Tag Archives: IoT

Radware reports increase in companies targeted by nation state hackers

Radware, the provider of cyber security and application delivery solutions, has released its 2019-2020 Global Application and Network Security Report. The report finds that more than one-in-four respondents attribute attacks against their organisation to cyber warfare or nation-state activity. In 2018, 19% of organisations believed they were attacked by a nation state. That figure increased to 27% in 2019. At 36%, companies in North America were more likely to report nation state attribution.

“Nation state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero day exploits and the patience to plan and execute operations,” said Anna Convery-Pelletier, chief marketing officer at Radware. “These attacks can result in the loss of sensitive trade and technological or other data. Security teams may be at a distinct disadvantage.”

These findings come at a time of heightened anxiety for security managers. Organisations are increasingly turning to microservices, server-less architectures and a mix of multiple cloud environments. Two-in-five managers reported using a hybrid environment that included cloud and on-premises Data Centres. Two-in-five said they relied on more than one public cloud environment. However, only 10% of respondents felt that their data was more secure in public cloud environments.

NationStateHackers

As organisations adapt their network infrastructure to enjoy the benefits of these new paradigms (such as microservices and multi-cloud environments), they increase their attack surface and decrease the overall visibility into their traffic.

For example, 22% of respondents don’t even know if they were attacked, 27% of those who were attacked don’t know the hacker’s motivations, 38% are not sure whether an Internet of Things (IoT) botnet hit their networks and 46% are not sure if they suffered an encrypted DDoS attack.

Convery-Pelletier added: “This report finds that security professionals feel as though the battlefield is shifting under their feet. Companies are increasingly adding and relying upon new paradigms, which means the infrastructure is harder to monitor for attacks. These new technologies force a shift in security implementation into the development teams. Security is often an afterthought as businesses march forward, and there’s a misconception that ‘good enough’ is enough.”

In addition, the report also found the following points of note:

The emergence of 5G networks As the push for 5G grows, there exists an important opportunity to build security into networks at its foundations. Despite the increasing buzz around 5G networks, only 26% of carriers responded that they felt well prepared for 5G deployment, while another 32% stated that they were somewhat prepared

Be careful what you wish for in terms of the IoT 5G promises to advance organisations’ implementation of (and the value they derive from) IoT technologies, but that promise comes with a corresponding increase in the attack surface. When it comes to IoT-connected devices, 44% of respondents said malware propagation was their top concern, while lack of visibility followed at 20% and Denial of Service at 20%

Data loss is top concern About 30% of businesses stated that data theft as a result of a breach was their top concern following an attack, which is down from 35% the previous year, followed by service outages at 23%. Meanwhile, 33% said that financial gain is a leading motivation for attacks

Leave a comment

Filed under Risk Xtra

Hanwha Techwin focuses on Top 5 Video Surveillance Trends for 2020

Hanwha Techwin, the supplier of IP and analogue video surveillance solutions, has put forward its Top 5 key trend predictions for the security industry in 2020. These include Artificial Intelligence end-to-end security solutions, cyber security, cloud-based data insights, privacy protection and vertical specialised solutions.

Artificial Intelligence End-to-End Security Solutions

As Artificial Intelligence becomes more broadly adopted across industries, it’s likely to be more widely incorporated in video surveillance in the upcoming year. Edge-based Artificial Intelligence (which filters and processes data locally on a camera) will be more ubiquitous, enabling end-to-end Artificial Intelligence technology.

Today, most security cameras send the data they collect to servers to be analysed. However, with edge-based Artificial Intelligence, the data is first analysed by the camera and subsequently sent to the server. This reduces the burden of transferring and storing large amounts of data to a server, thereby increasing efficiency, saving time and reducing server costs typically required to analyse data.

HanwhaTechwinSurveillanceTrends2020

In 2020, Hanwha Techwin will introduce edge-based Artificial Intelligence cameras, as well as Artificial Intelligence-powered NVRs and VMS so as to bring to market end-to-end (camera to storage server and VMS) Artificial Intelligence security solutions.

Cyber Security

With Internet of Things (IoT) devices becoming ubiquitous, the importance of cyber security has never been more prominent that it is today. Today’s cyber attacks are more intelligent and advanced than ever before, so building cyber-resilient security systems is no longer an option, but an imperative.

Smart Cities, factories, financial institutions and retailers require scaleable video surveillance solutions which are closely interconnected with other devices and networks, making the importance of cyber security paramount.

Strong cyber security has always been Hanwha Techwin’s priority and the company has been refining its technology to suit ince the beginning. The soon-to-be released Wisenet 7, the newest version of Hanwha Techwin’s own System on Chip, has been designed with the strongest cyber security features including a secure booting function and signed firmware for both software and hardware. Validated by the UL Cyber Security Assurance Program certification, Wisenet 7 ensures that end users have access to the industry’s most advanced cyber security features.

Cloud–Based Data Insight

According to IDC, the provider of IT-focused market intelligence, there will be about 175 zettabytes of data in the world by the year 2025, with much of it stored in the cloud and Data Centres around the world. At the same time, video surveillance solutions will go far beyond functioning as a simple monitoring tool to become an indispensable aid to organisations by providing useful insights that improve business operations.

The importance of accessible cloud-based servers that can easily store and analyse the accumulated data will also increase. Going beyond being an efficient storage repository, sophisticated analytics will use cloud processing to analyse the stored data and provide practical and timely insights. 

In 2020, Hanwha Techwin will introduce cloud-based solutions beginning with the Device Health Monitoring Cloud, which will monitor and manage video surveillance devices in real-time. The company will also introduce Retail Insight Cloud which is designed to facilitate store management.

Privacy Protection

Together with cyber security, Hanwha Techwin believes that the protection of personal data should be integral to the business ethics of a video surveillance company. By its very nature, the video data that’s collected for security purposes almost always contains private information. Therefore, protecting surveillance data is imperative.

Around the world, privacy protection laws are being introduced, such as the General Data Protection Regulation (GDPR) in Europe and the Federal Information Security Management Act in the US. The California Consumer Privacy Act is also set to come into effect in January 2020.

These laws will force the video surveillance industry to follow ‘privacy by design’ Best Practice and renew all efforts designed to protect personal data from misuse and abuse. Organisations are increasingly aware of the dangers of private data breaches and they’re becoming more discerning when choosing security products and solutions.

Hanwha Techwin provides a solution with Video Privacy Management technology and has released its Smart Cover of Privacy line-up to comply with the GDPR globally.

Vertical Specialised Solutions

Vertical markets in the security industry are increasingly requiring more specialised devices and solutions that meet unique requirements. With the emergence of the fourth industrial revolution, the presence of smart verticals will be more prominent and video surveillance companies must be ready to provide solutions for Smart Cities, factories, transportation and retail organisations.

SoonHongAhnHanwhaTechwin

Soon Hong Ahn

Hanwha Techwin already provides products for these verticals and plans to expand its line-up of specialised solutions in the very near future to include asset management solutions with IoT technology.

“Advancement in technologies such as Artificial Intelligence, the IoT and the cloud will support new use cases in conjunction with existing devices and solutions to meet customers’ needs in various verticals, expanding the horizon of our industry,” said Hanwha Techwin’s president and CEO Soon Hong Ahn. “However, we must also be mindful of the social and ethical responsibility related to areas such as cyber security and private data protection. Sustained interest and investment in these areas must be regarded as an obligation to make sure our industry continues to thrive in the midst of rapid technological advancements.”

Leave a comment

Filed under Risk Xtra

BlackBerry Cylance outlines cyber security predictions for 2020

Josh Lemos, vice-president of research and intelligence at BlackBerry Cylance, has put forward some predictions on cyber security trends for 2020 that will impact Governments and companies across a variety of industry sectors.

(1) Uncommon attack techniques will emerge in common software

Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent research at BlackBerry found malicious payloads residing in WAV audio files, which have been used for decades and categorised as benign.

Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways in which to secure less commonly weaponised file formats, like JPEG, PNG and GIF, etc without hindering users as they navigate the modern computing platforms.

BlackBerryCylance2020Predictions

(2) Changing network topologies challenge traditional assumptions and require new security models

Network-based threats that can compromise the availability and integrity of 5G networks will push Governments and enterprises alike to adopt cyber security strategies as they implement the 5G spectrum. As cities, towns and Government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as the expansion of bandwidth that 5G requires inevitably creates a larger attack surface.

Governments and enterprises will need to retool their network, device and application security. We will see many lean towards a zero-trust approach for identity and authorisation on a 5G network.

Threat detection and threat intelligence will need to be driven by Artificial Intelligence and machine learning to keep up.

(3) 2020 will see more cyber-physical convergence

As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and the physical will officially converge. This is evident given the recent software bug in an Ohio power plant that affected hospitals, police departments, subway systems and more in both the US and Canada.

Attacks on Internet of Things (IoT) devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape.

Cyber security will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it. 

(4) State and state-sponsored cyber groups alike are the new proxy for international relations

Cyber espionage has been going on since the introduction of the Internet, with Russia, China, Iran and North Korea seen as major players. In 2020, we will see a new set of countries using the same tactics, techniques and procedures as these superpowers operate against rivals both inside and outside of national borders.

Mobile cyber espionage will also become a more common threat vector as mobile users are a significant attack vector for organisations that allow employees to use personal devices on company networks.

We will see threat actors perform cross-platform campaigns that leverage both mobile and traditional desktop malware. Recent research discovered nation state-based mobile cyber espionage activity across ‘The Big 4’, as well as in Vietnam. There’s likely to be more attacks coming in the future. This will create more complexity for Governments and enterprises as they try to attribute these attacks, with more actors and more endpoints in play at a larger scale.

Leave a comment

Filed under Risk Xtra

All MOBOTIX IoT camera solutions integrated in Gentec’s cloud-based Stratocast VMS

MOBOTIX has taken another step towards integrating its technology within partner systems with the news that, after extensive development processes and testing procedures, all MOBOTIX Internet of Things (IoT) camera solutions have now been integrated in Gentec’s cloud-based Stratocast video management system (VMS).

VMS specialist Genetec has been one of MOBOTIX’s most important technology partners for many years now. “The integration of our camera systems in Stratocast, whose high level of cyber security is put to the test in annual stress tests and evaluations, is another milestone in the long-term co-operative relationship that exists between MOBOTIX and Genetec,” explained Hartmut Sprave, CTO at MOBOTIX.

Thomas Dieregsweiler, head of product management for MOBOTIX, added: “When we make our technology available and integrate it with other solutions, it’s paramount to us that we don’t compromise on the cyber security of our systems. Genetec and MOBOTIX speak the same language. We’re one of the world’s first camera manufacturers to successfully integrate with the Stratocast solution.”

The cloud-based Stratocast is designed for SMEs. When using Stratocast, end customers can always rest assured that their company is protected and that seamless operation is ensured. Using a PC, laptop, tablet or smart phone, Stratocast guarantees access to live videos and video recordings that are stored ‘cyber-safe’ in the cloud.

MOBOTIXGenetecIntegration

The end user themselves requires only basic computer expertise, as no computer infrastructure such as additional servers have to be installed. No maintenance or updates will be required. This makes solutions affordable and very transparent for the end user. They only pay by usage.

Stratocast allows the end user to circumvent typical server-based problems such as additional IT infrastructure or employees, lack of storage space, loss of records and unscaleable prices or functionalities.

The scope of functions provided can also be extended by using the Genetec Security Center for central monitoring. This means the cloud-based network can grow and develop according to the end user’s needs.

Successful co-operation

As is the case for MOBOTIX, cyber security and data protection are the highest priority for Genetec. For example, all communication between the on-site system and the cloud is fully-encrypted with Transport Layer Security. Genetec guarantees 99.5% availability (availability and access to video). All data is backed up three-fold in the cloud.

Genetec works exclusively with hardware and software partners who meet the highest quality standards for cyber security and data protection.

“We have integrated our technology into Stratocast’s technology over the last six months,” explained Thomas Lausten, CEO of MOBOTIX. “All test series were completed successfully. The quality of our video solutions combined with a keen focus on cyber security and our global sales network is how we became one of the first camera manufacturers to integrate our technology in the cloud-based Stratocast . It proves once again that the decentralised intelligence of our camera systems makes MOBOTIX one of the most important players on the global market.”

*For further information visit https://www.mobotix.com/en/mobotix-genetec-stratocast

Leave a comment

Filed under Risk Xtra

HID Global launches cloud platform to help create “worldwide innovation ecosystem” for connected workplaces

Trusted identity solutions specialist HID Global has announced the availability of its HID Origo cloud platform that “opens a brand new world of opportunities” for partners to create more seamless and intuitive workplace experiences built on HID’s proven access control infrastructure.

The platform combines HID’s technologies for mobile IDs (and location services in the future) with the company’s expansive access control architecture to bring together physical security and a wide range of building applications, services and Internet of Things (IoT) use cases via a unified cloud experience.

“HID Origo lays the foundation for a broad ecosystem of cloud-based access control technologies, products, services and business models that will accelerate workplace innovation,” said Hilding Arrehed, vice-president of cloud services within the Physical Access Control division at HID Global. “This solution dramatically increases our partners’ capabilities to create more connected and seamless building experiences for end users. The platform removes integration barriers between access control systems and smart building applications. We’ll continue to expand its value with capabilities that further improve how people securely move through a facility and interact with its services.”

Data Protection Security Banners

The new platform provides an app-based innovation model that delivers a comprehensive suite of integration, enablement, developer tools and services geared towards simplifying how partners and a growing community of new developers and resellers bring access control solutions to market. Rather than requiring that entire solutions be developed and enabled one customer or site at a time, HID Origo makes it possible to develop new applications and integrated solutions for HID’s complete installed base of millions of access control devices and systems all at once.

How HID Origo works

The HID Origo platform embeds cloud connections and IoT functionality as app extensions into mobile devices, HID readers and controllers, and gives developers direct access to this hardware via HID Origo application programming interfaces and software developer kits already proven through HID’s mobile access solution.

The platform also enables data analytics to be used for new capabilities, including remote reader configuration, predictive access control system maintenance and intent detection for more seamless and personalised workplace experiences.

Enabling new business models

Today, the platform enables subscription-based services, with customers already taking advantage of the model’s simplicity. Examples include a deployment by a world-leading biotechnology company who has been an early adopter of HID Origo subscription services for ordering and managing mobile ID replenishment over the air when employees lose or must replace their smart phones.

The company has replaced its traditional access control readers with 2,300 Bluetooth-enabled iCLASS SE readers to support its mixed environment of 12,000 mobile IDs and 40,000 Seos ID cards.

The subscription billing model offered through HID Origo makes it easier for the company to order and manage mobile IDs while improving forecasting, budgeting and reporting. It also actively streamlines transferring mobile ID subscription licenses across employees and registering multiple mobile IDs across multiple devices without any additional cost.

Click here to learn more about HID Origo.

Leave a comment

Filed under Risk Xtra, Uncategorized

‘Technology at the Edge’: Axis Communications unveils Top Five Trends to shape 2018

Surveillance specialist Axis Communications’ CTO Johan Paulsson has outlined the Top Five Trends that the company feels will shape the New Year. 

Paulsson stated: “As the Greek philosopher Heraclitus said: ‘The only one constant in life is change’. There’s perhaps no better example of this than the technology industry, where innovation is so rapid that even the most fantastic of imagined futures seem like they could become a reality in the not too distant future.”

Axis Communications has put together five top technology trends that the Lund-based business feels will have a great impact on the security and surveillance industry now and in the years to come, helping to facilitate a smarter and, of course, safer world.

JohanPaulssonCTOAxisCommunicationsWeb

Johan Paulsson: CTO at Axis Communications

(1) A move towards the edge

“Two of the greatest trends that have propelled our industry forward in recent years,” observed Paulsson, “are cloud computing and the Internet of Things (IoT), both of which are delivering undeniable benefits to businesses and consumers alike. That said, they also come with implications, namely the rise in the amount of data being transferred, processed and stored. Going forward, we anticipate that ‘edge’ computing will become ever popular, alleviating this issue by performing data processing at the ‘edge’ of the network, closer to the source of the data. Doing so significantly reduces the bandwidth needed between sensors, devices and the Data Centre.”

(2) Cloud-to-Cloud

Paulsson observed: “Despite the move towards edge computing, the cloud will continue to play a significant role in IT infrastructures. As an increasing number of companies offer cloud-based services, the cloud ecosystem is increasingly becoming the preferred point of integration, rather than the traditional on-premise system. One benefit of integration between clouds is the significant potential reduction of in-house IT services required, in turn creating great cost benefits.”

(3) Deep and machine learning

According to Paulsson: “We’ve now reached a stage where the full benefits of deep learning architectures and machine learning can begin to be realised. The explosion of data available to analyse is helping businesses become increasingly intelligent. As applications develop, there are significant opportunities for predictive analytics which could facilitate incident prevention: from terrorist incidents to slip and fall accidents; from traffic issues to shoplifting and even the tragedy of rail suicides.”

(4) Cyber security

“Once again,” outlined Paulsson, “cyber security must appear on the list of trends for the next 12 months and beyond. The constant enhancement of cyber security will be a never-ending task. This is because well-resourced cyber criminals will never stop looking to exploit vulnerabilities in any new technology. As the number of connected devices grows, so too do the potential flaws that, if left unaddressed, could provide the opportunity for networks to be breached.”

Embellishing this theme, Paulsson said: “Legislation is being created to address these concerns. In the European Union, the forthcoming General Data Protection Regulation – the deadline for compliance for this being 25 May – will unify the protection of data for individuals within the EU, wherever that data is held or used.”

(5) Platforms to realise the full benefits of the IoT

In conclusion, Paulsson informed Risk UK: “The IoT has reached a point where it’s crucial to use scalable architecture to successfully collect and analyse data and manage the network of connected devices. Such an IoT platform allows equipment from different node vendors to co-exist and easily exchange information to form smart systems using existing network infrastructure. There are numerous companies, both well-established providers of technology and new market entrants, that are enabling platforms to support IoT devices. The next 12 months will see further maturation of this process.”

*Read more: https://www.axis.com/blog/secure-insights/technology-trends/

Leave a comment

Filed under Risk UK News

Nedap shows latest innovation in cyber-secured access control at Milestone Systems’ Integration Expo

Nedap is playing a key role at Milestone Systems’ Integration Expo event on Tuesday 12 September in Daventry as it shows its AEOS end-to-end security solution.  The free-to-attend event affords delegates a unique opportunity to see how integrated solutions are developed, and will bring together installers, developers, integrators and specially-selected Milestone Alliance Partners including Nedap (Milestone Systems’ New Solution Partner of the Year).

In dedicated sessions throughout the day, Nedap will describe its collaborative approach with a ‘Best of Breed’ partner, namely Milestone. Delegates will have the opportunity to see first-hand how the integration between Nedap’s AEOS and the Milestone X-Protect Access Plug-In allows end users to enjoy the features of an advanced access control system inside the Milestone VMS environment. This allows operators to exchange cardholder information, monitor entrances, manage alarms and perform full video verification, all in one integrated system.

“As Milestone’s New Solution Partner of the Year, NEDAP is thrilled to be involved in Milestone’s Integration Expo,” said Jeroen Harmsen, director of product management for NEDAP Security Management. “We look forward to showing delegates how innovative access control solutions can drive opportunities for their businesses.”

NedapDigitalDoorCrucially, Nedap’s AEOS end-to-end solution provides end-to-end security, a key requirement given increasing concerns about connecting devices to the Internet of Things (IoT). An open platform is essential if all the information between IoT-connected devices is to be processed and shared with other systems.

While any system that connects to the Internet will imply a high security risk, Nedap’s solution effectively manages the risk of cyber attacks. By encrypting all communication between a card, the controller and the server, security is ensured at every level of the access control system: from the level of the door to the very core of the AEOS system.

Card readers have no role in decrypting data, for example, so secure communication between card and controller is guaranteed.

Digital certificates, meanwhile, are stored in the same Secure Access Module, in turn ensuring secure communication between controller and server.

For the first time in the market, AEOS end-to-end security offers protection against both physical and digital threats and limits the risks of attack.

More information on the end-to-end security assured by Nedap’s AEOS can be found in this video: http://www.nedapsecurity.com/news/end-end-security-helps-customers-secure-their-network

Leave a comment

Filed under Risk UK News

Five key security scenarios for OPTEX’s sensors at IFSEC International 2017

At IFSEC International 2017, sensor manufacturer OPTEX will be exhibiting a range of different products and solutions centred around five key security scenarios from perimeter protection and tailgating detection to Internet of Things (IoT)-based alarm systems.

Within a high security perimeter protection zone, OPTEX will showcase its Centre for the Protection of National Infrastructure-approved fibre optic fence detection system. The Fiber Sensys FD-322 Series solution detects intruders climbing or attempting to cut through a fence.

OPTEX’s REDSCAN RLS-3060 can create another layer of security around the perimeter fence to warn if anyone or any vehicle is approaching.

The perimeter intrusion detection systems have been fully integrated with the GEMOS PSIM platform and can trigger video surveillance drones to fly to the point of intrusion and send a live video stream to the Security Control Centre.

OPTEXRedscanIFSEC2017

In a second zone, OPTEX will be showcasing its time of flight technology, allowing visitors to IFSEC gain a better understanding of its capabilities. This technology allows a scene to be mapped in 3D and give an accurate representation of the objects present. It’s used in Accurance 3D, OPTEX’s tailgating detection system for interlocks, and could also be used for other applications such as object protection.

The award-winning laser scan detector REDSCAN RLS-2020 will also be at the show, with OPTEX representatives demonstrating its ability to protect assets and detect people jumping over turnstiles or climbing through skylights. This solution is already proven in identifying small objects or thrown objects being smuggled into restricted areas.

For both commercial and residential security, OPTEX will be demonstrating its new wireless infrared beam (namely the SL-TNR) that works with universal batteries (CR123) and can be partly hardwired, as well as its new range of pre-built beam towers.

OPTEXStoryPanelIFSEC2017

The last zone will include live demonstrations of how OPTEX’s wireless outdoor sensors, including the new VX Shield Series, are ideally suited to IoT applications, sending alarms and other data via the cloud to a smart phone or remote monitoring station.

Jacques Vaarre, managing director of OPTEX, stated: “We feel that the live demonstration route is the best way to show the range of applications that can be achieved with our sensors. In addition to exhibiting at IFSEC International 2017, we’ll also be making presentations in the Borders and Infrastructure and Security Management Theatres to discuss innovations around access control systems and deliver Case Studies focused on protecting critical infrastructure against intrusion.”

Leave a comment

Filed under Risk UK News

ECA/SELECT Survey finds buildings at heightened risk from cyber attack

The use of cyber attacks is becoming more prevalent as an effective tool to disrupt both business and politics. As a result of this, within industry it’s vital that steps are taken to protect buildings and infrastructure against potential threats.

To find out the current state of play, the Electrical Contractors’ Association (ECA) and Scottish Trade Association SELECT surveyed a range of clients in November and December last year on their approach to cyber security.

The feedback received from the ‘Connected Technology Survey for Clients’ emanated from a range of respondents, including consultants, engineers, end clients, local authorities and facilities managers.

ecacybersurvey

The results show that almost four-in-ten clients (39%) don’t take any steps to protect smart installations in buildings from cyber threats. A further 49% cited the risk of hacking as a barrier to installing connected technology.

Steve Martin, head of specialist groups at the ECA, commented: “Given that ‘connected technology’ covers any technology, such as lighting or HVAC installations, this enables devices to communicate with each other over the Internet and undertake tasks. The risks from hacking are substantial.”

Currently, only 20% of the UK’s commercial buildings are considered to be ‘smart’. However, over the next four years, the global ‘Internet of Things’ market is expected to be worth over £1 trillion annually. “If we’re to keep pace with developments,” concluded Martin, “the issue of cyber security needs to be addressed as a matter of urgency.”

Leave a comment

Filed under Risk UK News, Uncategorized