Hackers have infected at least 500,000 routers and storage devices in dozens of countries in a campaign that Ukraine said was preparation for a future Russian cyber attack.

The US Department of Homeland Security said it was investigating the malware, which targets devices from Linksys, MikroTik, Netgear, TP-Link and QNAP, advising users to install security updates.

Ukraine’s SBU state security service said the activity showed Russia was readying a large-scale cyber attack ahead of the Champions League soccer final, due to be held in Kiev on Saturday.

“Security Service experts believe the infection of hardware on the territory of Ukraine is preparation for another act of cyber-aggression by the Russian Federation aimed at destabilising the situation during the Champions League final,” it said in a statement.

Source: Hackers infect 500,000 routers and storage devices – Security | iTnews

Here’s the brutal truth: It doesn’t matter how much your organization spends on the latest cybersecurity hardware, software, training, and staff or whether it has segregated its most essential systems from the rest. If your mission-critical systems are digital and connected in some form or fashion to the internet (even if you think they aren’t, it’s highly likely they are), they can never be made fully safe. Period.

This matters because digital, connected systems now permeate virtually every sector of the U.S. economy, and the sophistication and activity of adversaries — most notably nation-states, criminal syndicates, and terrorist groups — have increased enormously in recent years. Witness the attacks in the United States on Atlanta’s municipal government and on a data network shared by four operators of natural-gas pipelines, the theft of data from Equifax, and the global WannaCry and NotPetya malware attacks. In many of the most notorious incidents of recent years, the breached companies thought they had strong cyber defenses.

Source: Internet Insecurity | Harvard Business Review

The Internet of Things (IoT) is increasingly becoming an integral feature of our daily business environment. More organisations are using devices in a distributed network to support the day-to-day running of the business in order to improve productivity, enhance customer service and reduce maintenance overheads.

With the number of IoT devices expected to reach 125 billion by 2030, it is clear that many industries have already begun using them for critical business processes. It is therefore important that businesses understand as early as possible, the radically differing requirements of IoT devices, their criticality to the business and the implications for businesses that don’t get it right.

Source: A real-time connection is key to IoT development | ITProPortal

Tenable, the Cyber Exposure company, recently discovered a critical remote code execution vulnerability in two Schneider Electric applications heavily used in manufacturing, oil and gas, water, automation, wind and solar power facilities in the U.S. If exploited, the vulnerability could give cybercriminals complete control of the underlying system. Attackers would also be able to use the compromised system to move laterally through the network, exposing additional systems to attack, including human-machine interface (HMI) clients. In a worst case scenario, attackers could use the vulnerability to disrupt or even cripple plant operations.

Source: Tenable discovers 0-day vulnerabilities in Schneider Electric software affecting critical infrastructure | CSO

When EM Forster exhorted his readers to “Only connect!” at the end of his novel Howards End, he couldn’t have imagined how connected we would all become barely a century later. Not only does ubiquitous internet mean that we are plugged into media services constantly, but it is becoming increasingly difficult to buy technology that is not ‘smart’ in some way. For most of these devices, that smartness derives from connectivity to the Internet and to other devices and systems.

The average UK house already contains around 15 connected devices, some obvious such as phones, laptops, tablets, televisions and smart meters, and some much less so, such as kettles, coffee makers, thermostats and switches. This number will only grow in the coming years.

Source: Safer connections: reducing the security risks of the internet of things | The Engineer

In 2016, hackers were able to use 100,000 internet-connected devices to bring down Twitter, Spotify and PayPal. They recruited and infected simple household appliances, such as digital video recorders and fridges, to attack a large network infrastructure provider and create chaos. Consumers were not aware that their own appliances were being used in this way.

Source: Hacking the internet of things just got easier – it’s time to look at your security | Computer Weekly

The internet of things already consists of nearly triple the number of devices as there are people in the world, and as more and more of these devices creep into enterprise networks it’s important to understand their requirements and how they differ from other IT gear.

The major difference is that so far they are designed with little or no thought to security. That stems from having comparatively little memory and compute power to support security but also because often they are designed with time-to-market, price and features as top considerations to the exclusion of security.

Source: Getting grounded in IoT networking and security | Network World

The Internet of Things (IoT) represents an unusual period in technology history. Most people assume that the functionality of IoT is similar to the traditional internet, which leads to a similar assumption around IoT security. By understanding the true nature of IoT and rethinking the approach to security, firms can mitigate a variety of threats. A secure foundation can be built through implementation of comprehensive security measures before a single device is activated.

Source: Hack-proofing devices: Security in the age of Internet of Things | The Financial Express

While connected devices are expected to dominate every aspect of our lives in the coming years – and already outnumber humans in terms of a basic headcount – belief in the ecosystem’s security is still lacking, and has a long way to go before businesses and individuals fully invest in its potential

Source: Preparing for an Internet of Things future: In blockchain we trust | Information Age

For several years now, the news has been filled with stories about the death of traditional advertising. Instead of classic ads, modern consumers want experiences. AKQA’s chairman Ajaz Ahmed put it this way: “Our belief is that audiences want to have more engagement and more of an experience, rather than be bombarded with endless messages.”

Source: Looking to the Future Means Implementing an Internet of Things-Based Strategy – Adweek