Saturday, December 16, 2017

Professor fools $80M superyacht’s GPS receiver on the high seas

Todd Humphreys says defenses are scant: "nobody knows how to use a sextant."    

Moscow Metro says new tracking system is to find stolen phones;...

Experts: Russians are probably using fake cell tower devices for surveillance.    

Tampering with a car’s brakes and speed by hacking its computers:...

The "Internet of automobiles" may hold promise, but it comes with risks, too.    

Cybercrime costing economy up to $500B a year, study finds

Real-world losses due to cybercrime add up to between $100 billion and $500 billion globally, and more than 500,000 jobs in the U.S.

Alone, according to report commissioned by McAfee. July 23, 2013 8:57 AM PDT Cybercrimes cost the global economy u...

Cisco ponies up $2.7B for Sourcefire

The move could help Cisco shore up its position in the network security industry after losing market share in the last few years to more competitive rivals including Palo Alto Networks and Check Point July 23, 2013 8:15 AM PDT (Credit: Cisco Syst...

How Southern NHS fixed its fractured security

When, back in 2012, the Information Commissioner’s Office (ICO) reprimanded NHS Bournemouth and Poole for passing on the data of 3,700 patients to the Enhanced Care Service without first consulting the individuals concerned, it sparked a major rethink in the way security operated across the NHS in neighbouring Hampshire. Serving a population of 1.3 million, Southern Health NHS Foundation Trust is responsible, wholly or in part, for 14 community hospitals across Hampshire. Earlier this month, as part of a complete overhaul of its existing IT security strategy, Southern went live with security information and event management (SIEM) and content security technology from Trustwave. Anthony Guethert, head of IT architecture and design at Southern takes up the story: “We went through Trustwave for most of the software choices we made.

The vertical stack integrates nicely – we found it’s best in breed – and it offers very good support and competitive pricing, so that combination was excellent for us.” Guethert added that Trustwave “knew what they were talking about”, and offered “excellent service and support, and the range of the products vertically integrated nicely”. Specifically, Southern Health has deployed Trustwave’s Webmarshal and Mailmarshal products, which filter bandwidth and manage traffic levels through web and email servers, and Trustwave SIEM to collect, analyse and assess security events proactively for rapid identification, prioritisation and response. The Trust has also implemented McAfee Safeboot, while Good Technology takes care of mobile device management and SecurEnvoy provides two-factor authentication. As well as a desire to keep in the ICO’s good books, a big driver behind the security overhaul was to make it simpler for staff to communicate with colleagues in a safe way. “The key was security, and having the staff use equipment in the past that was not encrypted or had a very difficult way of connecting back to the corporate resources was at the forefront of our minds,” said Guethert. “The more difficult it was for people to use the technology, the less security we had and the more risk we had,” he added. “So once we’d got encrypted laptops out there, with a nice secure connection back in, we wanted to make sure that the technology was accessible and easy to use, and that users were following corporate policies when out in the field. That’s all managed and monitored now.” The Good Practice Guide 13 from cyber security consultancy CYSEC forms the basis of the Trust’s security policies. “GBG13 guidelines were important for us to meet,” said Guethert. “When building the infrastructure we had the opportunity to do it properly, and we wanted the security model to reflect best practice in the process of doing that. “So one of the key things was to understand the marketplace, understand the requirements, and understand the level the Trust needed to reach and maintain, and implement and achieve those levels with minimal total cost of ownership. We didn’t want to put systems in that increased the cost or burden over time.” As well as hugely increased security, Guethert is enthusiastic about the Trust’s new ability “to share data for the first time, and share a global address list. None of that was possible before – all the suppliers had separate systems, separate data, and email systems. So no stuff could work across them.” Guethert blames historical NHS IT systems that were “a very complex environment that grew organically [over years]” for creating a system that led to so many security gaffs. “The CEO and board [of Southern] were fantastic, because they realised strategically that this was crippling the business and there was a real need to bring it together into a single organisation.” @PeterGothard

Cisco acquires Sourcefire for $2.7bn

Networking specialist Cisco Systems is buying cyber security services company Sourcefire in a deal valued at $2.7bn (£1.8bn). The acquisition follows a number of years in which Cisco has lost market share in network security to rivals, such as Juniper Networks and Check Point Software.  Cisco is paying a 28 per cent premium over the company's market value at close of business yesterday evening.  The deal is expected to complete before the end of the year. On completion, Sourcefire will be incorporated into the Cisco Security Group, led by senior vice president Christopher Young. "The notion of the ‘perimeter' no longer exists and today's sophisticated threats are able to circumvent traditional, disparate security products. Organisations require continuous and pervasive advanced threat protection that addresses each phase of the attack continuum," said Young "With the acquisition of Sourcefire, we believe our customers will benefit from one of the industry's most comprehensive, integrated security solutions - one that is simpler to deploy, and offers better security intelligence." Hilton Romanski, vice president of Cisco Corporate Development, welcomed the deal. "Sourcefire aligns well with Cisco's future vision for security and supports the key pillars of our security strategy," he said. "Through our shared view of the critical role the network must play in cyber security and threat defence, we have a unique opportunity to deliver the most comprehensive approach to security in the market." Sourcefire founder Marin Roesch added that the deal would give the security firm exciting new opportunities. "Cisco's acquisition of Sourcefire will help accelerate the realisation of our vision for a new model of security across the extended network," he said. "We're excited about the opportunities ahead to expand our footprint via Cisco's global reach, as well as Cisco's commitment to support our pace of innovation in both commercial markets and the open source community."

Cisco buys cyber security company Sourcefire for $2.7bn

Networking giant Cisco has reached an agreement to buy cyber security organisation Sourcefire in a $2.7bn deal approved by the boards of both companies. Cisco said the acquisition will accelerate delivery of Cisco's security strategy of defending, discovering and remediating advanced threats. "Sourcefire aligns well with Cisco's future vision for security and supports the key pillars of our security strategy,” said Hilton Romanski, vice-president, Cisco corporate development. “Through our shared view of the critical role the network must play in cyber security and threat defence, we have a unique opportunity to deliver the most comprehensive approach to security in the market.” Christopher Young, senior vice-president at Cisco security group, said the notion of the " “Organisations require continuous and pervasive advanced threat protection that addresses each phase of the attack continuum," he said. Young said the acquisition would enable the creation of one of the industry's most comprehensive, integrated security solutions that is simpler to deploy and offers better security intelligence. Martin Roesch, Sourcefire founder and CTO, said the acquisition would help accelerate the realisation of the security firm’s vision for a new model of security across the extended network. The acquisition is expected to close during the second half of calendar year 2013, subject to customary closing conditions and regulatory reviews. Upon completion of the transaction Sourcefire employees will join the Cisco Security Group led by Christopher Young. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com

David Cameron's porn law an all-around disaster

David "tough on m**tur****on, tough on the causes of m**tur****on" Cameron has admitted that his crack-pot crusade to purge the net from p**n is about as effective as a chocolate teapot. According to the Daily Telegraph , Cameron is getting much mockery over his plan to save children from the perils of p**n, but he will press ahead with it anyway. He already had to climb down after it was pointed out that the Sun should be filtered for running page three.  Cameron needs Sun readers. The problem is that if page three is not banned then the internet filter is going to be completely arbitrary and pointless and won't prevent children from seeing naked women at all. If it was possible for Cameron to look even more ignorant and disconnected with this law he certainly managed it. His cunning plan was based around the idea that ISPs had agreed to introduce family-friendly filters that automatically block p**nography unless customers chose to opt out. Unfortunately it was fairly clear that the ISPs had done no such thing, and some were still lobbying the government to tell it to sling its hook. Cameron's plans were criticised by anti-censorship groups, who warned that sites about sexual health and sexuality could get caught up in the ban.

Other critics warned that censorship sets a dangerous precedent, is more about control, and that the government could go further than p**nography. While Cameron was thinking "what about the children" he failed to realise that the technology to ban internet p**n was impossible. Anyone who wants to watch p**n will simply use a proxy site in another country and the whole thing will be a waste of time. Take, for example, blocking the Pirate Bay.

Although ISPs must legally oblige, a simple Google search will get anyone who wants it to a proxy in seconds. Cameron admitted that there might be a few "problems down the line" with the system particularly as he has already ruled out "soft" or written p**nography from the scheme entirely. This makes any internet filter, short of the great firewall of China, technologically unviable. Even in China it is still possible for people to see p**n. To make matters worse the former head of the Child Exploitation and Online Protection centre (CEOP), Jim Gamble, said Cameron's plan to tackle child abuse images by removing results from search engines like Google would be "laughed at" by paedophiles. Paedophiles get their p**n from peer-to-peer, not from Google, and arrests are too few. Gamble said that if Cameron really wanted to protect kids from paedophiles he should be investing money in child protection teams, victim support and policing on the ground. Under Cameron's plans all households will have to "opt out" of automatic p**n filters, which would come as standard with internet broadband and cover all devices in a house. Possession of the "most extreme forms of p**n" will become an offence, while online content will have the same restrictions as DVDs sold in sex shops. Search engines have been told they will have to redact results from specific searches, while anyone accessing websites shut down by the police for containing such images will see a message warning them that what they are doing is illegal. But it is fairly clear that Cameron really did not have a clue which legal sites should be banned by the filters and was blaming the technology for having weaknesses. Talking to the Beeb, Cameron claimed that the filters could evolve over time. He thinks that companies are going to design what is automatically blocked. What's more alarming is that Cameron wanted to create marital strife by embarrassing "a husband" who wanted to see p**n.

Never mind that a "husband" also might not like the idea of Cameron censoring his internet connection. Cameron's moves are even hitting at his own conservative core. While there are the usual Daily Heil readers who want everything to be banned other than pictures of royal babies, many conservatives see censorship as a nanny state intervention. As Daniel Foster, founder of web hosting company 34SP, pointed out, claiming p**n is 'corroding childhood' is particularly extreme. Since Cameron criticised Labour for operating a nanny state, this reeks of hypocrisy, he said. Cameron was even attacked by one of his former female MPs, Louise Mensch, for attempting to ban video containing r**e simulation. She suggested such fantasies were common in more than half of all women and it was not up to the government to police that. Cameron will have his work cut out explaining why he is making such an incredibly unpopular move for absolutely no political advantage at all. Similar moves in Australia were abandoned because they were seen as too politically stupid - and they didn't work anyway.

3D printer maker comes up with anti-gun filter

Earlier this year a group of American firearms enthusiasts demonstrated the first 3D printed gun, which caused quite a stir despite the fact that the weapon itself was rubbish. First of all it wasn’t exactly practical and bleeding heart liberals were quick to point out that it could evade metal detectors, conveniently forgetting that bullets tend to contain plenty of copper, lead and brass.  The State Department promptly ordered everyone to delete all 3D files related to the gun, forgetting that kindly asking the internet to delete something doesn’t really work. New York City’s lawmakers than tried to push through legislation that would render the production of 3D printers illegal, unless the producers are licensed gunsmiths.

Of course, copying movies and music is also illegal and we all know how well banning that works. For Europeans the whole mess was rather amusing, but they eventually decided to join the fun. Danish 3D printing outfit Create it REAL came up with a simple software solution that would identify any attempt to print 3D gun components and stop the printer cold.  The software looks for specific firearms characteristics and since any 3D gun would have to use off-the-shelf ammunition, this should be possible to do.

For example, the printer could detect a shape chambered for popular cartridges, or other components such as magazines, receivers and so on. It’s not like everyone needs 9mm printed tubes or strange plastic containers for 5.45x45mm  rounds, with some springs at the bottom. Of course, the approach is not foolproof, as all sorts of software can be tampered with, but it’s a start. The company acknowledges that the feature is intended to prevent people from “accidentally” printing a gun, so it sounds like a way of deflecting liability, reports Tech Dirt. 

Survey reveals true global cost of cyber attacks

Cyber crime and espionage racks up between $300bn and $1tn in annual global losses, a study has revealed. Security firm McAfee sponsored the study by the Center for Strategic and International Studies (CSIS) to quantify the economic impact of cyber crime after years of guesswork. The CSIS enlisted the help of economists, intellectual property experts and security researchers to build an economic model and methodology, which revealed the global losses are lower than previously thought. For some time the loss has been pegged at $1tn, but the study report revealed that this is really the upper limit. The report also puts the cost in context of global GDP, pointing out that it represents only 0.4% to 1.4%, compared with $600bn in losses due to drug trafficking, which represents 5% of global GDP. The report’s authors noted the difficulty of relying on methods such as surveys because companies that reveal their cyber losses often cannot estimate what has been taken, intellectual property losses are difficult to quantify and the self-selection process of surveys can distort the results. For the purposes of the research, CSIS classified malicious cyber activity into six areas: The loss of intellectual property; Cyber crime; The loss of sensitive business information, including possible stock market manipulation; Opportunity costs, including service disruptions and reduced trust for online activities; The additional cost of securing networks, insurance and recovery from cyber attacks; Reputational damage to the hacked company. Measuring the losses associated with cyber attacks “We believe the CSIS report is the first to use actual economic modeling to build out the figures for the losses attributable to malicious cyber activity,” said Mike Fey, executive vice-president and chief technology officer at McAfee. “Other estimates have been bandied about for years, but no one has put any rigor behind the effort.

As policy-makers, business leaders and others struggle to get their arms around why cyber security matters, they need solid information on which to base their actions,” he said. The new study recognises that the cost of malicious cyber activity involves more than the loss of financial assets or intellectual property, and takes into account damage to brand and reputation, consumer losses from fraud, the opportunity costs of service disruptions “cleaning up” after cyber incidents and the cost of increased spending on cyber security.  “This report is also the first to connect malicious cyber activity with job losses,” said James Lewis, director and senior fellow, technology and public policy program at CSIS, and a co-author of the report. Some 508,000 US jobs alone are potentially lost each year from cyber espionage The authors estimate that 508,000 US jobs alone are potentially lost each year from cyber espionage. “As with other estimates in the report, however, the raw numbers might tell just part of the story.

If a good portion of these jobs were high-end manufacturing jobs that moved overseas because of intellectual property losses, the effects could be more wide ranging,” said Lewis. Cyber crime damage reaches beyond financial cost While this first CSIS report builds a model to scope the direct losses from cyber crime and cyber espionage, a second report will look at the ramifications of cyber security losses on the pace of innovation, the flow of trade and the social costs associated with crime and job losses. The report's authors said that putting a number on the cost of cyber crime and cyber espionage is the headline, but the heart of the matter is the effect on trade, technology and competitiveness. “Answering these questions will help us put the problem in its strategic context,” they wrote. While the cost of cyber crime and cyber espionage to the global economy is likely billions of dollars every year, the dollar amount may not fully reflect damage to the global economy, the report said. Cyber espionage and crime may slow the pace of innovation, distort trade and create social costs from job losses, and this larger effect may be more important than any actual number and it will be the focus of the second CSIS report. Image: iStockphoto/Thinkstock Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com

Millions of mobiles vulnerable to Sim security flaw

A newly-discovered vulnerability in mobile Sim cards could allow hackers to access text messages, voicemail and location data, according to a security researcher. Berlin-based researcher Karsten Nohl claims he has found a way to uncover the digital keys of some subscriber identity module (Sim) cards that could enable hackers to tap into phone calls or steal cash. He reported the vulnerability first to the GSMA, the industry association that represents global mobile phone network operators, which is looking into the findings. "We have been able to consider the implications and provide guidance to those network operators and Sim suppliers that may be affected,” a GSMA spokesperson told the BBC. The GSMA’s preliminary findings indicate that a minority of Sims produced against older standards could be vulnerable. But the body said there was no evidence that modern Sims are vulnerable. Nohl estimates that one in every eight Sim cards are vulnerable, which represents up to 800 million devices out of 7 billion active Sim cards around the world. Sim cards were introduced as a security token to authenticate a user’s identity with the network operator to eliminate fraud and ensure accurate billing. The cards also store some data, including text messages, phone numbers and details used for some applications such as payment and banking services, making these services vulnerable to attack. Nohl claims that about a quarter of phones tested responded to fake text messages from the mobile operator with an error message that included an encrypted version of the Sim's authentication code. In half the cases, Nohl said the encryption was based on an early coding system called Digital Encryption Standard (DES), which can now be cracked in two minutes on a standard computer, he wrote in a blog post. This means that phones in regions where DES is still common are the most vulnerable. DES has long been considered a weak form of encryption and many mobile operators have upgraded now to more secure forms. Nohl claims an attacker can use the authentication code to download malware to the Sim that can be used to send text to premium rate numbers set up by the attacker. In addition to stealing cash this way, he believes attackers could also access the target's voicemail messages, track their location and listen to calls. Nohl expects network operators to respond quickly to his findings and provide an over-the-air download to protect subscribers against the vulnerability. He has undertaken not to publish details of the most vulnerable Sims until December 2013 to give operators an opportunity to address the problem. UN telecoms agency, the International Telecommunications Union (ITU), said it will contact regulators and other government agencies worldwide to ensure they are aware of the threat. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners.

If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com