ICD Brief 63.
The emergence of The Internet of Things with its vulnerabilities and innovations concerns both government and industry. To date, there is progress but no overarching standard or legislation to manage known IoT vulnerabilities in manufacturing, utilities, transportation, finance and health sector devices.
This week’s highlights include details of the Uber Hack, the EU ENISA’s report on security of IoTs, Europol’s report on crime and cybersecurity, news of Singapore and China, Germany and smartwatches and a new website for vigilantes in China.
“More healthcare organizations are implementing connected medical devices and are moving storage and backup options to the cloud. However, healthcare technology leaders are greatly concerned over IoT security with connected devices, according to recent research from ISACA that found only half of organizations say their leaders are digitally literate.
Seventy-one percent of surveyed business technology professionals in healthcare said there is some resistance to IoT. This is likely because that is a sector that suffered from a data breach with IoT devices, researchers explained.”
“Uber concealed a massive global breach of the personal information of 57 million customers and drivers in October 2016, failing to notify the individuals and regulators, the company acknowledged on Tuesday. Uber also confirmed it had paid the hackers responsible $100,000 to delete the data and keep the breach quiet, which was first reported by Bloomberg.”
“Amazon’s cloud storage unit announced Monday that it is releasing a new service called the Amazon Web Services Secret Region, a cloud storage service designed to handle classified information for U.S. spy agencies.”
“Cybersecurity professionals have warned for years that IoT presents potential safety and privacy concerns for consumers. Now there are widening concerns regarding the risk to US defense facilities.”
“USA Automotive Cyber Security Market 2017 Research Report does a complete analysis of the parent market to understand USA Automotive Cyber Security Market dynamics and USA Automotive Cyber Security Market share. A complete study of Automotive Cyber Security based on former, present and forecast market analysis is carried out to provide Automotive Cyber Security size and growth.”
“United States-headquartered cyber security player, WhiteHawk, has opened up its proposed $4 million public offer to prospective investors in its ongoing effort to list on the Australian Securities Exchange (ASX).”
“China launched a new website this week where citizens can report leaks and fake news about the military. The move is consistent with China’s internet censorship laws, which are some of the strictest in the world. Chinese state media reported the website, China Army Network Report Platform, “accepts tip-offs about people who pretend to be military personnel on social media, malicious posts about the People’s Liberation Army, or leaks of potentially classified information.”
“The Singapore Government launched in China on Friday (Nov 24) the first overseas initiative under the Global Innovation Alliance (GIA), a network to promote entrepreneurship and innovation with a focus on technology. The GIA (Beijing) initiative will see IE Singapore create launch pads for Singapore firms to connect with the business community in China, and let both sides benefit from the innovative ideas springing from their respective start-up scenes.”
“The EU Cybersecurity Agency ENISA published a report on the security of the Internet of Things (IoT). The study aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.”
“Rob Wainwright, executive director at Europol, explains how cyber has transformed criminal activity. Speaking at CFC Underwriting’s 2017 London Market Cyber Symposium, Wainwright said: ‘So much of what we do is reactive and we need to be better at predicting what will happen.’”
“Insurers across Europe should standardise the language they use in cyber insurance policies to build trust in those products, an EU cybersecurity agency has said.”
A German regulator has banned domestic sales of children’s smartwatches that have a listening function — warning that parents have been using the devices to secretly eavesdrop on teachers at their kids’ school.
In an announcement on Friday, the Federal Network Agency telecoms watchdog said it had already taken action against some online sellers. The target group for the smartwatches are children between the ages of 5 and 12 years.
“A demonstration of how seriously India is taking cyber-security is that the country’s Prime Minister Narendra Modi delivered the keynote speech at the Global Conference on Cyberspace (GCCS) 2017, held 23-24 November in New Delhi, India.”
“Israeli IoT cybersecurity company SCADAfence announced today that it had closed a $10 million Series A financing round. Investors include Jerusalem Venture Partners (JVP), NexStar Partners, 31Ventures Global Innovation Fund, GB-VI Growth Fund Investment Limited Partnership managed by Global Brain, iAngels and DS Strategic Partners. The investment will be used to expand the company’s R&D center in Tel Aviv and global business development teams to meet growing market demand across North America, Asia and Europe.”
“The International Telecommunications Union’s Arab Regional Cybersecurity Centre (ITU-ARCC) has opened its sixth annual conference in Muscat.”
“A high-tech business hub, Singapore continues to be a prime target for cyber-crime. Fervently rising to the cyber challenge in past months, the Government has announced significant investments in cyber security, including new training initiatives and R&D. These national efforts have not gone unnoticed: the UN recently rated Singapore’s cyber security strategy as the most comprehensive in the world. However, more can be done to strengthen our cyber resilience, as the cyber-threat landscape continues to evolve in unpredictable ways.”
“A joint consortium spearheaded by the Department for Digital, Culture, Media and Sport is seeking to entice school pupils into cyber security with a new programme that will test their potential for white-hat hacking, teach them about ethics, and eventually run special camps for nurturing cyber talent in the UK.”