Archive for the ‘smart devices’ Category

WannaCry, FBI Arrests Researcher, and Smart Guns – Paul’s Security Weekly #524

August 12th, 2017

WannaCry’s killswitch domain registrant is arrested, making infosec more inclusive, hacking 113-year-old subway signs, security standards for smart devices, and more security news! Paul’s Stories Making Infosec Meetings More Inclusive How Engineers Hacked 113 Year Old Subway System Signs Chromes built-in adblocker arrives for early adopters Researchers display CAN do skill in vehicle DoS An […]

The post WannaCry, FBI Arrests Researcher, and Smart Guns – Paul’s Security Weekly #524 appeared first on Security Weekly.

Posted in chrome, FBI, google, hacking 113-year-old subway, infosec, killswitch, security news, Security Weekly, smart devices, smart guns, WannaCry | Comments (0)

The ‘Beginners Guide To IoT’

July 11th, 2017

You’ve probably heard the term ‘smart’ being placed in front of everyday objects such as watches, locks and even cars. Over the past couple of years, the term is being used more than ever as more devices become ‘smart’. These devices now impact nearly every aspect of our lives but, as a consumer, where do you begin to understand the ‘Internet of Things’ or IoT? With so many of us relying on the internet and the cost to connect decreasing, more and more devices are being built with Wi-Fi and sensor capabilities to enable us to get connected.

As the name suggests, IoT refers to the connection between an object and the Internet, with the purpose of making products ‘smarter’ and allowing users to operate devices from afar, whether that’s from a computer or other smart device. For example, a smart lock would lock and unlock a door when it receives authorisation from its user’s Wi-Fi-connected device. Similarly, an alarm or smoke detector that is ‘smart’ would alert the homeowner if their home was under the threat of a fire or burglary, as well as collecting the home’s behavioural patterns along the way.

So how does IoT work? Usually connected via Bluetooth, Wi-Fi or Radio-Frequency Identification (R-FID), devices or ‘Things’ collect and transmit data between each other, allowing users to gain control of an object such as a TV, car or a household appliance. This process is called machine-to-machine (M2M) communication.

IoT is playing a larger role in our everyday lives and is being applied to more and more industries each day. Fridges, washing machines and even medical healthcare monitors are all becoming smart and a consequence of this is the risk of security and privacy breaches much closer to home. It is therefore critical that consumers are protecting themselves appropriately and making sure their data doesn’t end up in the wrong hands.

Here are a few tips we’d recommend running through to protect yourself:

1. A simple Google search will allow you to research products in depth before and after purchasing them from a trustworthy company — this way you are aware of any vulnerabilities your product may have and can take the necessary measures to protect your privacy.

2. Secure your router and IoT devices with firmware like the McAfee Secure Home Platform and ensure they’re set with strong passwords to avoid any unauthorised access.

3. Lastly, consider two-step authentication — this can boost your device’s security even further and reduce the chances of hackers breaching them.

To keep up-to-date with the latest cybersecurity news, take a look at the McAfee Security blog here.

The post The ‘Beginners Guide To IoT’ appeared first on McAfee Blogs.

Posted in consumer, Internet of things, IoT, smart devices, smart home | Comments (0)

An Unmatched Customer Experience

June 21st, 2017

I’ve been in this industry for over twenty years, and the advancements in cybersecurity over the last few years are unmatched. As an industry, we went from believing in a best-in-breed, siloed approach and now we understand our customers need a connected security architecture that can protect, detect, and correct. While we’ve made impressive advancements, I’ve found that the user experience still needs improvement and some user interfaces are still stuck in the past, hard to work with, and difficult to manage.

McAfee’s new Endpoint Security 10.5, which you hear me talk about often, offers the best and most advanced data and device protection available. Plus, it includes Endpoint Threat Defense and Response products as a complimentary suite, providing businesses with end-to-end security intelligence, management, and protection.

What more could an enterprise security manager want? Simply, a better experience.

Whoever they may be, the consumers of our products aren’t necessarily focused on just having the best technology. They’re interested in better use cases, an ease of productivity and workflows, and intuitive interactions with applications and resources. Yes, they want better outcomes, but they also want to enjoy the journey between purchase and result.

There are two means to delivering superior customer experience: technology delivery and support and project and relationship management. Let’s look at them in order.

Technology Delivery and Support

Business buyers expect technology to simply work out of the box (even if it’s a virtual box). This expectation is a byproduct of the consumerization of the enterprise. Through consumer products, such as smartphones and mobile apps, our business customers have a growing belief that products shouldn’t just work as described, but should exceed expectations.

Security products and services aren’t so simple. It takes skilled technicians to deploy, integrate, and configure security products to an optimal state. McAfee partners are instrumental in taking the complexity out of our products and ensuring customers get the maximum benefit by applying their technical skills. Without this expert guidance and support, customers have a diminished experience and are more likely to change providers – on the vendor and reseller levels.

And this is where the new dimension of experience comes in; what’s needed is market-leading project and relationship management.

Relationship Management

Many resellers know already that they can’t afford the one-time sale, where they deliver a product and leave a customer to their own devices. Success, particularly in business models that rely on recurring revenue, depends on persistent engagement with customers to ensure they have a great experience with the products they buy and, ultimately, the provider of those products. In other words, this is the means for a superior experience with you, the partner.

The new customer engagement dynamic means you must understand the customer’s need and expectations, deliver the product, provide the supporting service, and remain connected to ensure they get the maximum benefit from their purchase. It’s a tall order, given that many partner organizations struggle with resources.

Meeting these new experience expectations requires creativity. I’ve talked with scores of partners that are forming collaborative relationships with peer organizations to share resources. They’ve learned that creating partnerships for professional services is easier and more effective than developing this expertise on their own. One organization provides products. Another organization provides the professional services. And a third organization provides the project and relationship dynamic.

Making it Easy for You

If none of this sounds easy, it’s because it’s not. As Steve Jobs once said, “Simple can be harder than complex: You have to work hard to get your thinking clean to make it simple. But it’s worth it in the end because once you get there, you can move mountains.”

Part of our jobs in this experience-based market is masking the complexity of security technology with our expertise and collaborative resources. As a community, we have all the resources needed to achieve this objective. Whether we do this as individual businesses or through collective efforts, we need to hone our thinking to include customer experience as our product.

Together is power, especially in delivering superior experiences.

The post An Unmatched Customer Experience appeared first on McAfee Blogs.

Posted in #whycybersecurity, Active Response, Business, channel, Compliance, computer security, Customer Experience, cyber safety, Cyber Smart Family, Cybercrime, cybersafety, Cybersecurity, Data Center, DLP, DXL, email and web security, embedded security, encryption, endpoint, endpoint protection, endpoint security, ePO, global threat intelligence, incident response, internet security, McAfee partners, network security, ransomware, Securing Tomorrow, security, Security Connected, security management, server security, SIEM, skills shortage, small business, smart devices, targeted attacks, threat detection, threat intelligence exchange | Comments (0)

IoT Malware Activity Already More Than Doubled 2016 Numbers

June 19th, 2017
The number of new malware samples in the wild this year targeting connected internet-of-things (IoT) devices has already more than doubled last year’s total.

Posted in BrickerBot, default passwords, DVRs, firmware updates, Internet of things, IoT, IoT botnet, IoT Malware, IoT security, IOT vulnerabilities, IP-enabled cameras, Kaspersky Lab, Linux, malware, mirai, smart devices, weak credentials | Comments (0)

How To Bank Smart On Your Smartphone

March 30th, 2017

Life before mobile banking just seems so rudimentary now. Trying to find your cheque book, those silly bank statements (which you know you put in a safe place), or even a carpark near the bank feels old school now.

When banking became available online, the people cheered. What a huge time saver. But when banking apps became available on mobile phones, the people roared. Life would never be the same again.

Whether it’s paying your electricity bill or even the flute teacher on the go, transferring money at the supermarket register, or locating an ATM when you need cash ASAP, mobile banking has been transformational.

But while there are massive upsides to mobile banking apps, it is essential that we understand the best way of managing the risks to avoid the potential downsides. Here are my top tips to ensure you stay safe while banking on your smartphone:

1. Never Ever Store Your Banking Passwords On Your Smartphone

I know it sounds super obvious but a clever crim knows exactly how to locate your banking logins and passwords on lost or stolen phones. Please commit them to memory and don’t even think about trying to hide them in your phone contacts.

2. Avoid Using Public Wi-Fi For Mobile Banking

A shared, unsecured Wi-Fi hotspot could actually be a trap set up by a lurking hacker intent on stealing any data you share while connected. Please try very hard to avoid using public Wi-Fi’s but, if you are absolutely desperate, ensure your chosen Wi-Fi hotspot is reputable and password protected.

3. Be Aware Of Shoulder Surfers

Most of us bank on the go, so being aware of others snooping over your shoulder while conducting financial transactions is essential. Take the time and sign up for multi-factor authentication which will reduce the threat of a shoulder surfer stealing your banking logins.

4. Protect Your Phone And Install Security Software

Many of us have protected our laptops with security software but don’t remember our phones. Top notch security software will not only protect you from downloading viruses and malware, it can also remotely wipe your data if you lose your phone. Intel Security offers free McAfee Mobile Security to secure both Android™ and iOS® devices.

5. Ensure You Are Using Your Bank’s Official App and NOT A Fake One

Fake apps are one of the latest ways hackers are worming their way into our private lives and getting their hands on our private information. One way to ensure you reach your bank’s ‘real’ app on either the App Store or Google Play is to click the link from your bank’s own website. And just to be doubly sure, before you tap download, check out the reviews to ensure no one has had any issue with it. Unfortunately, not everything is legitimate.

6. NEVER Click On A Link Sent To You By ‘Your Bank’

Cybercriminals spend a lot of time and resources trying to direct consumers to fake websites they have created that look almost exactly like the real thing. So if your bank has sent you an email and you’re just not sure, please navigate yourself to the site. Do NOT click on that link. Remember, a secure website URL should start with ‘https’.

7. Say ‘YES’ To Your Bank’s Security Offerings

Many online banking platforms have a number of additional security offerings to protect their customers and minimize the impact of stolen logins. Multi-factor authentication, daily transfer limits and transfer notifications are just a sample. So please, say YES to all of them and give yourself another layer of protection.

 

And if you have teens in the house who are on the cusp of managing their own finances, please make sure they know how to avoid the pitfalls of mobile banking. While they may think they have mobile banking ‘all sorted’, they may need a few reminders about how to make good decisions… Ah, the joys of parenting!!

Till next time…

Take care!

Alex x

The post How To Bank Smart On Your Smartphone appeared first on McAfee Blogs.

Posted in app security, cyber safety, Cyber Smart Family, Family Safety, smart devices | Comments (0)

Is Rapid Tech Growth Leaving Your Family’s Digital Safety in the Dust?

March 14th, 2017

It’s an exciting time to be alive, no doubt. We’ve evolved from tech enthusiasts to social connectors, to a to a culture steeped in a sophisticated digital lifestyle. Ease, speed, and efficiency drives every purchase. Still, the inconsistency hums: The more connected our families become, the more insecure we can feel about exactly how to protect them.

The recent global study from Intel, “New Family Dynamics in a Connected World,” confirms that while we are all increasingly connected, we’re still confused about the best way to secure our family from threats such as social predators and cyber criminals.

The rise in popularity of the smart home and its many connected devices has experts predicting that by 2020, “there will be more than 10.5 billion ‘things’ in homes worldwide.” Yes, the Internet of Things, IoT, is proliferating by the hour.

But with the growth of an IoT lifestyle, new family challenges are surfacing, according to the study.

Here’s a snapshot:

  • 76 percent of parents allow their child to bring an internet-connected device to bed.
  • 80 percent of parents are concerned about their child interacting with a predator or criminal online.
  • Only 23 percent of parents admit to using software to monitor their children’s activity on their devices (most parents physically monitor or take phones to manage and limit use).
  • 34 percent of parents have caught their kids visiting inappropriate sites using their device.
  • 36 percent of parents have been called out by their child for being on their device during family time.

The study reveals that for all our genuine concern around online safety, our digital safety habits are struggling to keep up with the pace of technology.

“While there is tremendous excitement for the conveniences that today’s technology brings, we know the weakest link in those devices within a connected home put consumers at risk,” said Gary Davis, chief consumer security evangelist at Intel Security. “We must empower parents to actively manage how their families interact with those devices. When the correct security and privacy measures are taken, consumers will feel more protected enabling them to fully enjoy all the benefits of living in a smart home.”

So how do we course correct and begin to close this gap?

Tips: Keep Family Safety in Step with Pace of IoT:

  • Start talking, start early. It’s never too early to talk to your kids about online safety. Fold talks about safety into your routine much the way you would talk about fire safety, nutrition, or good manners. If your kids are young, start with simple rules like “don’t open emails from people you don’t know.”
  • Get back to basics. Sometimes our unspoken worry over an issue can obstruct our view to simple solutions. Try these basics: 1) As a family, set device time and usage rules and post them in a visible place. Set up a reward system if it helps. 2) Routinely check privacy settings, friend lists, and email on your child’s favorite social networks. 3) Implement a device curfew. Physically have kids turn in phones at a set time each night to protect sleep.
  • Be the digital example. If you want to get serious about changing your digital habits, be the example of a balanced digital life for your kids. Limit your time on social networks when at home, put your phone away during dinner and family time.
  • Be honest with challenges.  Share your digital mishaps and near misses with your kids. They need to know you aren’t perfect and learn from how you handled a digital situation such as cyberbullying, a political argument, a hacking incident, or even a tech addiction.
  • Be candid about risks. Digital natives can be desensitized to potential risks online and even develop a false sense of security. This attitude opens them up to social predators or a dangerous person posing as a teen (catfish). The risks are offline too and apply to common services such as Uber*, Lyft* and Craigslist*. Observe your child. If she seems overly confident, blows off your safety concerns, it’s time to step up the stranger danger talk.
  • Be the boss of your home network. Your home network is the hub for your connected devices including your smart TV, home assistant, thermostat, security system, espresso machine, and Bobby Jr.’s new VR headset, among a dozen other items on your wish list. Consider herding all your devices into one place with products such as McAfee Secure Home Platform. The platform helps you manage and protect all family devices and add parental controls you can tailor to each user.


Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @IntelSec_Family. (Disclosures).

 

The post Is Rapid Tech Growth Leaving Your Family’s Digital Safety in the Dust? appeared first on McAfee Blogs.

Posted in Cybersecurity, Family Safety, identity theft, Internet of things, protecting kids online, smart devices, smart home, social networking | Comments (0)

If we can’t trust technology we won’t (and shouldn’t) use it

February 27th, 2017

Walking this year’s Mobile World Congress I am no longer thrown by the devices, gadgets and flashy booths, but completely mystified at how we as an industry continue to hype up the idea of a truly connected world without addressing one of the most important pieces – security.

As someone who’s been in the industry for almost 20 years, you’d expect me to be shocked that many businesses still aren’t addressing something so key, especially as consumers are starting to question it. In the last year, more people than ever have started asking me: “So Raj, what about my security?”

Hurrah – finally – some people are catching on, and at least asking the question. But whether or not they’ll act upon it is what concerns me…

Don’t get me wrong. Whilst it’s great some people are waking up to the realities that come with a connected lifestyle which, let’s admit is everyone at this stage, there is still a lot of work to do. Ultimately, it’s the industry’s – that’s right, every single person at MWC and beyond – job to lead this.

Because at the moment we’re failing. Our recent survey, for example, found half of us have no idea how to check if our devices have ever been compromised and a third are unsure how to check if a device has been breached. So although many may be starting to consider device security, it doesn’t mean they necessarily know how to manage it. Yet, here we are at MWC giving these same people even more technologically advanced devices to play with – when we know most are unsure how to protect themselves – whether that’s with their phones, computers, kids toys, or now – connected homes and cars.

The truth is that with awesome technology comes great responsibility.  So what do we – both consumers and businesses alike – do to ensure that such technology coming out of big shows like this are safe?

  • Put security first: security cannot be an afterthought in any device manufacturing process. It must be considered upfront by manufacturers in order for any underlining issues to be addressed and catered to
  • Be transparent: enough of the hiding, let’s be honest with consumers about the risks associated with using certain technology. Instead of hiding away and hoping it’s all ok, vendors must at least educate and advise the user on how to best protect themselves including recommending security software suitable for that technology
  • Take control: whilst I want to see manufacturers leading the way when it comes to security, consumers can and should do their bit too. Take device security at home for example where the home network is the hub for all connected devices. New solutions, such as McAfee Secure Home Platform, will help people easily manage and protect devices connected to this network while providing parental controls with permissions that can be tailored to the entire household

 

We must be able to trust the new technology that’s making our world a hyper-connected one – as inventors, product developers, manufacturers, technology leaders from the word ‘go’ in our development cycles, through to the consumers’ lives when they use it. Trust has fallen down across our societies because of all the security hacks, risks and wider vulnerabilities that technology has opened up. It’s our job – each and every one of us – to help change that via our actions as an industry. Let’s continue producing amazing and innovative technology that helps change and advance our lives, but let’s protect ourselves – our friends, our economies, our neighbours and the wider industry – while we do. The more we can work together to build this trust, the better off each technology will be for everyone.

The post If we can’t trust technology we won’t (and shouldn’t) use it appeared first on McAfee Blogs.

Posted in Executive Perspectives, Mobile World Congress, smart devices, smart home | Comments (0)

From Smart Shoes to Safe Routers: Innovation Shines Bright at CES 2017

January 12th, 2017

CES 2017 (the Consumer Electronics Show) has come and gone once again, bringing with it the newest wearables, state-of-the-art tech platforms, robots, and all things IoT. And as connected devices displayed their illustrious potential throughout the event, they also come as an indication of parallel efforts to come from cybercriminals. Meaning, as technology evolves, so do cyberthreats—a topic area that I was able to explore with event attendees during the Cybersecurity Forum panel, “Evolving Threats in a Connected World.”

Beyond this panel discussion on creating a better security posture in the face of advanced threats, let’s review what ultimately drives that evolution—the devices and innovations emerging from CES. Here are a few of my takeaways from the event:

Wearables continue steady growth

Wearables have continued to explode over the past few years, and this year’s CES proved that there’s no sign of slowing. From fitness-tracking rings, to nausea-relief wristbands, to eye-tracking glasses, to smart running shoe insoles, CES brought users technology that was personalized, thoughtful, and environmentally conscious. Not to mention a lot of it. 

Machine learning takes center stage

IoT is aiming to become more human, as smart device manufacturers know that machine learning has become a huge competitive differentiator. While Amazon’s Echo (a.k.a. Alexa) is still the most popular product out there, many companies put their stake in the ground and entered the machine learning-infused consumer product race at this year’s CES. For example, a robot designed to be a home assistant, named Kuri, emerged that responds to commands and handles tasks with voice and image recognition.

At a higher level, CES also highlighted how integral machine learning is becoming via their keynotes. One example: the speech from Carnival Cruise’s CEO Arnold Donald, where he dove into how technology, especially that powered by machine learning, is becoming a crucial aspect in just about every industry. Machine learning, he noted, gives companies the ability to provide a tailored and streamlined user experience that is unmatched by anything else.

Encryption solutions get further explored

Now, for a bit on gadget security at CES (the good stuff). Wedged between connected egg cookers and smart headphones was software that encrypts smart home commands. This kind of software can work with existing or new smart home systems, and encrypt (scramble up) any personal data cybercriminals might use to manipulate connected devices. This solution makes IoT security both feasible and easily organized—and, not to mention, is becoming increasingly important in the face of continuous ransomware encrypting data on its own terms. Remember it’s not often that ransomware plays nice (like Koolova does).

Cybersecurity is tackling IoT security at the router level

Just as innovative encryption solutions are growing, so are alternative security solutions that aim to protect connected devices and homes from evolving threats. One emerging solution? A new ARRIS router, which has the McAfee Secure Home Platform built into it. The ARRIS Surfboard SBG7580-AC offers protection nearly identical to the McAfee security software you might have installed on your desktop or laptop, except it extends protection to every device connected to your home network. In other words, if your smart lightbulbs or connected toaster see an attempted hack, the router will detect the threat and suspend an at-risk device’s internet access, so crooks can’t leverage it to gain access to your entire home’s connected kingdom.

All in all, CES 2017 proved that innovation isn’t slowing down, and that also goes for connected devices and the technology that protects them. Both the IoT and cybersecurity landscape are adapting to the needs of folks like you and me, to make sure everyone is securely connected in the New Year and beyond.

Be sure to stay on top of the latest consumer and security trends by following me and @IntelSec_Home on Twitter, and Like us on Facebook.

gary

The post From Smart Shoes to Safe Routers: Innovation Shines Bright at CES 2017 appeared first on McAfee Blogs.

Posted in CES, Consumer Threat Notices, Internet of things, smart devices, smart home | Comments (0)

FTC Issues Public Challenge to Improve IoT Patching

January 4th, 2017
The FTC announced the IoT Home Inspector Challenge, a contest with the goal of coming up with a patching solution fit for consumer-grade connected devices used in the home.

Posted in connected devices, default passwords, embedded systems, Federal Trade Commission, FTC IoT Home Inspector Challenge, Government, hacking contest, Internet of things, IoT, IoT patching, IoT security, IOT vulnerabilities, smart devices, smart homes | Comments (0)

Securing Today’s Connected Home

January 4th, 2017

When thinking of cyber threats, malware, phishing, and data breaches typically come to mind. But as 2016 has shown us, threats don’t stop there. Cybercriminals are getting more and more creative and finding new, sophisticated methods of attack to access our data. One of the more successful methods as of late: attacking connected IoT devices in the smart home.

These smart home devices can be almost anything – a connected thermostat, lightbulb, camera, the list goes on. In fact, according to Gartner, there are 5.5 million IoT devices connected in homes each day around the world. And with all of these devices connecting to one router, there’s now that many more gateways into your smart home network, making it more susceptible to compromise.

The question is: how likely is such a breach? Many of these connected devices are manufactured with low security standards. Just remember what happened with the Dyn DDoS attack. Low device security standards caused one of the largest Internet of Things (IoT) botnet attacks in recent history, affecting almost the entire east coast in the process.

I know what you might be thinking – that attack was caused by compromising thousands of IoT devices. But, if a handful of these devices are located in a single home, while the damage may not be as widespread, it can get personal. Once a cybercriminal finds their way inside your home network through these devices, the hacking possibilities are virtually endless. They can control your entire home— flicker your lights, access your camera to peer into your life, shut down your devices, and worst of all, capture any personal data sent across the network.

Now, with all of these devices—in addition to your computer and phone — making up unique (and hackable) gateways into your smart home network, a new security approach is needed. This approach is layered security or sometimes referred to defense in deapth. The way to create this in your home is by adding protection directly into your gateway to protect all the devices in the home. Additional security such as a firewall and antivirus should also be used to protect your network and PCs, laptops, mobile devices and Macs.  This layered security strategy is the approach that businesses use to safeguard their data and employees.

While companies like ours work to help ensure your connected homes are as secure as possible, there are a few things you can do directly to protect your smart devices today. Here are a couple of tips for protecting your connected home network, today:

  • Change up your passwords. Take standard security precautions with your connected devices, such as regularly updating your login information. Frequently changing the passwords on both your home router and smart home devices is an easy way to ensure your network is better secured. Make sure the passwords are hard to guess.
  • Apply updates: Very often these connected device manufacturres will create patches to the firmware to fix known bugs and often implement improved security. It’s important to apply updates when notified by the device manufacturer.
  • Be mindful of who’s connecting to your network. We typically don’t think twice about handing out our Wi-Fi password to visitors in our homes, but it’s important to limit access to your network. You can’t keep track of everyone’s activity, so remain conservative and limit who’s getting entry to your gateway.
  • Do your homework. When looking to purchase a new IoT device for your home, do your due diligence – research the manufacturer, check security standards, read reviews. If the device doesn’t seem up to par, it’s not worth the risk.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @IntelSec_Home on Twitter, and ‘Like’ us on Facebook.

 

gary

The post Securing Today’s Connected Home appeared first on McAfee Blogs.

Posted in connected devices, Consumer Threat Notices, Internet of things, smart devices, smart home | Comments (0)