跳到主体内容

Kaspersky Lab Offers Guide to Operational Security in the Analog World

2015年3月18日

Security concerns among technical professionals are growing as their access to information makes them of increased interest to adversaries in the physical, or analog world.

Security concerns among technical professionals are growing as their access to information makes them of increased interest to adversaries in the physical, or analog world.

To help the technical community better protect itself, Kaspersky Lab’s Global Research and Analysis Team has developed some practical and easy-to-remember tips: an analog cyber-smart guide for those well-versed in the digital one.

Operational Security, OPSEC, essentials for the analog world:

  1. Threat modeling

    OPSEC is about hiding information from your adversaries. The analog world includes two main categories of adversaries: those that have resources, such as intelligence agencies, military organizations and major criminal gangs, and those that don´t. Kaspersky Lab’s guidance is focused on the first group, since research suggests they are the most interested in technical information.

  2. Physical ‘phishing’

    Adversaries often recruit others to do their spying etc. for them. Technical specialists, with their access to valuable data are particularly vulnerable to such recruitment, with approaches coming through social media or business networking, and taking the form of persuasion, coercion or just an offer that’s too good to refuse. Individuals and their organizations need to be alert to any such approaches and to have effective countermeasures in place; minimizing researchers’ vulnerability and exposure.

  3. Crossing the perimeter: Borders

    An international border can be one of the most vulnerable places for a technology researcher. Laws can be applied very differently and some good legal advice can be found here. Attempting to prevent border control officers from searching through your belongings, or lying when questioned, constitute criminal offences. Instead, Kaspersky Lab recommends that you stay calm, cooperate and explain the situation clearly. Above all, don’t travel with valuable IT content. Encrypt, upload and retrieve data upon arrival at your destination.

  4. Suspect files: when something just feels wrong

    Respect any sense of unease when travelling to or from meetings. Don’t travel alone or rely on others to arrange transport; but plan your routes and have trusted local contact details to hand. A pre-arranged meeting can be an excuse to search hotel rooms or to remove unguarded IT equipment. Make sure people know where you are. And if you feel you are under surveillance, stay in public areas and behave accordingly. If necessary, travel to the Embassy.

“Operational security in the digital world is about protecting the critical information we generate – through emails, messages, reports, etc. In the analog world, OPSEC forces us to remember that each of us is a channel between what we know and what the adversaries want to find out. Our experience suggests that the technical community doesn’t always know how to spot and prevent potential physical risk. The best advice is to be aware and prepared. Have trusted local contacts and know who to get in touch with in your company. Think carefully about what information you bring with you, and how you carry it. For example, it’s better to have separate phones and laptops to use while travelling,” said Vicente Diaz, Principal Security Researcher at Kaspersky Lab.

For more details, please go to Securelist.com.

Kaspersky Lab Offers Guide to Operational Security in the Analog World

Security concerns among technical professionals are growing as their access to information makes them of increased interest to adversaries in the physical, or analog world.
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻