Nokia, Cisco, BT, Telefónica and Microsoft among new cybercrime-fighting cabal

34 tech and telecoms companies have signed a pledge to fight cyberattacks from criminal enterprises and nation-states.

The thing they signed is called the Cybersecurity Tech Accord and its creation seems to have been prompted by the growing trend of cyber-horridness coming from places like Russia and the apparent need for great global coordination to combat it. Microsoft seems to be taking the lead on this project, which is fair enough since its OS is the recipient of most of this aggro, but a fairly broad range of major tech companies have jumped on-board.

“The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together.” said Microsoft President Brad Smith. “This tech sector accord will help us take a principled path towards more effective steps to work together and defend customers around the world.”

Here are the four cornerstones to this group effort as detailed in the announcement:

Stronger defense

The companies will mount a stronger defense against cyberattacks. As part of this, recognizing that everyone deserves protection, the companies pledged to protect all customers globally regardless of the motivation for attacks online.

No offense

The companies will not help governments launch cyberattacks against innocent citizens and enterprises, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.

Capacity building

The companies will do more to empower developers and the people and businesses that use their technology, helping them improve their capacity for protecting themselves. This may include joint work on new security practices and new features the companies can deploy in their individual products and services.

Collective action

The companies will build on existing relationships and together establish new formal and informal partnerships with industry, civil society and security researchers to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimize the potential for malicious code to be introduced into cyberspace.

“The Tech Accord will help to protect the integrity of the one trillion connected devices we expect to see deployed within the next 20 years,” said Carolyn Herzog, General Counsel at Arm. “It aligns the resources, expertise and thinking of some of the world’s most important technology companies to help to build a trusted foundation for technology users who will benefit immensely from a more security connected world.”

Here’s the full list of signatories and they must be serious about this because they’ve made a corporate video and everything: ABB | ARM | AVAST | BITDEFENDER | BT | CA TECHNOLOGIES | CISCO | CLOUDFLARE | DATASTAX | DELL | DOCUSIGN | FACEBOOK | FASTLY | FIREEYE | F-SECURE | GITHUB | GUARDTIME | HP INC | HPE | INTUIT | JUNIPER NETWORKS | LINKEDIN | MICROSOFT | NIELSEN | NOKIA | ORACLE | RSA | SAP | STRIPE | SYMANTEC | TELEFONICA | TENABLE | TRENDMICRO | VMWARE

Intel hit with class action suit over CPU defects

Law firm Doyle APC has filed a class action lawsuit against Intel for the design defect found in all of Intel’s x86-64x CPUs.

2018 has not been a great year for Intel so far, as the last week or so has simply been a tsunami of bad news concerning security vulnerabilities in its x86-64x CPUs. Considering the extent of the Intel’s woes, it wasn’t going to be too long before a class action appeared, and here it is; Garcia, et al. vs. Intel Corp, Case No. 18-cv-00046, (ND Cal).

The case itself aims to represent any US purchaser of Intel CPUs containing the defect, or purchasers of a device containing one of these Intel processors. The defect is actually down to what Intel must have through was a clever bit of engineering. The kernel mode attempts to guess what the user will do next, known as ‘speculative execution’, having certain programmes on stand-by to increase speed and performance. This action potentially exposes kernel data, one of the most sensitive parts of a computer.

Since the vulnerability was initially exposed, Intel has been rushing to develop a patch, essentially closing the threat, though it is believed it will degrade performance at the same time. Intel claims 90% of processor products introduced within the past five years will be fixed by the end of this week, and for the average user, the impact on performance will be minimal. This has also been echoed by Intel’s customers:

Apple:

“Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.”

Microsoft:

“The majority of Azure customers should not see a noticeable performance impact with this update. We’ve worked to optimize the CPU and disk I/O path and are not seeing noticeable performance impact after the fix has been applied.”

Google:

“On most of our workloads, including our cloud infrastructure, we see negligible impact on performance.”

Amazon:

“We have not observed meaningful performance impact for the overwhelming majority of EC2 workloads.”

This has been disputed by some commentators as the ‘speculative execution’ feature is believed to be one of the primary drivers of increased performance. Only time will tell.

Doyle APC’s ambulance chaser impersonation should of course been expected, though Intel has been the main recipient of attention so far. AMD and ARM are two other suppliers who have also admitted to vulnerabilities, though neither has gotten anywhere near the same amount of consideration. The flaw may not impact these products as much as Intel, or the severity of AMD and ARM defects has not been truly uncovered just yet.

Android ransomware is biggest mobile malware threat – Nokia

Nokia has published its latest Threat Intelligence Report, which shows that ransomware attacks went through the roof this year, largely via Android devices.

The Nokia report looks at malware infections found in mobile and fixed networks by its NetGuard security produce, which by no coincidence whatsoever announced a major new version today. It derives data from over 100 million devices.

The biggest security issue faced by mobile networks this year has been ransomware, as typified by WannaCry and NotPetya. Two thirds of mobile malware comes via Android devices – mainly smartphones – which Nokia attributes this to the prevalence of side-loading apps from third party app stores. Third party app stores account for 96% of the app market in China, apparently.

Nokia malware device breakdown

 

Nokia malware android breakdown

 

Nokia malware China app store breakdown

This is an issue because it bypasses Google’s own efforts to clean up the Play Store by enabling side-loading, which makes it much easier to trick users into downloading malware hiding as a Trojan within apparently legit apps. This is in addition to traditional ways of getting people to install dodgy software vie links in emails and text messages.

Nokia, of course, reckons it has the answer to all this cyber-misery. The latest version of NetGuard Security Management Center is going big on automation and analytics to try to make is a more predictive process for CSPs. We’re told the volume of security incidents is just too great for mere human beings to stay on top of and we need some artificial intelligence to help us out.

“More sophisticated attacks, growing network complexity and the proliferation of IoT and other devices make it nearly impossible for security teams to monitor, react to and resolve today’s threats quickly and effectively,” said Ron Haberman, head of Emerging Products in Nokia’s Applications & Analytics business group.

“Nokia’s extensive heritage and expertise in network communications technologies and network-based security uniquely positions us to address these unprecedented security challenges. Our Security Management Center helps service providers streamline business processes, reduce costs and proactively address security threats before they impact end users or businesses.”

The clear vested interest in combining these two pieces of news doesn’t diminish the underlying point. It’s hard not get the feeling that we’re losing ground in the battle against cyber-baddies and clearly need to raise our game. Technologies such as Nokia’s may be part of the solution but companies need to prioritise security more than they currently are.