A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Ronan Cremin, CTO, Afilias
The organization telling us their story today is Afilias.
Marco and I are fortunate in that we get to hear a lot of stories. Of course, as one of our mantras spells out, we are always on the lookout for stories that are better than others.
This story is that and a bit more. It is made of the stuff that nightmares are made off; to the point that Marco has been inspired to write a Cybersecurity Halloween Short Story after hearing this one. We shall see if that is actually going to happen.
So, THIS story has been told us by a team operating out of Dublin, Ireland—and we are fortunate (hmmm, are we? �) to get to hear about counterfeit devices and fake apps coming from the Far East to flood the Western market and—we are afraid—our WiFi networks and our households. Ronan Cremin told it, and it blew our minds.
Here is how it goes: Imagine buying a brand new, latest-model, unlocked iPhone for a massive discount on your favorite auction site. You’re anxious to get your new toy, and when it arrives, you are excited to open the box and see that it comes just as you imagined it would. O-gosh! It is beautifully-packaged with a perfect direct-from-the-manufacturer cellophane seal. You gently open the outer packaging so you can slide the box cover open to reveal the shiny new object of your dreams, complete with the Apple sticker, charging unit and cable, and headphones. It’s gorgeous!
You insert your carrier’s SIM card, plug it in, power it on, and wait for it to start up.
Did you notice it took just a smidge longer to load than other iPhones of the same model? Probably not—it seemed to load sufficiently fast, just as you would it expect it would.
Did you notice anything unusual about the apps that came on the device? Probably not—all the apps you expect to get are there.
And, yes, the app store is also online once you connect to your home WiFi—so you can easily download your chat app, your banking app, your fitness app, and more. Exciting! But, did you notice anything unusual about those apps that you downloaded and installed? Probably not—they certainly look legit and happily ( �) accepted your account username, email address, and password just as you expected them to. Awesome!
Now that it’s up and running, did you notice anything different happening on your network? If you’re at home, you *may* be able to detect a difference, but probably not. If you are at work, chances are you don’t notice (nor care about) anything that might be happening once you connect this device to the “other stuff” surrounding you. In any case, why would you notice? It’s a phone; it turned on, you can make calls, send texts, and use your apps; it simply works. You are happy, and that is the end of the story, right? Wrong.
The story continues—and the storm that is brewing is one you will likely wish you hadn’t unleashed. That deal that you took advantage of that seemed just that little bit “too good to be true” — well guess, what, it was. Sorry.
Unfortunately, if you buy these types of devices from non-Apple retailers, the odds of you “scoring” one of these “deals” is, according to Ronan, high. Very high. Again, very sorry.
Now take a deep breath and listen (and watch a snippet of) our conversation with Ronan to the nightmare people may have gotten themselves into.
Maybe it wasn’t that good of a deal after all. Perchance it was just a nightmare. Perhaps it wasn’t.
Listen to the full podcast here: https://itspmagazine.com/their-stories/their-story-at-hacker-summer-camp-las-vegas-2019-ronan-cremin-afilias
Learn more about Afilias on ITSPmagazine here: https://www.itspmagazine.com/company-directory/afilias
Learn more about Their Story podcasts here: https://www.itspmagazine.com/their-infosec-story