Capgemini News Blog

Capgemini News Blog

Opinions expressed on this blog reflect the writer’s views and not the position of the Capgemini Group

Weekly Techno Brief

Category : IT industry
Each week our intranet news channel editors provide a round up for Capgemini colleagues of the business IT news that drives and inspires us. We publish some of the highlights here.

With cyber security issues continuing to dominate the news agenda, this week our Weekly Techno Brief focuses on all things security. 

IoT Risky Business for Enterprise Networks
A Tripwire survey found that employed consumers who took work home had an average of 11 IoT devices on their home networks, and 24% of them had connected at least one of these devices to their enterprise network. The always-on connectivity of wearables and IoT devices means they can easily be tampered with, on a home network or on public WiFi networks. They need to be treated as any computer or smartphone that needs to be secured. 

There were 9 billion Internet of Things (IoT) units installed at the end of 2013 by IDC's count, and its analysts expect the figure to hit 28 billion by 2020. That's going to make life difficult for IT security administrators.

Source: Tech News World
Is the FTC Jumping the Gun on IoT Security?
Most consumers and organisations aren't aware of the risks IoT devices pose to them. "There's a tendency for people to think of them as toys and not network-connected computers. If they're compromised, they can be used to attack other things on a network. Through its best practices, the Federal Trade Commission [FTC] is helping to get that message out," explained Eset senior researcher Cameron Camp. For months, the security community has been waving a red flag about how the nascent Internet of Things could become a cybercriminal's paradise. Last week, those admonitions were given some credence when the FTC recommended that the makers of IoT gadgets adopt some "best practices" to protect consumers from potential violations of their privacy and security.
Source: Tech News World

Anthem Mega-Breach Jeopardises 80 Million Consumers
Anthem HackHackers broke into the databases of Anthem Inc., the second-largest health insurer in the U.S., and stole up to 80 million customers' personal information. The data includes current and former customers' names, birthdays, medical IDs, social security numbers, street addresses, email addresses and employment information.
Source: Tech News World

Infected Android Apps From Google Play Affect Millions
Google Play MalwareGoogle's app scanning process may have missed the malware because 'they rely mostly on static code analysis and the app in question may have used a 'time bomb' method -- waiting a period of time before downloading and executing the malware,' believe experts.

Millions of Android users have been hit by malware posing as games on Google Play. The malware harbours fake ads that pop up when users unlock their devices, to warn them about nonexistent infections, or that their devices are out of date for example.

Source: Tech News World
Google Gives WebView the Cold Shoulder
Android SecurityGoogle has decided not to fix vulnerabilities in WebView for Android 4.3 and older, sparking heated discussions among developers. Those versions of WebView run on the WebKit browser. Fixing them "required changes to significant portions of the code and was no longer practical to do so safely," Adrian Ludwig, lead engineer for Android security, explained last week in a post.​

Source: Tech News World

Is It Time to Trash Flash?
HackerRecently,  Adobe Flash Player users were hit by a zero-day flaw for the third time in two weeks. The company issued a security advisory for the vulnerability, which it dubbed CVE-2015-0313. The flaw exists in Flash Player and earlier versions on Windows and Macintosh platforms. Successful exploitation could crash the desktop and potentially let hackers take control of it, Adobe warned. The CVE-2015-0313 attack consists of malvertising -- ads that redirect victims to malicious sites.

Source: Tech News World
China May Write New Rules for US Businesses Selling Tech to Banks
A group of organisations representing American businesses last week requested urgent discussion and dialog with China's government. They expressed concern about the possible adoption of a policy to ensure that any Internet and information communications technology products Chinese banks purchase from companies outside of China are secure and controllable. The group sent a letter to the Chinese Communist Party Central Leading Group for Cyberspace Affairs, which reportedly is headed by China's president, Xi Jinping.

Source: Tech News World

Businesses Seek Liability Protection for Cybersecurity Disclosures
Obama CybersecurityNo foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, President Barack Obama told the U.S. Congress during the State of the Union Address last week.

However, hunting down the perpetrators of cyberattacks that compromise national security or disrupt commerce is only going to get more difficult in the future, as the president noted a week earlier during a visit to the National Cybersecurity Communications Integration Center. A unit of the Department of Homeland Security, the NCCIC is a 24/7 cybersituational awareness, incident response, and management centre that collects and shares cyberthreat information among various parties.

Source: E-Commerce Times 

White House Jump-Starts Cybersecurity Protection Programs
Barack ObamaAs members of the U.S. Congress started to prepare for the upcoming legislative session, President Obama lost little time in putting cybersecurity near the top of a to-do list for lawmakers. During a visit to the federal National Cybersecurity Communications Integration Center, Obama called for additional legislation to improve information technology protection. Speaking to NCCIC staff last week, Obama said that "protecting our digital infrastructure is a national security priority and a national economic priority."

Source: E-Commerce Times
Cameron Takes Hard Line on Encrypted Communications
David CameronUK Prime Minister David Cameron has argued that the safety of citizens trumps privacy and that the government should be able to monitor any communications if warranted. "If Cameron succeeds," said tech analyst Charles King, "UK citizens can take comfort in their government acting with all the foresight and wisdom of other beacons of freedom, including China, Russia, Egypt and Iran." Prime Minister David Cameron, who is standing for re-election, has vowed to ban personal encrypted communications apps such as Snapchat and WhatsApp if he is voted in. He also will allow UK government security agencies to monitor communications, with warrants signed by the Home Secretary. "The first duty of any government is to keep our country and our people safe," Cameron declared earlier this week.

Source: Tech News World
Businesses Waste Big Bucks Fighting Phantom Cyberattacks
Businesses spend an average of US$1.27 million (£0.8 million) a year chasing cyberthreats that turn out to be dead ends. That is one of the findings in a report released last week on the cost of containing malware. In a typical week, an organisation can receive nearly 17,000 malware alerts, although only 19% of them are considered reliable, according to the research, which was conducted by the Ponemon Institute and Damballa.

Still, malware fighters have a difficult time keeping up with even the reliable alerts, since only 4% are investigated, according to the survey of 630 IT and IT security practitioners familiar with their company's antimalware practices.

Making matters worse, two-thirds of the time spent hunting for bad apps is wasted because of faulty intelligence. An average of 395 hours a week is frittered away on dead-end investigations.

Source: Tech News World

The highlights from our Weekly Techno Briefs above do not necessarily represent the view of Capgemini Group.

About the author

Izzy Noon
Izzy Noon
Izzy joined Capgemini in 2014 as part of the General Management Graduate Programme. She holds a BSc (Hons) in Accounting and Financial Management. Having had experience in Accounts Receivable and Financial projects she is taking on a range of new projects from Sustainable Procurement Supplier Mapping to UK Graduate Recruitment through a global competition.
1 Comment Leave a comment
It is imperative that all business (small, medium or large) start investing more in CyberSecurity initiatives, as cyberattacks are only going to get more sophisticated and leave a larger impact to the victim organizations.

Leave a comment

Your email address will not be published. Required fields are marked *.