Jon Gold

Author Archives: Jon Gold

Ripple20 TCP/IP flaws can be patched but still threaten IoT devices

A set of serious network security vulnerabilities collectively known as Ripple20 roiled the IoT landscape when they came to light last week, and the problems they pose for IoT-equipped businesses could be both dangerous and difficult to solve.Ripple20 was originally discovered by Israel-based security company JSOF in September 2019. It affects a lightweight, proprietary TCP/IP library created by a small company in Ohio called Treck, which has issued a patch for the vulnerabilities. Several of those vulnerabilities would allow for remote-code execution, allowing for data theft, malicious takeovers and more, said the security vendor.That, however, isn’t the end of the problem. The TCP/IP library that contains the vulnerabilities has been used in a huge range of connected devices, from medical devices to industrial control systems to printers, and actually delivering and applying the patch is a vast undertaking. JSOF said that “hundreds of millions” of devices could be affected. Many devices don’t have the capacity to receive remote patches, and Terry Dunlap, co-founder of security vendor ReFirm Labs, said that there are numerous hurdles to getting patches onto older equipment in particular.To read this article in full, please click here

Microsoft is buying CyberX to bolster its Azure IoT security

Microsoft has announced it will purchase the industrially focused network security vendor CyberX for an undisclosed sum in an effort to bolster the security capabilities of its Azure IoT platform.The acquisition strikes at the heart of two key IIoT security pain points. While it’s comparatively easy to build new IoT devices that have all the necessary features for seamless security management, older devices running a wildly diverse range of different protocols, which may lack important features like the ability to be patched remotely, are a bigger challenge.To read this article in full, please click here

IoT takes aim at social distancing

As many part of the U.S. are at least partially lifting lockdown sanctions prompted by the COVID pandemic, questions about the safety of those moves remain. IoT technology, however, might help alleviate some of those concerns.The degree to which it’s safe to reopen certain workspaces hinges in large part on how strictly social distancing practices are followed, and IoT technology may have a role to play. Companies like Genetec, a building management and security firm, are rolling out products designed to help businesses manage their facilities during the pandemic.To read this article in full, please click here

COVID-19 pandemic ratchets up threats to medical IoT

The mere fact of the COVID pandemic’s existence has pushed the American healthcare system to capacity, but another threat to that system has reared its ugly head – cyberattacks, particularly those based on ransomware, have become more common as the disease spread, targeting medical IoT devices and healthcare networks.According to Forrester Research analyst Chris Sherman, two U.S. hospitals have already been attacked via virtual care systems, after a hacker targeted a vulnerability in a medical IoT device (specifically, a remote patient-monitoring sensor) and gained access to the hospitals’ patient databases. And in another type of attack, the Fresenius Group, a medical device maker and the largest private hospital operator in Europe, has been hit by ransomware.To read this article in full, please click here

Managed 4G/5G service connects to Amazon, Microsoft clouds

Federated Wireless is launching a turnkey 4G/5G service through a partnership with Amazon Web Services and  Microsoft Azure that runs over Citizens Broadband Radio Service (CBRS), which the Federal Communications Commission opened up to public use in January.The idea is pretty simple: Federated’s new connectivity-as-a-service offering can be purchased directly through both the AWS Marketplace and Azure for a monthly fee. The company’s consultants and engineers do a walkthrough or site survey, ship CBRS equipment, install it on the customer’s network and monitor and manage the system afterwards.To read this article in full, please click here

Who should lead the push for IoT security?

The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?Both the makers of IoT devices and governments are aware of the security issues, but so far they haven’t come up with standardized ways to address them.[Get regularly scheduled insights by signing up for Network World newsletters.] “The challenge of this market is that it’s moving so fast that no regulation is going to be able to keep pace with the devices that are being connected,” said Forrester vice president and research director Merritt Maxim. “Regulations that are definitive are easy to enforce and helpful, but they’ll quickly become outdated.”To read this article in full, please click here

Who should lead the push for IoT security?

The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?Both the makers of IoT devices and governments are aware of the security issues, but so far they haven’t come up with standardized ways to address them.[Get regularly scheduled insights by signing up for Network World newsletters.] “The challenge of this market is that it’s moving so fast that no regulation is going to be able to keep pace with the devices that are being connected,” said Forrester vice president and research director Merritt Maxim. “Regulations that are definitive are easy to enforce and helpful, but they’ll quickly become outdated.”To read this article in full, please click here

Who should lead the push for IoT security?

The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?Both the makers of IoT devices and governments are aware of the security issues, but so far they haven’t come up with standardized ways to address them.[Get regularly scheduled insights by signing up for Network World newsletters.] “The challenge of this market is that it’s moving so fast that no regulation is going to be able to keep pace with the devices that are being connected,” said Forrester vice president and research director Merritt Maxim. “Regulations that are definitive are easy to enforce and helpful, but they’ll quickly become outdated.”To read this article in full, please click here

Predictive maintenance via IoT offers big upsides, but few easy wins

Predictive maintenance is, arguably, the most hyped application of IoT technology currently available to the enterprise user, and it’s easy to understand why: Getting greater insight into industrial machinery, fleets of vehicles or anything else that can be digitally instrumented seems to offer a fairly direct path to savings through lower maintenance costs and less downtime.But it’s not as simple as just grafting sensors onto existing equipment, according to experts, and reaping the benefits of predictive maintenance isn’t an automatic win for the asset-heavy businesses that can profit most from this IoT implementation.To read this article in full, please click here

Congress weighs in on additional Wi-Fi spectrum

A Congressional committee is weighing in on a spat between the FCC and parts of the automotive industry over a plan to appropriate a piece of wireless spectrum set aside for connected-cars and instead designate it for Wi-Fi.The dispute centers on Dedicated Short Range Communications or DSRC, a point-to-point communication standard designated to let vehicles close to each other on roadways share information to improve safety. The go-to example is using it to warn a driver near-instantly if the car ahead suddenly slams on its brakes.[Get regularly scheduled insights by signing up for Network World newsletters.] DSR and its 75MHz of spectrum in the 5.9GHz band has been a relatively obscure technology until late last year when the FCC started considering that 45MHz of that spectrum should be made available for unlicensed wireless use such as Wi-FiTo read this article in full, please click here

Congress fights for additional Wi-Fi spectrum

A Congressional committee is weighing in on a spat between the FCC and parts of the automotive industry over a plan to appropriate a piece of wireless spectrum set aside for connected cars and instead designate it for Wi-Fi.The dispute centers on Dedicated Short Range Communications or DSRC, a point-to-point communication standard designated to let vehicles close to each other on roadways share information to improve safety. The go-to example is using it to warn a driver near-instantly if the car ahead suddenly slams on its brakes.[Get regularly scheduled insights by signing up for Network World newsletters.] DSR and its 75MHz of spectrum in the 5.9GHz band has been a relatively obscure technology until late last year when the FCC started considering that 45MHz of that spectrum should be made available for unlicensed wireless use such as Wi-FiTo read this article in full, please click here

Wi-Fi 6 is slowly gathering steam

The next big wave of Wi-Fi technology, 802.11ax, is going to become more commonplace in enterprise installations over the course of the coming year, just as the marketing teams for the makers of Wi-Fi equivalent will have you believe. Yet the rosiest predictions of revolutionary change in what enterprise Wi-Fi is capable of are still a bit farther off than 2020, according to industry experts.To read this article in full, please click here(Insider Story)

Wi-Fi 6 will slowly gather steam in 2020

The next big wave of Wi-Fi technology, 802.11ax, is going to become more commonplace in enterprise installations over the course of the coming year, just as the marketing teams for the makers of Wi-Fi equivalent will have you believe. Yet the rosiest predictions of revolutionary change in what enterprise Wi-Fi is capable of are still a bit farther off than 2020, according to industry experts.The crux of the matter is that, while access points with 802.11ax’s Wi-Fi 6 branding will steadily move into enterprise deployments in, the broader Wi-Fi ecosystem will not be dominated by the new standard for several years, according to Farpoint Group principal Craig Mathias.To read this article in full, please click here

Industrial Internet Consortium teams up with blockchain-focused security group

The Industrial Internet Consortium and the Trusted IoT Alliance announced today that they would merge memberships, in an effort to drive more collaborative approaches to industrial IoT and help create more market-ready products.The Trusted IoT Alliance will now operate under the aegis of the IIC, a long-standing umbrella group for vendors operating in the IIoT market. The idea is to help create more standardized approaches to common use cases in IIoT, enabling companies to get solutions to market more quickly.[Get regularly scheduled insights by signing up for Network World newsletters.] “This consolidation will strengthen the ability of the IIC to provide guidance and advance best practices on the uses of distributed-ledger technology across industries, and boost the commercialization of these products and services,” said 451 Research senior blockchain and DLT analyst Csilla Zsigri in a statement.To read this article in full, please click here

5G in 2020: Still just a private party

To hear the major mobile carriers talk about it, 5G is here. They’ve deployed it, it works, and it’s ready to start changing the world just about right away, with ultra-fast connectivity, low latency and a dramatically improved ability to handle huge numbers of different connections at once.Eventually, that will all be true – but, according to experts in the field, it isn’t yet, and most of it won’t take place within the coming calendar year. The 3GPP standards that will underpin all new-radio 5G technology are still not yet finalized, although that is expected to happen in early 2020, which means the much-touted 5G deployments in the U.S. are based partially on pre-standard technology.To read this article in full, please click here

Verizon, Amazon team to offer 5G edge cloud computing via AWS Wavelength

Amazon and Verizon will offer the ability to run AWS-based applications with ultra-low latency via the former’s new Wavelength edge service, the companies announced this week at AWS re:Invent, letting organizations realize the benefits of edge computing without having to roll their own edge devices.The idea is a pretty simple one: Place small data centers running AWS’ software next to Verizon’s 5G points of presence. What this means is that applications running in that 5G coverage area can send their data to those remote edge data centers for rapid processing, as opposed to traveling across Verizon’s network, to the Internet at large, to AWS, and all the way back down the chain.To read this article in full, please click here

Amazon joins the quantum computing crowd with Braket testbed

Amazon’s initial foray into the heavily hyped world of quantum computing is a virtual sandbox in which companies can test potential quantum-enabled applications and generally get to grips with the new technology, the company announced Monday.The product is named Braket, after a system of notation used in quantum physics. The idea, according to Amazon, is to democratize access to quantum computing in a small way. Most organizations aren’t going to own their own quantum computers for the foreseeable future; they’re impractically expensive and require a huge amount of infrastructure even for the limited proof-of-concept models at the current cutting-edge.To read this article in full, please click here

1 2 3 23