I came across an interesting post over on Wearable World News today titled “The Danger of Smart Spam In the Internet of Things.” The article, by Jessica Groopman, ran yesterday and provides a kind of conceptual overview of the security and IoT space. I think Goodman gets it mostly right: she talks about the proliferation of device types and platforms that will (or already does) characterize the Internet of Things. With hundreds of billions (compared with hundreds of millions) of Internet connected endpoints, cyber criminals, hacktivists and other bad actors have an even greater ability to create armies of compromised endpoints and harness their collective power in attacks. Goodman also gets it right when she notes that many “smart” devices run commodity operating systems like Linux and don’t require lots of special effort to reverse engineer. Finally, IoT devices frequently are low power and embedded systems that lack the processing […]
data loss
Cisco Pledges $300k For Next Big Thing In Internet of Things Security
Most folks are still trying to figure out what “security” in the context of “The Internet of Things” actually means. But that didn’t stop Cisco Systems from throwing down a challenge to the tech sector: develop security solutions that address problems specific to The Internet of Things and win a cash prize. In a blog post, Chris Young, a Senior Vice President in Cisco’s Security Group, announced The Internet of Things Security Grand Challenge, saying the contest would offer “visionaries, innovators, and implementers…the opportunity to define a future of a secure IoT,” and pledging up to $300,000 in prizes and awards up to $75,000 for six winners. Cisco has set its sights on the emerging “Internet of Things” in a big way – leveraging its deep roots as a networking infrastructure provider to carriers and enterprises, and ancillary businesses such as set top boxes and low-cost networking equipment for […]
After Snowden, State Department Eyes Cloud-Nationalism
Amid the very public debate about the civil liberties implications of Edward Snowden’s revelations about NSA spying at home and abroad, the potential business fallout from the leak of classified information has been a footnote. But as the disclosures wear on, business leaders in the U.S. and elsewhere are beginning to discern the impact of the Snowden leaks. One place they’re voicing their concerns is The State Department, where technology vendors have been complaining of blowback from international customers, according to a senior State Department official who spoke with The Security Ledger. “We’re talking to cloud providers, including some very large cloud providers, about the challenges they face abroad,” the official said. The State Department has heard anecdotal reports of US firms losing business due to concerns about government surveillance, but companies have been reluctant to advertise lost accounts. At the same time, the State Department has heard of foreign competitors drumming […]
Cisco Survey: 100% of Fortune 500 Hosting Malware?
If you’re working in IT at a Fortune 500 firm, Cisco Systems has some unwelcome news: you have a malware problem. According to the 2013 Annual Security Report from the networking giant, 100 percent of 30 Fortune 500 firms it surveyed sent traffic to Web sites that host malware. Ninety-six percent of those networks communicated with hijacked servers operated by cyber criminals or other malicious actors and 92 percent transmitted traffic to Web pages without content, which typically host malicious activity. “It was surprising that it was 100 percent, but we know that it’s not if you’re going to be compromised, but when,” said Levi Gundert, a technical lead in Cisco’s Threat Research, Analysis and Communications (TRAC) group in an interview with The Security Ledger. Among the high points (or low points) in Cisco’s Report: Cisco observed the highest number of vulnerabilities and threats on its Intellishield alert service in the 13 years […]
Is 2014 The Year Uncle Sam Takes On Connected Device Security?
The Consumer Electronics Show – or CES- kicked off last week in Las Vegas. In the last decade, CES has become one of the premiere venues for consumer device makers to launch new products and to show off prototypes of technology they hope to introduce to the public. Home entertainment megafauna dominate the coverage of CES — there was Samsung’s 85-inch LED LCD model with 4K resolution that can transform from flat-screen to curved display. But this year’s show is also a showcase for the next wave of connected devices, including wearable technology, smart appliances and connected vehicles. All these new platforms raise important questions about security, privacy and reliability. I sat down to talk about some of those issues with Mark Stanislav, the lead security evangelist at the firm Duo Security. Mark is a frequent contributor to The Security Ledger who last joined us to provide an end of year […]
