The Department of Homeland Security warned firms in the energy sector about new, targeted malware infecting industrial control systems and stealing data. DHS’s ICS CERT, the Industrial Control Systems Computer Emergency Response Team, said it is analyzing malware associated with an ICS-focused malware campaign. The malicious software, dubbed “Havex” that was being spread by way of phishing emails and so-called “watering hole” attacks that involved compromises of ICS vendor web sites. DHS was alerted to the attacks by researchers at the security firms Symantec (which dubbed the malware campaign “Dragonfly”) and F-Secure (“Havex”) -a remote access trojan (or RAT) that also acts as an installer (or “downloader”) – fetching other malicious applications to perform specific tasks on compromised networks. One of those additional payloads is a Trojan Horse program dubbed Karagany (by Symantec) that has been liked to prior attacks on energy firms. According to Symantec, the malware targeted energy grid operators, major electricity generation firms, […]
Search Results for "home"
Is HyperCat An IoT Silo Buster? | ZDNet
Steve Ranger over at ZDNet has an interesting write-up on HyperCat, a UK-funded data sharing open specification for Internet of Things devices. The new specifications has the backing (or at least interest) of major players and could become an alternative to proprietary standards such as Apple’s HomeKit or Google Nest. HyperCat is described as an “open, lightweight, JSON-based hypermedia catalogue” that is designed to “expose information about IoT assets over the web.” The goal is to provide a set of open APIs and data formats that startups and other smaller firms can use to built ecosystems of connected objects. Smart devices are typically developed using common technologies and platforms: RESTful APIs, JSON (Javascript Object Notation) for data formatting and HTTP (or secure HTTP) as the main communications protocol. However, the Internet of Things is badly “silo’d” – meaning that interoperability between IoT devices happens only when those smart devices happen to use the […]
Goldman Sachs: Security Worries Could Hamper Internet of Things
A report from the financial service giant Goldman Sachs is bullish on the growth of Internet of Things, calling the explosive growth of connected devices a third phase in the development of the Internet – and perhaps the biggest yet. Those are heady words – especially considering the market hype and hysteria that surrounded the first “dotcom” phase. But there’s a catch, apparently: security. According to the web site Valuewalk, concerns about security and privacy are real obstacles to IoT technology adoption. “Security concerns escalate to a whole new level with the Internet of Things,” the Goldman Sachs report notes, citing high profile incidents of hackable home monitoring cameras. (See our coverage of vulnerabilities in the IZON cameras as one example.) Alas, the solution to the insecure devices problem is not simple. Problems range from poor application security during the design phase, to insecure default configurations that leave devices exposed to […]
Google’s Nest Labs Joins Race to Define Platform for the Internet of Things – NYTimes.com
The New York Time’s BITS blog has an interesting look at the companies that are gearing up to compete against Google in the home automation market. Google has picked up its investment in so-called “smart home” technology, from the acquisition of Nest, the smart thermostat maker, and DropCam a maker of wireless cameras used for home monitoring and surveillance. The Times notes the entry of firms like Quirky, which has the backing of major retailers like Home Depot and manufacturers like General Electric, Honeywell and Philips. That company announced a new spin-off firm, Wink, that will focus on software. There’s also (of course) Apple, which last week announced HomeKit, a new platform for home automation products that leverages the company’s iOS mobile platform. For its part, Google and Nest have alliances with companies like Whirlpool, Jawbone and Mercedes-Benz. The company seems to be focusing on getting cool products to market that […]
FTC Wants To Be Top Cop On Geolocation
The Federal Trade Commission (FTC) is asking Congress to make it the chief rule maker and enforcer of policies for the collection and sharing of geolocation information, according to testimony this week. Jessica Rich, Director of the FTC Bureau of Consumer Protection, told the Senate Judiciary Committee’s Subcommittee for Privacy, Technology that the Commission would like to see changes to the wording of the Location Privacy Protection Act of 2014 (LPPA), draft legislation designed to spell out consumer protections pertaining to the location data. Rich said that the FTC, as the U.S. Government’s leading privacy enforcement agency, should be given rule making and enforcement authority for the civil provisions of the LPPA. The current draft of the law instead gives that authority to the Department of Justice (DOJ). The LPPA legislation (PDF) was proposed in March by Sen. Al Franken, and co-sponsored by Senators Coons (D-DE) and Warren (D-MA). It proposes updating the Electronic Communications […]
