Department of Defense led by Margaret Oakesreleased in August 2021, three months after being spied on via Pegasus program Prime Minister, Pedro Sanchez, and herself, the specifications of a €170 million mega-contract to protect and upgrade her department’s telecommunications. Among the objects of this specification, agreed with publicity and processed urgently, which included eight packages and was issued only two weeks ago, tools were to be delivered to detect and fix the vulnerability of 20,000 mobile lines and another 6,500 data from the Ministry of Defense and Defense. complete replacement of terminals for effective response to cyber threats. Robles and Sanchez were spied on between May and June in the context of the diplomatic crisis with Morocco and in parallel with the decision to pardon the condemned “trial” sovereignists.
The contract, which was concluded in February last year, was distributed telephone -four parties-, Vodafone -mobile lines-, Hidesat Strategic Services -satellite communication infrastructure-, groupalia – videoconferencing – and Zelentsa Information systems – support and maintenance of users -. The framework agreement, contained in a 442-page technical specification document, was intended to provide telecommunications services and infrastructure for defense in Spain and abroad. Thus, according to the State Contracting Platform, the provision and management of voice and data services required for all offices of the Ministry, the package with the highest budget, 71 million, fell to Telefónica de España.
Meanwhile, Lot 2, worth €21.4 million, whose purpose was to provide mobile services: voice, data and messaging, was taken. Vodafone Spain, with a commitment to gradually update all terminals and protect them from threats. The Ministry pointed out in an extensive exposition that the service of the winning bidder should be based on “cyber resilience”, “understood as the ability to anticipate, resist, recover, and evolve in the face of adversity due to the increase in cyberattacks occurring around the world.” The Robles department also pointed out some terminal security issues in their department to justify the tender and acknowledged the limitations it faced at the time as vulnerabilities could not be found – glitches and lack of protection in phones and systems – and neither some attacks , and had little ability to detect and deal with advanced threats.
In 2021, as stated in Amnesty International forensic report andThe Pegasus spyware’s access to mobile phones became more and more sophisticated, the attacks became more intense, and it was no longer necessary to click on a received message to accept an attack, and finding the software’s trace and its origin became increasingly difficult. Capable of infecting millions of Android and iOS devices and known for over a decade, the program was designed to fight terrorism and crime and was eventually used for espionage. journalists and human rights activistsbut also political representatives, businessmen and relevant persons.
Traditional mobile security tools are not enough to prevent and investigate advanced mobile threats, the US Department of Defense said in a statement.
The judge emphasized that traditional signature-based mobile security tools are not enough to prevent and study advanced mobile threats and new attack vectors, and therefore advocated integrating new solutions into mobile device management (EMM) service, to achieve the Ministry’s comprehensive telecommunications security. At the exhibition, the agency argued that now a mobile anti-threat MTD system is needed. (Mobile Threat Protection) in which they were integrated proactive protection against mobile attacks and this would allow to see what is happening in the terminals in order to detect risks (physical, “malicious”, network and vulnerabilities), analyze device responses and take appropriate measures, including blocking to prevent information theft.
The ministry required the winning bidder to have mechanisms in place to detect anomalies in device behavior by monitoring expected and acceptable usage patterns, assessing vulnerability and device location. execution of “malicious programs” and “leaky” applications, which may put corporate, personal and sensitive data at risk. This strategy might have been enough to anticipate the espionage that took place in May and June 2021, during which the perpetrators stole a significant amount of information.
Among the solutions that were required from the companies that chose the contract was the discovery of “Malware ZeroDay” – a zero-day attack – “software” similar to Pegasus, the purpose of which is to execute malicious code due to the knowledge of vulnerabilities that are unknown to users and the manufacturer of the product. “You must protect not only against known threats, but also against those that have yet to be discovered. Every day there are new forms of “malware” that need to be prevented with a solution, avoiding false positives that can lead to warnings being ignored due to a lack of trust in them,” he insisted.
The contract required protection against phishing via SMS, one of the usual gateways for Pegasus software from the Israeli company NSO.
Another threat you should have foreseen is “Man in the middle’ A man-in-the-middle attack designed to hijack communications between two devices without authorization. This method allows you to eavesdrop on communications and obtain confidential information, as well as access credentials, financial information, and is capable of impersonating a person. Finally, protection against phishing was required using SMS, the gateway to Pegasus Softwarefor the immediate detection of malicious web addresses included in text messages, and against “Bluetooth”, through which full control over devices can be achieved.
A solution trusted by Vodafone must be designed to support any model Apple iPhone or iPad you run from iOS 8.0 to the latest version and Android from 4.0 up to the latest version for any make or model. Also, it should be able to boot from Apple Store or Google Play and not adversely affect mobile device performance or battery life. It is noted that the ministry needs 35,000 licenses for this system to anticipate cyber threats and programs such as Pegasus.
The winning bidder also agreed to submit reports on security vulnerabilities – a word that is quoted more than 400 times in the specifications – that affect the delivered devices, with a maximum period of 12 hours from the moment it appears in the media. The analysis should be accompanied by an Action Plan that proposes solutions, albeit preliminary, until a final solution is available. If a security vulnerability is found that cannot be fixed, or if the solution reduces device performance, all devices affected by the vulnerability must be replaced at no additional cost.
*The article has been translated based on the content of www.lainformacion.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!