Reports

With Cars Connected to the Internet, What about Privacy? | Computerworld

Lucas Mearian has a long and quite thorough article over at Computerworld weighing the possible security and privacy risks posed by connected vehicles. Among other things, Mearian weighs the recent past and likely future of connected vehicles, noting that, “once mobile devices are connected to car infotainment systems and cars are connected to the Internet, vehicles will become a rich source of data for manufacturers, marketers, insurance providers and the government.” They’ll also be a target for hackers. The problem is that, unlike mobile phones, cars have useful lives that are measured in decades, not years – or even months. That makes it difficult for manufacturers, who want to make their vehicles state of the art, but also must deal with the reality of much longer development cycles and complex interactions between non-critical and critical on board systems. [Read more Security Ledger coverage of connected vehicles here.]   A couple issues worth noting: […]

Continue Reading

The Key to Security in the Internet of Things – IEEE Spectrum

IEEE Spectrum has an article that provides a nice overview of security and privacy issues on the Internet of Things. The article by Mark Anderson highlights a number of the issues that have cropped up on these pages as well, namely: the rush to market in the consumer IoT space (much of it driven by crowd funding sites like IndieGoGo and Kickstarter) the lack of a strong business case for (consumer) manufacturers to build security into IoT products the tendency of large manufacturers to pursue siloed security standards that thwart efforts to build  devices interconnect with other IoT infrastructure (other devices, routers, etc.) So far efforts to coordinate IoT development around a single platform or set of standards have been reduced to predictable turf battles: Google’s Thread versus multi-vendor efforts like TheAllSeen Alliance,  The Open Interconnect Consortium, The Industrial Internet Consortium versus Apple HomeKit and HealthKit and others. In the […]

Continue Reading

Senate Report Warns of Attacks on Military Transport Contractors

A Senate Armed Services Committee investigation has found evidence that hackers associated with the Chinese government compromised the computer systems of U.S. Transportation Command contractors at least 20 times in a single year. The attacks pose a serious risk to the system that moves military troops and equipment. The Committee released the report on Wednesday. (PDF copy here.) It presented the results of a year-long investigation of U.S. Transportation Command, or “TRANSCOM,” found a serious gap in awareness and reporting requirements. TRANSCOM was only aware of two of the 20 intrusions, while U.S. Transportation Command remained mostly unaware of the computer compromises of contractors during and after the attacks. “These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” said Sen. Carl Levin, D-Mich., the committee’s chairman in a published statement. “Our findings are a warning that we must do much more to protect strategically significant […]

Continue Reading

With $42m Invested, vArmour uncloaks with Software Defined Security

In the old days, startups would pull together funding from a small group of early “angel” investors and rush to get a product – any product- to market as soon as possible. The idea was to prove viability in the hopes of attracting larger investments that would let you actually develop the product you really want to sell. But that doesn’t work well for companies that want to solve really hard problem. Such projects, justifiably, need a longer runway that isn’t suited to vaporware or rapid product iteration. vArmour Networks, a Mountain View-based startup that emerged from “stealth” mode yesterday, is a good example of that latter kind of start-up. The company has already raised $42 million in three rounds, dating back to January, 2013. It is offering technology to tackle a vexing product: how to secure the information flowing within and between the growing ranks of virtual data centers. With […]

Continue Reading

Cisco Updates ASA Security Appliance To Tackle Zero Day Malware

We’re used to writing about all the things that are changing in the security field: the onslaught of mobile devices and connected ‘stuff,’ the advent of ‘advanced’ and ‘persistent’ adversaries, the destruction of the network perimeter. But all this talk about change can obscure the fact that so much has not changed. Companies still maintain perimeters, after all, and they rely on nuts-and-bolts technologies to defend them. But these days, those products need to do more – especially in the area of ‘advanced threats’ that are likely to slip past traditional antivirus and IDS products. Enter Cisco Systems, which on Tuesday announced a new version of its ‘next generation firewall‘: the Cisco ASA (Adaptive Security Appliance) with FirePOWER Services. The appliance is the first to make full use of technology from Cisco’s acquisition of Sourcefire last year. Specifically, the latest ASA integrates Sourcefire’s Advanced Malware Protection (or AMP) technology, which gives the […]

Continue Reading
1 106 107 108 109 110 152