Home Cybersecurity and Cyber Risk Management

Cybersecurity and Cyber Risk Management

5G Opportunity and Cybersecurity
The human will to innovate is seemingly relentless. The history of our species is one of continual development, with the last 350 years, in particular, representing staggering technological progress. The first industrial revolution mechanized production using natural elements like water. The second revolution used electricity to enable mass production; the third used electronics and information technology to automate production. The fourth industrial revolution unfolding all around us is characterized by an exponential growth in data production and the merging of the physical and digital. Cyber-physical systems (CSPs) like the internet of things (IoT) and industrial control systems (ICS) are capable of...
Quantum Computer 5G Security
Recently, in the science journal Nature, Google claimed ‘quantum supremacy’ saying that its quantum computer is the first to perform a calculation that would be practically impossible for a classical machine. This quantum computing breakthrough brings us closer to the arrival of functional quantum systems which will have a profound effect on today's security infrastructure. How will quantum computing affect the security of 5G technologies currently being developed and deployed? Last spring we suggested that the emergence of quantum internet connectivity and computation, expected sometime in the next decade, poses numerous new cryptography and cybersecurity challenges for 5G security. MIT offers...
NFC Cybersecurity
NFC is a short range two-way wireless communication technology that enables simple and secure communication between electronic devices embedded with NFC microchip. NFC technology operates in 13.56 megahertz and supports 106, 212, or 424 Kbps throughput. There are three available modes of NFC communication: Read/write (e.g. for reading tags in NFC posters) Card emulation (e.g. for making payments) Peer-to-peer (e.g. for file transfers) There is no need for pairing code between devices, because once in range they instantly start communication and prompt the user. NFC technology is power efficient - much more than other wireless technologies. The communication range of NFC is approximately...
RFID Cybersecurity
Radio-Frequency Identification (RFID) is a technology commonly used for identification, status administration and management of different objects. It is important for people identification, as it is commonly deployed in the latest biometric passports.  It operates in several frequency bands like Low frequency band from 125 kHz to 134 kHz, High frequency band with 13.56MHz working frequency, Ultra-high frequency band with 433 MHz working frequency and 860 - 960 MHz sub-band. In Ultra-high frequency bands there are two types of RFID systems—Active and Passive. Active RFID system operates on 433 MHz radio frequency and on 2.4GHz from Extremely High- Frequency Range. It supports...
Wi-Fi Cybersecurity
The Wi-Fi represents wireless technology that includes the IEEE 802.11 family of standards (IEEE 802.11a, IEEE 802.11b, IEEE 802.11g, IEEE 802.11n, IEEE 802.11ac, etc.). Within 50m range, it operates in 2.4 GHz and 5GHz frequency bands,. This technology was developed for wireless networking of computer devices and is commonly called WLAN (Wireless Local Area Network), where the communication is realized between wireless routers typically connected to the Internet and other wireless nodes within its range. In correlation with performances of specific IEEE 802.11 standards, different data rates are enabled and their theoretical throughput is 11 Mbps (IEEE 802.11b), 54 Mbps (IEEE...
Bluetooth Cybersecurity
Bluetooth is short-range wireless communications technology based on the IEEE 802.15.1 protocol. It works in a crowded license free 2.4 GHz frequency band and shares this resource with many other technologies. Bluetooth is the optimal solution for establishing small wireless networks called Piconets, by connecting two Bluetooth devices. One of these nodes is Master that can be connected via Bluetooth link to 7 other Bluetooth devices—Slave nodes in Personal Area Network (PAN). Typical data rates are 1-3 Mbps. The newest versions of Bluetooth is known as Bluetooth Low Energy (BLE) or Bluetooth smart. It is important to note that Bluetooth and BLE...
Zigbee Security
Zigbee technology introduction Zigbee is wireless PAN (Personal Area Network) technology developed to support automation, machine-to-machine communication, remote control and monitoring of IoT devices. It evolved from IEEE 802.15.4 wireless standard and supported by the ZigBee Alliance. IEEE 802.15.4 standard determines specifications for the physical and data link layer and Zigbee Alliance provides standards from network layer to application layer. While Zigbee determines the contents of the transmitted message, the 802.15.4 standard provides details about the robust radio communication and medium access control. The Zigbee Alliance, as a non-profit association, develops open global Zigbee standard for use in the Internet of Things...
Risks of AI
In 1956, at a workshop on the campus of Dartmouth College, in Hanover, New Hampshire, the field of artificial intelligence (AI) was born. Attendants were buoyant. MIT cognitive scientist Marvin Minsky was quoted as saying, "Within a generation  the problem of creating 'artificial intelligence' will substantially be solved." This prediction turned out to be over zealous, but Minsky and his colleagues believed it wholeheartedly. What, then, is different today? What makes the current dialogue about AI more relevant and believable? How do we know that this is not another case of humans over estimating the development of technology? For one thing,...
5G Critical Infrastructure
Not even 30 years separate us from the end of the Cold War. Yet, we appear to be witnessing the emergence of a new one, a technology Cold War between the United States and China. This time, instead of a ‘red under the bed’, the US government has declared there is one at the back door. It accuses Chinese technology companies of deliberately building vulnerabilities into their tech, allowing the Chinese to access and control the 5G critical infrastructure, and through it the connected devices and machinery at will. Headlines are dominated by the case against Huawei, and debate continues...
5G Security Privacy
Don’t let the “5G” in the title confuse you. This post is not only about the telcos’ core networks, but about the 5G security and privacy issues in our (very) near, and very different future that 5G will enable. In the 5G-enabled massive Internet of Things (mIoT) world we’re about to find ourselves in, we are expected to have 1000 devices connected for every person… These devices will be the components of the ‘5G operating system’ for our smart cities, our industry 4.0, our smart homes, smart transportation, smart healthcare, and much more. To enable this future, we will...
AI Fake News
Recent events have confirmed that the cyber realm can be used to disrupt democracies as surely as it can destabilize dictatorships. Weaponization of information and malicious dissemination through social media pushes citizens into polarized echo chambers and pull at the social fabric of a country. Present technologies enhanced by current and upcoming Artificial Intelligence (AI) capabilities, could greatly exacerbate disinformation and other cyber threats to democracy. Robert Kagan in his recent Post essay, “The strongmen strike back,” insightfully states: What we used to regard as the inevitable progress toward democracy, driven by economics and science, is being turned on its...
AI Cybersecurity Battlefield
Cybersecurity strategies need to change in order to address the new issues that Machine Learning (ML) and Artificial Intelligence (AI) bring into the equation. Although those issues have not yet reached crisis stage, signs are clear that they will need to be addressed – and soon – if cyberattackers are to be prevented from obtaining a decided advantage in the continuing arms race between hackers and those who keep organizations’ systems secure. ML and AI can magnify existing vulnerabilities and open the door to new attack strategies. At the same time, though, they offer new tools to help organizations secure...
Cyber-Kinetic Security Railway
Cybersecuring railway systems from potential attackers must become paramount in the digitization that those systems currently undergo. Their cybersecurity is too closely interlinked with the railway safety to leave the door open to disruption. To make matters worse, they are increasingly being targeted. Railway systems have long been critical. Mass transit systems move hundreds of thousands of people throughout urban areas each work day. Freight systems move an estimated 40 tons of freight for every person in the U.S. every year. Imagine the chaos if they were disrupted. These systems have always been challenging to secure. Even urban mass transit systems...
IoT Cybersecurity Framework Government
The human brain is programmed to keep us safe and secure. Yes, we are separated from the rest of the animal kingdom by our advanced capacities of sense-making and decision-making, but at the core of our grey matter remains some primitive but powerful tech tasked with keeping us alive. If your amygdala senses danger, it makes a split second decision and triggers the fight-or-flight response, flooding your body with hormones like adrenaline that prepare you for battle. This overrides the cortex – the sophisticated part of the brain we rely on for problem-solving and strategic thinking – making it...
IEMI
As IoT adoption continues to proliferate, manufactures and adopters are increasingly aware of cybersecurity risks to IoT. Yet, even among the IoT security professionals, one significant potential remote attack vector is often overlooked: intentional electromagnetic interference (IEMI). Electromagnetic interference (EMI) surrounds us – natural causes, such as solar flares and lightning; and man-made sources such as radio and TV broadcasting, radars, microwaves and many others all emit electromagnetic waves that could disrupt operation of electrical and electronic devices. That is, if devices wouldn’t comply with numerous electromagnetic compatibility (EMC) standards which ensure correct operation in common electromagnetic environment and resilience...