mobile

The U.S. Department of Homeland Security’s Science and Technology Directorate is working to improve the resiliency of smartphones and other mobile technologies through directed research and development initiatives. Not as secure as office computers, mobile devices are becoming the preferred target for malicious actions by cyber adversaries. In many cases, smartphones, tablets and other electronic devices simply do not have the same protections available for more traditional computing technologies, experts say. The level of attacks also is moving “deeper down the mobile device stack,” from the application and mobile operating system layers to the hardware and infrastructure layers, according to the department.

As enterprises mobilize business processes, more and more sensitive information passes through and resides on mobile devices. BlackBerry, a virtual grandfather in the handheld devices world, offers chief information officers (CIOs) an idea of what they’re up against when attempting to ensure the security of data flying through cyberspace.

Rep. Ted Lieu is no stranger to having his cellphone "hacked." Intruders recently were able to track his whereabouts, eavesdrop on conversations with staff members and access his text messages and email.

Fortunately for Lieu, the intrusion was part of a 60 Minutes segment last year that the TV news program did to highlight mobile device vulnerabilities. The California Democrat knew of the hackers who had successfully exploited his phone's Signaling System Seven, aka SS7, security flaw that compromises the global network that connects phone carriers. The same vulnerabilities still exist one year later, Lieu shared on Thursday during a Capitol Hill demonstration about mobile security, or lack thereof.

Global security readiness received an overall score of 70 percent, or a C- rating, on the 2017 Global Cybersecurity Assurance Report Card, a decline of six points from last year and lower than the U.S. tally of 78 percent, according to recently released survey results. 

The survey, created by Tenable Network Security and conducted by CyberEdge Group, solicited insights from 700 security practitioners in nine countries and across seven like-industries to calculate the global index score. It measures practitioners’ attitudes and perceptions rather than actual cybersecurity system effectiveness and seeks to determine whether cyber defenses meet expectations.

The future of the U.S. Marine Corps lies in apps. Warfighting applications will transform mobility, much like the assembly line did for the automotive industry, predicts Kenneth Bible, Marine Corps deputy chief information officer.

“The automobile was around for many years before anybody could afford it,” says Bible, also the Corps’ deputy director of command, control, communications and computers (C4). “The idea of an automobile wasn’t really disruptive. It was when the assembly line opened up mass production and drove the cost down that the market changed ... and average citizens could buy a car and retire their wagon and horses.

Mobile data traffic generated by cellphones and tablets will approach almost 197,000 petabytes by 2019, according to Juniper Research. That is the data equivalent to more than 10 billion Blu-ray movies.

With the information world marching en masse to the cloud, one global firm is offering direct peer-to-peer encryption to reduce the threat of an intervening cyber intercept. This approach is applicable to dedicated hardware as well as to commercial off-the-shelf consumer communications equipment, and its operation is relatively transparent to the user.

The National Institute of Standards and Technology (NIST) is preparing recommendations to help organizations leverage the benefits of mobile apps while managing their risks. The publication’s authors are seeking public comments about the draft of "Technical Considerations for Vetting 3rd Party Mobile Applications." The deadline for comments is Sept. 18.

While apps can improve productivity, they also can introduce vulnerabilities that put sensitive data and network resources at risk. The draft publication describes tests that software security analysts can employ to find and understand these security gaps before the app is approved for use.

It’s traditional for journalists to end an interview with some version of the question, “What would you like to add?” On the surface, it is the softest of softball questions—so broad and general that there is no wrong answer.

Some sources take this opportunity to repeat their major talking points. Others simply say they have nothing to add. And some will offer a warm and fuzzy, feel-good quote about partnering or working hand-in-hand, or about how great their employees are. All are perfectly legitimate responses.

But on very rare occasions, a source will take this opportunity to make news. And from a reporter’s perspective, this is the absolute best kind of answer.