Recent Posts

Internet of Things Demands New Social Contract To Protect Privacy

Changes brought about by the Internet of Things demands the creation of a whole new social contract to enshrine the right to privacy and prevent the creation of technology-fueled Orwellian surveillance states in which individual privacy protections take a back seat to security and “control.” That, according to an opinion piece penned by the head of the European Commission’s Knowledge Sharing Unit. Gérald Santucci, in an essay written for the web site privacysurgeon.org, argues that technology advances, including the advent of wearable technology and the combination of inexpensive, remote sensors and Big Data analytics threaten to undermine long-held notions like personal privacy and the rights of individuals. The essays says that current approaches to data protection are “largely inadequate” to the task of reigning in the asymmetrical changes wrought by new technology. “Data collection and video surveillance will continue to grow as ubiquitous computing pervades almost all areas of our […]

Continue Reading

APT-For-Hire: Symantec Outs Hidden Lynx Hacking Crew

This site and others have been writing about the “Advanced Persistent Threat” problem, which has generally been treated as a euphemism for the government and military of The People’s Republic of China or – in some cases – Russia, Iran, North Korea or other un-friendlies. Firms like Mandiant have taken pains to separate the concept of APT from run of the mill cyber criminal hacking groups whose motivation is profit, rather than the acquisition of information that can be used to advance geopolitical or economic goals. Cyber criminal groups may well use “advanced” in their attack methods and “persistent” in their efforts to compromise victim networks, but they weren’t “APT.” Now Symantec Corp. has put a fly into that ointment: publishing a report that pulls the covers off an APT group dubbed “Hidden Lynx” that it claims is responsible for some of the most sophisticated and large scale hacks of […]

Continue Reading

Welcoming A New Sponsor: Mocana

You’ll notice some new artwork gracing The Security Ledger this week, and that’s because we’ve welcomed a new sponsor to the family: Mocana. I’d like to officially welcome them to the Security Ledger family.   This is a big win for Security Ledger.  Mocana will join Veracode, The Trusted Computing Group and Gemalto in underwriting The Security Ledger’s coverage of IT security news and the intersection of security with The Internet of Things (IoT). But we also win the support of a company that is all about IoT.   If you haven’t already checked out Mocana, I’d urge you to do so. Launched in 2004, the company’s expertise is in securing non-traditional endpoints. Mocana’s Device Security Framework, a suite of device-resident security software that is embedded into devices during the manufacturing process. DSF is a platform that supports a wide range of security functions, both through Mocana-created security modules and support of other […]

Continue Reading

World-is-Flat Author Weighs In On Internet Of Things

Those of you who don’t religiously read the Op-ed page of The New York Times, but who are interested in the Internet of Things, probably want to surf on over to the Times’s web site to check out Thomas Friedman’s opinion piece “When Complexity Is Free” from the Sunday Times. There are a couple of points, here. Friedman is one of the most astute observers of the geopolitical zeitgeist. His 2005 book The World Is Flat talked about the confluence of technologic innovation, the Internet and economic globalization. It is one of the most widely read works of “business writing” of the last century and helped explain, for the public and policymakers, the tectonic changes taking place in emerging and mature economies worldwide. Friedman’s stature as a trend-spotter (see #1) means that, when he says something is important (as he did with IoT this week) important folks take notice. In the […]

Continue Reading

Sharing Threat Intelligence To Sort Out Targeted Attacks

Headlines about “advanced persistent threats” and targeted attacks have organizations of all sizes concerned. Barely a week goes by without news of a new, stealthy campaign targeting executives, government leaders or platforms used by prominent organizations. But while APT-style and targeted attacks may have the attention of the boardroom, organizations still face a Herculean task determining when an attack they’ve detected is targeted, and when it is merely indiscriminate. To help answer that question, I “hung out” with two experts in detecting and analyzing malicious threats to enterprises. Anup Ghosh is the CEO and co-founder of Invincea, which makes malware detection tools that isolate threats on endpoints. Matt Hartley is the Senior Director, Intelligence Lab Services at iSIGHT Partners, a cyber threat intelligence firm. Both told me that, while targeted attacks are on the rise, awareness about them is also at an all time high. That can, sometimes, result in organizations […]

Continue Reading
1 357 358 359 360 361 396