Paul Wallbank – Brilliant Communications

Tag: internet of things

  • Rampaging Ransomware

    Rampaging Ransomware

    A few years ago Ransomware was a joke, malware would install a screen that would demand a ransom be paid to ‘unlock’ the computer. It was easy to get around and almost trivial to remove.

    Then came Cryptolocker, a nasty piece of malware that would gleefully encrypt a victim’s hard drives, rendering them inaccessible unless a sizeable ransom was paid.

    Ransomware suddenly became serious.

    Cryptolocker eventually was unpicked with a cracking tool released and the ring’s alleged founder, Evgeniy Bogachev, now on the run from US authorities with a three million dollar reward for his arrest.

    A better class of ransomware

    Now the gangs running the ransomware scams are even more sophisticated and well resourced with Andrei Taflan of Romanian security company BitDefender describing how Bitcoin values are often tracking ransomware activity.

    “When we see Bitcoin values surging we watch for increased ransomware activity. Someone is buying Bitcoins to unlock their data,” Taflan told me last week in an underground bar appropriately called The Rabbit Hole.

    Taflan’s colleague Bogdan Botezatu describes how the ransomware problem is getting worse, not better, with Cryptowall patching the weaknesses that led to Bogachev’s downfall.

    One of the fascinating aspects of Cryptowall is that it’s polymorpic – it changes shape to elude traditional signature based anti-virus programs. The malware also creates unique Bitcoin wallets to make tracking transaction harder.

    Paying the ransom

    Many businesses being infected by Cryptowall and having data locked away by an industrial grade encryption program makes it a no brainer to pay the demands. It’s a profitable business.

    Faced this rather impressive piece of work, Botezatu raises a chilling prospect about ransomware in the Internet of Things; how long, he asks, will it take ransomware to target more sensitive devices we use, including cars and medical implants?

    Botezatu’s concern illustrate why security with the Internet of Things is absolutely essential if industry and the public are to have any confidence in connected devices.

    Similar posts:

    • No Related Posts
  • Locking down the firmware of the internet of things

    Locking down the firmware of the internet of things

    There’s a fundamental problem with smart devices warns Kim Zetter and Andy Greenberg in Wired magazine.

    In Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It, Zetter and Green look at the problem with the embedded software that is shipped with every computerised device from Personal Computers to smart sensors.

    The problem with firmware is that it’s difficult to check it’s not been changed, awkward to upgrade and complex to find, the Wired piece mentions how even the batteries in Apple laptops have vulnerable software embedded into their chips.

    As the smart devices become common in our homes, cars and workplaces suppliers will have to do more to secure their software.

    Similar posts:

    • No Related Posts
  • The IoT’s shaky security

    The IoT’s shaky security

    Samsung’s spying TV sets attracted headlines that worried many people but until yesterday no-one had looked at exactly what data was being sent by the devices to Samsung.

    Pen Test Partners looked at the data flowing too and from Samsung smart TVs and found that yes, the devices are listening and transmitted data back to their – and other company’s – servers.

    That is pretty well what is expected, the real concern though is the quality of what’s being transmitted with Pen Test describing it as a mishmash of code with not even a gesture towards security, “what we see here is not SSL encrypted data. It’s not even HTTP data, it’s a mix of XML and some custom binary data packet.”

    One of the concerns about the Internet of Things has been the quality and security of the data being transmitted, the Samsung TV shows both are lacking.

    For the IoT to deliver the benefits it promises, connections need to be secure and data reliable. Right now it appears the vendors of consumer products aren’t delivering the basics necessary to make the technologies dependable.

    Similar posts:

    • No Related Posts
  • Building the next Internet of Things network

    Building the next Internet of Things network

    Earlier this week we looked at Cisco’s claim that Low Power Wide Area (LPWA) networks will handle much of the world’s mobile data traffic by the end of the decade.

    French company SIGFOX showed how investors are looking at the opportunity in these systems with a $115 million funding round two days ago.

    What’s particularly notable about SIGFOX’s investors is how many of them are telcos themselves with Spain’s Telefonica, Japan’s NTT DoCoMo and South Korean SK Telecom being key shareholders.

    Along with the telcos, who SIGFOX hopes will help them expand their footprint outside Spain, France, the UK and the Netherlands, there’s also a collection of industrial companies including Air Liquide and infrastructure giant SDF Suez.

    That a diverse range of companies are moving into the LPWA market shows how important the stakes are for providers in securing a position in the the technologies that will define the Internet of Things as industries brace themselves for the massive rollout of connected devices.

    Similar posts:

    • No Related Posts
  • Connecting motor bikes to the IoT

    Connecting motor bikes to the IoT

    One of the obvious applications for smart devices is in motorbike helmets; an article in Intel’s Free Press website describes how they may work in a prototype setup on a BMW BMW R1200GS bike.

    The smart helmet, which uses an Intel Edison system, is different from current add on systems in that it directly communicates with the bike’s internal electronics giving a rider a deeper level of control.

    “If you need directions, say ‘take me home’ and it’ll queue up directions and give them over audio. But if there isn’t enough gas, then it will redirect you to a gas station first because it can read the bike’s remaining fuel range,” explains Moyerman. “It will also do smart navigation, so if a blind turn is approaching, it’ll give you warning to slow down.”

    Creating the prototype isn’t simple as each manufacturer has its own control language, a common problem in retrofitting Internet of Things functions onto devices not designed to connect to a network.

    “Putting together a system like that is much more complicated than plug and play. Every vehicle maker has its own data language, which means that there’s no universal standard to interpret the data. The team at Intel worked with BMW’s Bay Area group to translate a R1200GS adventure motorcycle’s own language from the CAN bus (controller area network) to Edison, which then sends it to the smartphone via Bluetooth.”

    The same challenge faces car manufacturers as well which increases the risks of vehicle owners being locked into a certain manufacturer’s ecosystem – for instance, buy a BMW and be locked into the Apple HomeKit system.

    Regardless of the compatibility problems, we’re increasingly going to see these technologies included with common household items. That many of them are voice activated should give those concerned about the privacy of Samsung smart TVs some pause for thought.

    Similar posts:

    • No Related Posts