|By Peter Silva||
|January 15, 2014 08:23 AM EST||
…or I’ve been Breached.
There was a time when people differentiated between stealing from a physical store and pilfering data from a network. Throughout the years there have been articles talking about the safety/risks of shopping online vs. shopping at a retail outlet. You could either get carjacked in the parking lot and have your wallet stolen on Black Friday or your browser hijacked and your digital identity stolen on Cyber Monday. There are probably many people who exclusively shop one way or another due to their own risk assessment of each…ignoring whatever convenience, interaction, price, constraints, gratification, availability or any other perceived beneficial metric on the Franklin T-scale tied to the specific activity.
Now we’ve learned that the recent Target breach was due to malware being installed on the point of sale devices. Wait, what? A ‘cyber’ crime within a retail bricks environment? Isn’t anything sacred? Well no, and this is really not anything new. ATMs and point of sale devices have been targets for a while due to the simple fact that they run on an operating system. A potentially vulnerable operating system. In 2012, thieves broke into Barnes and Noble’s keypads and grabbed a bunch of credit cards. Subway also had it’s PoS devices infiltrated. There will be more.
Online shopping has risen 300% since 2004 and continues to grow. comScore reports that desktop sales on Black Friday grew 21% ($1.1 Billion) and Cyber Monday grew 18% ($1.7 billion). Yet, with all the mouse orders we accomplish on any given day, according to the Dept. of Commerce, it still only amounts to 6% of all U.S. retail sales. You’d think that it would be much higher but major purchases, like automobiles for instance, are still (mostly) purchased in person. The shift, however, will certainly grow as more people rely on mobile as a primary purchase sidekick and… as always, the bad guys are going to focus on where they can get their take. In this interesting TED talk, security expert Mikko Hypponen says that we are more likely to be a victim of an online crime than a real world stick up.
That includes an increase of blended attacks.
We’ve seen it a thousand times – plant something on the inside and siphon from the outside; launch a network based attack as a diversion to go after the app data; do a little social engineering surveillance to become one of them; and of course the classic, knock out the guards, put on their outfits and walk in while nobody notices.
There is still much to uncover about this latest breach but I can’t help feeling that more retailers, as has been reported, will be screaming, ‘This PoS device is a PoS!
Nice how I worked that in huh?
- Target Security Breach A Reminder That Threat Lurks In Stores And Online
- Online retail still very small compared to brick and mortar
- The Ultimate Debate: Online Shopping vs. Brick and Mortar Shopping
- Cybercriminals targeting point-of-sale devices
- ATM and Point-of-Sale Terminals Malware: The Bad Guys Just Never Stop!
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Dec. 5, 2016 01:15 PM EST Reads: 2,150
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Dec. 5, 2016 12:34 PM EST Reads: 144
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Dec. 5, 2016 12:30 PM EST Reads: 2,281
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Dec. 5, 2016 12:30 PM EST Reads: 936
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
Dec. 5, 2016 11:38 AM EST Reads: 182
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
Dec. 5, 2016 11:30 AM EST Reads: 760
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 5, 2016 11:15 AM EST Reads: 936
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
Dec. 5, 2016 10:30 AM EST Reads: 644
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform and how we integrate our thinking to solve complicated problems. In his session at 19th Cloud Expo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and sh...
Dec. 5, 2016 10:30 AM EST Reads: 281
We are always online. We access our data, our finances, work, and various services on the Internet. But we live in a congested world of information in which the roads were built two decades ago. The quest for better, faster Internet routing has been around for a decade, but nobody solved this problem. We’ve seen band-aid approaches like CDNs that attack a niche's slice of static content part of the Internet, but that’s it. It does not address the dynamic services-based Internet of today. It does...
Dec. 5, 2016 07:30 AM EST Reads: 1,002
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
Dec. 5, 2016 07:30 AM EST Reads: 7,059
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web ...
Dec. 5, 2016 07:15 AM EST Reads: 1,299
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
Dec. 5, 2016 06:45 AM EST Reads: 1,797
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
Dec. 5, 2016 06:45 AM EST Reads: 1,629
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 5, 2016 06:30 AM EST Reads: 758
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
Dec. 5, 2016 06:15 AM EST Reads: 976
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
Dec. 5, 2016 06:00 AM EST Reads: 1,694
Internet-of-Things discussions can end up either going down the consumer gadget rabbit hole or focused on the sort of data logging that industrial manufacturers have been doing forever. However, in fact, companies today are already using IoT data both to optimize their operational technology and to improve the experience of customer interactions in novel ways. In his session at @ThingsExpo, Gordon Haff, Red Hat Technology Evangelist, will share examples from a wide range of industries – includin...
Dec. 5, 2016 04:15 AM EST Reads: 1,621
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
Dec. 5, 2016 04:00 AM EST Reads: 5,139
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
Dec. 5, 2016 04:00 AM EST Reads: 4,714