United States and China are in negotiation to establish a cyberattack agreement, according to reports. If successful, it "could become the first arms control accord for cyberspace, embracing a commitment by each country that it will not be the first to use cyberweapons to cripple the other's critical infrastructure during peacetime," reports David Sanger in the New York Times. more
Ubiquiti Networks Inc., a San Jose based maker of networking technology, has disclosed that cyber criminals stole $46.7 million via a "business email compromise fraud involving employee impersonation." more
September 7th 2015 will see the Global IPv6 Next Generation Internet Summit 2015 (hereinafter referred to as IPv6 Summit) held in the Presidential Hotel Beijing. The conference will be co-hosted by the IPv6 Forum and BII Group, under the theme of "IPv6 approaching, are you ready?," which will be well attended by top-notch industrial experts both at home and abroad, hundreds of representatives from carriers across the globe, representatives of well-known vendors in the industry, experts from academic agencies, enterprise users, and many influential news outlets, who will discuss the mainstream plans and technical foci of large-scale IPv6 deployment, influence and challenges brought by IPv6 development on network security, Global Internet of Things boosted by IPv6, and other burning issues. more
In my last blog post I shared some of the general security challenges that come with the Internet of Things (IoT). In this post, I will focus on one particular security risk: distributed denial of service (DDoS) attacks. Even before the age of IoT, DDoS attacks have been turning multitudes of computers into botnets, attacking a single target and causing denial of services for the target's users. By "multitudes" we can be talking about thousands or even millions of victim devices. Now add IoT into the equation... more
Shadow IT -- the use of unsanctioned software and services by employees -- is a problem. It's a big one. According to Forbes, 72 percent of executives don't know how many "shadow" apps are being used on their network. Beyond overloading network resources and impacting data compliance, there is also the real threat of security breaches from unapproved apps. Managing IT you can't see is no easy task, but fortunately it's not impossible. Here are five tips to help bring light to the shadows. more
Would you like to present an idea you have related to DNSSEC or DANE to a gathering of people within the DNSSEC community? Do you have an idea for a new tool or service? Have you recently implemented DNSSEC or DANE and want to share your story? The deadline is Monday, August 17, so please send your proposal soon! We are open to proposals on a wide range of topics... more
Unlike consultant-led penetration testing, periodic or continual vulnerability scanning programs have to operate harmoniously with a corporation's perimeter defenses. Firewalls, intrusion prevention systems, web proxies, dynamic malware analysis systems, and even content delivery networks, are deployed to protect against the continuous probes and exploit attempts of remote adversaries -- yet they need to ignore (or at least not escalate) similar probes and tests being launched by the managed security service providers an organization has employed to identify and alert upon any new vulnerabilities within the infrastructure or applications that are to be protected. more
A great deal of discussion is taking place about topics such as the digital economy, sharing economy and networked economy. Obviously these are concepts rather than being well-defined, but they are being used by the various players in the market to argue for or against certain developments. For example, in some of the broadband debates around the world, the digital economy is the key reason why national broadband infrastructure gets developed. more
A few weeks ago I wrote about Apple's IPv6 announcements at the Apple Developers Conference. While I thought that in IPv6 terms Apple gets it, the story was not complete and there were a number of aspects of Apple's systems that were not quite there with IPv6. So I gave them a 7/10 for their IPv6 efforts. Time to reassess that score in the light of a few recent posts from Apple. more
Ever since we first became involved in developing policies and strategies for countries relating to what are now known as national broadband networks, we have argued that those taking part in the strategic decision-making processes of designing these networks should look, not at what broadband can do now, but at what high-speed broadband can do to assist countries to create the best opportunities for future developments. more
In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more
News flash: to help fight California's drought, Samsung is offering a $100,000 prize to the innovator who creates "the most effective use of IoT and ARTIK [Samsung's IoT platform] technology for reducing water consumption by individuals or municipalities." When the average reader of this news headline needs no explanation of what "IoT" means or what this contest is about, we know IoT, or the Internet of Things, is for real. There are already an estimated 25 billion connected devices around the world, according to expert estimates. more
For people attending The Internet and Television Exchange (INTX), the redubbed Cable Show for 2015, enabling technologies are as important as always, but the transformation of business models in the video delivery industry has certainly cast a huge grip on an industry caught in the middle of a seismic change -- driven by ever-increasing broadband speeds, mobile access to content, and yes, disruptive Over-The-Top (OTT) offerings. more
Developments in LTE are also going to have a significant impact on the unlicensed spectrum, which is currently used by billions of people through their WiFi modems and WiFi services in cities, cafes, airports and other venues. Known as LTE Unlicensed (LTE-U) or Licensed-Assisted Access (LAA), this technology can also ride on top of WiFi networks (without utilising the mobile service), providing high-speed broadband access to users. more
With the explosion in mobile broadband, every mobile operator is scrambling to secure the spectrum capacity needed to stay ahead in the market. There is no doubt that spectrum management is one of the most critical elements of telecommunications policy. It is seen as the pathway to 21C infrastructure... It is interesting to see how the different countries handle their spectrum management policies. more