Playing Catch Up With IoT Security


While the benefits of the Internet of Things (IoT) are clear, security hasn’t managed to keep up with the rapid pace of innovation and deployment. As the U.S. Department of Homeland Security (DHS) recently stated, an unsecured IoT ecosystem introduces real-world risks that include malicious actors manipulating the flow of information to and from network-connected devices or tampering with dev... » read more

Putting A Hardware Root-of-Trust To Work In An Anti-Counterfeiting IC


An anti-counterfeiting security IC is conceptually rather simple: during manufacture, it is securely programmed with some secret data. Then during operation, it can prove to a verifying host that it knows that secret data. This “proof of knowledge” is often all that can be expected of a low-cost security IC. This prove-you-know-the-secret authentication process between the security IC an... » read more

The Evolution Of Side-Channel Attacks


A side-channel attack can perhaps best be defined as any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms. Put simply, all physical electronic systems routinely leak information about their internal process of computing via their power consumption or electromagnetic emanations. This mean... » read more

The Evolving Ransomware Threat


Ransomware has become a serious threat in recent years, with thousands of new variants surfacing in 2016 alone. This is really bad news for system administrators, as computers infected with ransomware are typically locked down until cyber criminals are given a hefty sum to unlock encrypted files. Disturbingly, IDG recently confirmed the existence of a new file-encrypting ransomware program f... » read more

How Ransomware Threatens Unsecured Systems


Cyber criminals typically use ransomware to lock systems and encrypt files, effectively denying access to data until payment is remitted. Unsurprisingly, ransomware payments for 2016 were estimated to hit a billion dollars, with some businesses paying considerable sums to unlock their data. Cyber criminals continue to set their sights on a wide range of targets, including CCTV cameras, schools,... » read more

Will 2017 Be The Year Of DDoS?


Forrester Research sees a rough year ahead for cyber security. Indeed, targeted espionage, ransomware, denial of service, privacy breaches and more are expected to escalate in 2017. In addition, Forrester Researcher analysts predict that more than 500,000 Internet of Things (IoT) devices will be compromised in 2017. Perhaps not surprisingly, IDC analyst Kevin Lonergan recently warned that Io... » read more

Incorporating IoT Security At The Design Phase


The U.S. Department of Homeland Security (DHS) has outlined six Strategic Principles for securing the Internet of Things. Perhaps the most important of these principles is the concept of implementing security at the design phase, with the DHS recommending the use of hardware that incorporates security features to strengthen the protection and integrity of a device. This includes leveraging comp... » read more

Dyn DDoS Attack Reboots IoT Security


In mid-October, cyber criminals targeted Internet infrastructure company Dyn with a “massive and sustained” DDoS attack that focused on the company’s DNS infrastructure. The cyber offensive disrupted access to a number of major sites including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix. Perhaps not surprisingly, the massive DDoS attack was conducted with the help of various hija... » read more

DDoS Attacks Highlight Need For IoT Security


A massive wave of distributed denial-of-service (DDoS) attacks executed against security researchers and hosting companies has captured headlines over the past few weeks. For example, OVH was targeted by two concurrent DDoS attacks at a combined bandwidth of almost 1 terabit per second, with one attack peaking at 799Gbps. According to reports, the attacks centered on Minecraft servers hosted... » read more

Designing Automotive Security For Connected Vehicles


The general concept of basic automotive security has been around for a number of years. Nevertheless, its scale and scope is rapidly evolving, with new classes of vulnerabilities brought to the fore as more and more electronic systems go online. Put simply, the automotive industry is connecting systems that weren’t originally designed to be part of the rapidly burgeoning Internet of Things (I... » read more

← Older posts