MABIT: Israeli System Intercepts Cloud Stored Data

In 2015, 83% of all Internet traffic worldwide is expected to run to and from mobile devices. This information is safeguarded and protected by sophisticated encryption mechanisms and processes designed to make sure that no-one gets access to our own data. For the most part, the key to this information is our username and password. There are additional, other, sophisticated cybersecurity methods.

The various types of software installed on most smartphones are based on a common operating system (iPhones on IOS, other smartphones on Android, RIM and so on). Each user installs his or her own favorite and required “Apps” – specific, dedicated, applications that provide certain functionality and utility (or game) features. Quite often, these Apps are only “reps” of the actual application, which resides in the cloud. For example “Gmail”, a free e-mail service offered by Google. Our account is somewhere in the world; our Gmail App interfaces with our account – sends and receives e-mails.

All those “bad guys” make use of this privacy haven in order to communicate between themselves worldwide, to train, plan and exchange information and data, all the way from how to build a bomb according to Al-Qaeda E-learning courses, to storing financial information and chain of contacts, such as drug lords.

There is a major technology gap in terms of the capabilities used for intercepting this kind of encrypted data on our smartphones. This technology, featuring the ability to intercept Apps and Cloud-based information for lawful interception goals – is new and fresh, truly the last word in the field.

A unique Israeli company called “MAGEN” (Hebrew for ‘Shield’), a start-up founded by young engineers and software programmers, all veterans of the IDF’s Intelligence Corps, has been applying their technical skills and operational know-how to develop “MABIT” (Hebrew for ‘Watching’), a tactical Apps and Cloud interception tool, which performs magic – no less.

A field agent barely has to walk inside a stadium or a restaurant – and this device starts collecting nearby information and data from the surrounding smartphones off the air. The data ranges from phone numbers, through user pictures, location history, browsing history and so on, to the “Holy Grail” – namely, the key to the ‘gates’ of the cloud storage. This is where the target’s username and password are stored, thereby enabling the agent to access different cloud based services (Gmail, Hotmail, Exchange, Dropbox, LinkedIn, Instagram, Facebook, YouTube and so on). These are applications and services we all use, and as far as we are aware, they are cyber-secure. The agent in our example gathers the data without the target noticing anything; the agent gains access to all classified and encrypted information without leaving so much as a trace – unless a trained professional examines the target’s platform later on. Then, an intelligence analyst will use all this data, along with additional material, to put together an intelligence picture of the target in particular and the whole surveillance in general.

Once all this data is gathered, different capabilities come into play. These range from Business Intelligence (BI) to Data Mining tools. The process involves analyzing, correlating and distinguishing the “signal from the noise” – using crawlers, semantics taxonomy analyzers, link analysis tools, un-structured to structured converters, meta-data extractors and many other intelligence-unique data mining tools. The key to these capabilities is achieving the data – a task, which the MABIT system enables.

i_HLS

 

« Denmark Plans $75 Million For Cyber Control
Data Breaches in Europe »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Link11 GmbH

Link11 GmbH

Link11 provides DDoS protection solutions to protect websites and complete server infrastructures from DDoS attacks.

DriveLock

DriveLock

Our security solution is designed to prevent external attacks, which are evermore sophisticated as well as monitor, document and even prevent internal incidents.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

Dark Cubed

Dark Cubed

Dark Cubed is an easy-to-use cyber security software as a service (SaaS) platform that deploys instantly and delivers enterprise-grade threat identification and protection at a fraction of the cost.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

JobStreet.com

JobStreet.com

JobStreet is one of Asia’s leading online employment marketplaces in Malaysia, Philippines, Singapore, Indonesia and Vietnam.

Voodoo Security

Voodoo Security

Voodoo Security is a specialized information security consulting firm focused on security assessments, risk and compliance analysis, and cloud security.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

Hexaware Technologies

Hexaware Technologies

Hexaware is an automation-led next-generation service provider delivering excellence in IT, BPO and Consulting services.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Antivirus Tales

Antivirus Tales

Antivirus Tales offers a platform to resolve all types of antivirus-related issues. The platform also provide various blog articles and informative guides to fix antivirus software errors.

FastPassCorp

FastPassCorp

In the world of IT, identity theft is a growing concern. FastPass offers an innovative solution as a cloud or on-premises offering.

CallCabinet

CallCabinet

CallCabinet is the premier cross-platform SaaS provider for end-to-end compliant call recording, AI-driven conversation analytics, call QA, and custom business intelligence reporting.