Tag Archives: technology

4 sectors vulnerable to IoT attacks in 2017

2017 is set to feature new attacks on internet infrastructure and advancements in Internet of Things security One of 2016’s key events in the tech world was the massive distributed denial of service (DDoS) attack in October that brought many of the internet’s most heavily trafficked sites to their knees. There were two main takeaways from the event. Firstly, DNS infrastructure is highly vulnerable. And secondly, the growing proliferation of cheap, connected Internet of Things (IoT) devices – webcams, Wi-Fi speakers, wearables etc. – is making it far easier for cybercriminals to launch massive DDoS attacks. Why? Because many of these devices are shipped with default usernames and passwords, which are never changed by the enduser, and so are easily taken over. Earlier in October, the Mirai botnet malware was made public, and it evidently played a role in the attack. In 2017 businesses are sure to suffer more DDoS attacks and internet shutdowns powered by cheap, insecure IoT devices. But while these attacks could become more common, they’re also likely to become less lethal as backbone providers harden their defenses and device manufacturers adopt identity-based security to close vulnerabilities. However, the sheer number of cheap AND insecure IoT devices deployed globally will ensure DDoS attacks continue sporadically through 2017. Catastrophic DDoS attacks might dominate tech media coverage, but the failure of IoT device, service and infrastructure to adopt and scale robust security and privacy tactics will play out in several ways. Here are four sectors that will face the brunt of this as digital transformation takes hold in 2017. 1. Healthcare In 2017, the distinction between in-home and clinical healthcare devices will continue to erode. To date, smart wearables and exercise devices like Fitbits and Apple Watches have been perceived as a means to track exercise in order to further fitness goals – distinct from clinical medical devices like heart monitors, blood pressure cuffs or insulin pumps. At the same time, it’s become common for patients with high blood pressure to monitor their levels at home by capturing them on a mobile app on their phone – exactly how fitness trackers work. The wealth of data available to clinicians flowing from such devices is leading to expectations that individuals can and perhaps should play much more active roles in preventative care. But the ease with which personal health data can now be gathered and shared will increase pressure on healthcare IT decision-makers to turn to identity management and authentication as the technology most effective for achieving security objectives. The proliferation of digital systems and devices in healthcare settings creates more vulnerabilities where personal data can get exposed or stolen. By adding contextual authentication and authorisation through strong digital identity, hacking these systems becomes more difficult. For example, adding presence, geo-location and or persistent authentication. 2. Financial services In 2017, commercial banks and investment houses will continue the race to avoid having their business models disrupted by fintech innovation such as Bitcoin and emerging artificial intelligence technologies. Banks are already co-opting these disruptive technologies and incorporating them into their own IT mix. Somewhat ironically, having established relationships with their customers, many legacy banks could be very well positioned to not just weather the digital transformation storm, but emerge even more stable and profitable in the years ahead. This is especially true for those that embrace omnichannel techniques and technologies to create seamless experiences that delight customers across devices. Banks in 2017 will work on allaying customer privacy concerns as they cope with regulations regarding data protection and sharing. There will be a continued effort to eliminate internal data silos that create impersonal customer experiences across channels, and fragmented systems that can’t support digital customer demands and business requirements. 3. Retail The race toward omnichannel will accelerate in 2017 as many retailers and B2C organisations find themselves doing more business via mobile than they’re doing on the conventional laptop and online channel. Delivering convenience and seamless experiences will depend heavily on providing customers with experiences that are not just secure but also personalised to their needs and tastes. In order to do this, they must securely connect the digital identities of people, devices and things. This requires solving complex identity challenges and creating solutions that enhance and improve customer experiences and at the same time maximise revenue opportunities. 4. Communications and media AT&T’s proposed acquisition of Time Warner at the end of 2016 highlights exactly how vulnerable legacy media and telecommunications firms perceive themselves to be to disruptive forces like cord cutting. ‘Digital pipe’ companies feel like they need to lock in content providers in order to lock in audiences and preserve value. However, regulators may frown on such industry consolidation, and independent players like Netflix and semi-independent players like Hulu and independent cable TV producers continue to find ways to directly insert successful content into the entertainment bloodstream. Here again, making content easily accessible through the full array of channels is key to locking in loyalty and preserving lifetime value (LTV). Source: http://www.information-age.com/protect-internet-unsecured-everything-123463392/

Read this article:
4 sectors vulnerable to IoT attacks in 2017

Larger, more complex, financially motivated DDoS attacks on the rise

DDoS attacks are becoming increasingly larger, more complex, and perpetrated by cyber extortionist instead of hacktivists and vandals, the results of Arbor Networks' 11th Annual Worldwide Infrastructu…

See more here:
Larger, more complex, financially motivated DDoS attacks on the rise

Half of companies under DDoS attack have critical data stolen

Neustar surveyed IT professionals from across EMEA to understand the impact of DDoS attacks. 40 percent of companies estimate hourly losses of over £100,000 at peak times during a DDoS outage,…

Read more here:
Half of companies under DDoS attack have critical data stolen

BLAM, BLAM, BLAM… nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

JUST before you blasted 2 ‘copters with 1 rocket launcher Hackers from the group Lizard Squad have reneged on their promise to quit earlier this month, apparently launching distributed denial-of-service (DDoS) attacks on major gaming industry websites.…

See more here:
BLAM, BLAM, BLAM… nooooo! Hacker crew Lizard Squad spits DDoS venom on Call of Duty

Mayhem malware ropes Linux, UNIX servers into botnets

A new malware that researchers have dubbed Mayhem is being used to target Linux and Unix web servers and has so far compromised over 1,400 Linux and FreeBSD servers around the world, warn researchers …

Read the article:
Mayhem malware ropes Linux, UNIX servers into botnets

London teen charged over Spamhaus mega-DDoS attacks

Accused will tap the boards before the beak today An unnamed London teenager has been charged with a series of criminal offences following a series of denial-of-service attacks against internet exchanges and the Spamhaus anti-spam service last year.…

See the original article here:
London teen charged over Spamhaus mega-DDoS attacks

Snowden documents show British digital spies using viruses and ‘honey traps’

JTRIG active intelligence unit boasts of bugging and burgling At the start of this week, documents released by whistleblower Edward Snowden detailed DDOS attacks on chatrooms by a British online intelligence unit dubbed the Joint Threat Research Intelligence Group (JTRIG). Now he has released a new trove showing that JTRIG is about much more than purely online annoyances.…

Visit site:
Snowden documents show British digital spies using viruses and ‘honey traps’