ComputerWeekly.com – Local authority’s systems are still offline nearly three weeks after being attacked. Redcar & Cleveland Borough Council in northern England has confirmed it has fallen victim to a ransomware attack targeting its server estate, which has kept it offline since the weekend of 8 February.
Synopsis Software Integrity Blog – Financial debt isn’t necessarily a bad thing. Most people wouldn’t be able to buy a house if they didn’t take out a mortgage. Security debt—the kind that builds up when you don’t fix “older” vulnerabilities in your software—isn’t like that. It’s not like a mortgage, where nothing bad will happen as long as you make all the required monthly payments for 30 years.
Gigabit – New research has suggested revenue from 5G internet of things (IoT) connections will reach $8bn by 2025, up from a relatively paltry $525mn in the current year. Cesar Cerrudo, CTO at IOActive, said: “Whilst the IoT boom is undoubtedly good for business, increasingly, the physical and cyber realms are converging and opening up new areas of risk. IT systems are controlling so many important aspects of all our lives that when they are attacked there can be serious physical, real-world consequences.”
IoT News – The IoT is barreling towards the enterprise – but companies remain highly vulnerable to IoT-based attacks, according to a new report. Earlier this month, a study titled ‘LoRaWAN Networks Susceptible To Hacking: Common Cyber Security Problems, How To Detect And Prevent Them’ by computer security firm IOActive found a host of cybersecurity issues in the LoRaWAN protocol that could put network users at risk of attacks. The study also warned about widespread disruption and even risk to life that could occur in some extreme cases.
SC Magazine UK – “Many industrial control systems are not nearly as isolated or defended as we would like,” agreed Jason Larsen, industrial controls systems principal at IOActive. “Once an attacker gains a foothold on a control network, they are still faced with the challenges of actually controlling the network. Ransomware and denial-of-service is one way that hackers not skilled in industrial networks can monetize the access.”