David Wiseman, Vice President Blackberry Secure Communications

IN today’s advanced digital era, cyber security has become a crucial aspect in ensuring the safety of nations, organisations, and individuals. With cyber threats evolving and becoming more sophisticated, it is essential to understand and implement effective security measures.

Asian Defence Journal talks to David Wiseman, Vice President of Secure Communications at BlackBerry on the topics of strategies and technologies BlackBerry employs to safeguard against espionage and fortify digital defences in the context of current global uncertainties.

ADJ: How has the current geo-political climate influenced the threat landscape for mobile communications?

David: The current geopolitical climate, characterised by increased tensions among global powers and the rise of state-sponsored cyber activities, has significantly influenced the threat landscape for mobile communications. Governments and organisations are now more vulnerable to sophisticated espionage attempts, where adversaries leverage advanced cyber tools to intercept and exploit sensitive communications.

State-sponsored espionage and cyber warfare have become prevalent, with nations leveraging cyber tools to intercept and exploit mobile communications for intelligence.

Critical infrastructure targeting is another significant concern. The rollout of 5G technology can widen the threat surface and introduce new vulnerabilities, prompting concerns over the security of foreign equipment and leading to stricter regulations. Attacks on mobile networks that support emergency services can also have wide-ranging impacts, making them attractive targets for both state and non-state actors.

Cybercrime and ransomware have also become intertwined with geopolitical motives. The rise in ransomware attacks on telecommunications companies can disrupt services and exfiltrate data, potentially financing further geopolitical agendas. Sophisticated attacks on mobile operators for SIM swapping have led to significant financial and data theft, often with geopolitical motivations.

Disinformation and social engineering are additional threats, with countries using mobile platforms to influence elections and sow discord through disinformation campaigns. Social engineering attacks exploit mobile communications to manipulate individuals into compromising security.

Lastly, cross-border data access and privacy concerns have led to conflicts over data localisation laws, with nations enacting laws requiring data to be stored domestically. Extensive surveillance by entities has pushed countries to develop countermeasures, complicating the international mobile communication security landscape.

ADJ: How is AI being utilised in modern espionage to infiltrate digital defences, particularly in mobile communications?

David: AI is increasingly being used in modern espionage to infiltrate digital defences, including those in mobile communications. Cyber attackers utilise AI to automate the identification of vulnerabilities, develop sophisticated malware, and launch targeted phishing campaigns. AI can also analyse large datasets to identify patterns and predict the behaviours of targeted individuals or organisations, making espionage attempts more precise and effective. Specifically around mobile communications AI can be used to initiate increasingly effective identity spoofing leading recipients to share sensitive information. In response, BlackBerry incorporates AI and machine learning into its cybersecurity solutions to detect and mitigate threats in real-time.

Unlike platforms that rely mostly on “human speed” to contain breaches that have already occurred, Cylance AI provides automated, up-front shielding against attacks, while also finding hidden lateral movement and delivering faster understanding of alerts and events. In independent testing, Cylance AI threat detection acted up to 13 times faster, preventing 98 percent of attacks earlier in the kill chain.

By continuously monitoring network traffic and device behaviour, AI can identify anomalies that may indicate a breach or infiltration attempt, allowing for prompt action to protect mobile communications from espionage activities.

ADJ: Can you elaborate on the most common methods used to spy on mobile devices today, and how BlackBerry’s solutions mitigate these risks?

David: Common methods used to spy on mobile devices today include identity spoofing, malware infections, man-in-the-middle attacks, and exploiting vulnerabilities in mobile operating systems and apps.

Attackers often deploy sophisticated spyware that can eavesdrop on conversations, access sensitive data, and track the location of the device. Man-in-the-middle attacks intercept communication between devices to steal information or inject malicious content.

Beyond the attacks on devices there are frequent attempts to intercept the actual communications data during transmission. This includes both the actual conversations and the associated meta data about who is communicating with whom.

BlackBerry’s solutions, such as SecuSUITE, mitigate these risks by implementing advanced encryption techniques that secure communications end-to-end. This means that even if data is intercepted, it remains unreadable to unauthorised parties. This applies to both the actual conversations and the associated metadata. BlackBerry SecuSUITE also continually verifies user identities through cryptographic validation to stop identity spoofing. 

Additionally, BlackBerry’s secure containerisation technology isolates sensitive information from the rest of the device’s data, providing an extra layer of protection against malware and unauthorised access.

ADJ: In your view, what are the critical elements required to protect national security in the context of digital communications?

David: Protecting national security in the context of digital communications requires a multi-faceted approach that includes robust encryption, secure communication channels, and stringent access controls.

Encryption ensures that sensitive information is protected both in transit and at rest, making it inaccessible to unauthorised entities. Secure communication channels are paramount to prevent interception and eavesdropping by ensuring that all data exchanges are encrypted and authenticated.

Stringent access controls, including multi-factor authentication, biometric verification and cryptographic validation of identity, ensure that only authorised personnel can access sensitive communications. Additionally, continuous monitoring and threat intelligence are crucial for detecting and responding to potential security breaches in real-time.

This holistic approach ensures that digital communications remain secure and resilient against espionage and cyber threats.

ADJ: What emerging threats do you foresee in the realm of mobile security and espionage, and how is BlackBerry preparing to address them?

David: Emerging threats in mobile security and espionage include the rise of AI-driven cyber-attacks, the exploitation of IoT devices, and the increasing sophistication of social engineering tactics.

AI-driven attacks can automate and enhance the effectiveness of cyber espionage, making it more challenging to detect and mitigate. IoT devices, which often have weaker security protocols, can be exploited to gain access to mobile networks and sensitive information. Social engineering tactics, such as spear-phishing and deepfake technology, are becoming more sophisticated, making it easier for attackers to deceive individuals and gain unauthorised access.

BlackBerry is preparing to address these threats by integrating advanced AI and machine learning technologies into its cybersecurity solutions, enhancing its threat detection and response capabilities. BlackBerry also focuses on securing IoT ecosystems and providing comprehensive training and awareness programmes to help individuals recognise and respond to social engineering attacks.

ADJ: How important is cross-border collaboration and intelligence sharing in countering cyber-espionage, and what role does BlackBerry play in this ecosystem?

David: Cross-border collaboration and intelligence sharing are crucial in countering cyber-espionage, as cyber threats often transcend national boundaries. Effective collaboration allows nations and organisations to share threat intelligence, best practices, and resources to enhance their collective cybersecurity posture.

BlackBerry plays a significant role in this ecosystem by participating in global cybersecurity initiatives and partnerships with government agencies, international organisations, and industry leaders. Through these collaborations, BlackBerry contributes to the development of global cybersecurity standards and shares its expertise in secure communications. This collective effort helps to build a more resilient cybersecurity landscape, where threats can be identified and mitigated more effectively through shared knowledge and coordinated responses.

BlackBerry also provides highly secure mobile communications with SecuSUITE that facilitates cross-border collaboration and intelligence sharing even at the classified level.

ADJ: What initiatives does BlackBerry have in place to enhance user awareness and training regarding the threats of modern espionage on mobile devices? How can organisations better educate their employees to recognise and respond to espionage threats?

David: BlackBerry has several initiatives in place including comprehensive training programmes, security awareness campaigns, and the provision of educational resources.

BlackBerry offers training sessions and workshops at the Cybersecurity Centre of Excellence (CCoE) in Malaysia to help users understand the latest espionage tactics and how to protect against them. Security awareness campaigns aim to inform users about common threats and best practices for maintaining secure communications.

Additionally, BlackBerry provides educational resources, such as whitepapers, webinars, and tutorials, to keep users informed about emerging threats and security trends. Organisations can better educate their employees by incorporating these resources into their security training programmes, conducting regular security awareness sessions, and promoting a culture of cybersecurity vigilance.

Encouraging employees to stay informed about the latest threats and providing them with the tools to recognise and respond to espionage attempts are essential steps in strengthening an organisation’s overall security posture.

ADJ: What innovations can we expect from BlackBerry in the near future to further enhance secure communications? How does BlackBerry plan to stay ahead of the curve in the constantly evolving field of cybersecurity and secure communications?

David: We can expect BlackBerry to continue its focus on integrating advanced technologies such as AI, machine learning, and quantum resistance to further enhance secure communications. These innovations will improve threat detection and response capabilities, making it easier to identify and mitigate emerging threats in real-time.

To stay ahead of the curve, BlackBerry invests heavily in research and development, collaborates with leading cybersecurity experts and organisations, and continuously updates its solutions to address the latest security challenges.

BlackBerry also invests significantly in 3^rd party security certifications from multiple governments around the world so that are our secure communications solutions are certified for use by governments for secret classified communications.

By maintaining a proactive approach to innovation and leveraging cutting-edge technologies, BlackBerry ensures that its secure communication solutions remain at the forefront of the cybersecurity industry.

ADJ: How does BlackBerry balance the need for high security with the demand for user-friendly mobile communication solutions?

David: BlackBerry balances the need for high security with the demand for user-friendly mobile communication solutions by designing products that integrate seamlessly into users’ daily workflows while providing robust security features.

The company prioritises user experience in its design process, ensuring that secure communication tools are intuitive and easy to use. For example, BlackBerry’s SecuSUITE offers a simple, app-based solution that can be deployed on existing mobile devices without requiring additional hardware. This approach minimises disruptions and allows users to communicate securely without compromising convenience.

Additionally, BlackBerry continuously gathers feedback from users to refine its solutions, ensuring that they meet the evolving needs of both security and usability. By focusing on user-centric design and leveraging advanced security technologies, BlackBerry successfully provides solutions that deliver both high security and a seamless user experience. –adj/mhi (Pix:BLACKBERRY)