Cyberattacks should be included in international humanitarian law

By Narinder Purba posted 24 Jun 2016 - 03:48PM

The seriousness of cyberattacks is such that it should be included in international humanitarian law, a new report from the Global Commission on Internet Governance has said.

The paper, titled One Internet, said that the most dangerous cyberweapons that can be employed by a state need to be better understood and used in full consideration of, for example, the Geneva Conventions.

According to the authors of the report, such is the interconnectedness of “devices and economies” that the potential fallout from a government-initiated cyberattack could be huge.

“Governments should employ cyberweapons only as a last resort, and then only after having first applied the legal principles of necessity, proportionality and of minimizing the risks of collateral damage,” the report outlined.

The paper was clear in its recommendation that countries work more closely with one another in tackling cyberattacks, which show contempt for “border and geopolitical jurisdictions”.

As the threat is global in nature, nations will benefit from the sharing of information, which is easier said than done as “there is currently a trust deficit between the world’s major cyberpowers”.

Nevertheless, this collaborative and transparent approach would help speed up response times to major attacks, and ensure that the right organizations are tasked with resolving incidents in as efficient a manner as possible.

The commission said: “States should undertake confidence-building exercises in order to help foster trust between nations.”

The Geneva Conventions are described by the International Committee of the Red Cross as being at the centre of international humanitarian law.

Collectively it “regulates the conduct of armed conflict and seeks to limit its effects”, especially on those who are not directly involved in hostilities.

A digital dimension to this reflects the changing nature of warfare, highlighting how devastating cyberattacks can be on individuals and nations.

http://www.welivesecurity.com/2016/06/24/cyberattacks-included-international-humanitarian-law/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

Google makes two-step verification easier

By Narinder Purba

Google has just introduced a new feature for users to make its two-step verification (2SV) process easier.

Users can now receive a notification asking them if they are trying to access their account, to which they can simply tap ‘yes’ or ‘no’.

This new process still requires a user to be close to their phone, but it leaves less room for mistakes and is undoubtedly quicker.

Keep in mind that even if you already use 2SV, you still have to turn this service on by logging into Google, going to My Account > Sign-in & security > Signing in to Google > 2-step Verification.

This service is only available to users of Android or iPhone 5s or later, and you will need to have the Google app installed on your phone.

This is just one of many account-access innovations that Google is expected to roll out over the next few years.

In December, it was revealed that Google has been testing a new way to sign into their accounts, which eliminates the need for passwords entirely.

If you’re not already using a 2SV process for your Google account, it is highly recommend that you start.

With the process now being easier than ever there’s not excuse not to and it will go a long way in helping keep you secure.

http://www.welivesecurity.com/2016/06/23/google-makes-two-step-verification-easier/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

Facebook’s Mark Zuckerberg ‘tapes over webcam’

By Narinder Purba

A Facebook post from Mark Zuckerberg has attracted attention for ‘all the wrong reasons’.

The social network’s CEO was celebrating Instagram’s increasing popularity – it now has over 500 million monthly active users – but this milestone was soon eclipsed by something altogether different.

In the image that accompanied the post, what we understand to be his laptop can be seen in the background.

So far, so normal. However, on closer inspection, the webcam and the audio jack on his Macbook appear to be covered by tape.

Needless to say, this cautious approach to security has caused quite a stir online, with many speculating as to why Mr. Zuckerberg has done this.

Those up to date on security will know that this is not a new thing, nor is it demonstrative of overcautious behavior.

For example, back in April, the FBI’s director, James Comey, revealed himself that he tapes over his webcam.

Speaking at an event at Kenyon College in Ohio, he said: “I saw something in the news, so I copied it.

“I put a piece of tape — I have obviously a laptop, personal laptop — I put a piece of tape over the camera. Because I saw somebody smarter than I am had a piece of tape over their camera.”

The reality is that cybercriminals can exploit, for example, webcams and turn it into “a tool for spying”.

Alex Hern, a technology reporter at the Guardian, suggests that most people should “probably” follow in Mr. Zuckerberg’s direction.

He said: “It doesn’t hurt, most of the experts do it, and it could minimise damage – even if it’s just emotional – in the case of a catastrophic hack.”

Covering a webcam is popular among readers of WeLiveSecurity. A live poll currently reports that 44% of people cover their built-in camera.

NOTES FROM THE CITY OF A HUNDRED SPIRES

James Kelliher

Last week I had the pleasure of meeting up with the Whiteoaks International Network (WIN), hosted this year by our wonderful partners in the Czech Republic.

The beautiful city of Prague was certainly a suitable setting for this meeting of minds, with more than 60 countries represented at our annual get-together.

Since it was founded in 1998, WIN has provided a real alternative to the one-size-fits-all approach of global agencies. The need for local expertise, cultural sensitivities and know-how is never more apparent than when set at a table with my colleagues from across the globe, discussing the future of international PR and sharing insights from a broad range of cultures.

With so much of our work taking place internationally, WIN is hugely valuable and continues to grow, enabling clients to swiftly and easily plug in international PR support to suit their requirements.

Interestingly, digital PR was high up the agenda. Not so much “should we be doing it” (I think there is consensus on that by now!) but rather its changing focus and role within PR in 2016. For instance, social is now being increasingly used as a tool to recruit and retain talented staff. HR PR, if you will.

Building on this, it was interesting to hear attitudes towards bloggers and influencers on YouTube, particularly the nature of engagement, with the consensus being a mix of paid and un-paid relationships to deliver true returns.

Another key topic of interest was convergence. Specifically, the convergence of owned, earned and paid media. This is an approach recently adopted by City AM, which announced earlier this month it is to allow brands to post directly to its website that appear as articles, rather than advertisements.

The nature of PR is always changing. I always leave WIN meetings heartened that we have the agility, flexibility and experience to exceed our client’s expectations, no matter what, where or when.

http://whiteoaks.co.uk/notes-city-hundred-spires/

Software AG et Dell dotent la périphérie réseau d’un potentiel analytique temps réel en continu et modifient l’architecture IoT en profondeur

Une solution conjointe de maintenance prédictive dote la gamme Edge Gateway 5000 de Dell du potentiel d’analytique temps réel Apama de Software AG

Software AG et Dell dévoilent une nouvelle architecture Internet of Things qui permet aux entreprises de procéder à de l’analytique temps réel en continu aux extrémités du réseau, le plus près possible des capteurs et autres dispositifs numériques. La solution avant-gardiste Apama Streaming Analytics de Software AG se retrouve intégrée dans la gamme Edge Gateway 5000 de Dell. Conçue pour opérer en périphérie du réseau dans des conditions extrêmes, cette solution a déjà été maintes fois saluée par l’industrie. Le fait d’effectuer de l’analytique temps réel “on the edge” a pour effet de diminuer les coûts qu’impliquent les gros volumes de trafic IoT générés par des capteurs industriels et de réduire sensiblement le besoin de serveurs centraux onéreux. Cette architecture permet par ailleurs de mettre rapidement en oeuvre des fonctions dites de “edge analytics”. Grâce au coût réduit par unité que représente l’acquisition de Dell Edge Gateways, les entreprises peuvent réduire sensiblement les coûts de projets IoT et stimuler la rentabilité de leurs investissements IoT. Cette première solution conjointe de Dell et Software AG est dédiée à des applications de maintenance préventive et prédictive. D’autres solutions IoT viendront s’y ajouter dans un avenir proche.

“L’annonce d’aujourd’hui donne une nouvelle dimension et une nouvelle signification au concept de technologie de pointe”, déclare Fabrice van de Putte, responsable de  Software AG belux. “De concert avec Dell et grâce à des coûts réduits et à un rythme d’adoption accéléré, nous mettons les avantages concurrentiels de l’IoT à portée d’un public nettement plus large. La co-innovation est la règle du jeu en matière d’IoT. Ceci est un fabuleux exemple de la manière dont deux sociétés innovantes peuvent s’allier pour offrir des solutions avant-gardistes. Je me réjouis d’ores et déjà de pouvoir étendre notre collaboration dans les mois à venir.”

Dell et Software AG ont élaboré un Predictive Maintenance Blueprint, afin d’aider les entreprises à relever leurs principaux défis opérationnels. Ce guide leur permet d’agir immédiatement sur des données “périssables” par le biais d’alertes, de l’implémentation sur l’équipement Edge d’un potentiel de e réaction automatique, et d’un filtrage actif qui fait en sorte que seules les données pertinentes soient envoyées vers le cloud. Cela permet de minimiser la consommation de bande passante sur le réseau. Ces jeux de données réduits peuvent ensuite être intégrés avec les données historiques “at the core”. Il est par ailleurs possible d’identifier et de prédire des événements et tendances à plus long terme.

“En collaboration avec des partenaires tels que Software AG, nous minimisons les obstacles afin de procurer aux entreprises de toutes tailles un accès au marché de l’Internet des Objets et nous faisons en sorte que les délais de mise en oeuvre d’une solution analytique IoT soient sensiblement réduits”, déclare Jason Shepherd, directeur Stratégie & Partenariats chez Dell. “L’IoT peut désormais concrétiser ses promesses plus rapidement et à moindres frais et contribuer réellement à stimuler la croissance économique.”

On estime que de 15 à 40 milliards de nouveaux capteurs seront installés d’ici 2020. Il est dès lors nécessaire de déployer l’analytique temps réel - qui procure un potentiel de décision et de réaction automatique - le plus près possible de l’extrémité du réseau. Les avantages architecturaux de l’analytique temps réel sont les suivants: minimisation des ralentissements imposés aux événements temps réel, réduction significative du trafic réseau, et diminution de la puissance des serveurs centraux nécessaires pour supporter ces centaines de milliers de capteurs. Cette architecture entièrement nouvelle, flexible et évolutive, prend les décisions “on the edge” lorsque cela se justifie ou “at the core” quand cela s’avère nécessaire.

“Software AG veille sans cesse à offrir une totale liberté de choix au client. Les solutions qui s’appuient sur cette nouvelle architecture procurent une flexibilité maximale aux clients pour l’élaboration de leurs applications IoT”, poursuit Fabrice van de Putte. “Un jeu d’outils analytiques temps réel ‘at the edge’ et ‘in the core’ procèdent à des décisions automatisées là où c’est nécessaire et allient efficacité et efficience.” 

Software AG a récemment décroché la médaille d’or lors du concours ‘Connect What Matters’ organisé par Dell et Intel, un concours dédié aux solutions IoT innovantes faisant appel aux Dell Edge Gateways.

 Pour plus d’informations, visitez :

http://www.softwareag.com/corporate/solutions/iot/default.asp

http://delliotpartners.com/partners.html