Tag Archives: cyber security

Radware reports increase in companies targeted by nation state hackers

Radware, the provider of cyber security and application delivery solutions, has released its 2019-2020 Global Application and Network Security Report. The report finds that more than one-in-four respondents attribute attacks against their organisation to cyber warfare or nation-state activity. In 2018, 19% of organisations believed they were attacked by a nation state. That figure increased to 27% in 2019. At 36%, companies in North America were more likely to report nation state attribution.

“Nation state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero day exploits and the patience to plan and execute operations,” said Anna Convery-Pelletier, chief marketing officer at Radware. “These attacks can result in the loss of sensitive trade and technological or other data. Security teams may be at a distinct disadvantage.”

These findings come at a time of heightened anxiety for security managers. Organisations are increasingly turning to microservices, server-less architectures and a mix of multiple cloud environments. Two-in-five managers reported using a hybrid environment that included cloud and on-premises Data Centres. Two-in-five said they relied on more than one public cloud environment. However, only 10% of respondents felt that their data was more secure in public cloud environments.

NationStateHackers

As organisations adapt their network infrastructure to enjoy the benefits of these new paradigms (such as microservices and multi-cloud environments), they increase their attack surface and decrease the overall visibility into their traffic.

For example, 22% of respondents don’t even know if they were attacked, 27% of those who were attacked don’t know the hacker’s motivations, 38% are not sure whether an Internet of Things (IoT) botnet hit their networks and 46% are not sure if they suffered an encrypted DDoS attack.

Convery-Pelletier added: “This report finds that security professionals feel as though the battlefield is shifting under their feet. Companies are increasingly adding and relying upon new paradigms, which means the infrastructure is harder to monitor for attacks. These new technologies force a shift in security implementation into the development teams. Security is often an afterthought as businesses march forward, and there’s a misconception that ‘good enough’ is enough.”

In addition, the report also found the following points of note:

The emergence of 5G networks As the push for 5G grows, there exists an important opportunity to build security into networks at its foundations. Despite the increasing buzz around 5G networks, only 26% of carriers responded that they felt well prepared for 5G deployment, while another 32% stated that they were somewhat prepared

Be careful what you wish for in terms of the IoT 5G promises to advance organisations’ implementation of (and the value they derive from) IoT technologies, but that promise comes with a corresponding increase in the attack surface. When it comes to IoT-connected devices, 44% of respondents said malware propagation was their top concern, while lack of visibility followed at 20% and Denial of Service at 20%

Data loss is top concern About 30% of businesses stated that data theft as a result of a breach was their top concern following an attack, which is down from 35% the previous year, followed by service outages at 23%. Meanwhile, 33% said that financial gain is a leading motivation for attacks

Leave a comment

Filed under Risk Xtra

Hanwha Techwin focuses on Top 5 Video Surveillance Trends for 2020

Hanwha Techwin, the supplier of IP and analogue video surveillance solutions, has put forward its Top 5 key trend predictions for the security industry in 2020. These include Artificial Intelligence end-to-end security solutions, cyber security, cloud-based data insights, privacy protection and vertical specialised solutions.

Artificial Intelligence End-to-End Security Solutions

As Artificial Intelligence becomes more broadly adopted across industries, it’s likely to be more widely incorporated in video surveillance in the upcoming year. Edge-based Artificial Intelligence (which filters and processes data locally on a camera) will be more ubiquitous, enabling end-to-end Artificial Intelligence technology.

Today, most security cameras send the data they collect to servers to be analysed. However, with edge-based Artificial Intelligence, the data is first analysed by the camera and subsequently sent to the server. This reduces the burden of transferring and storing large amounts of data to a server, thereby increasing efficiency, saving time and reducing server costs typically required to analyse data.

HanwhaTechwinSurveillanceTrends2020

In 2020, Hanwha Techwin will introduce edge-based Artificial Intelligence cameras, as well as Artificial Intelligence-powered NVRs and VMS so as to bring to market end-to-end (camera to storage server and VMS) Artificial Intelligence security solutions.

Cyber Security

With Internet of Things (IoT) devices becoming ubiquitous, the importance of cyber security has never been more prominent that it is today. Today’s cyber attacks are more intelligent and advanced than ever before, so building cyber-resilient security systems is no longer an option, but an imperative.

Smart Cities, factories, financial institutions and retailers require scaleable video surveillance solutions which are closely interconnected with other devices and networks, making the importance of cyber security paramount.

Strong cyber security has always been Hanwha Techwin’s priority and the company has been refining its technology to suit ince the beginning. The soon-to-be released Wisenet 7, the newest version of Hanwha Techwin’s own System on Chip, has been designed with the strongest cyber security features including a secure booting function and signed firmware for both software and hardware. Validated by the UL Cyber Security Assurance Program certification, Wisenet 7 ensures that end users have access to the industry’s most advanced cyber security features.

Cloud–Based Data Insight

According to IDC, the provider of IT-focused market intelligence, there will be about 175 zettabytes of data in the world by the year 2025, with much of it stored in the cloud and Data Centres around the world. At the same time, video surveillance solutions will go far beyond functioning as a simple monitoring tool to become an indispensable aid to organisations by providing useful insights that improve business operations.

The importance of accessible cloud-based servers that can easily store and analyse the accumulated data will also increase. Going beyond being an efficient storage repository, sophisticated analytics will use cloud processing to analyse the stored data and provide practical and timely insights. 

In 2020, Hanwha Techwin will introduce cloud-based solutions beginning with the Device Health Monitoring Cloud, which will monitor and manage video surveillance devices in real-time. The company will also introduce Retail Insight Cloud which is designed to facilitate store management.

Privacy Protection

Together with cyber security, Hanwha Techwin believes that the protection of personal data should be integral to the business ethics of a video surveillance company. By its very nature, the video data that’s collected for security purposes almost always contains private information. Therefore, protecting surveillance data is imperative.

Around the world, privacy protection laws are being introduced, such as the General Data Protection Regulation (GDPR) in Europe and the Federal Information Security Management Act in the US. The California Consumer Privacy Act is also set to come into effect in January 2020.

These laws will force the video surveillance industry to follow ‘privacy by design’ Best Practice and renew all efforts designed to protect personal data from misuse and abuse. Organisations are increasingly aware of the dangers of private data breaches and they’re becoming more discerning when choosing security products and solutions.

Hanwha Techwin provides a solution with Video Privacy Management technology and has released its Smart Cover of Privacy line-up to comply with the GDPR globally.

Vertical Specialised Solutions

Vertical markets in the security industry are increasingly requiring more specialised devices and solutions that meet unique requirements. With the emergence of the fourth industrial revolution, the presence of smart verticals will be more prominent and video surveillance companies must be ready to provide solutions for Smart Cities, factories, transportation and retail organisations.

SoonHongAhnHanwhaTechwin

Soon Hong Ahn

Hanwha Techwin already provides products for these verticals and plans to expand its line-up of specialised solutions in the very near future to include asset management solutions with IoT technology.

“Advancement in technologies such as Artificial Intelligence, the IoT and the cloud will support new use cases in conjunction with existing devices and solutions to meet customers’ needs in various verticals, expanding the horizon of our industry,” said Hanwha Techwin’s president and CEO Soon Hong Ahn. “However, we must also be mindful of the social and ethical responsibility related to areas such as cyber security and private data protection. Sustained interest and investment in these areas must be regarded as an obligation to make sure our industry continues to thrive in the midst of rapid technological advancements.”

Leave a comment

Filed under Risk Xtra

BlackBerry Cylance outlines cyber security predictions for 2020

Josh Lemos, vice-president of research and intelligence at BlackBerry Cylance, has put forward some predictions on cyber security trends for 2020 that will impact Governments and companies across a variety of industry sectors.

(1) Uncommon attack techniques will emerge in common software

Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent research at BlackBerry found malicious payloads residing in WAV audio files, which have been used for decades and categorised as benign.

Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways in which to secure less commonly weaponised file formats, like JPEG, PNG and GIF, etc without hindering users as they navigate the modern computing platforms.

BlackBerryCylance2020Predictions

(2) Changing network topologies challenge traditional assumptions and require new security models

Network-based threats that can compromise the availability and integrity of 5G networks will push Governments and enterprises alike to adopt cyber security strategies as they implement the 5G spectrum. As cities, towns and Government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as the expansion of bandwidth that 5G requires inevitably creates a larger attack surface.

Governments and enterprises will need to retool their network, device and application security. We will see many lean towards a zero-trust approach for identity and authorisation on a 5G network.

Threat detection and threat intelligence will need to be driven by Artificial Intelligence and machine learning to keep up.

(3) 2020 will see more cyber-physical convergence

As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and the physical will officially converge. This is evident given the recent software bug in an Ohio power plant that affected hospitals, police departments, subway systems and more in both the US and Canada.

Attacks on Internet of Things (IoT) devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape.

Cyber security will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it. 

(4) State and state-sponsored cyber groups alike are the new proxy for international relations

Cyber espionage has been going on since the introduction of the Internet, with Russia, China, Iran and North Korea seen as major players. In 2020, we will see a new set of countries using the same tactics, techniques and procedures as these superpowers operate against rivals both inside and outside of national borders.

Mobile cyber espionage will also become a more common threat vector as mobile users are a significant attack vector for organisations that allow employees to use personal devices on company networks.

We will see threat actors perform cross-platform campaigns that leverage both mobile and traditional desktop malware. Recent research discovered nation state-based mobile cyber espionage activity across ‘The Big 4’, as well as in Vietnam. There’s likely to be more attacks coming in the future. This will create more complexity for Governments and enterprises as they try to attribute these attacks, with more actors and more endpoints in play at a larger scale.

Leave a comment

Filed under Risk Xtra

Synectics to highlight value of ethical surveillance tools at Global MSC Security Conference 2019

This year’s Global MSC Security Conference and Exhibition, which runs at The Bristol Hotel in Bristol on 11-12 November, will see Synectics explain how advanced technologies and evolving features can support those practitioners tasked with ensuring that public surveillance is undertaken legally and ethically.  

Over 150 delegates from the fields of security, law enforcement, Government and academia are due to attend the two-day event, which will focus on the ethical challenges presented by the growing use of CCTV, ANPR, drones, facial recognition and Artificial Intelligence (AI) within the public realm. Risk Xtra is the Official Media Partner.

Speakers include Tony Porter, the UK’s Surveillance Camera Commissioner, who’ll be joined by senior representatives from police forces, Fire and Rescue Services and other organisations focused on public safety, crime prevention and national security.

SynecticsSynergy3

‘Building Ethical Capacity into Surveillance Technology’

Synectics’ Martin Bonfield joins the event line-up. His detailed seminar will highlight how public concerns regarding surveillance ‒ especially those around the use of emerging technologies such as facial recognition and AI ‒ are shown to be greatly reduced if robust and demonstrable safeguards are in operation.

Those attending the session will gain a clear understanding of the tools available to help ensure that any public surveillance data can be captured, managed and shared in accordance with existing and evolving demands. 

The session will look specifically at solutions designed to support users in four key areas: the use of facial recognition, regulatory compliance (with, for example, the General Data Protection Regulation), data protection (cyber security) and evidence management.

Under the spotlight

To showcase emerging capabilities, Synectics will be demonstrating how its Synergy 3 Command and Control platform supports a wide range of safeguarding and compliance mechanisms, including comprehensive digital audit trails, automated workflows aligned to standard operating procedures and time-limited data storage.

The role played by highly secure, cloud-based evidence lockers ‒ which support secure, real-time authorised access to data ‒ will also be discussed, specifically in the context of inter-agency data-sharing.

MartinBonfieldSynectics

Martin Bonfield

Bonfield informed Risk Xtra: “Synectics has been at the forefront of global surveillance solutions for over 30 years. We work closely with customers to tackle the complex issue of ethics surrounding CCTV use, data capture and monitoring, as well as the robust management of digital evidence. I’m looking forward to showing delegates examples of the smart technology available to ensure surveillance operations are effective, secure and compliant with legal and ethical frameworks – today, and years from now.”

As a premium sponsor, Synectics (exhibiting on Stand 15) will be showcasing its leading-edge technologies. Live demonstrations will run throughout the event to demonstrate how the tools explored in the seminar can be applied within a range of practical evidence management and incident response scenarios.

Leave a comment

Filed under Risk Xtra

IDIS Global Partners Summit highlights developments in analytics and end-to-end solutions for strategic markets

The latest advances in video analytics – including improved classification, accuracy and speed – were unveiled at a Global Partners Summit of international security and video surveillance professionals hosted by IDIS in Seoul, South Korea.

The three-day event, attended by senior executives from leading security distributors from 23 countries, focused on how IDIS is responding to market trends and needs, developing end-to-end solutions (including specialist technologies for a range of vertical markets) and pushing forward with improvements to the IDIS Deep Learning Engine, the technology which powers the company’s ‘AI in the Box’ and IDIS Deep Learning Analytics solutions for end users.

Earlier this year, IDLA Version 3.0 was introduced as a service module for up to 80 channels within the IDIS Solution Suite VMS and it set new performance benchmarks by achieving an accuracy of 97%-98% while dramatically reducing false alarms. Responding to customer demand for easier, more affordable analytics for smaller applications, IDIS also launched its aforementioned DV-2116 ‘AI in the Box’ solution.

IDISGPS2019

Delegates learned of future enhancements in meta-data searching by class, colour and number, plus the ability to search a specific area of interest. People counting, fall detection and the ability to search by the direction of an object’s movement were also previewed and delegates received advanced notice of a new range of AI-ready 5 MP cameras, featuring deep learning on-the-edge analytics, due for release next year.

Technology roadmap for 2020

The Global Partners Summit also previewed IDIS’ ambitious video product and technology roadmap for 2020, further building out the company’s end-to-end solutions for core vertical market sectors.

Innovations in recording and camera technology, and the growing importance of cyber security, extended warranties and the advantages of delivering lower total cost of ownership and lower total cost to serve for systems integrators and installers were among key topics discussed at the event.

IDIS works closely with its partners and hosts the annual Global Partners Summit as an opportunity to exchange market insights and steer its strategies for product development, technical support and marketing.

Partners shared Best Practice implementations and related Case Studies in core vertical markets including retail, education, logistics and distribution and hotels.

Awards for Best Practice

Joon Jun, president of the IDIS Global Business Division, recognised outstanding project implementations and presented special awards for Best Practice to Alarm Automatika from Croatia and BTCO of Chile.

IDISGPSAwards

This collaborative approach, focusing on long-term partnerships, is a key element in the company’s success. It’s a customer-focused model that has seen IDIS grow continuously since 1997 to become Korea’s largest in-country video surveillance manufacturer, with regional operations now expanding across 50-plus countries.

Concluding the Global Partners Summit, special partner awards were presented by YD Kim, CEO of IDIS, recognising outstanding collaboration and sales growth over the last year. These were given to Alarm Automatica of Croatia, CCTV Center from Spain, EPCOM of Mexico, JES CQTEC of Thailand and Japan’s Secure Inc.

JoonJunIDIS

Joon Jun

“The expertise, energy and commitment from all our partners at this year’s Global Partners Summit demonstrates yet again that collaboration is that the best route to success,” said Joon Jun. “Together, we’re giving our customers the most advanced video surveillance solutions, ease-of-use and installation, scaleability and protection against today’s cyber security risks.”

Leave a comment

Filed under Risk Xtra

Milestone Systems introduces centralised Search feature in capability enhancement for XProtect

In the latest product update of Milestone XProtect 2019 R3 VMS, Milestone Systems has introduced several new features and capabilities. These include centralised Search, a new driver framework, adaptive streaming and enhanced device password management.

With this product update, Milestone Systems highlights that the business is continuing to pursue ever-higher performing software to fulfil the market’s rising demands for cost-effective video technology solutions.

One of the main features of the 2019 R3 release is Search. This is a new centralised search platform in XProtect Smart Client that makes it possible for end users to search for everything in one place. Previously, end users performed several standalone searches, depending on what data they were searching for. With the new Search tool, users can search for motion, alarms, events, bookmarks and other types of data in one single place enabling rapid and efficient video investigations.

R3 image

Moreover, the new Search platform also smoothly embeds partner integrations and their powerful analytic capabilities via dedicated filtering options. Through specific plug-ins and devices, search criteria such as line-crossing and object-in-field will be enabled directly in the Search Tab, saving time and increasing efficiency.

Milestone Systems provides customers with support for more than 8,000 cameras and devices. In order to allow XProtect device support to grow exponentially with the number of devices in the market, and to provide support for new types of devices such as the Internet of Things, the company has introduced its Driver Framework. Within the Milestone Integration Platform Software Development Kit, this allows device manufacturers to develop their own drivers and provide faster device compatibility and deeper integration that goes beyond the capabilities of ONVIF.

This new feature will enable end users to receive lower resolution streams from the recording server when a high resolution one isn’t required (for example, when displaying video in the smart client or smart wall in window sizes smaller than a full screen). This will give users smoother viewing and a better user experience, a lower total cost of ownership due to less hardware being needed to decode unnecessary high-resolution video and a better use of bandwidth that can then be employed for other requirements within the organisation.

The new Device Password Management continues XProtect’s focus on ease of use and enhanced cyber security during set-up of new installations, as well as when expanding existing ones. This feature makes it possible for system administrators to manage all devices’ passwords directly from the XProtect Management Client for selected device manufacturers.

In the 2019 R3 update, Milestone Systems has doubled the number of supported device manufacturers and added the option to schedule future password changes according to the cadence in given organisations and their password policies, in turn making device password management fully automatic.

Leave a comment

Filed under Risk Xtra

iProov Study: UK public “overwhelmingly unaware” of deepfake threat

A nationwide study conducted by biometric facial authentication specialist iProov has revealed a sheer lack of awareness and education around deepfake technology among the UK public, with almost three-quarters (72%) of respondents saying they’ve never even heard of a deepfake video.  

Deepfake is a technique for human image synthesis based on Artificial Intelligence. It’s used to combine and superimpose existing images and videos on to source images or videos using a machine learning technique known as generative adversarial network. Due to these capabilities, deepfakes have been used to create fake videos. Deepfakes can also be used to create fake news and malicious hoaxes.

The research polled 2,000 respondents across the UK to reveal their attitudes towards (and understanding of) deepfake technology. The results highlight a need for awareness and education on the impact of deepfakes which, if not addressed, will have huge implications on personal and professional security.

Commenting on the findings, Andrew Bud (founder and CEO at iProov) said: “Awareness is the first defence against any cyber security threat, as we’ve already seen with attacks like phishing and ransomware. Deepfakes, however, represent a whole new kind of danger to businesses and individuals. Technology also has a big role to play in combating the threat, yet if the vast majority of people in the UK have such little awareness of deepfakes right now, they simply cannot begin to prepare themselves as they need to.”

Deepfake

Underlying societal threat 

Until recently, deepfakes were a nascent concept. Today, the technology behind deepfakes is threatening to undermine the notion of trust in moving images and is becoming increasingly accessible – be it through the creation of fake news or spoofing the identity checks required to log into a bank account.

However, the research has revealed members of the public to be largely unaware of the threats. Even once respondents were provided with the definition of a deepfake video, almost a third (28%) said they believed them to be completely harmless. More than two-thirds of respondents (70%) confessed they didn’t believe they would be able to tell the difference between a deepfake and a real video.

Detecting fraudulent identities

Interestingly, once those surveyed were provided with a definition of a deepfake video, they began to recognise the technology’s mounting threat. In fact, just under two-thirds (65%) of people said that their newfound knowledge of the existence of deepfakes undermined their trust in the Internet.

Notably, consumers went on to cite identity theft as the biggest concern (42%) for how they believed deepfake technology could be misused. Almost three-quarters (72%) of respondents also said they would be far more likely to use an online service with preventative measures in place to mitigate the use of deepfakes.

Despite the security implications of the specific concerns raised surrounding identity theft, more than half of all respondents (55%) surprisingly called out social networks as the party most responsible for dealing with deepfake synthetic videos.

Bud added: “Taking the fight to this new wave of fraud means that security measures in this new post-truth era simply have to be as creative, sophisticated and fast-moving as the fraudsters. While the adoption of biometric technology to crack down on deepfakes is growing among financial institutions, Governments and large-scale enterprises, the challenge ahead lies in the effective detection of a genuine human presence. It’s a challenge that should not be underestimated.”

Leave a comment

Filed under Risk Xtra