Author Archives: Security Expert

US IoT Cybersecurity Bill

Legislation was introduced Monday that would create cybersecurity standards for internet-connected devices, the “internet of things.” The Internet of Things (IoT) Cybersecurity Improvement Act of 2019, introduced in the Senate by Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.) and in the House by Reps. Will Hurd (R-Texas) and Robin Kelly (D-Ill.), would require established standards for government use of the devices. 

Kenta Yasukawa, Co-founder and CTO at Soracom:

“Security concerns represent the single biggest obstacle to IoT development and public adoption. It remains one of the biggest challenges in IoT, not because it can’t be done right but because projects often prioritize things like reducing cost and accelerating speed to market. 

The good news is, IoT is not inherently insecure. Clear standards remove uncertainty for developers, reassure consumers, and shift the Internet of Things toward the effective practices already in place in security-conscious industries like finance and transportation and across cellular data networks. 

Clear standards for device and network protection will help the entire industry focus on security, reassure consumers, and get it right.” 

 

The ISBuzz Post: This Post US IoT Cybersecurity Bill appeared first on Information Security Buzz.

Ransomware Attack On The US Committee For Public Counsel Services

A ransomware attack on the Committee for Public Counsel Services (CPCS), the agency overseeing public defenders in the US, has caused a major slowdown – disabling email systems, delaying some hearings, and holding up payments for the private attorneys who represent clients. 

They are not alone, Jackson County Georgia also reported paying out $400,00in ransom last week. 

Following this, Allan Liska, Senior Solutions Architect (and ransomware expert) at Recorded Future commented below, on why government agencies are attractive targets for cybercriminals.  

Allan Liska, Senior Solutions Architect at Recorded Future: 

“From library systems in South Carolina, to towns in Alaska, and even cities as big as Atlanta, local governments are being targeted for ransomware attacks. The public defender’s office in Boston is just the latest to report an attack, but they are not alone, Jackson County Georgia also reported paying out $400,000 in ransom this week. These ransomware attacks disrupt vital public services and, in some cases, can even put lives at risk. The worst part is that ransomware attacks against local governments are only going to increase in the coming year. Attackers behind ransomware campaigns know that local governments are the perfect storm of a target: limited security budget, overwhelmed IT/security staff and vital constituent services that need to be brought online as quickly as possible. The teams behind the RyukBitPaymer and CrySIS ransomware are targeting local governments and they are much more sophisticated than other types of ransomware campaigns meaning they see more success, cause more destruction and are harder to stop.” 
 

The ISBuzz Post: This Post Ransomware Attack On The US Committee For Public Counsel Services appeared first on Information Security Buzz.

Independent Professor Comments On The Facts & Fiction

Seemingly, the next evolution of technology will hinge on the successful launch of 5G. Driverless cars, video communication, remote devices, instant streaming and smart cities– all rely on pervasive and constant internet connection. 

As we come to grips with a constantly connected world where all of our devices ‘talk’ to each other, industries will find new and innovative use cases. Yet, considering the number of hacks and data breaches that occur already, are we prepared for what 5G and this instant interconnection will bring? 

Former Ofcom Director and Senior IEEE Member, Professor William Webb, believes that 5G doesn’t inherently bring more benefits or security issues that we currently have.

Professor William Webb, Director at Ofcom  and Senior IEEE Member:

“Most of the benefits and threats remain the same as with 4G and other wireless technologies. Privacy issues are likely unchanged. However, 5G does introduce some new concepts such as virtualised (software-based) core networks and network slices, which might introduce new vulnerabilities into the network. In its early days, 5G might appear less secure than existing networks, but as these vulnerabilities are found and patched, 5G should settle down to being similar to previous generations.”

 

 

The ISBuzz Post: This Post Independent Professor Comments On The Facts & Fiction appeared first on Information Security Buzz.