Internet of Things Archives

Internet of Things

Thread Gets Boost from Freescale Beta Program | EDN

November 17, 2014 Paul Roberts

We covered the announcement of Thread, a proposed IoT communications standard back in July. The question for Thread, as with competing IoT standards like Open Internet Connect and The AllSeen Alliance, is who will adopt it. Needless to say: without the embrace of software and device makers, even the best standard will wither on the vine. Now its seems like Thread is getting a boost from Freescale Semiconductor. That company last week announced a beta program that will give developers access to its own implementation of the Thread draft specification. As this report over at EDN Newtork notes, Freescale said at the Electronica 2014 conference that it is offering Thread-compliant versions of its Kinetis W series of wireless microcontrollers. The move is designed to encourage companies to create Thread-enabled products based on Freescale’s Kinetis platform. Freescale’s Kinetis family of devices are designed to enable connections between devices for home automation, healthcare, smart energy […]

Automakers Issue Privacy Guidelines For Connected Cars

November 13, 2014 Paul Roberts

A group representing some of the leading foreign automakers who sell in the U.S. released guidelines to protect consumer data collected by in-vehicle technologies and make sure that car owners consent to the collection of everything from geolocation data to biometric identifiers. The group, Global Automakers, represents foreign auto manufacturers and original equipment makers (OEMs). The Privacy Principles document (PDF here) include guidance on issues like transparency, anonymity and security and are intended to set ground rules for the collection and use of driver or owner information by increasingly sensor-rich vehicles. “As modern cars not only share the road but will in the not too distant future communicate with one another, vigilance over the privacy of our customers and the security of vehicle systems is an imperative,” said Global Automakers President and CEO John Bozzella in a published statement. The Privacy Principles are voluntary are are based on the U.S. Federal Trade […]

Malware Campaign Against Industrial Systems Almost 3 Years Old

October 30, 2014 Paul Roberts

The U.S. Government’s Industrial Control System CERT (ICS-CERT) said on Thursday that a campaign targeting industrial control system (ICS) software began in January, 2012 and targeted industrial systems that were directly connected to the public Internet. ICS-CERT said in an alert published on Wednesday that “HMI” (or Human-Machine Interfaces) products from vendors including GE, Advantech/Broadwin and Siemens may have been infected with variants of the BlackEnergy malware since January, 2012. Infected firms were running versions of the GE’s Cimplicity, Advantech/Broadwin’s WebAccess or Siemens’ WinCC with what ICS-CERT called a “direct Internet connection.” In some cases, as with the GE Cimplicity attacks, hackers exploited a known vulnerability in the Cimplicity software to gain access. In others (as with WebAccess and WinCC) the method by which the software was compromised isn’t known, ICS-CERT said. CERT said it hasn’t documented any cases of control processes being modified by the malware. However, BlackEnergy is typically used […]

The Security of Things: Video Available

October 28, 2014 Paul Roberts

We held our first ever security and Internet of Things event back in May. The Security of Things Forum took place in Cambridge, MA (“Our Fair City”) on May 7 and brought together about 100 thought leaders and entrepreneurs for a day of discussion and debate about how best to prepare for the explosion of connected devices in the enterprise, the home, the public sector and public spaces. Since then we’ve made a couple of these sessions public: the keynote presentation by In-Q-Tel CISO Dan Geer, and a panel on enterprise risk and IoT, chaired by INEX Advisors’ founder Chris Rezendes. Attendees have had access to all the sessions, as well. But now we’re throwing the doors open to the public and making all the conference sessions available to the public, as well as some 1:1 interviews with our speakers. We invite you all to head on over and check […]

Essentials for Visibility-Driven Security

October 27, 2014 Scott Harrell

Visibility is surprisingly tricky. The security industry offers many disparate tools to provide customers “visibility” into what is happening on their networks. Among them are tools that track what applications are on the network, tools for enumerating and tracking software vulnerabilities, tools for determining when sensitive data has left a network, tools that indicate when attacks are underway and tools that identify and analyze network data flows – to name just a few. Of course, layered on top of all this “visibility” are further systems that correlate and analyze what the mission-specific tools are seeing. Promises of a “single pane of glass” aside, the result is often a mishmash of data and events that require skilled security practitioners to analyze and interpret. The mishmash, in turn, leads to errors in analysis and prioritization. Albert Einstein famously said “Any fool can know. The point is to understand.” So it is in the information security industry, where a common refrain is “you can’t protect […]