Tag Archives: IoT

AVG

From Cars to Toothbrushes and Everything in Between – MWC 2016

Leave a comment

Mobile World Congress is the largest gathering of the mobile industry and takes place at the end of February every year. According to the latest attendance numbers, it was bigger and more attended than any previous congress.  Every possible brand associated with smartphones you can think of was there and even some of the brands you may not know but they provide the stuff to make it all work behind the scenes.

There is a dramatic change afoot in this industry and it’s clear to see at MWC.  The focus of this year’s show is very much about the Internet of Things (IoT). Most of us consider this to mean fitness trackers, a few connected fridges, and maybe for the select few, a car.

IoT is going to affect all of us in ways that we can’t yet imagine — everything will be connected and adding data to a world that will operate based on the analysis of everything around us. This may sound like a science-fiction movie, it’s not. There’s technology on its way that really does mean that there are very few things that won’t be connected.

What was hot at this year’s MWC 2016?

There is a device for tracking everything from fitness to air quality. While they’re exciting toys and gadgets for us to own and play with, the bigger story is how these stepping stones are being placed for a far more connected world. We continually hear about self-driving cars and other cool innovations, but for many of us these are still news stories rather than reality. One such company is Seat’s connected car tech that allows drivers to check the availability of parking spaces, access breakdown services and connect to household appliances.

Seat’s connected car

Do you ever leave home in the morning having missed a tooth when brushing? With Oral-B’s smart toothbrush it will be a thing of the past! A smartphone app connects to the toothbrush and detects which teeth are still dirty.

Visa announced their new payment system, the Visa Ready program, which will allow transactions to be made from any suitable connected device. For anyone traveling through London recently, they may have seen people waving their phones on the tube payment terminals to pay for their trip. With the new service from Visa, this facility will be extended to other devices and use tokens rather than card details. This means that personal data is never transmitted in a similar way that Apple Pay and Android Pay work and should be considered a security enhancement over the current process.

Honda has already signed up to the program to use an in-car fuel app that will be integrated into their vehicles dashboards. Once the car is running low on fuel the driver will be automatically be directed to the nearest gas station. The app will know the exact amount of fuel needed and pay for the fuel and calculate the cost. Of course, this does mean the pump needs to accept wireless payments and you will still need to get out and actually put the fuel hose into the car.

Virtual reality

A technology that has been heard about for years is about to become both affordable and usable, and will soon establish itself as a normal part of our lives. I was lucky enough to get a full hands-on demo of Intel’s RealSense™ virtual reality technology that is being made available to developers in the next few months.

of Intel’s RealSense virtual reality technology

Put the headset on and be immersed in a virtual world where you can actually interact using your hands. Yes, they actually appear in the virtual world allowing you to move objects and to be part of what you are seeing. Or allow the headset to map, in real-time, the environment you are in and to add things to it — you can mix our physical world with a virtual one.  For example using the demo headset I scanned a table and then a cat jumped up onto it. I moved away and the cat jumped off the table. The possibilities for this technology in our normal lives, especially if you are a gamer, are really exciting  and I can’t wait to see them realized.

There is a common concern with all the new IoT devices and cool services that they deliver, that is one of security. With every connected device a new opportunity is created for hackers to attempt to breach the device and access your personal data. While many device manufacturers may create their products using a ‘secure by design’ approach, this may not be the case with the small innovative companies that have the hottest technology.

The concern should not stop with hackers. Devices are collecting data that we may not realize. This raises questions about who has access to our data and what is it being used for — did you read the privacy policy of every connected device you already own, and will you read the privacy policy of all the new ones? Unfortunately, the answer is most likely no. Besides presenting us with new and impressive connected devices, Mobile World Congress has also highlighted the need for us to be aware of the “what” and “who” is holding our data and for what intent.

AVG

Breathing fresh air into the Internet of Things, to keep you alive

Leave a comment

Here at AVG we have an innovation team (AVG Innovation Labs) that looks at future security risks and how technology can be deployed to manage it.

And when it comes to new IoT devices, special consideration is needed to ensure data is kept personal and private. AVG Innovation Labs undertakes research to allow us to understand how best to provide these services going forward.

The AVG team have been innovating their own IoT devices and applications to get a first-hand experience of the challenges that vendors go through when creating a device for the home.

One of those projects has been looking at air quality and how it can be an issue for many people, whether they suffer from allergies or maybe asthma. Breathing clean and acceptable air can improve our day to day experience, and by extension our personal security.

The device starts with measuring the Air Quality Index (AQI) which provides an overall rating of air quality.  This is obtained by analyzing multiple sensor readings such as relative humidity, temperature, carbon monoxide, ammonia, and many more.

In conjunction with our vision of the future for AVG Zen and Family Graph, we’re demonstrating the importance of location as an impact on the safety of everyday family life.

Now imagine a scenario where we combine some of that future AVG Zen functionality with Air Quality monitoring and other connected devices in the home.

Through location sharing our devices know if we are home, travelling, or even en route from work or school. As we start our travel toward home, our smart connected device that we all carry could automatically connect with the home network to inspect the status of air quality and temperature remotely.

With that information at hand, and making decisions based on our preferences, the technology could automatically open vents or start de-humidification or air-conditioning units to change the air quality, or switch on the heating so that we have a warm house to welcome us home.

The potential for technology to improve our everyday lives and ensure that our environment is the best it could be is remarkable. There is also the life-saving benefit of avoiding toxic conditions caused when a gas powered heating system malfunctions, for example.

When IoT devices bring real value such as this, it’s important that they are not interfered with by hackers, and that the data analyzed remains private and secure. Imagine getting home to find the air quality has been made worse not better, or that the house is too cold or even too hot and you have a large energy bill coming your way.

Through innovation like this, AVG is able to understand the complex challenges of securing devices and services that will one day provide us all with truly connected homes and lives.

Security

Threatpost News Wrap, February 5, 2016

Leave a comment

Mike Mimoso and Chris Brook discuss the news of the week including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain.

AVG

IoT – The Biggest Security Threat to Everything

Leave a comment

I’ve seen seven platform shifts in my lifetime, including the shift from mainframe to PC and the shift from desktop to mobile. With every shift, technology is getting closer to our skin—literally, given the wearables gracing many of our wrists. We are sharing information that is more personal and valuable—such as sleep patterns, health data, driving data, shopping habits and location—which companies are piecing together to create a mosaic of our individual lives. And they are doing so in the name of more personalized advertising.

At some point, people will balk at this loss of privacy, and that point is arriving quickly. In our latest MEF Global Consumer Trust Report, we learned that 36% of respondents reported online privacy and security concerns; 27% said privacy and security concerns prevent them from using apps; and 47% said they’d pay extra for a privacy-friendly app that guaranteed the data it collected would not be shared.

Contrast this sentiment of consumer concern with the Wild West atmosphere of the IoT. Companies are engaged in a massive, frenetic land grab in which access to the IoT and freedom to innovate are the prevailing values. In the Wild West, there was no principle of “privacy,” and even the idea of “security” as a human right was barely supported, depending on the whims of the local sheriff.

The IoT is similar, with speed, freedom and access as the chief values prioritized among hardware manufacturers and software companies. Everyone wants a piece of the IoT, but few are looking beyond their own homestead, to see what’s happening across the industry and to seek ways to ensure that the IoT remains a viable platform to deliver goods and services.

Now we’re faced with two roads—speed and trust—and they diverge. The road of speed is what we’ve been on—fast-paced innovation and growth in the IoT, which in itself has produced some pretty exciting technology. However, on this road we also find a lot of potholes and bad guys—ranging from legitimate commercial concerns that are inadvertently weakening the security of the IoT to learn more about consumers to full-fledged criminals who hack into systems to fulfil their desire for money and power.

In addition to direct breaches to secure credit card information, these criminals buy and sell intellectual property and private information—for example, information exploited from the Ashley Madison attack that can be used to blackmail targets. Health data is the next major target.

On the road of trust, it’s slower-going. Building the IoT sustainably requires industrywide participation and agreement upon standards. Companies will need to realize that they’re only as strong as the ecosystem they’re a part of, and that’s a tough mindset to adopt when you’re eagerly seeking a competitive advantage over everyone who crosses your path.

This week I addressed an audience at CES’s first-ever Cybersecurity Forum on this very topic. If attendees got only one thing from that talk, I hope it was that it’s up to us, the industry, to make the Internet of Things private and secure, and that will require a level of inquiry and accountability that we’re not accustomed to.

If you’re a device manufacturer or a software provider, think bigger and broader. Participate in standards groups; help define policies and start being part of a smart framework of the next-gen IoT.

As we go in to 2016, let’s tackle this challenge together. And in fact, there is no other way to tackle it. Hopefully, I’ll be standing in front of the crowd at next year’s CES celebrating our progress.

Avast

Internet of Things: What you need to do to protect yourself

Leave a comment

The Internet of Things (IoT) join together physical devices that we use every day with information technology.

Make sure your Internet of Things is secure

We can use devices to monitor our health and fitness, our houses, our environment, and our factories and cities.

Using internet-connected devices expands our ability to control and monitor in the real world.  The IoT is literally changing our lives.

The Internet of Things has the potential to fundamentally shift the way we interact with our surroundings. The ability to monitor and manage objects in the physical world electronically makes it possible to bring data-driven decision making to new realms of human activity – to optimize the performance of systems and processes, save time for people and businesses, and improve quality of life.” ~ McKinsey Global Institute study

The potential economic impact of the IoT is astounding  – as much as $11.1 trillion per year by 2025 for IoT applications, projected by the same study.

But is there a downside?

In many people’s minds, surveillance, privacy issues, and data breaches seem to be someone else’s problem. “Should I be concerned about all of this?,” people who have “nothing to hide” think. Recently, we published how the Internet of Things can be hacked and what issues arise from the fact that we’re almost 100% online and connected.

Nowadays, all this technology passes through very well-known and yet problematic points: Our home network security. When our early version of Avast 2015 was released, we published many articles about Home Network Security. During the past year, we gathered lots of proof and conducted social experiments to show that…

Your security is as strong as your network security

To protect your security and privacy, you must assure that your network and communications are safe. Although this seems like rocket science, some basic – but effective – measures can and should be taken. It’s really not rocket science, so even us common folk can follow the steps below to make sure we’re prepared to a secure our IoT life.

  1. 1. Device protection: Install security software on all your connected devices. Avast is a worldwide leader in providing security for Windows, iOS, and Android devices. They can stop malicious actions and make all the difference when you’re online. Your device protection also depends on its own installed software security, thus, keep all your apps and operational system up-to-date.
  2. 2. Network protection: Not all antivirus software provides for proper network protection. If a cybercrook invades one of your devices –most commonly the router – all your network, devices, and data could be compromised. Avast has unique features to allow you to scan your network and find if there is any open door to hackers. 
  3. 3. Security best practices: There are numerous “best” practices, some of which will save you a lot of headaches. The most important is using different passwords for each online service or site and protecting yourself in open or public Wi-Fi networks.  Avast Passwords to manage all your passwords and Avast SecureLine to safely connect you to Wi-Fi, will give you peace of mind.

Avast premium versions include all the protection you need including Home Network Security. You can download and test them for free from the Avast website.

 

Follow Avast on Facebook, Twitter, YouTube e Google+ where we keep you updated on cybersecurity news every day.

Avast

In 2016, your home will be a target for hackers

Leave a comment

Your home and the devices in it will be a viable target for cybercrooks in 2016.

Back in the good ol’ days of the early 2000s until just a few years ago, all we had to be concerned about was security on our desktop computers and laptop. In the intervening years, mobile devices have become so ubiquitous that hackers have turned their sights on them, especially Android devices.

But starting in 2015, everyone began to realize just how close to home cybersecurity really is. Home networks are the new gateway, and 2016 will be the year that vulnerabilities in the Internet of Things (IoT) and wearable devices combined with weak home router security will lead to personal attacks.

Our internet-connected world will be increasingly difficult to secure

Our internet-connected world will be increasingly difficult to secure

The weak link is your home router

“The security situation with home routers is actually pretty bad,” Ondrej Vlcek, COO of Avast told Fast Company. “Most of the companies do a relatively good job of . . . patching the vulnerabilities, but the problem is that no one updates the firmware in the routers. The user doesn’t at all, and usually the ISP doesn’t either.” He added that we saw the most attacks on routers by far in 2015.

“Right now, attackers are targeting routers en masse,” said Pavel Sramek, an Avast Virus Lab research analyst. “It’s highly probable that they’ll expand their target list to network-attached storage  and “smart” TVs as well, since the security aspect of these devices has been almost completely neglected by their manufacturers so far.”

“Many of the companies and engineers don’t really think about security,” says Vlcek. Data, for example, is often transmitted without any encryption, making it easy to steal or fiddle with.

Since this is the time of year to look forward, I asked several of our Avast Virus Lab research analysts about what to expect in 2016 for home networks, wearable devices, and all the gadgets that make up the Internet of Things.

Router and ethernet cable

2015 was the biggest year for router attacks

Is it easy for hackers to break into home networks and is there enough motivation at this time to go to the trouble?

As it stands now, home networks are still not the easiest way for cybercrooks to hack into people’s lives, our team of experts agreed. “Not the easiest way, but too easy to be comfortable with,” said Sramek.

“As more and more devices are becoming smarter and connected to the net, through the Internet of Things, cybercrooks will have more chances to get into the personal home network,” said Sramak’s colleague in the Virus Lab, Nikolaos Chrysaidos.

The motivation is already there too.

“For years, (PC) viruses were the ultimate goal for the bad guy. The goal was to get their hands on users’ data, like credit card information, or to create botnet networks to allow them to send out spam or to do DDoS (distributed denial of service) attacks,” said Vlcek. In a similar manner, cybercrooks have already started to turn internet-connected home devices into “zombies to collect data.”

“The amount of attacks will rise rapidly in 2016,” said Sramek. “Turning IoT devices into zombies is half of their plan. The other is hijacking the network connections of users with devices that are difficult to attack otherwise, like iPhones.”

How do regular people make their home gateways smarter and more secure?
“As a bare minimum, people need an automated vulnerability scanner on a PC in their network, like Avast’s Home Network Security, to check for the most common issues leading to cyberattacks,” said Sramek.

Since we’re still in early days, can threats for IoT devices be eliminated before it gets out of control?

Just like with PC and mobile security, home users can prevent many attacks by applying safe practices and using existing solutions like Avast’s Home Network Security to understand what the vulnerabilities are.

Jaromir Horejsi adds that in addition to educating users about badly configured and insecure home IoT devices, we could use “more secure web browsers, because Firefox, Chrome, and IE are so easy to hack.” He predicts that cybercrooks will create DDoS malware to infect various IoT devices with weak passwords and it will take a combination of home user’s knowing what they’re up against along with manufacturers and ISPs taking more responsibility for safety to overcome the looming threat.

Do you expect to see an increase in attacks through wearable devices?

“In 2015, we have seen many vulnerabilities in wearables. Those vulnerabilities could be used by attackers to extract stored data and use them in personalized social engineering attacks,” said Chrysaidos.

“Today we are seeing a big shift toward social engineering attacks which are ingenious and sophisticated,” said Vlcek. Social engineering uses techniques to trick people into installing malware or adjusting settings that they don’t fully understand.

The biggest target for 2016 is mobile

Phones and tablets are the data collection points for most wearables and Internet of Things devices, so they are targeted for the data they store or the data that passes through them. Mobile devices – smartphones and tablets – are where people are now, and the bad guys know this.

“Bad guys today realize that most people are moving their computing to mobile,” said Vlcek. “They are catching up by coming up with new techniques that gets the job done even without malware.”

“Phones store a lot of personal information nowadays that can be monetized in underground forums. As valuable data exist in our devices those can be treats, and targets, for the cybercrooks,” said Chrysaidos.

Visit our blog tomorrow to read about the upcoming mobile threats for 2016.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

 

 

AVG

The Connected Car: Your Smartphone’s Biggest Accessory and Security Threat

Leave a comment

Over the last few years, technology’s merger with the auto industry has materialized in the form of advanced digital dashboards and mobile OS integration. While adoption has been slow, car manufacturers have been attempting to fill dashboards with Silicon Valley-grade technology, including Apple’s CarPlay and Google’s Android Auto.

Defying the status quo, Tesla has continuously outperformed traditional automakers since its inception. The fully electric sedan comes standard with a gigantic screen on the car’s console, resembling the cockpit of commercial airliners. Additionally, and perhaps most similar to the mobile OS’s consumers have grown accustomed to, the Tesla performs over-the-air software updates. Most recently, Tesla rolled out (and rescinded parts of) its ‘Autopilot’ feature in Model S sedans. The feature allows drivers to sit back and watch as the car drives itself using various sensor and GPS technologies.

Tesla isn’t the only company integrating this technology, among others, into their cars. Even before they released the ‘Autopilot’ feature, Google unleashed a squadron of driverless cars that can be seen testing their abilities (and getting pulled over for going too slow) around Silicon Valley. Apple has owned technology headlines for months as rumors of car development continue to surface for the first time since Walter Isaacson’s biography on late CEO Steve Jobs hit the shelves back in 2011. But it’s not only Silicon Valley giants like Tesla, Apple and Google that are developing technology and cars for the driverless era as automakers like Volvo and Ford have also thrown their names into the ring.

Other IoT features continue to make their way into consumers’ driveways. Many cars in the new Chevrolet lineup offer 4G connectivity on the road. Third-party dashboard accessory makers like Pioneer, Kenwood, and Alpine are developing add-ons for older cars wishing they had access to Apple’s Carplay and Google’s Android Auto. And several automotive giants are capitalizing on new device categories like smartwatches to provide a more simple and technological experience for their car-owners.

With the addition of connectivity in cars, drivers and passengers alike need to think about their physical safety and digital safety. As we’ve seen in the news recently, namely in a July Wired article, certain cars can be hacked and completely controlled remotely. Scary, yes, but that covers just the surface of security threats. Like every other IoT device, the data a connected car will produce is vulnerable to cybercrime. Picture driving down Main St. and passing your favorite pizza shop on your way to work in the morning, the same route you take every day. It’s Thursday, which means Pizza Night for the family. As you drive by, a coupon for two free extra toppings and a 2-litre soda bottle with any large pizza order appears on your dashboard or windshield, valid only tonight. Seemingly magically, based on past patterns, your IoT car knew to offer you a coupon for this pizza parlor on the night you’d need it.

A connected car has the potential to be your smartphone’s biggest and greatest accessory, but it also inherently comes with major security vulnerabilities, like the rest of the IoT, that need to be addressed.  Currently, traditional car companies are researching and developing their own self-driving/connected cars. Technology companies like Apple and Google, along with other rumored giants, are following suit. But a recent poll out of WEF and Boston Consulting Group, showed that 69 percent of consumers (6,000 polled from 10 different countries) want automakers and tech giants to work together to create the next big thing in automobiles. As awareness of the IoT, its vulnerabilities and connected cars grows, I see this number rising. What’s important is that the integration of security also grows, so we can help usher in the future we all want, as safe as it can be.