Adaptive Data-driven Cyber Security System to Prevent Cyber Attacks
Recognising the complexity of cyber attacks and the multi-stakeholder nature of tackling cyber security are the key components of a new data-driven cyber security system being developed by experts led by the University of Nottingham.
The aim is to support organisations of all sizes in maintaining adequate levels of cyber security through a semi-automatic, regularly updated, organisation-tailored security assessment of their digital infrastructures.
The £1 million project, funded by the Engineering and Physical Sciences Research Council (EPSRC) and the National Cyber Security Centre (formerly CESG), will establish the foundations for a digital ‘Online Cyber Security System’ decision support service (OCYSS) which is designed to rapidly bring together information on system vulnerabilities and alert organisations which may be affected. (Read More)
If the CIA Can Compromise Our Gadgets, Can’t Others Do the Same?
Now we might have to worry the Central Intelligence Agency is spying on us through our Samsung television set, intercepting text messages, and using the phone’s camera to secretly photograph me.
Not likely, but all too possible. According to the shocking data dump on Tuesday by the radical anti-secrecy organization WikiLeaks, the agency could infiltrate billions of devices worldwide. And here’s a bigger worry: If the CIA can compromise our gadgets, any reasonably bright foreign spy, cyber-crook, or terrorist will eventually be able to do the same. The WikiLeaks report suggests the CIA is doing nothing to prevent this — on purpose.
These exploits represent extraordinary work by brilliant engineers, and frankly, it makes me proud to be an American. But it also poses a nasty problem. The same bugs that make these exploits possible could eventually be uncovered by America’s enemies, or even by common criminals.(Read More)
Massive Global Ransomware Attack Highlights Critical Infrastructure, IoT Security Challenges
On the heels of the most recent worldwide ransomware attack, it is more important than ever for companies with critical infrastructure and IoT devices to secure their environments.
Victims of this week’s attacks include the government, banks, and state power utility in Ukraine, as well as the capital Kiev’s airport and metro. It also reportedly hit hospitals in the U.S. and the nuclear radiation monitoring system at Chernobyl in Russia.
While the attacks did not appear to target critical infrastructure companies – also hitting companies in the pharmaceutical, shipping, and legal verticals – partners said the instances show that critical infrastructure and IoT security remains a weak point for many companies. (Read More)