View Post

Security: Sometimes More Is Less

In Blog post by Clavister Blog Staff0 Comments

In 2004, the US psychologist Barry Schwartz published a book titled The Paradox of Choice: Why More Is Less.​  The book puts forward the argument that the sheer range of possibilities and options presented to us in our daily lives leads to ‘choice overload,’ and causes people to set unrealistic expectations of the good, services and products they choose.  Those expectations are frequently not met, causing people to question their choices.   It’s the same in IT security.  Security vendors are continually developing new technologies and methods to address the latest emerging threats.  Organisations are investing in those solutions and deploying them – but despite these ongoing investments, breaches and attacks are …

View Post

Clavister & Artesyn collaborate on securing embedded systems

In Blog post by Clavister Blog Staff0 Comments

Earlier this week, we entered into a reseller agreement with Artesyn Embedded Technologies, a global leader in embedded computing solutions for the communications, telecom, broadcast, military, aerospace and industrial automation sectors.  The agreement means that Artesyn will offer our security solutions to its key markets and customers, and our security software will be integrated onto Artesyn’s computing hardware for embedded systems. The upshot of this will be a range of advanced, secure platforms for next-generation IT with extremely high performance and capacity.  Our two companies have already collaborated over a long period, developing solutions for LTE/4G mobile networks, and the partnership will extend this collaboration even further. Embedded computing is a …

View Post

United Airlines and NYSE: cyberattacks or system glitches? Does it matter?

In Blog post by Clavister Blog Staff0 Comments

It’s been another interesting week from a cybersecurity perspective.  On Wednesday 8th July, a report issued by Cambridge University and the Lloyds insurance group suggested that a successful cyberattack on America’s electrical grid could create $1tn dollars of damage. A trillion dollars is such a huge sum that it can’t easily be grasped.  But on the same day, two incidents happened that highlighted the vulnerability of business systems in the event of outages – and the potential scale of the possible losses if a major attack was successful. First, United Airlines grounded all its US flights for two hours, due to ‘network connectivity’ problems.  Flights were restored, but only after …

View Post

Clavister shows how to secure large-scale wifi network for smart cities

In Blog post by Clavister Blog Staff0 Comments

Together with partners DataCom and Ruckus Wireless, we recently built a large, secure and reliable WiFi network for the 2015 Royal Swedish Yacht Club ÅF Offshore Race in Stockholm – one of the world’s biggest ocean races, with over 200 boats from across Northern Europe taking on the 350 nautical mile course.  With around 200,000 spectators at the event, the network was designed to handle multiple access points and large numbers of concurrent users, covering the entire island of Skeppsholmen in the centre of Stockholm. By implementing web filtering and managing bandwidth usage, our technology has given spectators and participants with secure, high-performance access to WiFi.  This points the way …

View Post

Why the Polish Airline cyberattack is a big deal

In Blog post by Clavister Blog Staff0 Comments

The cyberattack on the computer systems of the Polish airline LOT made quite a few headlines this week, as it grounded a number of flights.  In the wake of the attack, reports emerged that it was a DDoS attack on systems which prevented the airline from creating its flight plans in time for departures. As the airline confirmed the attack did not affect communication between the airline and its planes, or other critical systems, some commentators have downplayed the significance of the incident. While it may have been ‘only a simple DDoS attack’, it was still enough to stop flights, disrupt schedules and strand passengers.  As we’ve posted before, as …

View Post

Why security and baseball are in the same ballpark

In Blog post by Clavister Blog Staff0 Comments

It’s been a busy week for hacking news.  The anti-virus firm Kaspersky announced its systems had been penetrated, and German chancellor Angela Merkel’s PC was supposedly compromised by malware.  And while these were both big stories, they’ve been overshadowed by the news that the St Louis Cardinals baseball team is being investigated by the FBI after allegedly breaking into the databases on computer systems belonging to rival team, the Houston Astros.   In this case, it’s alleged that the Cardinals got into the Astros’ systems by simply guessing passwords, so there’s no claim of malware or clever hacking techniques being used as part of the breach.  But it does highlight …

View Post

Who can you trust to secure your networks and data?

In Blog post by Clavister Blog Staff0 Comments

Following the Snowden revelations on widespread data interception by Western governments, the UK is set to pass an important law during the next 12 months.  The new law is the ‘investigatory powers bill’, which has been described as a ‘turbo-charged snooper’s charter.’   The law is expected to enable tracking of everyone’s web and social media use, and include powers to strengthen the security services’ powers for bulk interception of communications. A major report on investigatory powers is being published today, which is expected to be a major influence on the upcoming legislation.  So what do these new powers mean for your company’s security? At the time the news about Snowden became …

View Post

Why is security the elephant in the room for smart cities?

In Blog post by Clavister Blog Staff0 Comments

A recent technology round-table discussion in The Guardian newspaper covered the ‘rise of the connected machines’ – the internet of things, in which billions of intelligent devices will interconnect to link to deliver greater efficiency and flexibility – and ultimately lead to smart cities.  So what?  I hear you say.  Here’s what – the round table did not once cover how these devices and their connections will be secured, and data they handle protected from interception or disruption. Is security really the elephant in the room when it comes to the internet of things?  If so, we need to stop ignoring it and start working out way to deal with …

View Post

Why segmenting networks is key to mitigating the impact of attacks

In Blog post by Clavister Blog Staff0 Comments

Over the past 18 months, we’ve seen a number of large-scale attacks that have compromised the point-of-sale (PoS) systems of major retailers, such as Target and Neiman Marcus.  This week uncovered another attack aimed at PoS systems, with the aim of stealing consumer card data.  The attack uses a new piece of malware, ‘NitlovePOS,’  which targets PoS terminals running Windows. In common with previous attacks against PoS systems, NitlovePOS starts with a phishing email with an infected document attachment.  If the user clicks to open the document, the infection is launched and will start trying to track down payment card data. This is why proper segmenting of networks, to separate …

View Post

Is hacking a video billboard a sign of the times?

In Blog post by Clavister Blog Staff0 Comments

Earlier this week, a group of hackers managed to get the access credentials to a video billboard in Atlanta, Georgia, and replaced the scheduled advertisements with a pornographic image that took passers-by somewhat by surprise. While no harm was done – apart from causing mild offence to a number of people – this incident does show just how vulnerable these public systems can be to tampering and external control.  With ‘smart cities’ being a current buzzword, just how well-protected are the interconnected systems that are the lifeblood of these new developments?  What impact could a hacker have on those systems – for example, influencing traffic control signals, or fire suppression …