Discount Offers

SIA Licensed Security Tie Pin Badge K4S® Exclusive Design

£5.75
End Date: Friday Feb-9-2018 19:04:15 GMT
Buy It Now for only: £5.75
Buy It Now | Add to watch list

Combat Trousers Security Bouncer Police Security Door Supervisor

£19.19
End Date: Sunday Feb-18-2018 16:47:09 GMT
Buy It Now for only: £19.19
Buy It Now | Add to watch list

Security bouncer door supervisor bomber jacket coat Medium

£51.83
End Date: Sunday Feb-18-2018 16:06:16 GMT
Buy It Now for only: £51.83
Buy It Now | Add to watch list

SIA Security Notebook SIA Approved Door Supervisor

£9.94
End Date: Tuesday Feb-13-2018 11:03:35 GMT
Buy It Now for only: £9.94
Buy It Now | Add to watch list
0024476
Visit Today : 1
Visit Yesterday : 1
This Month : 22
This Year : 22
Total Visit : 24476
Hits Today : 2549
Total Hits : 4154832
Who's Online : 1

technology

High-tech, high-risk ?

Car theft rises as thieves circumvent modern security

Mo money mo problems , lamented Biggie Smalls in 1997, unaware of the rather mundane application the predicament would have some 20 years on in Britain s automotive industry . But it turns out he was really rather prescient; UK motorists have become increasingly at risk of car theft, as unconventional security systems on high-tech vehicles are vulnerable to new avenues of compromisation. Police data has revealed a 30% increase in car theft over the past three years, a trend they attribute in part to canny thieves capacity to bypass modern security systems in cars .

Indeed, police footage1 emerged in November showing how thieves were able to steal cars without the need for keys, a feat which becomes increasingly problematic as the demand for keyless-type vehicles continues its onward march. Over the past few years, cars have not been omitted from the digital revolution, with many manufacturers eschewing traditional metal keys for a push button fob . Ostensibly a more convenient means of security, the new technology opens up different types of criminality . Speaking to Sky News2, Steve Launchbury of Thatcham Research explains, When you have keyless-type vehicles where you physically just press a button and walk away, you ve got the risk now of the signal being captured . The problem, although of the First World variety, isn t negligible; reports of car theft to 40 police forces in England and Wales rose from 65,783 in 2013 to 85,688 in 2016 . The bulk of these were situated in the capital, with 26,496 cars reported stolen to the Metropolitan Police. How can we bolster defences against the onslaught of vehicular theft ? In an age of fingerprint sensors and facial recognition, the answer is comfortingly old school; the RAC recommends a return to more traditional means of security, including some rumination on where to park your car ideally a well-lit location in an area not known for criminal activity . Concealing your valuables that old chestnut still serves as a powerful disincentive for criminals looking to break into a car.

In an amusingly kitschy turn of events, security professionals have also advised a nod to the 80s with a revived use of the tangible security lock . Clunky, awkward and inelegant, the devices are thought to provide a robust visual and physical deterrent . Which, in an age of fancy gadgets and seemingly boundless tech, feels terribly salt-of-the-earth, albeit a bit of a pain .

High-tech vehicle owners, you have been warned.

References

  1. ^ police footage (news.sky.com)
  2. ^ Sky News (news.sky.com)

Security – ComputerworldUK

What does 2018 have in store for cyber security, and could it possibly be worse than this year?

Share

Facebook

LinkedIn

Google Plus

There are only a couple of near-certainties for cybersecurity in 2018: that the market will continue to be buoyant and that attacks will become more sophisticated. Gartner predicts worldwide security spending will reach $96 billion in 2018, up eight percent from this year good news for the cyber security industrial complex1. It s easy to see why.

If any year can lay claim to be the one where cybersecurity problems really entered mainstream discourse, 2017 is a good candidate. The year got started with a hangover from 2016 that suggested Russian interference in the run-up to America s election, and possible interference in the Brexit vote from coordinated astroturfing campaigns on social media and forums. That wheel kept turning and now state sponsored has become something of a synonym, whether correctly or not, for Russia with businesses now trashing Kaspersky contracts based on allegations against the vendor.

‘); insertAd($(‘#’+divId), ‘sharethrough’); } } //editorial units var articleIndex = 0; for(; i ‘ + ”+article.headline // + ” +”; //articleHtml.replace(”,(article.isSponsored ? ” : ”) ); listEl.append(‘

  • ‘+articleHtml+’
  • ‘); articleIndex++; } listEl.show();//show unit });//country check });

    Now, in the UK banks will have to report data breaches and incidents or risk fines, and with GDPR coming into effect on 25 May next year, the complex security landscape will be something organisations of all sizes will have to pay close attention to. In an increasingly connected world, where the chaos of so many different events and actors, nations, businesses, consumers and markets, legitimate or illegitimate, it s naturally tough to chart where things might be headed without resorting to educated guesswork . So read on for just that: where we see cybersecurity going in 2018.

    Rogue AI

    We don t necessarily predict that 2018 is going to be the year the kill-all-humans trope2 comes to life . But UK cybersecurity vendor Darktrace, which uses machine learning to proactively hunt threats, is deeply concerned that if the good guys are looking at using AI, there s a good chance hackers will be too. Although truly AI-augmented malware has not yet been seen in the wild, director of cyber analysis at Darktrace Andrew Tsonchev told Computerworld UK3 that it s not beyond imagination to think of sophisticated phishing tools that use machine learning to better target individuals or businesses.

    “This is something we are super focused on it’s what we do and we’re very aware of the benefits, so we are very worried about the stage when there is widespread access and adoption of AI-enabled malware and toolkits for attackers to use,” explained Tsonchev.

    “That is because by and large, applications of AI unlock decision-making, and that is what human-driven attacks do .

    You have an attacker in a network, on a keyboard, and they can case the joint . They can see what the weak points are . They can adapt the attack path they follow to the particular environment they find themselves in, that’s why they’re hard to detect.

    ‘); insertAd($(‘#’+divId), ‘sharethrough’); } } //editorial units var articleIndex = 0; for(; i ‘ + ”+article.headline // + ” +”; //articleHtml.replace(”,(article.isSponsored ? ” : ”) ); listEl.append(‘

  • ‘+articleHtml+’
  • ‘); articleIndex++; } listEl.show();//show unit });//country check });

    “We’re very worried about malware that does that: malware that uses machine learning classifiers to land and observe the network and see what it can do.”

    Director of technology for Darktrace Dave Palmer adds that automation will add a new layer of complexity to ransomware, spearphishing and IoT-based attacks.

    These attacks won t discriminate . Merely participating in a national economy now appears to be sufficient to make an organisation vulnerable, Palmer says . No company is out of scope for malicious intent, even if they think they have nothing worth stealing. McAfee, meanwhile, agrees that 2018 will see ransomware attacks augmented with AI and that security companies and hackers will be locked in a machine learning arms race where attackers and vendors try to outdo one another.

    Attacks on critical systems, cyber warfare

    Recent attacks in eastern Europe and in particular, Ukraine appear to have been something of a test-bed4 for wider attacks on critical systems and power grids . So far most cyber attacks seem to be financially motivated, but if something can be weaponised, there s every chance that it will. This year our sister site Techworld talked with Martin Libicki5, professor, researcher and author for Atlanticist think tank the Rand Corporation . Libicki explained that although the Tallinn Manual provided a loose policy framework for stringing together the establishing of norms in acts of cyber warfare, it s probably more useful to examine the behaviour of the country that arguably led the way in cyber warfare the USA.

    Its coordinated attack against Iran s nuclear centrifuges with Stuxnet showed that although a country technically takes notice of international laws on warfare, there is a lot of room for interpretation.

    Modern warfare has changed, said Rick McElroy, security adviser for Carbon Black and an ex-Marine . We re really at a point from a nation-state actor perspective where we need to have a discussion . What is a cyber weapon ? When does a cyber attack become a physical attack that involves life, and infrastructure, and money ? What is the definition of that?

    The precursor to any modern warfare is cyber warfare, McElroy added . Look at anybody s playbook: the US wrote it, everybody else has just adopted it, how much of this is intelligence gathering to do physical attacks ? How much of it is intelligence gathering to get the upper hand on the other nation?

    Nationally critical infrastructure often tends to be out of date and frequently under-funded or otherwise plagued by systemic problems (old hardware, lack of talent, long-lasting design faults see the American nuclear agency that had to FedEx around a wrench for 450 nuclear missiles6). Britain upgraded cybersecurity threats to a tier one threat this year . The upcoming NIS Directive set to be in place by May 2018 to complement GDPR will specifically include infrastructure organisations as liable to fines if they had not taken sufficient steps to prevent attacks.

    The fact that NIS is making organisations think about these dangers is important but these thoughts have to be matched with the right action, says Huntsman CEO Peter Woollacott . When connections were entirely physical, it was relatively simple to prevent and stop attacks . In the online world, this is nowhere near enough.

    Ronald Sens of A10 Networks estimates that vulnerabilities in industrial SCADA systems or in IoT-connected critical systems will cause physical damage in 2018 .

    Vulnerabilities in IoT devices and SCADA systems will lead to physical, not just digital, damage of some type in 2018, Sens says . Hopefully the scale of damage will limit casualties to controller components . Unlike Stuxnet and Flame targets, IoT and SCADA devices are leveraging common open-source frameworks that are easy to fingerprint and hard to patch after installation, making them prime targets.

    Data breaches

    Barely a week goes by without a high-profile victim of a data breach and we don’t expect that trend to change in 2018. Some of this year s biggest culprits include Uber which admitted to covering up an enormous breach and the record-breaking Equifax data leak that exposed 143 million customers in the US . We’ve handily rounded up the worst of them over here on Techworld7.

    Balkanisation

    While there are persisting attempts to unify international policy around data sovereignty, ownership, rules for cyber warfare, and open standards, there are also some signs8 that the threat of a balkanised internet is edging closer to reality. The reaction to allegations that Kaspersky Labs antivirus software was being used for espionage has led to public bodies uninstalling the software, retailers stripping its software from shelves, and a retraction by Barclays bank that previously saw it offer the software to customers for free9. Similarly, Box CEO Aaron Levie has previously warned of a balkanised cloud10 where the interests of national governments meddle with the interests of using or running public cloud . For example, AWS recently boasted11 of a mega-deal with US three-letter spy agencies called AWS Secret Region, and Computerworld UK has heard from Chinese companies that prefer building their own private clouds so they can have ownership over the full stack12.

    While it s not a security trend per se more of a policy trend, really it is something that businesses will have to grapple with, as international tensions seem to be heating up.

    Organisation

    Financially motivated hacking groups have become increasingly organised over the years: just as many white collar workers in the western world go to their offices, the same is true of hackers in countries with more lax laws about cybersecurity.

    The biggest danger facing enterprises in 2018 is organised threat actors, comments Jay Coley, senior director of security services for Akamai the company that claims to be the world s biggest data aggregator after the NSA .

    2017 showed us that businesses are facing criminal organisations, hackers backed by competitors and even nation states.

    We ve long suspected this would be the case, but it s becoming increasingly clear that the level of sophistication and tenacity shown by these attackers is far beyond the opportunistic hacking many enterprises are currently prepared to defend against.

    Because attribution is so hard and proving who the attackers are is nearly impossible for most organisations, the hacks will be more brazen as the year goes by.

    Kaspersky Lab unearthed a cyber-heist13 that allowed hackers to take full control of a bank for as long as six hours, a complex operation that saw the attackers hijack the domain of the bank with preparations underway for five months. Finance is far and away the biggest motivator for the majority of cyber security incidents, with big-name institutions like FedEx and Reckitt Benckiser having their bottom lines impacted by the NotPetya encrypting ransomware . It s estimated that cyber crime hit the global economy for as much as $450 billion14 in 2016. WannaCry and NotPetya wrought havoc to businesses everywhere, and while they will hopefully serve as wake-up calls for companies large and small, infosec is full of surprises and businesses can only do their best to mitigate.

    More stolen cyber weapons

    The group that calls itself the Shadow Brokers which first emerged in 2016 was responsible for leaking tools that belonged to the NSA . These leaks were transformed into the WannaCry and NotPetya ransomware attacks, with the group promising more leaks to come, and were described by the New York Times15 as having shaken the NSA to the core.

    Bad government

    Britain in particular is working extremely hard to undermine encryption in general, labelling it as a threat to national security . The problem seems to be that all the politicians trying to break encryption don t really understand it or why it s important see prime minister Theresa May16 and especially Amber Rudd17 and 2018 will likely be no exception.

    Compliance and humans being human

    Frankly one of the biggest challenges any organisation faces is staff who might be lacking in security training white-hat pen-testers will often scope out their targets and play on human psychology to gain access to server rooms or cyber-physical systems. Take a look at these real-life nightmare scenarios outlined by Verizon when investigating Payment Card Industry Data Security Standards18 among the most stringent privacy and security standards in the world.

    Examples include an unprotected connected fish tank siphoning off data to an unknown location, an (unnamed) airforce that was leaking information through one of its printers, and a dodgy server room hosted in an apartment bathroom in Mexico. Of course, the famous General Data Protection Regulation (GDPR) is coming into force in May 2018 and this will provide organisations of all sizes with compliance challenges. Plus, companies will have to report any data breaches quickly or risk hefty fines a tricky hurdle to leap considering many businesses have been unaware that a breach had occurred, or the severity of a breach, until stumbling upon them by chance, being informed by security researchers, and carrying out complex internal forensic investigations.

    Biometric hacking

    Biometric verification, like the new iPhone X Face ID feature, is likely to continue to see traction in consumer tech, but also in the enterprise. Financial services companies have already experimented with biometric authentication for customers, including a partnership between Lloyds and Microsoft to explore fingerprint and facial recognition through Windows Hello on Windows 10. Jesper Frederiksen, UK GM of identity management provider Okta predicts that within enterprise environments, biometrics will not completely replace passwords in the immediate future, but they will provide a supporting security layer as part of a multi-factor authentication model.”

    In the financial services sector specifically he says it “has already experimented with biometrics for regulating access to certain services . Major banks have incorporated tools such as voice and fingerprint recognition as an additional security measure to ensure that only the correct party receives access, protecting against bad actors.”

    Skills shortage

    Security specialists are in high demand and a report from the Recruitment and Employment Confederation suggests this is going to lead to a boom in salaries .

    Businesses reported that in eight out of the last nine months security roles were tricky to fill, and most companies surveyed agreed that the UK workforce will likely fall short for demand . Almost all recruiters believe cyber security wages will soar accordingly. And a study at the start of the year suggested the skills gap could actually damage British businesses .

    Recruitment website Indeed s Mariano Mamertino said19: The problem is fast approaching crisis point and British businesses will inevitably be put at risk if they can t find the expertise they need to mitigate the threat.

    Find your next job with computerworld UK jobs20

    References

    1. ^ good news for the cyber security industrial complex (www.technologyreview.com)
    2. ^ kill-all-humans trope (tvtropes.org)
    3. ^ Andrew Tsonchev told Computerworld UK (www.computerworlduk.com)
    4. ^ something of a test-bed (www.wired.com)
    5. ^ Techworld talked with Martin Libicki (www.techworld.com)
    6. ^ had to FedEx around a wrench for 450 nuclear missiles (kdvr.com)
    7. ^ handily rounded up the worst of them over here on Techworld (www.techworld.com)
    8. ^ some signs (www.theregister.co.uk)
    9. ^ the software to customers for free (www.theregister.co.uk)
    10. ^ balkanised cloud (www.computerworlduk.com)
    11. ^ recently boasted (aws.amazon.com)
    12. ^ Computerworld UK has heard from Chinese companies that prefer building their own private clouds so they can have ownership over the full stack (www.computerworlduk.com)
    13. ^ Kaspersky Lab unearthed a cyber-heist (www.infoworld.com)
    14. ^ $450 billion (www.cnbc.com)
    15. ^ the New York Times (www.nytimes.com)
    16. ^ prime minister Theresa May (www.independent.co.uk)
    17. ^ especially Amber Rudd (www.computerworlduk.com)
    18. ^ these real-life nightmare scenarios outlined by Verizon when investigating Payment Card Industry Data Security Standards (www.computerworlduk.com)
    19. ^ said (www.independent.co.uk)
    20. ^ Jobs on computerworld UK (www.computerworlduk.com)

    Security alert sparked in west Belfast on Christmas Eve

    Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph) Police and ATO at scene of a security alert in the Islandbawn Drive area of west Belfast following discovery of suspicious object on December 24th 2017 (Photo by Kevin Scott / Belfast Telegraph)

    • Security alert sparked in west Belfast on Christmas Eve – homes evacuated

      BelfastTelegraph.co.uk

      A security alert has been sparked in west Belfast following the discovery of a suspicious object. https://www.belfasttelegraph.co.uk/news/northern-ireland/security-alert-sparked-in-west-belfast-on-christmas-eve-homes-evacuated-36435614.html

      https://www.belfasttelegraph.co.uk/incoming/article36435623.ece/c6ace/AUTOCROP/h342/security-alert-west-belfast-001.jpg

    • Email1

    A security alert has been sparked in west Belfast following the discovery of a suspicious object. Police are at the alert at Islandbawn Drive which was sparked on Sunday night.

    A number of homes have been evacuated. The Falls Road is closed at Islandbawn Drive and diversions in place. There are heavy traffic tailbacks and the PSNI has advised people to avoid the area if possible.

    Sinn Fein MP Paul Maskey said St Paul’s Parish Centre has been opened for residents. He told the Belfast Telegraph: “First of all it’s a suspicious device found in the street and whoever left that there I want to condemn outright and especially on Christmas Eve.

    “It is a small street and thankfully there are only a small number of homes on it.

    “But there has been a number of people asked to leave their homes because of the potential danger.

    “I hope that the security operation is resolved as soon as possible to allow people back in to their homes and to allow people the freedom to go about on Christmas Eve.”

    SDLP councillor Tim Attwood said the alert was causing “chaos” for families. He said: It s unthinkable that families have been forced from their homes on Christmas Eve as police investigate a suspicious object in west Belfast.

    Homes around Islandbawn drive have been evacuated and the Falls Road has been closed as people seek to open time with their families and loved ones.

    I will continue to liaise with police in an effort to ensure that the area is made safe as soon as possible so that families can return.

    Belfast Telegraph Digital

    References

    1. ^ Email (www.belfasttelegraph.co.uk)