Cloud

Big Data, Security Drive Dell In Post-PC Future

If you consider how the Internet of Things is transforming the technology industry, one of the most interesting and thought-provoking areas to pay attention to is what we might consider technology “majors” – firms like HP and IBM and Cisco that made their mark (and their hundreds of billions) serving the needs of an earlier generation of technology consumers. How these established technology firms are pivoting to address the myriad challenges posed by the “Internet of Things” tells us a lot about how the IoT market is likely to shake out for consumers and – more pressingly- the enterprise.

Continue Reading

Supply Chain Risk Escapes Notice At Many Firms

Online attacks that come by way of suppliers and other third party business partners are one of the biggest threats that modern organizations face. But too few firms are giving supply chain security the attention it deserves, a panel of legal and information security experts told attendees at a cyber security forum in Boston on Wednesday. Companies need to protect their exposure through third parties better, according to the panel: beefing up auditing of internal- and partner assets and including contractual protections that will indemnify them in the event that a breach at a supplier or business partner exposes data that materially affects their firm. The panel, “Fortifying the Supply Chain,” was part of a day long event at The Federal Reserve in Boston and sponsored by the Advanced Cyber Security Center, a technology industry consortium. It brought together top legal and information security experts, including FireEye researcher Alex Lanstein and Jim Halpert, the […]

Continue Reading

White House Cyber Chief: JP Morgan Underscores Critical Infrastructure Risk

The White House’s cyber security czar, Michael Daniel, said the Obama Administration is deeply concerned about the reported hack of systems belonging to banking giant JP Morgan Chase & Co. but sees the incident as part of a larger trend of attacks against U.S. critical infrastructure. Asked about the targeted attack against JP Morgan and other banks and financial institutions, Daniel said that the White House was concerned, but not surprised by the incident. “We have watched for several years the trend of malicious actors in cyber try to figure out how to target critical infrastructure,” he said. “Financial services is critical infrastructure.” The White House was concerned that a major U.S. bank would fall victim to hackers, but sees it in the context of a “broad trend,” rather than an isolated incident, he said. Speaking with Michael Farrell, the Cybersecurity Editor at Christian Science Monitor, Daniel hit on many of the now-common talking […]

Continue Reading

Europol Warns of Internet of Things Risk

In a newly released report, Europol’s European Cybercrime Center (EC3) warns that the growth of the Internet of Things (IoT) threatens to strengthen the hand of organized cyber criminal groups and make life much more difficult for police and governments that wish to pursue them. EC3’s latest Internet Organized Crime Threat Assessment (iOCTA) says the “Internet of Everything” will greatly complicate the work of law enforcement creating “new opportunities for everything from cyber criminals to state actors to child abusers. The growing numbers of connected devices will greatly expand the “attack surface” available for cyber criminal activity, the EC3 warns. Cyber criminals may co-opt connected devices for use in common criminal activity (like denial of service attacks and spam campaigns). However, advancements like connected (“smart”) vehicles and infrastructure create openings for large scale and disruptive attacks. The report, which was published late last months, is a high level position paper and pulls data mostly […]

Continue Reading

Infographic: Possible Attacks on The Internet of Things

The folks over at Trend Micro have put together a nice infographic that reminds us that all those smart devices connected to the Internet communicate through some well worn channels, namely: standard communications protocols like Wi-Fi, Ethernet and Bluetooth that connect devices to each other and the global Internet, as well as HTTP that are used to transmit data to and from cloud based resources like management interfaces. Of course those standard protocols also leave IoT devices vulnerable to a wide range of commodity attacks: from brute force password cracking on web based management consoles to Man in the Middle attacks that can sniff out authentication credentials and hijack sessions. Trend’s infographic does a good job of depicting the various layers in the IoT stack and some of the likely attack vectors for each layer. It also gives advice on how to protect yourself (use encryption, patch software vulnerabilities, disable unused ports). Nothing ground breaking […]

Continue Reading
1 6 7 8 9 10 19