation-focused program sponsored by Intel and Jaguar Land Rover bringing together the Media … Read more >

The post Intel IoT and Jaguar Land Rover Collaborate on Autospaces 2025 appeared first on IoT@Intel.

Read more >

An interview with Ravi Iyer, IEEE Fellow and New Business Initiatives CTO

Our guest blogger for this post is Mark Francis. Mark is a venture lead in Intel’s New Business Initiatives (NBI) incubator, where he has spent the last four years developing new ventures focused on wearable computing and smart toys/games. Before that … Read more >

The post An interview with Ravi Iyer, IEEE Fellow and New Business Initiatives CTO appeared first on New Business@Intel.

Read more >

Using Electronic Data Exchange to Coordinate Care and Improve Member Experience

The health and well-being of any workforce has a direct impact on worker productivity, efficiency and happiness, all critical components of any successful organization. With this in mind, Intel has developed a next-generation healthcare program, called Connected Care, which includes an integrated delivery system based on a patient-centered medical home (PCMH) approach to care.

The shift to value-based compensation and team-based care is driving the need for improved collaboration and patient data sharing between a growing number of providers and medical systems. While we’ve successfully introduced the Connected Care program in smaller locations, bringing it to Oregon and the larger Portland Metropolitan area presented us with a common healthcare IT challenge, interoperability. Shah.PNG


Advanced Interoperability Delivers Better Experiences for Clinicians, Patients


Intel is using industry standards to address these challenges, geared towards advancing interoperability in healthcare. The ability to quickly share clinical information between on-site Health for Life Center Clinics and delivery system partners (DSPs) enables:


  • Efficient and seamless experiences for members
  • Informed decision-making by clinicians
  • Improved patient safety
  • Increased provider efficiency
  • Reduced waste in the delivery of healthcare, by avoiding redundant testing


These improvements will help us make the Institute for Healthcare Improvement’s (IHI’s) Triple Aim a reality, by improving the patient experience (quality and satisfaction), the health of populations, and reducing the per-capita cost of health care.


Kaiser and Providence Part of Intel’s Connected Care Program


Intel’s Connected Care program is offering Intel employees and their dependents two new options in Oregon. Kaiser Permanente Connected Care and Providence Health & Services Connected Care have both been designed to meet the following requirements of Intel and their employees:


  • “Optimize my time” – member and provider have more quality interactions
  • “Don’t make me do your work” – no longer rely on members to provide medical history
  • “Respect my financial health” – lower incidence of dropped hand-offs/errors
  • “Seamless member and provider experience” – based on bi-directional flow of clinical data


Now that we have eliminated the interoperability barrier, we can enable strong coordination between providers at Health For Life Centers (on-campus clinics at Intel), and the Kaiser and Providence network providers, enabling the ability to quickly share vital electronic health records (EHRs) between varying systems used by each organization.


In our efforts to deliver optimal care to every Intel employee, we sought solutions that would ensure all providers serving Intel Connected Care members are able to see an up-to-date patient health record, with accurate medications, allergies, problem lists and other key health data, every time a Connected Care member needs care.


Learn More: Advancing Interoperability in Healthcare


What questions do you have?


Prashant Shah is a Healthcare Architect with Intel Health & Life Sciences

Read more >