Category Archives: Laws and Regulations

Symantec Warns Against Small Business Vulnerabilities

Small businesses can benefit greatly by using the latest technologies to improve operational efficiency and innovation, but they can also open the door to a host of headaches. In the Symantec 2014 Small Business Trends Report, the leading IT-security company predicts continued consumer focus on privacy, and a growing “Internet of Things” (IOT) connected to more and more mobile devices which will have a direct impact on small businesses and they way they do business.

“Security researchers have already demonstrated attacks against smart televisionsmedical equipment, baby monitors and security cameras. Many of the companies building gadgets that connect to the Internet don’t even realize they have an oncoming security problem and therefore don’t have a friendly end-user method to patch these new vulnerabilities or notify customers when there is a vulnerability.”

Symantec.com

last ned

“From scary headline news to a much-needed wake-up call,” Symantec writes, not referring to anything in particular. But consumers focus will be on privacy in 201, the security company concludes. warning that many small businesses may wake up to a complete new reality.

“In 2014, we expect to see privacy protection emerge as a feature in new and existing products.  But this new feature will inevitably spark a debate on whether or not these features actually provide real or meaningful privacy protection,” Symantec writes in their “2014 Small Business Trends Report,” released in January.

Internet of Vulnerabilities

I think I would emphasise this one, thou:

“Our devices are getting smarter and so must we.  With millions of devices connected to the Internet—and in many cases running an embedded operating system—expect more hackers to be hacking in 2014.  Security researchers have already demonstrated attacks against smart televisionsmedical equipment, baby monitors and security cameras. Many of the companies building gadgets that connect to the Internet don’t even realize they have an oncoming security problem and therefore don’t have a friendly end-user method to patch these new vulnerabilities or notify customers when there is a vulnerability.  This poses serious and potentially debilitating problem for small businesses.”

READ: Proofpoint Report. Internet of Things Cyberattack

Trouble with social networking

“New social networks attract scammers and cybercriminals the more they grow in popularity. Consider Instagram, which now boasts more than 130 million users. Small businesses are leveraging the visual social network to share artistic photos and promotions to drive engagement, but some spammers are taking advantage of this trend with gift card offers to get sensitive information.”

Here’s the Symantec small business security advice for 2014:

  1. Consider the information you’re collecting on your consumers and whether it is necessary. Be transparent about why you’re collecting certain data, and you’ll establish a more trusting relationship with your customers.

  2. Consider the sensitivity of information accessed and stored via wearable tech in the workplace. Establish an “Internet of Things” employee policy about what can and cannot be used in the office or used to access your network.

  3. Carefully consider what social communities best fit your brand before creating a presence on all the latest social networks.

Full summary @ Symantec.com

And – by the way – here’s the latest Symantec Intelligence report:

Related by econoTwist’s:

Exclusives:

2 Comments

Filed under Laws and Regulations, Technology

Yahoo Hacked Again: “We Are Under Attack”

Usernames and passwords of some Yahoo’s email customers have been stolen and used to gather personal information about people, friends and family they have recently corresponded with, Yahoo Inc. says in a press release. It is the latest in a string of security breaches that have allowed hackers to grab personal information using software that analysts say is ever more sophisticated.

“We’re clearly under attack.”

Avivah Litan

security-breached-Yahoo-Hacked

Yahoo, the second-largest email service after Google’s Gmail. There are 273 million Yahoo mail accounts worldwide, 81 million of them in the United States. The internet company will not say how many email accounts that have been compromised.

Probably because the Yahoo-people  don’t know for sure, yet.

This is the latest in a string of security breaches that have allowed hackers to grab personal information using software that analysts say is ever more sophisticated.

Up to 70 million customers of Target stores in the US had their personal information and credit and debit card numbers compromised late last year.

“It’s an old trend, but it’s much more exaggerated now because the programmes the bad guys use are much more sophisticated now,” said Avivah Litan, a security analyst at the technology research firm Gartner.

“We’re clearly under attack”

0In a blog post on its breach, Yahoo says: “The information sought in the attack seems to be names and email addresses from the affected accounts’ most recent sent emails.”

That could mean hackers were looking for additional email addresses to send spam or scam messages. By grabbing real names from those sent folders, hackers could try to make bogus messages appear more legitimate to recipients.

“It’s much more likely that I’d click on something from you if we email all the time,” says Richard Mogull, analyst and chief executive of Securois, a security research and advisory firm.

FULL SUMMARY@ASSOCIATED PRESS

And the “bad guys” as Mr. Litan call them – that’s the NSA, right?

Related by econoTwist’s:

Skjermbilde

2 Comments

Filed under International Econnomic Politics, Laws and Regulations, National Economic Politics, Technology

Evidence of Cyber Attack Against Refrigerators and Other Household Appliances

It was only a matter of time: Security experts have been warning us about the rapid growth of the “Internet of Things” (IoT) for the last two years, pointing out that there’s no security systems in place to protect ordinary people from getting their home devices hacked and used as bot-nets. For the first time in history we now have proof of serious cyber attacks against home devices with an online connection – including TVs and refrigerators.

“The global attack campaign involved more than 750.000 malicious email communications coming from more than 100.000 everyday consumer gadgets such as home-networking routers, connected multi-media centers, televisions and at least one refrigerator.”

Proofpoint

smart apps

“The attack that Proofpoint observed and profiled occurred between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting Enterprises and individuals worldwide. More than 25 percent of the volume was sent by things that were not conventional laptops, desktop computers or mobile devices; instead, the emails were sent by everyday consumer gadgets such as compromised home-networking routers, connected multi-media centers, televisions and at least one refrigerator,” Proofpoint writes in a new report.

iotAccording to the security company, no more than 10 emails were initiated from any single IP address, making the attack difficult to block based on location — and in many cases, the devices had not been subject to a sophisticated compromise; instead, misconfiguration and the use of default passwords left the devices completely exposed on public networks, available for takeover and use.

“Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,” says David Knight, General Manager of Proofpoint’s Information Security division.

“Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come on-line and attackers find additional ways to exploit them.”

While IT experts have long predicted security risks associated with the rapidly proliferating Internet of Things (IoT), this is the first time the industry has reported actual proof of such a cyber attack involving common appliances — but it likely will not be the last example of an IoT attack. IoT includes every device that is connected to the internet — from home automation products including smart thermostats, security cameras, refrigerators, microwaves, home entertainment devices like TVs, gaming consoles to smart retail shelves that know when they need replenishing and industrial machinery — and the number of IoT devices is growing enormously.

traineesworkIDC predicts that more than 200 billion things will be connected via the Internet by 2020.

“The ‘Internet of Things’ holds great promise for enabling control of all of the gadgets that we use on a daily basis. It also holds great promise for cybercriminals who can use our homes’ routers, televisions, refrigerators and other Internet-connected devices to launch large and distributed attacks,” says Michael Osterman, principal analyst at Osterman Research.

“Internet-enabled devices represent an enormous threat because they are easy to penetrate, consumers have little incentive to make them more secure, the rapidly growing number of devices can send malicious content almost undetected, few vendors are taking steps to protect against this threat, and the existing security model simply won’t work to solve the problem.”

FULL POST @ Proofpoint.com

Here’s the report:

Related/connected:

3 Comments

Filed under Laws and Regulations, Technology