Author Archives: @ndreah

Email attachments are one of the main vector of malicious code. According to analysis by Helsinki-based security provider F-Secure 85% of all malicious emails have a .DOC, .XLS, .PDF, .ZIP, or .7Z attached.

But now, in addition to them, we have to consider another type of dangerous attachment .HTML.

When we receive an email with an attachment of .HTML type, we have to be very careful and don’t’ open it. The .HTML file could contain, for example, these dangerous JavaScript code:

<body onpageshow="document.location.replace(window.atob('a base-64 encoded string'));">

or

<frameset onpageshow="document.location.replace(window.atob('a base-64 encoded string'));"> 

It is used onpageshow event because it occurs every time the page is loaded, while the onload event occurs only when the page first loads and it does not occur when the page is loaded from the cache.

document.location.replace(newURL) replaces the current document with a new one.

The atob() method decodes a base-64 encoded string encoded by the btoa() method. The base-64 code string obfuscates the URL it represents.

In the second code snippet we can notice the use of <frameset> tag which is deprecated, no longer recommended and not supported in HTML5. Anyway some browsers might still support it for compatibility purposes.

The problem is that the JavaScript code inside the HTML page can load any URL page, and only decoding the “base-64 encoded string” you can know which web page. The decoding of base-64 string is done dynamically by atob function when the web page is showed in the web browser. So, if you open the file, it is already too late in case of malicious web page.

With malicious code in a web page we can have:

  • Malicious Ads: they are advertisements on the Web that infect the user's machine with malware in order to make the compromised machine a member of a Botnet.
  • A Malware Distribution Network (MDN): it is a collection of landing pages, malware repository servers, and standard redirection pages. The goal of an MDN is to redirect the victim from a landing page to a malware repository server.
  • Drive by Downloads: it refers to the automatic download of software to a user's device, without the user's knowledge or consent.

Here it is how an antivirus reacted when it scans this type of HTML attachment:

Marco Alberti in his book “Open Diplomacy” [02] reviews the way of doing diplomacy after by the nine years of experience at ENEL Company as responsible for international institutional affairs.

New technologies have transformed and changed international relations. In this constantly evolving world diplomacy must operate and develop strategies and visions. It must use all possible new means: innovation, digitalization, data science (data-driven diplomacy) to be competitive in the international scenario. Diplomat must act as System Orchestrator to face the quick changing of the world and have to take advantage of the human factor by enhancing its competence to win the challenge.

As the diplomat represents the state, which in turn represents the citizens, his goal is to interpret the complexity in order to protect, defend and promote his state and citizen interests and create value while promoting cooperative relations with other states.

ICT COMPETENCE OR DIGITAL COMPETENCE

In general, by competence we intend the potential to put into operation an effective behavior. When we talk about competence, related to person, we must consider on the one hand his qualities, which help him to be successful at work and in the life, on the other hand his competence as knowledge acquired during his studies and during his experience.

It is clear that personal qualities and knowledge put together give the ability to a person to produce superior performance in work as well as in other fields.

ICT COMPETENCE AND DATA DIPLOMACY

Data has a source, can have an owner, can be public or private, shared or not shared. Then use of them can lead to benefits or disadvantages. Data could have an impact on the individual, institutional, state, or on global level.

Data are of many types: structured, unstructured, quantitative, and categorical. Huge quantity of data (Big Data), then, is massive and contain greater Variety, arriving in increasing Volumes and with higher Velocity (3Vs).

It occurs Data Science to manage and work with data. Data Science is a multidisciplinary field that understands and extracts insights from the ever-increasing amounts of data. It put together concepts from computer science, statistics/machine learning and data analysis.  It uses two paradigms of data research:

  • Hypothesis-Driven: given a problem, what kind of data do we need to help solve it?
  • Data-Driven: given some data, what interesting problems can be solved with it?

Data Science tries to understand what can learn from data and what actions we can take once we find whatever it is we are looking for.

In this framework where data can affect diplomatic processes or triggering policy actions, we have to consider the risks associated with using it especially in data-driven interactions. Digital data and algorithms/software can be modified, manipulated, tampered and therefore they can easily be “hacked” by actors with malicious intent. Given the global nature of cyber threats, it occurs appropriate caution and a cybersecurity infrastructure to filter, protect and use digital data.

The origin of data can be international institution like OCSE, ONU and so on, open source, whistle-blowing data disclosures (Edward Snowden’s public revelation) or data scraped and shared by hackers.

So it occurs to give the right weight to data by trying to distinguish “trusted data” from “fake data”. This is very important when it is used a data-driven decision schema from important players like diplomats.

REFERENCES

[01] "Diplomacy X.0": coined by the Ambassador Giampiero Massolo;

[02] Marco Alberti, Open Diplomacy. Diplomazia economica aumentata al tempo del Covid-1https://www.ibs.it/open-diplomacy-diplomazia-economica-aumentata-libro-marco-alberti/e/9788849865134;

[03] Andy Boyd, Jane Gatewood, Stuart Thorson and Timothy D.V. Dye, Data Diplomacy https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6785044/#FN5

[04]  Should Data Science be considered as its own discipline? https://thedatascientist.com/data-science-considered-own-discipline/

Continuous improvements of ICT technologies give exponential accelerations to all areas in all private and public sectors.

The gold for a private or public manager/diplomat is to keep up with the changes caused by new technologies by using a soft skill approach.

Diplomats should be efficient and flexible and should possess a high ability to adapt to the fast changes of the world.

In this scenario, we assist to an improvement in the development of open source intelligence (OSINT) tools and techniques.

OSINT is the act of gathering intelligence through exploiting all the information that is publicly available.

Wikipedia defines OSINT as “Open-source intelligence (OSINT) is a multi-factor (qualitative, quantitative) methodology for collecting, analyzing and making decisions about data accessible in publicly available sources to be used in an intelligence context.” [02]

The amount of publicly structured data, semi-structured data e unstructured data is huge. We need skill for analyzing them in order to make correlations, extracting information and then knowledge, which could be used for predictions or making policies and strategies.

Many governmental and non-governmental structures use OSINT services: government organizations, Economist Intelligence Unit, BBC, who do investigative journalism, many private corporations for commercial advantages and do son.

Why not use OSINT services in the diplomatic field? Diplomacy could gain advantages on knowledge obtained by OSINT services putting into operation strategies and policies in a predictive way especially in the economic sector.

OSINT smart prediction machine

The scheme of work of OSNT is simple:

  1. Gathering and collecting all type of public data you can in any form;
  2. Organize them in a way you can manipulate;
  3. Analyze them and find hidden correlations;
  4. Generate information and statistical projections;
  5. Produce useful knowledge.

Here it is the machine model:

where:

  • Open Source Data (OSD): datasets, survey data, metadata, audio or video recordings and so on;
  • Open Source Information (OSINF): books on a specific subject, articles, interviews and so on;
  • Open Source Intelligence (OSINT): all information discovered, it is the output of open source material processing;
  • Validated OSINT (OSINT-V): OSINT confirmed/verified using highly reputable source.

REFERENCES

[01] Clima, energia e digitalizzazione: le sfide per la diplomazia economica 4.0 - Intervista a Marco Alberti a cura di Alessandro Strozzi: Pandora Rivista N.3/2020;

[02] https://en.wikipedia.org/wiki/Open-source_intelligence Open-source intelligence;

[03] Nihad A. Hassan, Rami Hijazi, Open Source Intelligence Methods and Tools, Apress 2018;

[04] Michael Bazzell, Open Source Intelligence Techniques 5th edition, 2016