Eliana Willis

More stories

  • 138 Shares129 Views

    in Networking

    NBN invites all governments to participate in AU$300m regional co-investment fund

    Image: Getty Images
    The company responsible for the NBN is calling for expressions of interest from government agencies to take part in its AU$300 million regional co-investment fund (RCIF). The fund, first announced in September 2020, is designed to provide fibre and digital capability upgrades in regional and rural Australia. Government agencies at the federal, state, territory, and local levels have all been invited to submit proposals to take part in the funding round. Other parties are currently not invited to participate in the fund.In opening up the fund to government, NBN said any money provided would be put into a co-funding program rather than a grants program, which means projects that receive money from the RCIF fund will be assessed progressively as they are received and only progress if they meet NBN’s commercial investment benchmark. “By co-investing with federal, state, and territory government agencies and local councils we will further improve access to broadband services in rural and regional Australia,” chief development officer for regional development and engagement Gavin Williams said. “Together, we can continue to enhance the digital capabilities of these important communities, boosting job prospects and helping our regions to thrive.” The rules of the program also state that NBN will retain 100% ownership of any infrastructure assets receiving funding and as such, it will be responsible to maintain the asset and be the sole recipient of any revenues derived from the asset.

    Currently, the fund is only looking at injecting money into two types of NBN upgrades: Switching satellite or fixed wireless areas to fibre to the premises, or satellite areas to fixed wireless. The fund is also only focusing on larger build works, as projects that target less than 50 premises or have less than AU$500,00 total build cost being ineligible for funding. NBN added that all build work under the program is intended to be complete by June 2024. The funding round will be open until 18 February 2022. So far, the AU$300 million fund has only raised money through commercial debt markets. The RCIF fund is separate to the Regional Connectivity Program, which received an additional AU$130 million from the federal government last month. Broken down, the AU$130 million was split into AU$106 million for a second round of the RCP, of which AU$45.6 million has been “quarantined” for Northern Australia, while the remaining amount has been slotted for additional “shovel-ready” projects in round one. Related Coverage More

  • 88 Shares139 Views

    in Networking

    MyRepublic targets enterprise, cybersecurity markets in Singapore

    MyRepublic is looking for new revenue in the enterprise space, where it says offers significant growth potential for the Singapore broadband services provider. It plans to ramp up its service offerings to better address this customer segment, with particular focus on cybersecurity where it may look to make acquisitions to plug product gaps. In fact, it was seeing a good uptick in enterprise growth before the COVID-19 pandemic hit, said MyRepublic’s Singapore managing director Lawrence Chan, and was bringing in the same sale volume as its consumer broadband business. At the peak of the pandemic, though, sales from the enterprise space had dipped by 20%, he said in a video interview with ZDNet. While it saw some recovery in recent months, with a smaller 10% dip, Chan said it still was too early to say when volumes would return to pre-pandemic levels. He said, though, that there had been a shift in use cases as businesses looked to ensure their employees could remotely access data and tools sitting within the corporate network. Focus then was on making sure there was no lag in connectivity. He added that more businesses also were migrating from on-premise to cloud services and needed to boost connectivity to their data centre and office network. 

    As of May 2021, MyRepublic has 70,000 mobile subscribers, up 250% year-on-year, and 85,000 broadband subscribers in the city-state. The local market remains the main revenue source for the operator, which also offers broadband services in Australia and New Zealand. It has a franchise business in Indonesia via a partnership with the Sinar Mas Group.With its broadband operations the most mature in Singapore, Chan noted that MyRepublic’s emphasis here currently was on its enterprise and mobile businesses, the latter of which was launched in 2018. The company in April unveiled a rebranding initiative that included the introduction of a self-service SIM card activation service for its new mobile customers, who would receive their SIM cards via mail delivery. 

    Chan said the new brand identity outlined MyRepublic’s efforts to differentiate itself with a strong focus on customer-driven service offerings and “community-centric approach”. Noting that customers saw the company as a “personable” brand, he said: “Customers can relate to us. We’re users of broadband services, like them. We’re also gamers like they are and we use broadband for work, like they do.”He added that MyRepublic’s ability to deliver “meaningful value” to customers would be critical to its continued success. This meant providing services that were carried by intelligent pipes, where service packages for gamers, for example, would have latency optimisation. He noted that customers increasingly saw online connectivity as a commodity, which meant they would seek out the cheapest offering in the market. This was resulting in price wars amongst telcos and driving consolidation in the MVNO (mobile virtual network operator) market, he said. It underscored the need for players such as MyRepublic to offer a premium service over its competitors, rather than compete on price, he added. This also meant it must better understand customers’ needs to offer relevant services. Chan said the company made efforts to do so through machine learning, applying such tools to areas related to customer satisfaction so it could understand, for instance, why people stopped using or were using less of a particular service. It also integrated intelligent configuration of its networks to segment customers based on specific IP pools or categories, such as gamers and streamers. Each would have requirements specific to their online activities. For example, gamers would need shorter routes to China due to the popularity of games developed in the Chinese market. Media streamers, on the other hand, might require higher bandwidth so they could watch their content without disruptions. “Telcos typically wouldn’t architect their network this way,” Chan said, noting that MyRepublic categorised its customers based on the service package for which they signed up. Users were divided into four to five segmentations. He added that the broadband operator continuously monitored usage across the different segments, studying traffic patterns and types of data packets, as well as shifts in usage. Looking for new business in enterprise marketElaborating on his plans to grow the company’s enterprise business, Chan said MyRepublic was seeing large margins and growth potential in this segment, which remained largely untapped. He said the vendor currently supported some 6,000 enterprise customers, including small and midsize businesses (SMBs() and large organisations, which included players in the financial services industry (FSI) as well as food and beverage, construction, and hospitality sectors. It also would be looking to target smaller players in FSI, where it was seeing robust growth amongst fintech companies. “Smaller FSI players often are well established, even though they are smaller, and have high-end connectivity requirements,” Chan said. “They also are more nimble and market disruptors, and want to partner service providers that are also nimble and able to provide quick turnaround for solutions.”He added that even bigger enterprises now were looking to form closer ties with their connectivity service providers, so they could have more flexibility and access network services that had more customisation. The broadband provider also would be looking to beef up its portfolio to include cybersecurity services, as more enterprises realised the importance of such tools. Noting that its play in this market segment was “still early days”, Chan said MyRepublic would look to beef up its services here internally and, where necessary, through partners such as consulting services and in-office monitoring. The broadband provider currently provides some security tools such as firewall and network protection. He said it was planning a “major push” in cybersecurity and would soon unveil new products and partners in this space. He also did not rule out the possibility of acquisitions to plug any gaps in its service offerings, adding that the vendor needed to provide products in some key areas to be a “full” security player. These included tools to protect against malware, DDoS, and phishing.RELATED COVERAGE More

  • 100 Shares99 Views

    in Artificial Intelligence

    A unique collaboration with US Special Operations Command

    When General Richard D. Clarke, commander of the U.S. Special Operations Command (USSOCOM), visited MIT in fall 2019, he had artificial intelligence on the mind. As the commander of a military organization tasked with advancing U.S. policy objectives as well as predicting and mitigating future security threats, he knew that the acceleration and proliferation of artificial intelligence technologies worldwide would change the landscape on which USSOCOM would have to act.

    Clarke met with Anantha P. Chandrakasan, dean of the School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science, and after touring multiple labs both agreed that MIT — as a hub for AI innovation — would be an ideal institution to help USSOCOM rise to the challenge. Thus, a new collaboration between the MIT School of Engineering, MIT Professional Education, and USSOCOM was born: a six-week AI and machine learning crash course designed for special operations personnel.

    “There has been tremendous growth in the fields of computing and artificial intelligence over the past few years,” says Chandrakasan. “It was an honor to craft this course in collaboration with U.S. Special Operations Command and MIT Professional Education, and to convene experts from across the spectrum of engineering and science disciplines, to present the full power of artificial intelligence to course participants.”

    In speaking to course participants, Clarke underscored his view that the nature of threats, and how U.S. Special Operations defends against them, will be fundamentally affected by AI. “This includes, perhaps most profoundly, potential game-changing impacts to how we can see the environment, make decisions, execute mission command, and operate in information-space and cyberspace.”

    Due to the ubiquitous applications of AI and machine learning, the course was taught by MIT faculty as well as military and industry representatives from across many disciplines, including electrical and mechanical engineering, computer science, brain and cognitive science, aeronautics and astronautics, and economics.

    “We assembled a lineup of people who we believe are some of the top leaders in the field,” says faculty co-organizer of the USSOCOM course and associate professor in the Department of Aeronautics and Astronautics at MIT, Sertac Karaman. “All of them are able to come in and contribute a unique perspective. This was just meant to be an introduction … but there was still a lot to cover.”

    The potential applications of AI, spanning civilian and military uses, are diverse, and include advances in areas like restorative and regenerative medical care, cyber resiliency, natural language processing, computer vision, and autonomous robotics.

    A fireside chat with MIT President L. Rafael Reif and Eric Schmidt, co-founder of Schmidt Futures and former chair and CEO of Google, who is also an MIT innovation fellow, painted a particularly vivid picture of the way that AI will inform future conflicts.

    “It’s quite obvious that the cyber wars of the future will be largely AI-driven,” Schmidt told course participants. “In other words, they’ll be very vicious and they’ll be over in about 1 millisecond.”

    However, the capabilities of AI represented only one aspect of the course. The faculty also emphasized the ethical, social, and logistical issues inherent in the implementation of AI.

    “People don’t know, actually, [that] some existing technology is quite fragile. It can make mistakes,” says Karaman. “And in the Department of Defense domain, that could be extremely damaging to their mission.”

    AI is vulnerable to both intentional tampering and attacks as well as mistakes caused by programming and data oversights. For instance, images can be intentionally distorted in ways that are imperceptible to humans, but will mislead AI. In another example, a programmer could “train” AI to navigate traffic under ideal conditions, only to have the program malfunction in an area where traffic signs have been vandalized.

    Asu Ozdaglar, the MathWorks Professor of Electrical Engineering and Computer Science, head of the Department of Electrical Engineering and Computer Science, and deputy dean of academics in the MIT Schwarzman College of Computing, told course participants that researchers must find ways to incorporate context and semantic information into AI models prior to “training,” so that they “don’t run into these issues which are very counterintuitive from our perspective … as humans.”

    In addition to providing an orientation to this concept of “robustness” (how prone a technology is, or is not, to error), the course included some best-practice guidance for wielding AI in ways that are ethical, responsible, and strive to limit and eliminate bias.

    Julie Shah, faculty co-organizer of the USSOCOM course, associate dean of social and ethical responsibilities of computing, and associate professor in the Department of Aeronautics and Astronautics at MIT, lectured on this topic and emphasized the importance of considering the future ramifications of AI before and during the development of both the use plan and the technology itself.

    “We talk about how difficult [it is to predict] the unintended uses and consequences,” she told course participants. “But much like we put all of this engineering work into understanding the machine learning models and their development, we need to build new habits of mind and action that involve a range of disciplines and stakeholders, to envision those futures in advance.”

    In addition to moral and safety issues, the logistics of advancing AI in the military are complex and involve a lot of moving parts; the AI technology itself is only one part of this picture. For instance, the actualization of a fleet of military vehicles operated by a handful of personnel would require novel strategic research, partnerships with manufacturers to build new kinds of vehicles, and additional personnel training. Further, AI technology is often developed in the private or academic sectors, and the military doesn’t automatically have access to those innovations.

    Clarke told course participants that USSOCOM had been a “pathfinder within the Department of Defense in the early application of some of this data-driven technology” and that connections with organizations like MIT “are indispensable elements in our preparation to maintain advantage and to ensure that our special operations forces are ready for the future and a new era.”

    Schmidt agreed with Clarke, adding that a functional hiring pipeline from academia and the tech industry into the military, as well as the highest and best utilization of available technology and personnel, is essential to maintain U.S global competitiveness.

    The USSOCOM course was part of the ongoing expansion of AI research and education at MIT, which has accelerated over the last five years. Computer science courses at MIT are typically oversubscribed and attract students from many different disciplines.

    In addition to the USSOCOM course, AI initiatives at MIT span many areas and initiatives, including:

    The MIT Schwarzman College of Computing, which seeks to advance computing, diversify AI applications, and address social and ethical aspects of AI.
    The MIT-IBM Watson AI Lab, which focuses on AI applications to health, climate, cybersecurity.
    The MIT Jameel Clinic for Machine Learning in Health, which investigates applications of AI to health care, including early disease diagnosis.
    The MIT-Takeda Program, which seeks to apply AI capabilities to drug development and other human health challenges.
    The MIT Quest for Intelligence, which applies human intelligence research to the development of next-generation AI technologies.

    “More than a third of MIT’s faculty are working on AI-related research,” Chandrakasan told course participants.

    MIT faculty instructors, USSOCOM instructors, and special guests for the course included:

    Daron Acemoglu, MIT Institute Professor;
    Regina Barzilay, School of Engineering Distinguished Professor for AI and Health at MIT and AI faculty lead at Jameel Clinic;
    Ash Carter, director of the Belfer Center for Science and International Affairs at Harvard Kennedy School, and the 25th U.S. secretary of defense;
    Anantha Chandrakasan, dean of the MIT School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science;
    General Richard Clarke, commander of USSOCOM;
    Colonel Drew Cukor, chief of Algorithmic Warfare Cross Function Team in the ISR Operations Directorate, Warfighter Support, Office of the Undersecretary of Defense for Intelligence;
    Stephanie Culberson, chief of international affairs in the Department of Defense Joint Artificial Intelligence Center;
    Dario Gil, senior vice president and director of IBM Research and chair of the MIT-IBM Watson Lab;
    Tucker “Cinco” Hamilton, U.S. Air Force colonel, and U.S. Air Force director of the USAF/MIT AI Accelerator;
    Dan Huttenlocher, dean of the MIT Schwarzman College of Computing and the Henry Ellis Warren (1894) Professor;
    David Joyner, executive director of online education and of the Online Master of Science in Computer Science Program in Georgia Tech’s College of Computing;
    Sertac Karaman, associate professor of aeronautics and astronautics at MIT;
    Thom Kenney, USSOCOM chief data officer and the director of SOF Artificial Intelligence;
    Sangbae Kim, professor of mechanical engineering at MIT;
    Aleksander Madry, professor of computer science at MIT;
    Asu Ozdaglar, the MathWorks Professor of Electrical Engineering and Computer Science at MIT;
    L. Rafael Reif, MIT president;
    Eric Schmidt, visiting MIT Innovation Fellow, former CEO and chair of Google, and co-founder of Schmidt Futures;
    Julie Shah, associate professor of aeronautics and astronautics at MIT;
    David Spirk, U.S. Department of Defense chief data officer;
    Joshua Tenenbaum, professor of computational cognitive science at MIT;
    Antonio Torralba, the Delta Electronics Professor of Electrical Engineering and Computer Science at MIT; and
    Daniel Weitzner, founding director of the MIT Internet Policy Research Initiative and principal research scientist at the MIT Computer Science and Artificial Intelligence Laboratory.

    Originally envisioned as an on-campus program, the USSOCOM course was moved online due to the Covid-19 pandemic. This change made it possible to accommodate a significantly higher number of attendees, and roughly 300 USSOCOM members participated in the course. Though it was conducted remotely, the course remained highly interactive with roughly 40 participant questions per week fielded by MIT faculty and other presenters in chat and Q&A sessions. Participants who completed the course also received a certificate of completion.

    The success of the course is a promising sign that more offerings of this type could become available at MIT, according to Bhaskar Pant, executive director of MIT Professional Education, which offers continuing education courses to professionals worldwide. “This program has become a blueprint for MIT faculty to brief senior executives on the impact of AI and other technologies that will transform organizations and industries in significant ways,” he says. More

  • 163 Shares189 Views

    in Information Technology

    Amazon Prime Day 2021, Day 2: Last chance deals on smart home devices

    Smart home gadgets are all the rage, but it’s a slippery slope. As soon as you’re done installing your first gadget, you’re in the market for the next, and it can get pretty expensive.Amazon Prime Day is a good time to pick up your next smart home device for less, because there are some fantastic deals out there on a whole range of devices. With that in mind, I’ve trawled through the unbelievable number of deals that are available over Prime Day 2021 — tens of thousands! — and distilled them down into a handful of the best. Deals come and go over the two days, and I’ll be updating this post with fresh deals, so keep checking back. Also, if you find a good deal I’ve missed, feel free to drop me a note (a Twitter DM probably gets the quickest response). 

    35% off

    That router that was supplied by your internet provider is junk. Really. The demands that modern internet use puts on it will bring it to its knees. And if you plan on putting together a smart home, you need to have a solid connection to the internet.The Amazon eero 6 is a high-end, pro-grade solution to your problems. And now you can pick up a set that will cover up to 5,000 sq. ft. at an unbeatable price.

    $181 at Amazon

    33% off

    You have Alexa everywhere else, so why not in your ears! Great earbuds with a decent 5 hour battery life, charging case, and, the addition of Alexa!Don’t use Alexa? No problem! These earbuds will also work with Siri and Google Assistant.

    $79 at Amazon

    28% off

    This is a great deal on the Echo Show 10, the perfect hub or control center for your smart home, and you also get a free bulb thrown in.Because, who doesn’t need an extra bulb?

    $189 at Amazon

    70% off

    Add Alexa to your car. Why? Because at this price, if you’re a fan of the platform… why not!

    $14 at Amazon

    62% off

    An Echo Dot (4th Gen) and a Sengled Bluetooth Smart Color bulb. The perfect starter kit for a smart home. Makes a great gift for someone starting out on their smart home journey.

    $24 at Amazon

    47% off

    This smart vacuum cleaner does pretty much everything other than buy itself and come to your home!  It’s bagless, self-emptying base holds up to 45 days of dirt and debris, which means you can get on doing other things, and the deep-cleaning power is perfect for large debris and pet hair on carpets and floors.

    $319 at Amazon

    40% off

    Kick-start putting together your command center with this bundle that includes two battery-powered Stick up Cams and a 2nd-gen Echo Show 5. A great way to know who’s at your door before answering.

    $169 at Amazon

    50% off

    It might be tiny, but it packs all the power and punch of a full-sized Echo. There’s a reason why this is Amazon’s most popular smart speaker!A perfect starter for someone at the beginning of putting together a smart home, or for extending your coverage to another room or outbuilding.

    $19 at Amazon

    20% off

    I remember when smart bulbs were expensive. I remember when dimmable ones were crazy expensive. And I remember when a four-pack required a follow-up Asprin and a sit down with a cold flannel on the forehead.Now you can pick up a four-pack for dimmable LED smart bulbs for just over $20!

    $22 at Amazon

    27% off

    Ring

    With its 8-inch HD touchscreen, adaptive color, and stereo speakers, the all-new Echo Show 8 is the perfect hub for your smart home setup.8.0-inch touchscreen 1280 x 800 resolution display13 MP camera that uses auto-framing to keep you centeredBuilt-in camera shutter and microphone/camera off button

    $94 at Amazon

    20% off

    Put an end to manually turning off outlets and devices with the Gosund smart plugs! These work with Alexa and Google Home Assistant. With just a simple voice command, you have the power to turn devices on and off, and you can use the app for remote access (so you can turn off lights that others have left on from far away!). 

    $19 at Amazon

    40% amount off

    Protect your home with this superb 8-piece home security kit. This is perfect for 1-2 bedroom homes.This kit includes:Base stationKeypadFour contact sensorsOne motion detectorOne range extenderOptional 24/7 professional monitoring with Ring Protect Plus for $10/month.

    $149 at Amazon

    33% off

    The Roomba 692 is the perfect way to keep your smart home squeaky clean. Just schedule it to clean up daily dirt, dust, and debris with the iRobot HOME app or your voice assistant.It runs for up to 90 minutes before automatically docking and recharging.

    $199 at Apple

    40% off

    The Blink Outdoor camera system is a completely wireless battery-powered HD security camera complete with built-in infrared night vision.The great thing is that each camera can run for up to two years on two AA lithium batteries (which are included). No wiring or professional installation is required.You can also see, hear, and speak to visitors with live view in real-time and two-way audio features on your Blink app.

    $149 at Amazon

    More Prime Day 2021 deals

    We plan to update this guide with more smart home device deals as we spot them.

    Amazon Prime Day 2021

    The best Amazon Prime Day 2021 deals: Windows 10 laptops

    The best Amazon Prime Day 2021 deals: Robots, Raspberry Pi, Arduino, and electronic kits

    The best Amazon Prime Day 2021 deals: Webcams, mics, green screens, and video studio gear

    The best Prime Day 2021 deals: Storage, SSD, and flash drives

    The best Prime Day 2021 deals: Chromebook laptops

    The best anti-Prime Day deals: Sales from Walmart, Best Buy, and elsewhere

    Amazon Prime Day creates halo effect for large rival retailers, email marketing More

  • 113 Shares109 Views

    in Networking

    Samsung unveils new chipsets and antenna for 5G network

    Image: SamsungSamsung on Tuesday unveiled a variety of 5G network solutions that it says will allow mobile operators to built efficient 5G networks at an accelerated rate.These included chipsets such as its third generation mmWave radio frequency integrated circuit (RFIC) chip, its second generation 5G modem SoC, and its RFIC chip that integrates a digital front end (DFE), the South Korean tech giant said at an online event dubbed Samsung Network: Redefined.According to Samsung, all three chipsets are smaller and more power efficient than their prior generation offerings. The RFIC chips also support both 28GHz and 39GHz spectrums. The chipsets will power Samsung’s updated 5G Compact Macro, the brand name for its mmWave 5G base station, as well as massive MIMO radios and baseband units that will commercially launch in 2022, the company said The South Korean tech giant also unveiled a new integrated antenna that consolidates a 3.5GHz massive MIMO radio with low-band and mid-band passive antennas into a single form factor.Called One Antenna Radio, it will allow mobile network operators to overcome space and footprint restrictions in building their 5G networks and save operation costs, Samsung said.The new antenna will also launch in 2022, and offered first to Europe, it added.

    At the event, Samsung also said it has supplied four million 5G-ready radios so far. The company also talked up its virtualized radio access network (vRAN) solutions. Earlier this month, the company announced that it was selected as a vendor for Vodafone’s vRAN deployment in the UK. In March, the company said it will be supplying its 5G solution to NTT Docomo, Japan’s largest telco. More

  • 163 Shares159 Views

    in Information Technology

    Hackers are trying to attack big companies. Small suppliers are the weakest link

    Cybersecurity vulnerabilities in small and medium sized businesses in the defence industry are leaving the companies themselves – and larger organisations further up the supply chain – vulnerable to cyber attacks.Researchers at cybersecurity company BlueVoyant examined hundreds of SMB defence company subcontractor firms and found that over half of them had severe vulnerabilities within their networks, including unsecured ports and unsupported or unpatched software, making them vulnerable to cyber attacks including data breaches and ransomware.With the defence industry a prime target for cyber criminals – including state-backed hacking operations attempting to steal intellectual property and other sensitive information – attackers are ready to exploit any weakness they can to gain access to networks.Unsecured ports, including remote administration tools and RDP ports represent one of the most common vulnerabilities, potentially allowing cyber criminals to gain access to networks.It can be relatively simple for attackers to gain remote access to these services if they’re only protected by default or weak credentials, while it’s also possible to for attackers to gain access to these services via phishing attacks.The rise of remote working over the last year has also meant that remote access and cloud services have become a popular means of network entry for cyber criminals, as it’s less likely that their activity on the network will be detected as suspicious.SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

    Researchers also found that many of the companies examined were running unpatched or unsupported software, making them vulnerable to cyber attacks which exploit known vulnerabilities – and something they suggests means there’s an absence of a patch management strategy.Cyber criminals regularly take advantage of known vulnerabilities in an effort to gain access to networks – and in the case of the defence industry, a small contractor being compromised could lead to a larger company on the supply chain being subject to cyber attacks.”A simple compromise of a valid email address can serve as a great vector to spread a malicious attachment throughout supply chain partners or simply victimize a less prepared contractor to get a foothold in the chain and work their way up-stream,” Austin Berglas, global head of professional services at BlueVoyant told ZDNet.It’s often difficult for smaller companies to stay on top of cybersecurity and there’s a arguement that larger organisations should play a role in helping their supply contractors secure their networks – because by providing this help, not only do they protect their contractors from malicious hackers, they’re also ultimately helping to protect their own networks.”Empowering contractors to secure the supply chain, implementing continuous monitoring, and proactively identifying threats will help secure the defence industrial base and ensure the safety of a vital national security asset,” said Berglas. MORE ON CYBERSECURITY More

  • 138 Shares199 Views

    in Information Technology

    Average time to fix critical cybersecurity vulnerabilities is 205 days: report

    A new report from WhiteHat Security has found that the average time taken to fix critical cybersecurity vulnerabilities has increased from 197 days in April 2021 to 205 days in May 2021. In its AppSec Stats Flash report, WhiteHat Security researchers found that organizations in the utility sector had the highest exposure window with their application vulnerabilities, spotlighting a problem that made national news last week when it was revealed more than 50,000 water treatment plants across the US had lackluster cybersecurity. In addition to an attack on a water treatment plant in Florida earlier this year, it was revealed that there had been multiple attacks on utilities that were never reported.  According to the report, more than 66% of all applications used by the utility sector had at least one exploitable vulnerability open throughout the year. Setu Kulkarni, a vice president at WhiteHat Security, said over 60% of applications in the manufacturing industry also had a window of exposure of over 365 days.  “At the same time, they have a very small number of applications that have a window of exposure that is less than 30 days — meaning applications where exploitable serious vulnerabilities get fixed under a month,” Kulkarni explained, noting that the finance and insurance industries did a better job of addressing vulnerabilities.  “Finance has a much more balanced window of exposure outlook. About 40% of applications have a WoE of 365 days, but about 30% have a WoE of fewer than 30 days.” WhiteHat Security researchers said the top five vulnerability classes seen over the last three months include information leakage, insufficient session expiration, cross-site scripting, insufficient transport layer protection and content spoofing.  The report notes that many of these vulnerabilities are “pedestrian” and require little effort or skill to discover and exploit. 

    Kulkarni said the company decided to switch from releasing the report annually to publishing it monthly due to the sheer number of new applications that are developed, changed and deployed, especially since the onset of the COVID-19 pandemic. The threat landscape has also evolved and expanded alongside the explosion in application development.  Kulkarni noted that the situation had spotlighted the lack of cybersecurity talent available to most organizations and the general lack of resources for many industries struggling to manage updates and patches for hundreds of applications.  “We look at the window of exposure by the industry as a bellwether metric for breach exposure. When you look at industries like utilities or manufacturing that have been laggards in digital transformation when compared to finance and healthcare, we find that they have a window of exposure data in a complete disbalance,” Kulkarni told ZDNet. “The key takeaway from this data is that organizations that are able to adapt their AppSec program to cater to the needs of legacy and new applications fare much better at balancing the window of exposure for their applications. That is what I am calling it two-speed AppSec: focusing on production testing and mitigation for legacy applications; focusing on production and pre-production testing and balancing mitigation as well as remediation for newer applications.” Every application today is internet-connected either directly or indirectly, Kulkarni added, explaining that this means the impact of vulnerabilities can potentially affect hundreds of thousands of end-users, if not millions.  Kulkarni suggested organizations distribute the responsibility of security more broadly to all the stakeholders beyond just security and IT teams that often lack the budget or the resources to handle security meticulously. “Security is a team sport, and for the longest time, there has been a disproportionate share of responsibility placed on security and IT teams. “Development teams are pressed for time, and they are in no position to undergo multiple hours of point-in-time dedicated security training. A better approach is for the security teams to identify the top 1-3 vulnerabilities that are trending in the applications they are testing and provide development teams bite-size training focused on those vulnerabilities.” More

  • 213 Shares139 Views

    in Information Technology

    Have we reached peak ransomware? How the internet's biggest security problem has grown and what happens next

    Ransomware has become such a significant problem that now even leaders of the global superpowers are discussing these attacks at high-profile summits. The cyberattacks – which involve criminals encrypting networks and demanding payments that can reach millions of dollars in exchange for the decryption key – were one of the key discussion points during the first face-to-face meeting of US President Joe Biden and Russian President Vladimir Putin. Ransomware was on the agenda following several high-profile campaigns against US targets, which caused significant disruption.

    First, cyber criminals using DarkSide ransomware hacked the network of Colonial Pipeline, resulting in services being shut down – disrupting gasoline supplies for much of north eastern United States – and forcing the company to pay a ransom of almost $5 million in bitcoin. Just weeks later, criminals using REvil ransomware hit meat processor JBS, which paid a ransom of $11 million in bitcoin. SEE: Network security policy (TechRepublic Premium) Like many ransomware groups, both DarkSide and REevil are thought to be the work of cyber criminals working out of Russia. The consensus among cybersecurity researchers is that the Kremlin turns a blind eye to these activities. That’s why President Biden directly brought up the issue of ransomware during his meeting with President Putin. “I looked at him and said: ‘How would you feel if ransomware took on the pipelines from your oil fields?’ He said: ‘It would matter.’ I pointed out to him that we have significant cyber capability. And he knows it,” Biden told reporters.

    Biden’s warning to Putin came following the G7 Summit in Cornwall, England, where the leaders of Canada, France, Germany, Italy, Japan, the United Kingdom and the United States issued a joint declaration on ransomware, agreeing that international action is needed to combat the issue. Ransomware has been a problem for years, but attacks have become increasingly disruptive and damaging for victims while cyber criminals make more and more money from campaigns. A few years ago, ransoms were hundreds of dollars – now cyber extortionists are demanding millions or even tens of millions of dollars in ransoms. And ransomware groups are able to keep demanding huge sums of bitcoin and other cryptocurrencies because, for one reason or another, victims are paying the ransoms. “It’s an effective business model because, from a criminal’s point of view, it works because people are paying. Then there are more attacks as a result as it’s so successful,” says Eleanor Fairford, deputy director for incident management at the National Cyber Security Centre (NCSC). SEE: Network security policy (TechRepublic Premium) For cyber criminals, ransomware is the easiest and most efficient way to make money from a compromised network. An intruder within a corporate network could spend months stealing sensitive information then struggle to find a way to make money from it. Or they could use that time and effort to move around a network laying the foundations for a ransomware attack – and walk away with millions of dollars. The most well-organised ransomware operations will even cherry-pick the organisations they see as potentially the most lucrative or most likely to pay a ransom and focus their efforts on those in order to maximise profits. “If you’re worth $40 million to someone to compromise, is your security good enough to prevent somebody who thinks they can get $40 million out of you? That’s a really hard question to answer,” says John Hultquist, VP of analysis at Mandiant Threat Intelligence. “The prices of ransoms has sky-rocketed and it’s going to be even harder than ever for organizations to secure themselves against an actor, who can afford advanced capabilities to gain access.” It’s because of this situation that hackers are targeting organisations that operate essential infrastructure, factories and other critical services that are reliant on uptime in order to remain functioning. It’s possible that an office-based business that gets hit by ransomware can take the time to restore the network without paying a ransom, even if it disrupts services for days or weeks. Ease of attack Not only is ransomware a lucrative activity, it’s often via relatively simple means that cyber criminals gain access to networks in the first place, exploiting common cybersecurity vulnerabilities as the first step in a ransomware attack. “It’s not super-sophisticated zero-day vulnerabilities or that the threat actor wrote an exploit; it’s things like VPN without multi-factor authentication, things like unpatched Microsoft Exchange servers, it’s things like remote desktops on a port that was publicly available to the internet, that are being leveraged for ransomware,” says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. Despite repeated warnings, organisations may be completely unaware that these vulnerabilities exist or may not have the procedures in place to apply the relevant security patches to close vulnerabilities in RDPs and VPNs. And the COVID-19 pandemic has exacerbated the problem as organisations have far more staff working remotely than before, making it harder to manage security updates or monitor for potentially unusual behaviour. Ransomware attacks are already damaging and disruptive enough, but many of the most successful ransomware gangs have added another string to their bow – double extortion. SEE: This company was hit by ransomware. Here’s what they did next, and why they didn’t pay up Not only do criminals encrypt data and demand a ransom in exchange for a decryption key, the access they’ve gained to the network means they’re able to steal sensitive information. They’re not looking to sell it on to rival firms or governments; they simply threaten to publish it if the victim doesn’t pay. It isn’t an empty threat, with ransomware gangs running dedicated leak sites where they publish data stolen from organisations that didn’t pay up – and that could scare some victims into paying the ransom, although there’s no real guarantee that cyber criminals won’t exploit that data in the future. Hard-to-trace payments When organisations do pay the ransom, it’s paid in cryptocurrency – and there’s an argument that it’s helped cyber criminals easily make money from ransomware. For criminals, getting the money out is the key thing and by using cryptocurrency like bitcoin, they’re able to do it in a way that’s difficult to trace – and crucially, avoids anything like a regular bank account that could be used to identify them. “When it comes to cybercrime, monetization becomes really complicated. It’s always been sort of the bottleneck – you can get your hands on a bajillion credit-card numbers, but the part where you convert it, that’s where everything stops,” says Hultquist. “Cryptocurrencies provided sort of a way around that because it allows them to move this cash freely around outside of regular systems and provided much easier monetization. It’s not necessarily the cryptocurrency that is fuelling this, the tremendous payouts are fuelling this. Cryptocurrency just makes the monetization easier,” he adds. The Russian angle And when ransomware attacks are this financially successful, they’ll keep happening – especially if cyber criminals are operating from countries where their governments turn a blind eye to their activities. The consensus is that many of the most notorious ransomware gangs are operating from within Russia and that they’re allowed to make money from ransomware, so long as they focus their activities against the west. “The Russian state and Russian criminal underworld are not the same thing, but there is understanding between them and understanding is that as far as the state’s concerned, Russians can make money a way that suits them,” says Ciaran Martin, professor of practice at the University of Oxford’s Blavatnik School of Government – and former director of the NCSC.

    ZDNet Recommends

    The best cyber insurance

    The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.

    Read More

    “But the conditions are: leave Russians and Russian interests alone, and when we need your best people, they have to come; that’s the way the model has worked.” SEE: Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again Cyber criminals take heed of this warning, with many coding their ransomware with instructions to terminate if a scan reveals that it’s on a Russian language system. On top of this, it’s against the Russian constitution to extradite Russian citizens, so even if authorities in the West were able to identify members of a ransomware operation, they’re unlikely to be able to make arrests. Meanwhile, a ransomware group would be unlikely to succeed for long if it was working out of a western nation because law enforcement would quickly take action. “Why are there no major international ransomware syndicates in the West? Because if you set one up in London or Oxfordshire or Northern Ireland, the National Crime Agency will be kicking down the door within a week, you just couldn’t do it,” says Martin. “You can’t really do it in the West, but you can do in Russia. Why? Because it’s allowed.” Time for change? Ransomware has been a problem for years – particularly with hospitals regularly falling victim to attacks during the peak of the coronavirus pandemic, but the attack against Colonial Pipeline has struck a particular chord. The pipeline that provides almost half the gasoline supply to the north eastern United States was shut down and that was obvious to all: this wasn’t just a business not being able to operate without the use of particular files, this was critical infrastructure that got shut down due to ransomware. “There will be ‘before Colonial Pipeline’ and ‘after Colonial Pipeline’, it’s that much of a milestone in the way that the threat actor economy is going to work,” says DeGrippo. “It’s not a ransom of files any more, it’s a ransom of your existence. Ransoming the ability to get hot dogs and beer and gasoline is a whole different ballgame.” The United States has a strong relationship with oil and gas and that made the disruption caused by Colonial Pipeline ransomware attack impossible for the Biden administration to ignore – and it started with the Department of Justice seizing most of the bitcoin used to pay the ransom. Even the operators of DarkSide ransomware-as-a-service attempted to distance themselves from the attack, claiming that “our goal is to make money, and not creating problems for society”. They even claim that they’ll establish additional checks and balances on their “partners” in future. But now the ransomware gangs may have bitten off more than they can chew. “They don’t want this much notoriety, they want to be recognised, they want people to pay – but I don’t think they necessarily want the US government on their trail – they probably took it a step too far. I’m sure the other ransomware gangs are pretty upset with them,” says Hultquist. The threat from ransomware is still high – as evident by how Ireland’s healthcare service continued to suffer disruption weeks on from a Conti ransomware attack, which hit days after the Colonial Pipeline attack – but there’s a feeling that recent events could potentially be a turning point. “There is at least a plausible case to be made that the past month has been strategically damaging for the criminals and that one hopes that we might – please note, the very careful language – that we might be able to look back at some point on this period as peak ransomware,” says Martin. “Now that’s by no means certain yet, it’s not even likely yet, but governments are starting to see this can do real harm.” However, in the immediate future, ransomware will remain effective as long as organisations are vulnerable to being hacked by cyber criminals, as demonstrated by how attacks have continued to cause disruption around the world. But it is possible to build resilience to cyberattacks – including ransomware – and make it much harder for cyber criminals to compromise the network in the first place. SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  Much of this resilience can be built-up by ensuring that cybersecurity hygiene procedures, such as installing security patches in a timely manner, preventing the use of simple passwords and using multi-factor authentication, are applied across the network. Because ransomware gangs are opportunists, by making things more difficult for them, it decreases the likelihood of a successful attack. “The sorts of things that are useful: having visibility on your network to be able to see if precursor activity is taking place, understanding where your assets and network are, and properly having that mapped and understood. These standard good processes will defend against ransomware,” says Fairford. Regularly updating backups – and storing them offline – also provides another means of lessening the severity of ransomware attacks, because even in the event of the network being encrypted, it’s possible to restore it without paying cyber criminals, which cuts off their main means of income. Nonetheless, the rise of double extortion attacks has added an extra layer of complexity to this issue because if the organisation doesn’t pay a ransom, they’re faced with the prospect of potentially sensitive information about employees and customers being leaked. “Do you have a plan if if your information starts leaking out?,” says Hultquist. “Those pieces need to be in place now, not when it hits the fan” The fact that the US and other governments are talking about ransomware should also act as a catalyst for any organisation – that, for whatever reason, didn’t have any specific plans for preventing or protecting against a ransomware attack – to decide on their plans now. Because even in the worst-case scenario, when the network has been encrypted with ransomware, having a set plan can help manage the incident and potentially make it less damaging. “Companies must sit down with their executives and they must decide, ‘if we are a victim of ransomware, how much are we willing to pay, who on the board is going to be authorized to negotiate this and what is our relationship, going to be with law enforcement when it happens?’. Then every quarter, you revisit it and you ask, ‘is this still our decision if we come under a ransomware attack, is this still our plan of action?'” says DeGrippo. “If you haven’t made the decision on how you’re going to handle it yet, it’s not going to work out in your favour,” she adds.

    MORE ON CYBERSECURITY More