A Review of the Best News of the Week on AI, IoT, & Mobile Security

The internet is inherently unsafe and AI-powered cyber defenses won’t help, Google security veteran says (CNBC, Sep 18 2017)
While AI is very good for launching cyberattacks, it’s not necessarily any better than non-AI systems for defense — because it produces too many false positives. “AI is good at spotting anomalous behavior, but it will also spot 99 other things that people need to go in and check” out, only to discover it wasn’t an attack, says Adkins.

Apple’s new tracking protection is “sabotage”, claims ad industry (Naked Security – Sophos, Sep 19 2017)
The ad industry is not happy with Apple’s latest move to limit how we get tracked around the web. Tracking via cookies won’t come to a screeching halt, but it will, in fact, be corralled, as Apple described in June when it announced a feature called Intelligent Tracking Prevention (ITP).

Apple’s FaceID (Schneier on Security, Sep 19 2017)
This is a good interview with Apple’s SVP of Software Engineering about FaceID. Honestly, I don’t know what to think. I am confident that Apple is not collecting a photo database, but not optimistic that it can’t be hacked with fake faces. I dislike the fact that the police can point the phone at someone and have it automatically unlock.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

iOS security alert: Your device is transmitting Exchange credentials without any encryption (TechRepublic, Sep 12 2017)
An iOS security flaw is causing Exchange credentials to be transmitted without encryption—even if SSL is enabled. Apple has told Litwin that iOS 11 will solve the problem, but Microsoft told him that the flaw “does not meet the bar for security servicing.”

Apple says Face ID didn’t actually fail during its iPhone X event (Ars Technica, Sep 14 2017)
“People were handling the device for stage demo ahead of time and didn’t realize Face ID was trying to authenticate their face,” the Apple rep reportedly said in a statement. “After failing a number of times, because they weren’t Craig, the iPhone did what it was designed to do, which was to require his passcode. Face ID worked as it was designed to.”

Experts Weigh Pros, Cons of FaceID Authentication in iPhone X (Dark Reading, Sep 13 2017)
Security pros discuss Apple’s decision to swap fingerprint scanning for facial recognition technology in the latest iPhone.

IoT Target Architecture | Webinar Replay Info (Gartner Blog Network, Sep 12 2017)
What’s important in your IoT target architecture? Here’s a Gartner Webinar (no paywall, just register), where they asked the following: What stage is your effort in? Where is the data that you need to drive insights and foresights with IoT? For your top-of-mind IoT efforts, which is the strongest edge compute driver?

Aruba rolls out security fabric designed for IoT (Network World Security, Sep 18 2017)
50 percent of networking teams have little to no confidence they are aware of all the connected endpoints. Aruba’s product allows a device peer grouping feature that profiles all devices and builds “peer groups” of them and then ClearPass (NAC) signals when something seems awry. For example, the solution could infer a device was a connected soda machine by comparing the traffic to and from the device. All of the devices in that peer group would exhibit similar behavior, such as sending traffic to and from Coca-Cola.

Premium SMS Malware ‘ExpensiveWall’ Infects Millions of Android Devices (Threatpost, Sep 14 2017)
Google has ejected 50 apps from its Google Play store that were harboring mobile malware dubbed ExpensiveWall. The malware, which was downloaded between 1 million to 4.2 million times, sends fraudulent premium SMS messages for fake fee-based services without the knowledge or permission of users, according to Check Point security researchers.

Convergence of IoT Applications Can Untangle Cybersecurity Challenges, says Frost & Sullivan (Markets Insider, Sep 18 2017)
Key cybersecurity findings in the connected world include:
1) Innovations across the various network layers for enhanced protection covering the network from specific types of attacks;
2) New identity and access management technologies due to growing compliance demands among organizations across industries working on IoT platforms, and
3) Spurt in intrusive prevention and risk analysis solutions tailored for specific sectors to identify unique issues for the ecosystem and prevent cyber-attacks at inception.

Cybersecurity needs to learn from algorithmic trading (SC Magazine, Sep 15 2017)
Today the security analyst has to do that manually jumping between SIEMs, firewalls, directories, DNS, PCAP and flow data records trying to match up context and time. It is a challenging and often time-consuming exercise. In this article, Byrne looks at the challenge for IT security and a better way of doing User and Entity Behavioral Analytics.

Monitoring network traffic more efficiently (MIT — ScienceDaily, Aug 24 2017)
Researchers have come up with a new approach to network monitoring that provides great flexibility in data collection while keeping both the circuit complexity of the router and the number of external analytic servers low.