Security & Privacy

Protecting people with the Internet of Things Access AI


Most of us will know the age old saying, we want to be "safe and secure" – that's ourselves, our family, and our work colleagues in all aspects of life. However, our understanding of what it means to be safe and secure, especially when considering today's modern digital age and in particular the growing era of the Internet of Things (IoT), isn't the same as it once was. For sure, the natural evolution of innovation, technological or otherwise, continues irrespective of the accelerating awareness and adoption of the interconnection of consumer and industrial devices which makes up the IoT. The world of Industrial Internet of Things (IIoT) is also evolving at a similar pace and now more than ever is bridging into consumers' lives on an individual level. So much so that it is becoming more difficult to differentiate the IoT from IIoT, outside of those in the industry of course.

CERT: These emerging technologies bring new risks


Emerging technologies are finding their way into everyday life as they mature and gain acceptance. But that doesn't mean they're without risk. The CERT Division of the Software Engineering Institute at Carnegie Mellon University once again has updated its list of technologies that might present challenges from an information security and safety perspective. In its Emerging Technology Domains Risk Survey, CERT examines a variety of trends that can provide a lot of benefits to people and businesses, but also pose risks that need to be addressed. Some of these areas are moving ahead so quickly in adoption that companies have not had a chance to completely evaluate their implications.

Automated vehicle security must be addressed: House of Reps committee


Issues around data ownership and security, safety ethics, legal liability and insurance, and the future of employment need to be addressed before Australians will be comfortable with automated vehicles, the House of Representatives Industry, Innovations, Science and Resources Committee has said. After conducting a six-month enquiry into the social issues relating to land-based automated vehicles, the committee has announced its 10 recommendations, with an emphasis on data security. The Industry, Innovations, Science and Resources Committee also recommended continued funding of automated vehicle trials with a public transport application in both metropolitan areas and regional locations. The national body or cross-agency taskforce, once established, would address concerns around data security, safety ethics, legal liability and insurance, transport accessibility, and the impact of automated vehicles on employment.

Hackers Are the Real Obstacle for Self-Driving Vehicles

MIT Technology Review

Before autonomous trucks and taxis hit the road, manufacturers will need to solve problems far more complex than collision avoidance and navigation (see "10 Breakthrough Technologies 2017: Self-Driving Trucks"). These vehicles will have to anticipate and defend against a full spectrum of malicious attackers wielding both traditional cyberattacks and a new generation of attacks based on so-called adversarial machine learning (see "AI Fight Club Could Help Save Us from a Future of Super-Smart Cyberattacks"). When hackers demonstrated that vehicles on the roads were vulnerable to several specific security threats, automakers responded by recalling and upgrading the firmware of millions of cars. The computer vision and collision avoidance systems under development for autonomous vehicles rely on complex machine-learning algorithms that are not well understood, even by the companies that rely on them (see "The Dark Secret at the Heart of AI").

The Very Best Black Hat Hacks


Some of the popular tools hackers use to control other people's systems, which turn out to be riddled with vulnerabilities themselves. Security researchers Billy Rios and Jonathan Butts have offered a vivid new demonstration the consequences of connecting industrial equipment to the internet, hacking an automatic carwash to close its doors around a victim vehicle and repeatedly strike it with the system's robotic arm. But the hackers, who work for Chinese e-commerce firm Alibaba, didn't exactly carry out all those dramatic attacks; They tested their drone hacking technique on a non-moving drone with its rotors removed for safety, and had to install the sonic emitter inside the hoverboard's case to make that attack work. In addition to the necessity of law enforcement collaboration, the private sector also contributes to the FBI's cyber crime work, offering everything from threat intelligence to technical help.

car hacking


Millions of cars at risk as keyless entry systems can be hacked, report says Technology. Tens of millions of cars are made vulnerable to theft by their keyless entry systems, according to a report by computer security experts. They have devised two attacks: One that target cars of the Volkswagen Group (VW, Seat, Škoda, and Audi), and includes recovering the cryptographic algorithms and keys from electronic control units that allows them to clone the signal that will open the car, and Another that takes advantage of the cryptographically weak cipher in the Hitag2 rolling code scheme used by Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, Ford and other car makers. "Vehicle manufacturers expected the data/systems service providers to provide the security protection and the providers expected the manufacturers to do this" Are we really bothered though?

Karamba Is Writing Software to Keep Your Connected Car from Getting Hacked

MIT Technology Review

Apprehensions about automotive cybersecurity came to a head when a pair of white-hat hackers broke into a Jeep Cherokee in 2015, leading to the recall of 1.4 million vehicles by Chrysler Fiat to fix a software bug in the Uconnect infotainment system (see "Carmakers Accelerate Security Efforts after Hacking Stunts"). "Dealing with consumer safety, and not just with data security, requires different security methods to protect our cars, in contrast to technologies that protect servers and enterprise networks," says David Barzilai, executive chairman and cofounder of Karamba Security, a two-year-old startup based in Hod HaSharon, Israel, with an office in metropolitan Detroit. Harman International, maker of the Uconnect system in the hacked Jeep, acquired TowerSec, an Israeli cybersecurity firm, in early 2016. Glen De Vos, chief technical officer for the automotive parts maker Delphi Automotive, says that layers of security beyond what Karamba is proposing will become necessary as cars develop more connected properties, including autonomous driving, and therefore transmit more data wirelessly both to the cloud and to one another.

Queen's Speech 2017: What it means for UK tech


In last year's Queen's Speech, the government rammed home the message that Britain will become a leader in autonomous transportation. In order to secure the growth of UK's space industry, Theresa May put forward new legislation that would help Britain in its mission to become the number one place for commercial spaceflight in Europe. The proposed Data Protection Bill would deliver on the Conservative manifesto pledge to let young people demand that social networks remove any personal information that they shared before they turned 18. Brexit may be looming large, but the UK will implement the General Data Protection Regulation, new European data protection rules that will come into force next year.

Achieving a Secure and Reliable Business Via Video Analytics - insideBIGDATA


Anusha is a software engineer on the WSO2 real-time analytics team, where he researches and analyzes various methods of video processing to support solutions, such as surveillance and monitoring. With traffic monitoring, video processing can be used to detect vehicles, monitor vehicle density, and track vehicles by reading their license plates. Common applications are to use video feeds from traffic cameras to identify speeding vehicles or to observe the traffic flow speed on highways to, for example, predict travel time or dynamically calculate toll values. The sources may include video streaming devices, such as CCTV cameras, traffic cameras, online video feeds, or any other video source.