IoT Security Challenged By Evolving Threat Landscape


Many IoT devices on the market today lack effective security, making them vulnerable to attackers and easily compromised. This is problematic, because an unsecured IoT ecosystem introduces real-world risks that include malicious actors manipulating the flow of information to and from network connected devices or tampering with the devices themselves. This salient lack of IoT security was ill... » read more

IoT Security? Let Them Eat Cake!


Often attributed to Marie Antoinette, the now famous phrase “let them eat cake” (qu'ils mangent de la brioche) is typically used to highlight one’s lack of understanding of a serious issue. This attitude is particularly noticeable in the world of IoT security. Everyone acknowledges that the clear majority of IoT devices are vulnerable and easily compromised, as many lack even the most ... » read more

Playing Catch Up With IoT Security


While the benefits of the Internet of Things (IoT) are clear, security hasn’t managed to keep up with the rapid pace of innovation and deployment. As the U.S. Department of Homeland Security (DHS) recently stated, an unsecured IoT ecosystem introduces real-world risks that include malicious actors manipulating the flow of information to and from network-connected devices or tampering with dev... » read more

Putting A Hardware Root-of-Trust To Work In An Anti-Counterfeiting IC


An anti-counterfeiting security IC is conceptually rather simple: during manufacture, it is securely programmed with some secret data. Then during operation, it can prove to a verifying host that it knows that secret data. This “proof of knowledge” is often all that can be expected of a low-cost security IC. This prove-you-know-the-secret authentication process between the security IC an... » read more

The Evolution Of Side-Channel Attacks


A side-channel attack can perhaps best be defined as any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms. Put simply, all physical electronic systems routinely leak information about their internal process of computing via their power consumption or electromagnetic emanations. This mean... » read more

The Evolving Ransomware Threat


Ransomware has become a serious threat in recent years, with thousands of new variants surfacing in 2016 alone. This is really bad news for system administrators, as computers infected with ransomware are typically locked down until cyber criminals are given a hefty sum to unlock encrypted files. Disturbingly, IDG recently confirmed the existence of a new file-encrypting ransomware program f... » read more

How Ransomware Threatens Unsecured Systems


Cyber criminals typically use ransomware to lock systems and encrypt files, effectively denying access to data until payment is remitted. Unsurprisingly, ransomware payments for 2016 were estimated to hit a billion dollars, with some businesses paying considerable sums to unlock their data. Cyber criminals continue to set their sights on a wide range of targets, including CCTV cameras, schools,... » read more

Will 2017 Be The Year Of DDoS?


Forrester Research sees a rough year ahead for cyber security. Indeed, targeted espionage, ransomware, denial of service, privacy breaches and more are expected to escalate in 2017. In addition, Forrester Researcher analysts predict that more than 500,000 Internet of Things (IoT) devices will be compromised in 2017. Perhaps not surprisingly, IDC analyst Kevin Lonergan recently warned that Io... » read more

Incorporating IoT Security At The Design Phase


The U.S. Department of Homeland Security (DHS) has outlined six Strategic Principles for securing the Internet of Things. Perhaps the most important of these principles is the concept of implementing security at the design phase, with the DHS recommending the use of hardware that incorporates security features to strengthen the protection and integrity of a device. This includes leveraging comp... » read more

Dyn DDoS Attack Reboots IoT Security


In mid-October, cyber criminals targeted Internet infrastructure company Dyn with a “massive and sustained” DDoS attack that focused on the company’s DNS infrastructure. The cyber offensive disrupted access to a number of major sites including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix. Perhaps not surprisingly, the massive DDoS attack was conducted with the help of various hija... » read more

← Older posts