Connect with us

Featured

Cyber arms race escaletes

Published

on

In the ongoing, constantly-escalating security arms race, what do new vulnerabilities in our networks and data-centers look like?  Doros Hadjizenonos, country manager, Check Point SA offers his predictions.

The more things change, the more they stay the same.” Jean-Baptiste Alphonse Karr’s famous line resonated back in the 19th century Parisian literary circles, and it resonates today in the 21st century cyber security industry. With every new tool and technology introduced into the business IT environment, new vulnerabilities follow — ripe for cybercriminals and hackers’ hopes of making either a dishonest dollar or cause disruption, fear, uncertainty and doubts in the minds of the general public.

In this ongoing, constantly-escalating security arms race, what do new vulnerabilities in our networks and data-centers look like?  Here are Check Point’s predictions for 2018.

Ransomware & Malware Multiply

Ransomware has been a cash cow for criminals, as well as a disguise for more destructive purposes; for example, Petya looked like ransomware but caused damage by locking up data.  All types of users – from consumers to corporations – have fallen prey to ransomware, causing reasonable suspicion that it will continue to grow.  We can expect to see large, orchestrated worldwide outbreaks along the lines of the early 2017 WannaCry attack.  We can also expect to see criminals getting creative in their extortion tactics, tactics such as “if you infect two contacts, we’ll give you your data back at a lower cost.”

Overall, as operating systems beef up their security, we expect to see a decline in the use of exploits to target vulnerabilities, in favor of an increase in the use of human-error driven basic hacking techniques. However, targeted attacks using sophisticated, nation-state sponsored weaponized tools are emerging, and the rate of attack is likely continue to rise.

Cloud Concerns

Utilization of server-less computing and data storage in the cloud is becoming more widely adopted in business. However, it’s worth remembering that cloud technology and the infrastructure that supports it is relatively new and evolving, and that there are still serious security concerns that provide a backdoor for hackers to access enterprise systems and spread rapidly across networks.  Misconceptions about the responsibilities and level of security needed operate safely within a cloud environment are common – as are misconfigurations – which leave the door open to breaches.

During 2017, over 50% of security incidents handled by Check Point’s incident response team were cloud-related, and more than 50% of those were account takeovers of SaaS apps or hosted servers.  With the increased use of cloud-based file sharing services, data leaks will continue to be a major concern for organizations moving to the cloud. This was seen most recently when a breach at consultancy firm, Deloitte  enabled hackers to access confidential records of several clients.

The growing adoption of SaaS-based email such as Office 365 and Google’s G-Suite makes for attractive cybercrime targets, and we expect cybercriminals to ramp up their cloud attacks during 2018.

Mobile mishaps

Mobile devices are part of the business IT fabric everywhere, yet they continue to be rarely, if ever, secured appropriately, in light of the vulnerability risk they present. We’ll continue to discover flaws in mobile operating systems that highlight the need for organizations to take a more serious approach to the protection of their mobile infrastructure and end-point devices against malware, spyware, and other cyber-attacks.

Mobile malware will continue to proliferate, especially mobile banking malware, as Malware as a Service (MaaS) keeps trending upward.  MaaS allows threat actors of lower the technical barriers to launching attacks.  Cryptominers also gained prominence in 2017, and we can expect to see more cryptomining malware being dropped onto mobile devices to harvest cryptocurrencies for criminals in the near future.

Critical Infrastructure

The majority of critical infrastructure networks were designed and built before the threat of cyberattacks. Whether the target involves telephone/mobile phone networks, electrical grids, power plants, or water treatment plants, it speaks to our good luck that there hasn’t been a large-scale, successful attack on critical infrastructure that impacts millions of people… yet. The DDoS attack against domain directory service DynDNS in 2016, which caused an internet outage affecting users of large web businesses such as Netflix and Amazon, provides a glimpse of what is possible in critical infrastructure cyberattack.  An attack of this type and scale will happen, and it would not be surprising to see it happen in the next 12 months.

Internet of (Insecure) Things

As more smart devices are built into the fabric of enterprise networks, organizations will need to start using better security practices for their networks and the devices themselves.

The potential attack surface expands with the growth of IoT device usage, and attacks on compromised IoT devices will continue to grow. We will see more variations of the Mirai and BlueBorne attacks coming our way in 2018.    Better security practices in IoT will be critical for preventing large-scale attacks – and may even need to be enforced by international regulation.

For every business opportunity that our hyper-connected world is creating, that same hyper-connectivity creates criminal opportunity for cyber attackers. Every environment is a potential target:  enterprise networks, cloud, mobile, and IoT connected devices.   Defending these networks require proactivity: pre-emptively blocking threats before they can infect and damage.  By using threat intelligence to power consolidated, unified security measures, businesses can automatically protect against new and emerging types of attack, across all environments.  Proactivity coupled with innovation marks the path to winning the cybersecurity arms race.

Featured

Apple buys Shazam, plans to make it ad-free

Apple has announced it has completed its acquisition of Shazam, one of the world’s most popular music apps, with hundreds of millions of users.

Published

on

Apple has announced it has completed its acquisition of Shazam, one of the world’s most popular music apps, with hundreds of millions of users.

“Apple and Shazam have a long history together. Shazam was one of the first apps available when we launched the App Store and has become a favorite app for music fans everywhere,” said Oliver Schusser, Apple’s vice president of Apple Music. “With a shared love of music and innovation, we are thrilled to bring our teams together to provide users even more great ways to discover, experience and enjoy music.”

Shazam lets users identify songs simply by listening to the music playing around them. The app will soon offer its experience ad-free for all users so everyone can enjoy the best of Shazam without interruption.

Shazam has been downloaded over 1 billion times around the world, and users identify songs using the Shazam app over 20 million times each day. With pioneering innovation in music identification, Shazam helps people discover, interact with and share video, audio or printed content across devices and mediums — and allows music fans to follow their favorite artists and share in the thrill of discovery.

Continue Reading

Cars

Cars will run on Android

Renault-Nissan-Mitsubishi and Google have announced a technology partnership to embed the Android operating system in vehicles sold by the world’s leading automotive alliance, providing intelligent infotainment and customer focused-applications across multiple models and brands, scheduled to start in 2021. 

Published

on

Under the technology partnership, vehicles sold by the Alliance members in many markets will utilize Android, the world’s most popular operating system, and will provide turn-by-turn navigation with Google Maps, access to a rich ecosystem of automotive apps on the Google Play Store and have the ability to answer calls and texts, control media, find information, and manage vehicle functions with voice using the built in Google Assistant.

The Alliance, whose member companies last year sold 10.6 million vehicles in 200 markets, will integrate Google applications and services into infotainment and cloud-based systems to enhance the experience for customers of Renault, Nissan and Mitsubishi Motors brands. While a range of Alliance vehicles will share the Android platform, each brand will have flexibility to create a unique customer interface and specific features on top of the common Android platform.

The infotainment partnership forms part of Alliance moves to equip more vehicles with connectivity and cloud-based services as part of its Alliance 2022 mid-term plan. Today’s announcement, coinciding with the first anniversary of the mid-term plan, symbolizes the Alliance focus on next generation technology. Under the plan, Renault-Nissan-Mitsubishi is targeting increased sales of more than 14 million units a year by the end of 2022.

The plan also involves the launch of 12 new zero-emission electric vehicles, new autonomous-driving technologies and the ongoing rollout of the Alliance Intelligent Cloud.

The Alliance Intelligent Cloud will provide next-generation infotainment systems with secure connectivity by offering a platform to integrate data management, infotainment systems and to facilitate over-the- air upgrades and remote diagnostics in Alliance member-company vehicles.

By combining the latest technologies from the Alliance and Google, the Alliance member companies’ vehicles will have one of the most intelligent infotainment systems in the market.

Drivers and passengers will be able to leverage Google and Android’s capabilities to access an ecosystem that includes thousands of existing applications and an ever-expanding array of new apps. This integration, combined with the broad knowledge and a vibrant community of developers, will enable easy in-vehicle access to popular applications. The system will also be compatible with devices running other operating systems, such as Apple iOS.

Hadi Zablit, Senior Vice President of Business Development at Renault-Nissan-Mitsubishi, said, “Our partnership with Google will offer owners of our vehicles rich user experiences that are currently available only outside the vehicle or, to a limited extent, by connecting an Android device to supported vehicles. We are building powerful connected and seamless on-board / off-board experiences into our vehicles in addition to the features of Google applications and services that many users are accustomed to, including Google Maps, the Google Assistant and the Google Play Store.”

Kal Mos, Global Vice President of Alliance Connected Vehicles at Renault-Nissan-Mitsubishi, added, “With the integration of the Android platform into our infotainment systems, we are adding a new level of intelligence to our connected vehicles. In the future, the Google Assistant, which employs Google’s leading AI technology, can become the main way customers interact with their vehicles, hands-free. With Google Maps and the Google Assistant embedded in Alliance infotainment systems, our customers will have some of the most advanced AI based applications at their fingertips. And with invehicle access to the Google Play Store, our customers will enjoy an open and secure ecosystem of Android apps engineered for vehicles.”

Hiroshi Lockheimer, Senior Vice President of Platforms & Ecosystems at Google, said, “Google and Renault-Nissan-Mitsubishi share a common vision of delivering an intelligent, safe and seamless incar experience with apps and services that are familiar, upgradable and connected. We’re thrilled to partner with Renault-Nissan-Mitsubishi to bring the Google Assistant, Google Maps, and other popular apps via the Play Store and Android to drivers and passengers around the world.”

Continue Reading

Trending

Copyright © 2018 World Wide Worx