Doug Bedell — October 20, 2014, 10:13 am

‘Internet of Things’ (IoT) a Term To Get Used To


Expect security functions to arise from the Internet of Things (IoT) applications of web technology. But for now, it’s enough to learn what the term connotes.  Shane O’Neill on InformationWeek provides that service. You’ll discover that it involves more than having a refrigerator transmit recipes for the use of its contents.

Patrick Hubbard takes the IoT discussion a bit further with his follow-up post “Internet of Things Will Turn Networks Inside Out”. Good luck on coping with the security implications of all this.

Doug Bedell — October 17, 2014, 11:40 am

Be Careful: Hackers Can Get the Best of Us


Here’s some chagrin reading, that is uncomfortable information that’s likely to be at least partly applicable to many of us. Violet Blue on ZD Net’s Zero Day writes about “The six most common ways non-tech people fall victim” to computer hackers.

“Oftentimes,” she notes, “these fateful entry points are created by people who have no idea what’s going on; non-technical employees (or even executiv es) who serve as an unwitting vector for exploitation.

So, be careful, but enjoy your weekend!

Doug Bedell — October 15, 2014, 9:33 am

At the Airport: ‘What’s that In Your Bag, Sir?’


Oh dear, it’s time for a little light relief, or perhaps profound dismay. Whichever, we invite you to read this recollection by Brian Schmidt, winner of the 2011 Nobel Physics Prize, who took his half-pound gold medal to Fargo, North Dakota, to show to his grandmother.  Imagine what happened as his bag went through an airport security X-ray machine.

We thank Homeland Security Watch for this engaging anecdote.

Doug Bedell — October 13, 2014, 10:49 am

Kmart Joins List of Retail Cyber Breeches


Now it’s Kmart too. Another retailer joins Target, Home Depot, Neiman Marcus, Supervalu, Michaels, P.F. Chang’s and Dairy Queen in having their digital credit card systems compromised.

“With data breaches costing not only billions of dollars, but claiming executives’ jobs as well,” notes Naked Security, “now is as good a time as any for firms within every sector to reassess their security implementation.” Six tips for both businesses and consumers are offered.

Doug Bedell — October 10, 2014, 10:50 am

Cyber Security Now a CEO’s Function, Too


The evolution, sadly, of cyber security threats is discussed in the start of a series of four articles on “The greatest shift in cybersecurity,” it says, “relates to the focus and the responsibility – moving from strictly an ‘IT issue’ to one of a business function. Look no further than the Target breach and the subsequent resignations of the company’s CEO and CIO…”

October, incidentally, is National Cyber Security Awareness Month, sponsored by the U.S. Department of Homeland Security.

Doug Bedell — October 8, 2014, 9:30 am

Biden: Middle East Threats Likely for ‘A Generation or More’


How long are tensions with Middle East extremists likely to continue? In a privileged position to assess such questions, Vice President Joe Biden responds that they will take “a generation or more to work out.” In a speech last week at Harvard’s Kennedy School, the vice president said that the U.S. faces sustained tensions into the foreseeable future. “Our response must be deadly serious,” he added, “but we should keep this in perspective. The United States today faces threats that require attention. But we face no existential threat to our way of life or our security. Let me say it again: We face no existential threat – none – to our way of life or our ultimate security.”

Excerpts on counter-terrorism from the vice president’s speech can be found on Homeland Security Watch.

Doug Bedell — October 6, 2014, 2:13 pm

Security at Visa’s ‘Ultimate’ New Data Center


Visa has gone to a security extreme – self-reliant systems at its new East Coast (apparently) data center shielded by a “moat” – to protect its cardholders and itself, and we certainly wish them well with the center’s operation at a “nondescript” site, as reported by The Register in the UK. There’s been altogether too much news of security breeches lately, topped possibly by hackers stealing contact information on 76 million J.P. Morgan customers.  (But there, of course, the intrustion was by wires, not via roadways.)

Whatever Visa’s ultimate odds of success may be, their intentions at the new center are certainly worthy ones. It’s going to take intrepid defenses, indeed, to protect the U.S. economy against hacker zealots. The new center, says The Register, “packs sufficient redundant systems that Visa thinks it could run for a week without any contact from the outside world, other than data feeds.” Its those data feeds, however, the wires to the site, that might be the very cause for lingering apprehension.  We hope not, but, for better or worse, today’s is a wired world.

(Photo: Inside Visa’s new Operations Center East)

Doug Bedell — October 3, 2014, 10:21 am

Drone Provides ‘Eye’ in a Volcanic Sky


This isn’t a security post as such,  except to suggest the incredible “spying” – or, reversed,  site protection – capacity of drones. It’s a video taken by a drone flying low over an erupting volcano in Iceland last month. The drone, Wired advises,  got “close enough to melt the face of the GoPro camera that shot the video.

Doug Bedell — October 2, 2014, 3:58 pm

SEO Traffic Becoming a Boon to Hackers


Hacking gets increasingly annoying and problematic. For example, did you know that people discovering you via their SEO rounds can be plucked into by hackers? The Sucuri blog explains how that occurs and  – good news – offers a free SiteCheck scanner to determine if you’ve been affected.

There’s more on the ever-evolving hacker front than we can keep up with, but we’ll try to provide more tips as we come across them.

Doug Bedell — September 29, 2014, 10:22 am

Electric Utilities Experiencing a ‘Watershed Year’ for Security


U.S. electric utilities are becoming more realistic about risks to the nation’s power grid from cyber attacks – hackers turning off the lights and much else – Security magazine reports.  “From a cyber-attack perspective,” it notes, “this year has been a watershed year for the electric and critical infrastructure industry.

“After generally resisting the notion of vulnerabilities because of the stated traditional controls of ‘air gaps’ between the internet and power generation equipment and heavy use of ‘proprietary SCADA IP protocols,’  Security reports, “the industry has finally had to acknowledge the increased threats and risks to normal service delivery.”

And that’s a good thing, says Carl Herberger, writer of the post. There are cyber threats to any industry these days, he notes. “However, I believe that the power generation industry in particular needs to rise above the normal corporate culture of security controls and become obsessive about removing risks and compulsive about action…”