Security

Although encryption is increasingly used to combat security breaches, a salient lack of expertise among developers, coupled with overly complex libraries, has led to widespread implementation failures in business applications. According to IDG’s Lucian Constantin, the scale of the problem is quite significant. Indeed, a recent report published by Veracode confirms that cryptographic issues are now the second most common type of flaws affecting applications across all industries.

Writing for Semiconductor Engineering, Ernest Worthman notes that approximately six billion people rely on a variety of mobile devices to shop, bank, interface with social media and monitor their health. “Unless you are on the inside track and know better, one would think that all that data is secure. Reality is somewhat different,” Worthman explains. “A mobile society has tremendous benefits, but those benefits come with a price. The advantages are obvious, but the price can be very steep if security isn’t a primary consideration.”

Sean McGrath of InformationWeek recently confirmed that the rise of the public Cloud as a “de-facto standard” has prompted businesses to ask new questions about their respective security procedures. “The answer to numerous security questions and concerns lies, of course, in encryption,” he explained.

A team of Tel Aviv University (TAU) researchers has demonstrated the successful extraction of secret decryption keys from laptop computers via the non-intrusive measurement of electromagnetic emanations from a distance of 50 centimeters and a total duration of just a few seconds.

Did you know it is technically possible to spy on wearable devices in a gym or coffee shop? Fortunately, as Wareable’s David Nield points out, it’s highly unlikely that anyone who isn’t a security researcher is actually going to bother to try – for now. “The few drops of data available are not worth the challenge of trying to grab them – it’s too much effort for too little reward,” Nield explains.

A recent report authored by TrapX details three instances where hospitals were hit by data breaches. According to DarkReading’s Kelly Jackson Higgins, the digital intrusions occurred after certain medical devices had been infected with malware backdoors. “In all three cases, the hospitals were unaware that these devices – a blood gas analyzer, a picture archive and communications system (PACS) and an x-ray system – were infiltrated with malware,” writes Higgins.