Category: Uncategorized

National Cyber Security Centre and National Crime Agency warn more must be done to secure critical service from threat of IoT hacks.

Cyberattacks exploiting the insecurity of the Internet of Things,and hackers attempting to compromise industrial connected devices are among the biggest threats to the UK, those responsible for ensuring national security have warned.

Citing incidents including the internet crippling Mirai botnet cyberattack and vulnerabilities in a children's doll which could potentially be exploited to conduct espionage on unsuspecting victims, a new report by the intelligence services has warned that the rise of IoT devices is providing threat actors with more opportunities to attack targets than ever before.

The joint report from the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA), titled The cyber threat to UK business, details the growing threats to individuals and organisations from cyberattacks.

Noting how many IoT devices are shipped with insecurities which make them vulnerable to remote takeover -- and without means to update or otherwise fix the devices -- the report warns about the increased threat of IoT botnet attacks and says this form of cyberattack is going to get more frequent and more damaging in future.

If attackers continue to turn their efforts towards attacking industrial connected devices, then it could have potentially devastating consequences. In a worst case, hackers could turn off infrastructure such as electricity, water, or heating by hijacking or overwhelming insecure IoT devices.

The NCSC/NCA report warns that "sufficient safeguards are still not in place to protect these systems that were never designed to connect to the internet", which could ultimately result in damaging real-world consequences.

The National Cyber Security Centre cites a cyberattack in Finland, where a DDoS attack disabled residential automated heating systems in apartment blocks for more than a week.

The report also warns on the increasing threat posed by ransomware, which has risen to become one of the biggest threats on the internet.
Citing ransomware-as-a-service schemes on the dark web which allow almost anyone to become a cybercriminal, the report warns how ransomware allows "individuals and groups to have an impact disproportionate to their technical skill", especially as those carrying out the attack are increasingly targeting businesses.

Cybercriminals are already targeting smartphones with ransomware, but the report warns how 2017 will see hackers attempt to lock down other types of mobile devices including fitness trackers and TVs.

While the information stored on these is unlikely to be worth much for anyone looking to sell it on the digital underground, the report predicts that "the device and data will be sufficiently valuable to the victim that they will be willing to pay for it".

"Cyberattacks will continue to evolve, which is why the country must work together at pace to deliver hard outcomes and ground-breaking innovation to reduce the cyber threat to critical services and deter would-be attackers," said Ciaran Martin, CEO of the NCSC, speaking ahead of the agency's CYBER UK conference in Liverpool.

Nonetheless, the NCSC -- part of the GCHQ intelligence service -- believes that IoT security is likely to "eventually" improve, but the government needs to play a role in ensuring these devices are secured.

"Government also has a part to play in promoting smart device security and helping to develop standards such as the NCSC's and the Department for Business, Energy & Industrial Strategy's work to ensure the Smart Metering System has proportionate security measures in place," says the report.

However, the threat is set to loom large for the immediate future, thanks to the millions of insecure smart devices which are already connected to the internet -- especially as millions more will be connected in the years to come, the report warns.

"Malware authors will continue to exploit them to mount attacks and will continue working to find fresh vulnerabilities. The 'botnet of things' will present a serious challenge to cybersecurity for a considerable time to come," the report says.

The release of the NCSC/NCA report comes shortly after tech industry body the Online Trust Alliance (OTA) issued a rallying cry for vendors, retailers, and users to act together to "avoid digital disaster" caused by insecure IoT devices.

From:http://www.zdnet.com/article/the-internet-of-botnets-and-ransomware-on-your-tv-here-come-your-next-big-security-headaches/

Connecting things and machines will require a 're-engineering' of the architecture of the internet to transform it into its second generation, Cisco's CTO for ANZ has said, with edge computing a requirement for latency.

The internet as it currently stands is "not fit for purpose" to engage the connectivity of things and machines, according to Cisco ANZ CTO Kevin Bloch, as mobility requirements will be subverted by the Internet of Things (IoT) and a complete re-engineering will need to take place.

"As we move to more machines being connected than humans, the first generation of the internet is not fit for purpose for the second generation, which is going to be calibrated far more by the Internet of Things," Bloch told ZDNet.

Calling 4G, 4.5G, and 5G "the same damn thing", he said humans will still want the same kind of connectivity, albeit faster, cheaper, and with more data -- but on the other hand, IoT requires the exact opposite of current mobile technology connectivity in every way.

"When you're looking at the Internet of Things, you're actually doing the reverse of that: In many cases, you've got no power, you can't charge batteries for 10 years; in many cases, you're far away from the transmitter-receiver, like on a farm, so you need to think lower frequencies not higher frequencies," he said.

"So when we start talking about the internet gen-one being not fit for purpose, that's what we're talking about. There's a need to rethink the engineering end to end of the internet in order to support things."

Cisco is in a "really strong position" for this re-engineering project, Bloch said, with the latency requirements of IoT also requiring edge computing during the shift to second-generation internet -- which means cloud will also change.

"In terms of that re-engineering, it's not just the connectivity piece; it's also latency," he explained.

"You need to have actually intelligence distributed at the edge so that you're circumventing the latency problem. And this is why I'm saying it's the end of cloud as we know it, because you're going to be pushing intelligence to that edge, and that edge over time is going to look a lot more powerful. It's going to be looking like an edged cloud."

Cisco SVP of Enterprise Infrastructure and Solutions Jeff Reed also addressed the importance of edge computing for IoT during his Cisco Live Melbourne technology keynote on Thursday morning.

"The edge is so critical as part of this evolution. And what I'm seeing is that in the IoT world ... it's not just connectivity. It's not just networking. It's how I think about security at the edge. It's how I think about compute at the edge," Reed said.

"We make these applications for IoT that require processing close to the things due to latency, due to bandwidth requirements or lack thereof. So as you kind of embark upon this IoT world, the services and capabilities at the edge of your network are going to be more and more critical."

IoT will also require a fundamental shift in the basic mobile business model, with Bloch repeating his warning of the possibility that telcos may not make money through IoT.

"Be careful if you're a telco. We might be saying there's going to be 50 billion things connected ... but they're going to expect connectivity for free," Bloch told ZDNet, pointing towards the low cost of devices and connectivity that are required in such IoT products as the CSIRO's RFID bee backpacks project.

Bloch pointed towards the fact that Cisco has IoT partnerships in both unlicensed and licensed spectrum with NNN Co and Telstra, respectively, because vendors need to look at "the right application for the right use case".

However, he said the future may lie in unlicensed spectrum.

"We'll be using things like free spectrum, and again, telcos need to think about that, because at the end of the day, how you monetise the Internet of Things, it's not the same as if we look back in time how they monetised mobile phones," he said.

"That model's there for humans, but it's not going to cut it for the machine world."

Disclosure: Corinne Reichert travelled to Cisco Live in Melbourne as a guest of Cisco

From:http://www.zdnet.com/article/cisco-first-gen-internet-is-not-fit-for-purpose-for-iot/

Vendors, retailers, and users need to act together to "avoid digital disaster" caused by insecure IoT devices, warns a tech security group.

Failing to tackle the insecurity of the Internet of Things and connected devices could lead to the technology's weaponization, resulting in irreversible consequences for us all.

Incidents including the Mirai IoT botnet cyberattack and stuffed toys being found to leak unsecured personal information onto the open internet have demonstrated how security around the Internet of Things is still immature, despite how these devices are proliferating in our homes and workplaces.

In order to prevent the long-term consequences of insecure IoT devices resulting in property damage, theft, or even physical harm to people, tech industry body the Online Trust Alliance (OTA) has called on the technology sector, businesses and industry, the government and consumers to come together to "avoid digital disaster".

The call comes in the OTA's new report, Securing the Internet of Things: A Collaborative & Shared Responsibility, which warns how "too many IoT devices appear to be designed primarily for convenience and functionality while long-term security is conspicuously absent".

The report comes shortly after the World Economic Forum warned about the potential threats to society from IoT hacking.

Likening the risk to global warming or industrial pollution, the OTA warns that there will be long-term consequences resulting from failure to deal with IoT threats and that lack of action has already "created a treasure chest ripe for abuse by white collar criminals, terrorists, and state-sponsored actors as IoT devices become weaponized".

"All too many connected devices sold, ranging from automobiles and thermostats to children's toys and fitness devices, have insecure remote access and controls. By default many collect vast amounts of personal and sensitive information which may be shared and traded on the open market," warns the report, which notes how many of these devices don't have the functionality to remove personal data if they are sold or lent out.

As voice-enabled devices like Amazon Echo and Google Home take off, a lack of sufficient user authentication on these assistants could be exploited the report warns, as demonstrated by incidents where home assistants have bought items after hearing instructions from children or even voices on television.
If this sort of risk isn't curbed, the OTA suggests that we could get to the point where people could issue commands to devices in the home or workplace by yelling through a window or leaving a message on an answer machine. If they ask devices to unlock the doors, outsiders could potentially walk right in.

"It does not take much imagination to realize the risk and impact of physical harm which could occur," the report warns.

In order to combat this risk, the OTA calls for both the public and private sectors to work together to ensure security is built into Internet of Things devices as "all stakeholders bear a responsibility". This includes retailers, developers, ISP providers, regulators, government, and consumers.

The OTA argues that the IoT shows a lot of promise, but in order to protect users, action is needed now to "maximize the security, privacy and vitality of all IoT devices"

"Acting now will help prevent and mitigate the risk of a digital disaster. We all have a role and responsibility to address security and privacy," the report said.

It said retailers and resellers should help "in setting baseline security and privacy measures for the products they profit from". Meanwhile developers and manufacturers should disclose their security support commitment to users prior to purchase and "clearly articulate their security and privacy policies".

In addition, sellers of homes and cars should be encouraged to disclose all such devices and features, disable their access, and provide new owners the ability to re-set them, turn in their physical and digital keys, and remove all personal data.

From:http://www.zdnet.com/article/the-internet-of-weaponized-things-time-to-tackle-device-security-before-its-too-late/

'Hybrid cloud isn't going to be a mix of AWS and Google, or AWS and on-premise. It will be a mix of AWS and client machines.'

One of the buzzwords to emerge over the past year is that of "serverless" computing or architecture, which, as the term suggests, involves the provisioning of key information technology resources to users without the fuss and muss of acquiring and activating additional hardware, which not only means servers, but disk space as well. Let the cloud vendors worry about the messy details of protocols, security, resource provisioning, processor speeds, and memory allocation, and focus on the applications business users need to run their organizations.

Serverless is, for all intents and purposes, another name for Platform as a Service. There are vendor tools and environments suited for such a purpose, including Amazon Web Services Lambda, IBM BlueMix OpenWhisk, and Microsoft Azure Functions, Buzzwording aside, full-throttle adoption of serverless platforms may even stir rethinking of optimal hybrid cloud architectures, and what it means for IT teams to serve as brokers of needed business services.

That's the experience of Gojko Adzic, a highly regarded thought leader in the IT space and partner at Neuri Consulting, who recently explored his journey down the serverless computing path with his MindMup project. In his post, Adzic provides some food for thought as to the best way to structure the delivery of cloud-based back-end services to a dynamic user base.

MindMup, which offers mind mapping tools, first piloted the AWS Lambda platform in February 2016, and moved entirely over to Lambda at the beginning of 2017, Adzic relates. The site has seen positive outcomes so far in its one-year journey, with a user base increasing by 50% while hosting costs have dropped 50%, he says. Plus, scaling to meet demand is now relatively painless.

Serverless computing is about a platform approach, not just services. Organizations thinking that moving applications to serverless platforms will save money will be disappointed, Adzic says. Even if an infrastructure is deployed across the resources of a cloud provider such as AWS, as it may involve making multiple duplicate payments for connecting web requests, he explains."By far, the biggest lesson for me was to really embrace the platform, not just the service," he relates.

Adopting a platform approach can be accomplished three ways: through the use of distributed authorization: letting clients orchestrate workflows: or allowing clients to directly connect to AWS resources, Adzic explains. MindMup went with the third, direct-to-client, approach, as the first two options have limitations within AWS environments. Enabling direct access to platform services has helped to reduce latency and costs.

As Adzic observes, this model of direct cloud-to-client architecture represents the most expedient way to deliver hybrid services, and he goes on to suggest that this may even change the way enterprises think about hybrid cloud architecture. That is, open up back-end services directly to clients and client applications, rather than structuring layers of services between users and cloud functions:

"When client applications can directly connect to 'back-end' resources, there's very little benefit orchestrating that from anywhere else. Coordination, workflows and many other aspects of an application can move directly to the client application. Only the parts that really need to be locked down for security reasons or to use specialist resources need to go to AWS. The hybrid-cloud of the future isn't going to be a mix of AWS and Google, or AWS and on-premise. It will be a mix of AWS and client machines."

From:http://www.zdnet.com/article/cloud-to-client-computing-serverless-computing-reduces-the-middle/

BlackBerry executive Nader Henein says that before security weaknesses can be addressed, healthcare providers need to take a long, hard look at their networks and rebuild them from the ground up.

BlackBerry executive Nader Henein believes that as more Internet of Things (IoT) and connected healthcare devices come into play, the industry must take steps to reevaluate their security -- from the ground up.

The use of IoT and connected devices can provide healthcare providers and patients with a range of benefits -- such as the use of mobile technology to track conditions, improved communication between departments, and personalized medical care -- but it also comes with risk.

The problems lie in how medical devices become connected to the internet and the path this forges for cyberattackers to potentially exploit. Not only could attackers target victims individually as demonstrated by IOActive researcher Barnaby Jack's experiments with pacemakers, but patient data can be stolen and medical devices can be left exposed online for attackers to cause havoc if they wished.

Despite these issues, business is booming, with analysts predicting the global IoT healthcare market will be worth as much as $410 billion by 2022.

Speaking to ZDNet, Nader Henein, regional director of advanced security assurance advisory at BlackBerry, said that security standards for biomedical devices, unlike PCs or mobile products, are still in their infancy.

While some patch programs do exist and some medical equipment makers -- such as Hospira -- are beginning to take responsibility for security, industry standards must be created to ensure at least a basic level of security for future devices.

However, this is not the only issue at fault.

"The focus is still almost entirely on the function of the device rather than its capacity to be secured," Henein says. "As such the problem in the medical space is the same as with any traditionally isolated device that has become connected over the past few years: these devices are often "insecure" and worse even in many cases "un-securable."
The true security of a medical device needs to be measured by a device's capability to withstand a cyberattack from skilled hackers. This, in turn, needs to evolve over time, the executive says, in order to "keeping with the nature of cybercrime," and devices should be constantly tested based on the latest industry threats.

While the US Food and Drug Administration has only reached the "recommendations" stage when it relates to medical device security, there is some independent industry movement, at least. In May 2016, DTSEC was released -- a medical device cybersecurity standard created and managed by a BlackBerry-led non-profit consortium.

The standard focuses on embedded medical device security through systems implemented at the beginning of development cycles. By using other international standards, including ISO 15408 and IEC 62304 (.PDF), DTSEC acts as a guide which contains security requirements and recommendations for different product types.

See also: FDA one of many 'toothless dragons' with no will to tackle medical device security

It is both the responsibility of medical equipment vendors and hospitals to take note of how the cybersecurity landscape is evolving and what threats may be landing at their door. It is understandable that budgets are often tight and overstretched, but unless such entities want to entertain the risk of facilitating harm to a patient due to cyberattackers, investment needs to begin at the device level and end with network security, update schedules, and staff training to detect malicious threats.

"When improving cyber defenses in the healthcare industry, one of the first steps must be to properly re-engineer the network where they sit so that insecure devices are not a threat and their usage can be properly monitored," the executive says. "In the long term, updating or replacing insecure devices should be part of the change management process."

Read on: Medical device 'birth certificates' could solve healthcare security woes

According to the executive, not enough is being done by healthcare providers to secure their networks -- especially when such investments hit the bank balance.

As the healthcare industry is trained and focused on providing patient care, research, and medical equipment, security is often left by the wayside -- and there may be little left over out of budgets to shore up networks and protect devices connected to them.

"The issue is, if they want access to the latest and greatest in lifesaving medical equipment, they're going to have to also focus on cybersecurity as almost all of these devices are connected," Henein noted. "As healthcare providers learn more about the benefits of IoT, they will also become more aware of the associated threats. In turn, healthcare budgets should start to increase to reflect this increasing awareness over time, but this is not going to happen overnight."

From:http://www.zdnet.com/article/blackberry-future-medical-device-security-relies-on-network-transformation/

More than half of business leaders surveyed for the global Internet of Things Business Index 2017 said progress has not happened as quickly as expected.

More than half business leaders around the globe believe their organization's progress with the Internet of Things has not happened as fast as they expected, according to a new survey. Nevertheless, they still largely believe IoT will have a tremendous impact in the future.

As many as 24 percent of those surveyed said they "strongly agree" their progress has not happened as quickly as expected, according to the Internet of Things Business Index 2017, an Economist Intelligence Unit report, sponsored by ARM and IBM. Another 33 percent said they somewhat agree. Twenty-seven percent said they neither agree nor disagree, while just 10 percent said they somewhat disagree, and 2 percent strongly disagree.

Even so, there is a "strong degree in belief of vision," Pete Swabey of the Economist Intelligence Unit told reporters on a conference call.

When asked about the impact of IoT, 21 percent said it's already had a major impact, while 32 percent said it's had a limited impact but will have major impact in the future. Another 12 percent said it's had no impact so far but will have a major impact in the future.

The remaining respondents were more pessimistic: 20 percent said it's had limited impact so far and will have a limited impact in the future. Nine percent said it's had no impact so far and will have a limited in the future.

The study, conducted in September 2016, surveyed 825 senior business leaders, including 412 C-level executives or board members. Thirty percent were based in Europe, 30 percent in North America, 30 percent in Asia-Pacific and the remaining 10 percent were in Latin America, the Middle East and Africa.

The survey spanned leaders from 10 industries, including financial services; manufacturing; healthcare, pharmaceuticals and biotechnology; IT and technology; energy and natural resources; construction and real estate; automotive; infrastructure; and outsourced facilities management.

When it comes to the use of IoT in products or services, the plurality of business leaders surveyed, 35 percent, said they were in the research stage. As many as 21 percent said their organization was using no IoT at all, while another 21 percent said they were past the research stage and into planning. Fourteen percent were into implementation, while 8 percent said they were extensively using it.

Results were similar when business leaders were asked about their internal use of IoT. The plurality, 37 percent were in the research stage. Twenty-one percent said they were not using it all, 22 percent were in the planning stage, 15 percent were in implemetation and 6 percent were using it extensively.

Those figures, when compared with the results of the 2013 Internet of Things Business Index, show IoT adoption has advanced slightly globally. However, in the US, internal adoption is actually down slightly.

"It does suggest some companies that were, back in 2013, examining the prospects of IoT may have decided it's not for them," Swabey said. He noted that energy efficiency has been a key driver for IoT adoption, so falling oil prices may have taken interest in IoT down a notch.

The chief obstacle to using IoT, respondents said, is the high cost of required investment in infrastructure - 29 percent said so. Another 26 percent cited security and privacy concerns, while 23 percent named a lack of knowledge or commitment from senior management.

While there are real concerns, "that's balanced with the fact people still are investing and see real money to be made, whether it's saved on operational costs or new revenues," said ARM CTO Mike Muller.

When asked where in their organization IoT has had the greatest impact so far, 25 percent of respondents said it has sparked a new wave of innovation thanks to data that provided better insights. Another 22 percent said it's unlocked new revenue opportunities from existing products or services. Twenty percent said it changed their business model or strategy.

Meanwhile, when asked about the parts of the business that have seen the most positive impact so far, 38 percent said data management and analysis. Another 29 percent said products and services, while 27 percent said technology infrastructure management.

From:http://www.zdnet.com/article/survey-iot-progress-has-been-slow-but-optimism-remains/

IBM launches its Watson for Cyber Security beta program to test how cognitive computing can boost cybersecurity.

Fortune 500 companies across the globe are tackling cybercrime by deploying IBM Watson's cognitive computing power.

Watson for Cyber Security, a project designed to take the fight to hackers, is a year-long research effort that initially was focused around universities but has been extended to various industries, including banking, healthcare, insurance, and automotive.

Using artificial intelligence technologies, such as machine learning and natural language processing, to analyse vast amounts of structured and unstructured data, Watson is designed to help cybersecurity professionals identify threats.

A total of 40 organisations are taking part in the IBM Watson for Cyber Security beta program in order to test Watson's ability to fight cybercrime. Participants include Sun Life Financial, University of Rochester Medical Center, SCANA Corporation, Sumitomo Mitsui Banking Corporation, California Polytechnic State University, University of New Brunswick, Avnet, and Smarttech.

By using Watson to shore up cybersecurity defences, IBM hopes to demonstrate new use cases for the cognitive system, such as determining whether a cyberattack is associated with known variants of malware or particular cybercrime campaigns. If so, IBM Watson Security is designed to provide information on the malware employed and the level of threat posed.

Watson is also built to aid organisations in identifying suspicious behaviour, by applying behavioural biometrics and using context to establish whether user activity is malicious or just different to normal. By working with beta customers, IBM hopes to enhance Watson's understanding of cybersecurity data and operations and better integrate it into everyday processes.

IBM believes that cognitive technology will play a critical role in the war against cybercrime as the technology matures. According to the company's own research, seven percent of organisations currently use cognitive technology in this way and that figure is set to grow.

"Customers are in the early stages of implementing cognitive technologies," said Sandy Bird, CTO with IBM Security. "Our research suggests this adoption will increase three fold over the next three years, as tools like Watson for Cyber Security mature and become pervasive in security operations centres."

IBM Watson's cognitive systems are also being deployed to aid in healthcare and help re-imagine the services industry.

From:http://www.zdnet.com/article/ibm-watson-ai-these-firms-are-fighting-cybercrime-using-cognitive-computing/

When dealing with big data, sorting through information quickly is crucial. Reducing noise enables brands to protect their reputations more easily.

Being well informed is vital when it comes to preventing and managing crisis situations that occur across online media. A system that alerts you with customised information about social mentions can save your brand's reputation, and prevent a crisis.

Social media monitoring platform, Visibrain, has launched a PR monitoring platform for reputation management and crisis prevention.

The platform will monitor online press, blogs and social media to protect brands' reputations. The system allows users to reduce social noise by excluding certain elements and combining filters.

The platform enables marketers to mange brand reputation. Alert modes such as abnormal volume, rising trend or mention alerts can be set. Data can be filtered to show, for example, who specific topic influencers are.

When the new MacBook Pro launched as a competitor to the Microsoft Surface Studio, Visibrain analysed which came out on top when it came to Twitter chatter.

With both products being aimed at the high-end professional design space, the graph shows the clear winner.

With over 743,000 mentions for the MacBook pro compared to over 206,000 for the Microsoft Surface Studio, Apple's new MacBook Pro received three times as much commentary as the new Surface Studio, showing the power that Apple's marketing still holds online.

Separate analysis from October 2016 shows that the iPhone 7 continued to receive more mentions online than Samsung's Galaxy Note right up until the product's unfortunate recall.

If mention volumes go above a predefined number per hour, or above normal levels, system alerts allow users to react quickly in the event of a crisis. Certain expressions, links or hashtags that are associated with the brand, or specific topics, also act as triggers.

The Visibrain reputation management platform monitors online press, blogs and social media to ensure that users are the first to know about a budding crisis or rising trend. Alerts are received by email, text message, slack or via the company's internal system.

In an age where data is everywhere but time is at a premium, cutting through the noise will help marketers get to the crux of what their customers - and detractors - are saying.

The Future of IT: A Strategic Guide

ZDNet and TechRepublic draw on their community of C-level executives and business thinkers to prognosticate where business technology is headed.

From:http://www.zdnet.com/article/visibrain-launches-monitoring-platform-for-brand-reputation-management/

The reported ban is preventing access entirely or throttling connections.

Turkey has reportedly restricted access to popular social media websites in a new censorship push.

According to Turkey Blocks, WhatsApp, Facebook, Twitter, Instagram, and YouTube are now on the block list, with either outright bans or connection throttling taking place. While Facebook, Twitter, and YouTube are often blocked in the country, the Turkish censorship and internet monitoring group says that WhatsApp and Instagram restrictions have now also been detected.

WhatsApp users in Turkey have complained that the service was failing on Friday, November 4 -- and now we appear to know why.

Turkey Blocks claims this is the first time "nationwide restrictions have been detected on the popular messaging app in recent years." The monitoring service says:

"The shutdown was first detected on national provider TTNet, Turkcell and subsequently on other major ISPs, with users of UyduNet and other smaller providers not yet affected at the time of writing."

Turkey is one of a number of countries which throw up walls to online services for political reasons. It is believed that the latest blocking attempt is due to the overnight detention of members of the pro-Kurdish Peoples' Democratic Party (HDP), an opposition party to Turkish President Recep Tayyip Erdogan's leadership.

Detention orders were issued for 15 HDP members of parliament, and 11 in total were found at the party's headquarters in Ankara to detain, Salon reports.

See also: China's 'Great Cannon': Taking censorship across country borders

Only last month, the country's government restricted access to cloud storage services Dropbox, Microsoft OneDrive, and Google Drive. It is believed the restrictions were rapidly put in place to prevent the spread of a leaked cache of private emails belonging to the son-in-law of Erdogan, Minister of Energy and Natural Resources Berat Albayrak.

From：http://www.zdnet.com/article/turkey-blocks-whatsapp-facebook-and-twitter-across-the-country/

The technology rolls out along with a new security platform, hardware, and virtual firewalls from Palo Alto.

Palo Alto Networks is aiming to thwart credential theft with the launch of its next-generation security platform.

The move, which comes amid a barrage of product announcements from the security vendor, is notable because it's looking to prevent the intrusions that typically give cyber attackers the keys to the enterprise network.

Once a password or credential theft is successful, cyber attackers can lurk on corporate networks for months if not years. Palo Alto is looking to automate defenses against credential phishing attacks, which are effective given that multi-factor authentication still isn't the default on many networks.

Here's the approaches deployed by Palo Alto to nix credential fraud:

Automatic blocking of phishing sites via Palo Alto's WildFire analysis system.
Preventing users from submitting credentials to phishing sites. Palo Alto firewalls can recognize enterprise credentials in outgoing enterprise traffic.
Scaling multi-factor authentication within the firewall. Palo Alto will integrate with Okta, Ping Identity and Duo Security among others.
Tech Pro Research: IT leader's guide to the Dark Web | How risk analytics can help your organization plug security holes | Information security incident reporting policy

The credential protection comes as Palo Alto is increasingly competing with larger competitors such as Cisco in the security market as well as Check Point and Fortinet to name a few.

Although credential fraud and theft protection was the headliner, Palo Alto also rolled out a series of new features in its latest platform -- PAN-OS 8.0. PAN OS 8.0 includes 70 features including multiple hooks to better secure public and private cloud security. Notable points include:

Automation of cloud security and integration with providers such as Amazon Web Services and Microsoft Azure.
Real-time monitoring for software as a service tools such as Slack and support for global languages.
Three new virtual firewall models -- VM-50, VM-500, and VM-700 -- to cover branch offices to data centers to the cloud.
The new virtual firewall models were also part of a broader hardware rollout that included appliances that cover multiple architectures.

From:http://www.zdnet.com/article/palo-alto-networks-aims-to-thwart-credential-theft/