Technology

Valles del Silicio: How IoT is Democratizing Innovation

Here we find ourselves at the beginning of a new year, and I can’t resist looking ahead. As I observed in last month’s column, I’m an advocate for cyber security fundamentals. And, like any “fundamentalist,” I would like to assert that these security fundamentals won’t change. As for the Internet of Things as a whole, however, I believe that we are on the cusp of tremendous change. In the next year, I predict that many of the assumptions that have guided us in areas like networking, application development, data analysis and  – yes – security will undergo major, and necessary, change. But to what? And from whom? That’s what I’d like to explore. This past December, I attended the inaugural weekend of CyberCamp, a three-day event in Madrid hosted by INCIBE and the Spanish government. In addition to having the honor of being one of the keynote speakers, I had the opportunity to speak with a […]

Continue Reading

Senator Warns of DHS Struggle with Cyber Security

U.S. Senator Tom Coburn (R-OK) used his final days in office to warn that the U.S. Department of Homeland Security (DHS) is struggling to fulfill its mission to protect the nation from cyber attack. The report, “A Review of the Department of Homeland Security’s Missions and Performance,” (PDF) was released on Saturday, as the retiring Senator from Oklahoma was leaving office. In it, the outgoing Senator said that DHS’s strategy and programs “are unlikely to protect us from the adversaries that pose the greatest cybersecurity threat.” The warnings on DHS cyber operations were part of a larger critique of the Department in the report, in which Coburn called on reforms of Homeland Security focused on accountability and streamlining. Despite spending $700 million annually on a range of cybersecurity programs, Coburn said it is hard to know whether the Department’s efforts to assist the private sector in identifying, mitigating or remediating cyber […]

Continue Reading

Game Networks Struggle Back After Holiday Attacks

Online gaming networks including Sony’s Playstation network were the victims of large-scale denial of service attacks that coincided with the Christmas holiday. As of Saturday, Microsoft’s X-Box gaming network had returned to full operation, while Sony’s Playstation Network was still struggling to restore service, 48 hours after attacks attributed to an online hacktivist group known as The Lizard Squad hobbled the gaming networks on their biggest day of the year: Christmas. “Update: PS4, PS3, and Vita network services are gradually coming back online – thanks for your patience,” Sony tweeted via its @AskPlayStation Twitter account early Saturday. The source of the denial of service attacks has not been confirmed. However, the group claiming responsibility for them has claimed that the attacks were more prank than anything else: an effort to irritate Playstation and X-box owners who received a new device on Christmas Day, only to find they couldn’t connect it to the […]

Continue Reading

With Multi-Vector Attacks, Quality Threat Intelligence Matters

In the last year, the world’s attention has been riveted by a series of high-profile hacks of major corporations in retail, finance and the entertainment industry, among others. Each of these incidents is unique, involving different threat actors and motives. However, each of these attacks is also a sterling example of what we, at Cisco, term “multi-vector attack” that employs a range of technologies, deployed in numerous stages, to penetrate the defenses of the target organization. Here at Cisco, we have studied these attacks in-depth and have identified some commonalities among these multi-vector attack, and useful approaches to combat them. This blog post will discuss some of our findings. About Multi-Vector Attacks Any cyber attack, large or small is born from a weak link in the security chain. These weak links take many forms: poorly configured Web servers, gullible employees or vulnerable-but-common applications like Microsoft Office, Adobe Reader and Java are common examples. Multi-vector  attacks […]

Continue Reading

Cyber Resilience? Sony Employees Back To Faxes and Face to Face

There’s a fascinating article on TechCrunch that cites a current (anonymous) Sony Pictures Entertainment employee talking about life at the company in the wake of a crippling November 24th cyber attack that wiped out thousands of computer systems and stole terabytes of data from the company. According to the story, Sony employees have resorted to using circa 1990s fax machines to transmit documents and – horror – having face to face communications in lieu of texting, e-mail or social networking, all of which are disabled within Sony’s environment. [Read more Security Ledger coverage of the Sony Pictures hack here.] “We had barely working email and no voicemail so people talked to each other,” the source tells TechCrunch. “Some people had to send faxes. They were dragging old printers out of storage to cut checks…It was crazy.” “That is what a major corporate security breach sounds like,” TechCrunch writes. “The squeal […]

Continue Reading
1 16 17 18 19 20 64