Protecting your business behind a shield of privacy

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

business privacy

In this podcast recorded at RSA Conference 2018, Francis Knott, VP of Business Development at Silent Circle, talks about the modern privacy landscape, and introduces Silent Circle’s Silent Phone and GoSilent products.

Here’s a transcript of the podcast for your convenience.

We are here at the RSA Conference with Francis Knott, the VP of Business Development at Silent Circle, to discuss the recent claims by Homeland Security that the organization has observed anomalous activity in the National Capital Region, that appears to be consistent with international mobile subscriber identity captures. Francis, before we dive into some questions, would you please share a little bit about your background, what Silent Circle does, and how you came to join the company?

Sure. Again, my name is Francis Knott. I’ve been with Silent Circle going on six months now. Prior to this, I was at two other mobile security companies, both in the secure voice, secure text, and secure file sharing space, both located on the East Coast and all serving the government and enterprise clients.

Can you explain a little bit more about the use of StingRays, wiresharks? Are there any other means of interception that the Department of Homeland Security has found?

The fact that Department of Homeland Security has just come out recently, legitimizing the fact that there are StingRays in use in the Washington corridor, and aside of that as well, was quite refreshing. StingRays have been around for decades. They were actually started by a company called Harris Corporation, 20, 30 years ago. They were very expensive to implement, to use, and to work successfully. Technology, both hardware and software advancements have helped the StingRay become cheaper, easier to deploy, and much, much, much less expensive and easy to recognize. So, we’re only seeing more StingRays in use today than we were days ago, years ago.

What the interest to these technologies hold at the consumer and then at the national level?

At the consumer level, it boils down to privacy, maintaining one’s privacy. StingRays allow for third-party intermediaries to intercept your privacy and your communication. At the government level, it’s more about keeping national secrets and government day to day business amongst the government themselves, and not sharing it with adversaries that have StingRays mounted throughout the Baltimore Washington Corridor.

Can you explain a little bit more as to why this surveillance methods should concern our national security leaders?

Because they’re listening to our national leader’s conversations from the White House down. Every federal agency is at risk here. There are employees are at risk and I would even go so far as to say their families are at risk because their private identities are being exposed through the means of which StingRays grab information.

So, you would say that the government is responsible for venting and fighting these methods?

I think it’s the government’s responsibility to do something about it, yes. I mean, we all recognize that it’s an inherent problem, it’s increasing and not going away. There have been many, many groups that have been calling on the government for years to do something about the legal intercepts that’s going on, both here in the US and globally. I think it’s out government’s responsibility to take action and impose some sort of legislation or policies around privatizing the government’s communications, and it’s their responsibility to do that.

We live in an age now, we’re entering an age where governments are introducing a bunch of compliance regulations and policies aim to ensure that they’re protecting the end-users privacy, such as the GDPR which will go in fact, May 25th of this year. Would you agree that the US government should create policies to ensure the encrypted secure communication products?

I would agree full-heartedly. The markets are overdue for this type of legislation. I would welcome it personally. I think the citizens of this country would welcome it as they become to understand it. StingRay has been a dirty little secret, a dirty little activity that’s been going on and not in the public domain. It’s now bubbled up to the public domain. And I think as this becomes more invasive, I think you’ll see citizens and people of this country actually voicing their opinions, agreeing with what I’m saying that there should be legislation.

Do you have any examples, I know Silent Circle has two products that deal heavily in this area. Do you have examples of other companies that are producing similar products? And then, how Silent Circle differentiates from them?

Sure. So, Silent Circle is an enterprise government focused secure communication platform. Other free messaging apps that are on the market today, the WhatsApps, the Wickers of the world, they’re free, they implement their architecture and their security a little bit different.

Silent Circle is about privacy and protecting the privacy of the mobile phone and its user. Therefore, we never require or need a phone number, we never scrape the contact when you download our application. Conversely, our competitors require both, which inherently is not private in it of itself.

business privacy

Absolutely. So Francis, how can the government and corporations prevent or fight against the use of this StingRays and wiresharks by adversaries?

So Allison, there’s a number of tools on the market today. Some are free, some are paid for, some are good, some are bad. We at Silent Circle provide two products today, Silent Phone which covers your, encrypts your communication from a mobile device, and we also have another product, GoSilent that encrypts your data coming on and off your laptop via an VPN. There are free versions and there are paid versions. I would highly advise you do your due diligence and your homework before buying a product. That would be my recommendation.

business privacy

GoSilent is a hardware device? How large is that?

GoSilent is a hardware device. It’s a two inch piece of hardware. It’s a mobile firewall, VPN, Wi-Fi with advanced write protection. It’s a sophisticated piece of hardware that secures communication from any IP-enabled asset, not just a laptop. It can cover the IoT space and that’s video cameras, to sensors, to pressure gauges, etc.

business privacy

Do you have any advice that you’d like to give to our listeners?

I do. I would start by visiting our website at silentcircle.com, viewing our products and more importantly, I think it’s important for one who is choosing a security product to understand the philosophy and vision of the company behind a product. We stand behind our product from a privacy standpoint, meaning all your communication, we guarantee, will be private.

RSA Conference 2018