news

Security and Patching Challenge the Industrial Internet| CIO

  The magazine CIO has picked up on a report by the firm National Instruments on some of the key challenges facing the industrial Internet of Things. No surprise: security and management are two of them. National Instruments has an interesting perspective on the topic: it makes equipment that is used by heavy industry (energy, oil and gas, automotive, etc.) to monitor industrial processes. As a result, NI is knee deep in the transformation to “smart” industry powered by autonomous, sensing equipment. The company anticipates big challenges as more and more industrial systems come online. From the article: “As massive networks of systems come online, these systems need to communicate with each other and with the enterprise, often over vast distances…Both the systems and the communications need to be secure, or millions of dollars’ worth of assets are put at risk.” Beyond that, NI notes that companies developing products for the industrial Internet of Things […]

Continue Reading

New Firm Sniffs Power Consumption to detect Malware

  In-brief: A new company, PFP Cybersecurity, says it can detect malware infections almost instantly by analyzing changes in the way infected devices consume power. The company is targeting industrial control system and critical infrastructure with new products. 

Continue Reading

The Enduring Terribleness of Home Router Security Matters to IoT

Last week, home broadband router maker ASUS was the latest vendor to issue an emergency patch for a critical vulnerability in its products. This, after proof-of-concept exploit code was released for the so-called “Inforsvr” vulnerability that affects several ASUS home routers. That vulnerability -if left unpatched – would allow anyone with access to a home- or small business network that used an ASUS broadband router to, essentially, commandeer the device. The “infosvr” feature is typically used for device discovery by the ASUS Wireless Router Device Discovery Utility, but the service also allowed unauthenticated users to execute commands through it using the “root” permissions, according to researcher Friedrich Postelstorfer, who created a proof of concept exploit for the security hole and released it on January 4. The exploit code finally prompted a patch from ASUS on January 13. The company had spent months analyzing the issue and working on a fix. Patch aside, it has been a worrying month for the […]

Continue Reading

Trial Balloon: Will Obama’s Cyber Proposals Sink or Fly?

In-brief: President Obama is putting cyber security at the top of his agenda for the State of the Union Address on Tuesday. But security experts are warning that the proposed laws will complicate many aspects of their work in the name of fighting hackers. U.S. President Barack Obama will deliver his annual State of the Union address to the U.S. Congress on Tuesday. A raft of new proposals to strengthen the nation’s cyber security are at the top of his agenda. As the address draws near, however, information security professionals are warning that many of the President’s proposals will have a chilling effect on their work, using the cause of fighting hackers criminalizing activities that are essential to investigating their crimes. The President’s proposals have been outlined in a series of releases and speeches by the President in recent weeks, including an address at the Federal Trade Commission on protecting consumers’ […]

Continue Reading

N.S.A. Breached North Korean Networks Before Sony Attack – NY Times

The New York Times claims that the U.S. National Security Agency used intelligence gleaned from a clandestine operation to compromise North Korea’s cyber warfare unit to pin the blame for the Sony Pictures Entertainment hack on the reclusive Communist country. According to the story by David Sanger and Martin Fackler, the Obama Administration’s decision to quickly blame the hack on the DPRK grew out of a four year-old National Security Agency (NSA) program that compromise Chinese networks that connect North Korea to the outside world. The classified NSA program eventually placed malware that could track the internal workings of the computers and networks used by the North’s hackers and under the control of the Reconnaissance General Bureau, the North Korean intelligence unit, and Bureau 121, the North’s hacking unit, which mostly operates out of China. It has long been recognized that North Korea, which lacks a mature information technology infrastructure, does much of […]

Continue Reading
1 35 36 37 38 39 76