Mobile & Smart Device Security Survey 2010

Summer 2010 Device Security Report

By:Kurt Stammberger, CISSP Mocana

Mobile & Smart Device Security Survey 2010:Concern Grows as Vulnerable Devices Proliferate, Smartphones are the Tip of the Iceberg

Mocana Corporation

350 Sansome Street Suite 1010 San Francisco, CA 94104415-617-0055 Phone | 866-213-1273 Toll [email protected] | www.mocana.comCopyright © 2010 Mocana Corp.

mailto:[email protected]

http://www.mocana.com

MOCANA DEVICE SECURITY REPORT: SUMMER, 2010 | 1

INTRODUCTIONMethodology & Demographics

PCs are no longer the dominant form of computing. By far, most “computers,” and most nodes on the Internet are now non-PC smart devices—an “Internet of Things.” In the next few years, as this trend accelerates and everyday gadgets and machines of every imaginable type connect, security threats to individuals and society at large are likely to grow substantially. But how real is this threat to those actually creating the device ecosystem? And to what extent are these organizations actually preparing for it?

Mocana distributed this survey via e-mail in July, 2010 to its internal database of over 11,000 professionals who have expressed an interest in learning more about “smart devices”—the 20 billion mobile, datacom, smartgrid, federal, consumer, industrial and medical non-PC devices that connect across every sector of our economy.

EXECUTIVE SUMMARY

Respondents to our 2010 Mobile & Smart Device Security Survey recognize the quickly growing world of connected smart devices — the Internet of Things — and acknowledge that device security problems are not only inevitable, but potentially serious. 71% of our respondents expect a serious incident arising from attacks on, or problems with, connected smart devices within the next 24 months. Additionally, 65% report that attacks against their smart devices already require the regular attention of their IT staff, or will start requiring it this year. In fact, 23% of organizations surveyed already repel device attacks at least once monthly, while 10% must do so on a daily basis.

Despite this level of awareness, results show that relatively few organizations are prepared for today’s device security problems and those that lie ahead. Less than half of respondents described their organizations as having “completely” or “mostly” adequate resources dedicated to protecting themselves from attacks targeting

non-PC, connected devices. Yet over 57% responded that their device security budgets would either be “staying the same”, “decreasing” or “decreasing substantially.”

We can see from these results that there is a growing awareness of the urgency of the security threats that face our expanding world of smart devices. The incredibly popular smartphone market has likely aided this awareness — 77% of our respondents report that they’re concerned about mobile phone security. Protective measures, however, are lagging while new categories of smart devices continue to connect to networks across the globe. With virus attacks (just one category of the greater ecosystem of device threats) — and the defenses against them — already costing businesses billions each year, now is the time to address smart device security head-on.

©2010 Mocanawww.mocana.com

415.617.0055

The 269 self-selecting respondents came from a variety of industries, with particular concentrations in manufacturing (including computers, electronics and telecom equipment); professional, scientific, and technical services; and information (including software publishing).

Our survey (unsurprisingly) confirms the increasing pervasiveness of non-PC, connected devices within business settings. Over two-thirds of respondents reported the use of smartphones,

network printers, routers and datacom equipment at their companies while over half said their company used VoIP devices or networked building security features (such as digital cameras and computerized electronic locks). As might be anticipated in a survey of a population of individuals connected to Mocana, a substantial percentage of respondents—much larger than would be anticipated among IT professionals in general - participate in the actual creation or marketing of these connected “smart devices.”

What kind of business is your company in?

What kind of networked devices does your company use (or make)? Check all that apply.


Selected Organizations Represented in Survey

6Connex

A.L.M. Associates

ABB

ADVA Optical Networking NA, Inc

AES

Alamjaad Est.

Alcorn Mcbride Inc.

Alsim

Ambient

Amy Sa

Anchiva Systems

Anna University

Anova

Appliance Innovation, Inc.

Applied Signal Technology, Inc.

Arc Kannur

Arcadian Networks Inc.

Arictocrat Techologies

Aselsan A.S.

AT&T

Avaya

Avnet

Bat Gsd

Berker Gmbh

Best Buy

Blackmore

Blade Network Tech.

Bmcc

Boeing

Bosch Security Systems

Boston Engineering

Bridgeco Software Services India Pvt. Ltd

Broadband Consulting

Brush

Buttery Network Services

Cache-A Corporation

Calsoft Labs

Cannon Design

Canon Communications

Captech Ventures

Centers for Disease Control

CDH Adventures

Certivox

Cisco Systems

Cnisf

Comcast Cable

Comtech Aha Corp

Condoplex Monitoring Systems

Conocophillips

Conscious Security

Cornwall College

Cosmo

CTS

Cyclone Solutions

Data Respons Norge As

Data Track

Dell

Dexter Magnetic Technologies

Digicore

Diversified Labs

DSO National Labs

DSR Management Inc

EC Joint Research Centre

Edventure

EIG Consulting

Einfochips Limited

EIP Elektronika Co.

Elektron

Embassy

EMC Corp

EMD

ENE

Ford Motor Company

Fortinet

Fox Electronics

Freescale Semiconductor

Fremont Pd

Frontier Communications

Fujitsu

Garrettcom

GE Sensing & Inspection

Genesee Isd

GEP Washington

GMV

Goodrich Corp

Graham Consulting

Green Hills Software

General Services Administration

Guidewire Software Ltd

Harris Corporation

Hewlett-Packard Company

Hitachi Medical Systems America, Inc.

HITK

Hologic

Honeywell

Huawei Technologies Co.Nig.Ltd

IBJ Llc

India Ghandi Center for Atomic Research

Imagination Technologies

Infineta Systems

Instituto Nazionale di Fisica Nucleare Italia

Innovasmith

Inso4U

Intel

Internetassist

Interphase Corporation

Irdeto

Jands Pty Ltd

Karpagam College Of Engineeing

Kearfott Corp Msd

Legg Mason

Legrand Home Systems

Lenard Engineering, Inc.

Library Of Congress

Lockheed Martin

Lund University

Mantech International Corporation


415.617.0055

Marvell Semiconductor, Inc.

Medical Telecomm

Metatechnic Systems

Metric Group Ltd

Micro Technology Services

Mindray Medical

Montagem E Manutençao Eletrica

Montavista Software

More Fun Technologies, Llc

Morgan

Motorola

Narda-STS

National Informatics Centre

NetIQ

Netresearch

Netrino

Netsuite

Network360

NextGen GES

Niams - NIH

Nokia

Northrop Grumman

Network Technologies Inc.

Nucleus Technologies

Nudesign Technologies Inc.

Omnitron

Op-Pohjola Group

Oracle Corporation

Packer Engineering

Panasonic

Penspen International Ltd

Pentreed Communications Llc

Philips Health Care

PKI Engineering

Playboy Enterprises, Inc.

PMC-Sierra

Polycom Canada Ltd

Potts Engineering & Consulting

Prism Clinical Imaging, Inc.

Progeny Systems

Prometheus

Proteus

Proto6

Quatech

Radvision

RB & Associates

Renault Pars

Rockwell Automation

Ruckus Wireless

RV College Of Engineering

Samsung

Sandia National Laboratories

Santa Clara University

Schenck Trebel

Sertek Inc.

Shan Dong University

Sharp

Soft Servo

Solustan, Inc.

Space Systems Loral

Spacelabs Healthcare

Spark Integration Technologies Inc

Society of Petroleum Engineers

SRA International

Stoneridge

Stonesoft

Strategi Coakley

Strong Mind Designs

Symantec

Technoware

Tekcomm

Telcel

Teleca

Tennant Company

Tesla Laboratories

Texas A&M University

Thai Airways

The Winvale Group

ThyssenKrupp Elevadores

TigerDirect, Inc.

Tinker London

Trak Engineering

Trapeze ITS

U.S. Government

UC Berkeley

University of Georgia

University Of Helsinki

Universidad De Belgrano

Universidad Tecnológica De Pereira

University Of Limerick

University Of Minnesota

University Of Phoenix

US Army

US Department of Agriculture

Utah Transit Authority

UWBT

Valeo

Vector Magnetics

Vengear, Inc.

Vicom Systems

Vista Microsystems

Visteon Corp

Von Braun Center

Wernher Von Braun Labs

Wi-Tech Consulting

Winvale

Wipro Technologies

Xenterra

Xerox

Xylenes Software

Xytronix Research & Design, Inc

Zeal Interactive Pvt. Ltd.

Zippan


71% expect a serious incident arising from attacks on, or problems with, connected smart devices within the next 24 months(page 8)


415.617.0055


SECTION 1Perceptions of the Threat to Smart Devices

Understanding the Need for Device SecurityThe survey found that in the context of this rapidly expanding connected device ecosystem, there is a strong awareness of the range of potential security threats these devices face. A significant percentage of businesses surveyed said that attacks on smart devices have already impacted their business operations.


415.617.0055

More than 76% of respondents said they were “concerned” or “very concerned” about the security of mobile phones. Only about 1 person in 20 said that they were “not very” or “not at all” concerned about this issue.

But when we asked our survey subjects to comment on their industry as a whole, less than half of respondents felt that their own industry has a “high” or “very high” awareness of the threats to smart devices like mobile phones. Still, the vast majority anticipate a serious attack involving smart devices—and soon. Over 80 percent of respondents anticipate that a “serious

security incident” involving non-PC devices within their line of business is imminent, and more than half believe that incident would probably occur sometime this year. (For the purposes of the survey, we defined a “serious incident” as one causing a personal injury or death, a service outage of at least 8 hours, the loss of more than $100,000, or the compromise of more than 1,000 records of sensitive information).

Considering your peers in your industry, how would you characterize your industry’s level of AWARENESS of threats to connected, non-PC devices?

Are you concerned about the security of mobile phones?

In your personal opinion, when do you expect to NEXT hear about a serious security incident in your industry, arising from attacks on, or problems with, connected, non-PC devices?


65% say that attacks against their non-PC smart devices already require the regular attention of their IT staff, or will start requiring it this year.


415.617.0055


What types of attacks do you think your connected devices will need to repel in the next 24 months? (Multiple answers allowed).

Over 94 percent of respondents report that attacks on non-PC smart devices will inevitably require the regular attention of their company’s IT/security staff. Over 60% believe this is required this year, while nearly one-third believe that such attention is required immediately. In our opinion, this is one of the most surprising results of the survey, and the finding that may have one of the most immediate impacts on the bottom line of any organization.

As far as the types of problems that are anticipated with devices, our respondents seem to feel that several avenues of attack are likely. Most are expecting that their connected devices will be subject to attacks from viruses and malware, trojans or ”imposter” updates and phishing, and eavesdropping, sniffers, and data leakage.


415.617.0055

When do you think attacks against non-PC connected devices are going to start to require the regular attention of your IT or security staff?

Who do you think should be PRIMARILY responsible for delivering (selling or building-in) security features for mobile phones?

While our survey subjects were largely in agreement about the need for IT staffs to start taking mobile device security threats seriously, our subjects were divided on who should be held responsible for making security features available in the first place. When asked “who do you think should be primarily responsible for delivering security features for mobile phones,” our responders were almost evenly split between the device maker (for example, Samsung), and the OS vendor (for example, Google). The carrier and security software specialists came in a distant third and fourth. The technology-savvy executives and individuals among our sample seem to exhibit a certain expectation that their security features should come already “baked in” to the device when they buy it—a marked departure from the expectations of PC and workstation buyers of a decade ago.

Device Makers & OS Vendors:On the Hook


SECTION 2Device Security Impacting Business Operations

Our survey found that while most anticipate that most device attacks are yet to come, many have already experienced first-hand the consequences of device security breaches. More than two-thirds of respondents reported that device security issues have already disrupted their IT networks, with more than one-third reporting “some” or “serious” operational impact from these security incidents.

Almost a quarter of respondents with knowledge of their company’s patching procedures report that patches focused on remediating device security issues are applied to their company’s systems at least monthly — and in some cases weekly or even daily.

When it came to the types of attacks experienced (or patched against), viruses and malware (unsurprisingly) came out on top. But trojans and so-called “imposterupdates”—where malicious code is delivered down to a device, masquerading as a legitimate software update—came in a close second.


415.617.0055

What type of attacks did your devices experience (or, what type of attacks were the patches you applied designed to avert)? Multiple responses allowed. (Respondents stating “unsure” have been excluded).

Has your organization ever had to apply a security patch for a non-PC device, or ever encountered a security issue with any of your connected, non-PC devices, including printers, smartphones, routers or other devices like the ones mentioned previously?

Have those security issues (or the responses required to avoid them) ever impacted your business operations in some way?

Respondents without knowledge of patching procedures excluded.


SECTION 3Devices and the “Dangerfield Paradox”

Over the past year, analysts and technology press have forwarded the notion that attacks originally targeting PCs will almost certainly be retargeted towards the comparatively defenseless device infrastructure. These same analysts have noted that traditional PC security approaches are rarely practical for the tight systems environments that are typical of today’s smart devices. So the device security problem will be, in the words of one device expert, a “tough nut to crack.” Consider too that industry experts frequently assert that smart devices often perform more critical roles in our power, medical and transportation infrastructure, so that a device failure or compromise is felt more acutely than that of a PC glitch.

While attacks on devices are increasing exponentially, they are still just a fraction of the millions of attacks targeting PCs every day. Therefore, device security issues haven’t received much attention in the press—or in the boardroom. So despite the inevitability, importance, and difficulty of solving the problem, devices aren’t getting much respect: a “Dangerfield Paradox”. Our respondents make it clear that virtually all industry segments are eagerly connecting new devices to their networks, but aren’t yet demanding much security from their device vendors, or applying much add-on security software after the fact. But like everything else on the Internet, this is likely to change—and quickly—as the connected device population grows into the double-digit billions.


415.617.0055

Only 14% of respondents believe that their industry’s vulnerability to attacks on connected devices has decreased over the past year. When looking at overall preparedness for security threats to connected devices, we found that over 40% consider their own companies unprepared for device threats. Less than 12% of respondents described their organizations as having “completely” adequate resources dedicated to protecting themselves from attacks targeting non-PC, connected devices. Yet over three-quarters of our subjects said that their device security budget would be increasing or at least staying steady this year - significant in a recession when most IT budgets are being cut.

Here’s where the survey got down to brass tacks. We asked our subjects to tell us how much they would be willing to pay to “properly secure” their smartphones. Not surprisingly, our respondents said that their business organization would (or does already) pay much more on a per phone, per month basis than they personally would be willing to pay for the same services as individual consumers.

Considering your industry as a whole, how would you characterize your industry’s vulnerability to attacks on their connected devices?

In your opinion, does your organization dedicate enough resources to protect its networks and information from attacks and malware targeting DEVICES that aren’t PCs (printers, routers, smartphones, etc)?

As far as you know, how would you characterize your organization’s security budget, especially as it pertains to guarding against attacks directed at non-PC devices like printers, smartphones and network appliances?

How much do you think your organization would (or does) pay per month to properly secure its fleet of smartphones? Pertaining to your personal smartphone, how much would you pay as a consumer?

BUSINESS AVERAGE:$2.22 per phone/month*

PERSONAL AVERAGE:$1.44 per phone/month*

*For averaging purposes, responses of “Less than $1” were calculated at $0.50, while responses of “$6 or more” were calculated at $6.50.


SECTION 4Solving the Device Security Problem

With products ranging from medical devices, office printers, smartphones and household appliances, to smart grid utility meters, security cameras and industrial controls; securing the Internet of Things is going to be a challenge. It’s not as simple as using an off-the-shelf software program to protect a PC. Device platforms are as varied as the devices themselves, often consisting of proprietary software coded over many years to run in very specific environments for cars, dishwashers, and televisions. Each device, each manufacturer has slightly different needs. Processor limitations, memory constraints, battery life and a slew of other constraints and idiosyncrasies peculiar to device environments conspire to make device security a nontrivial undertaking.

There are widely recognized “best practices” approaches to guarding the security of devices and the data they shepherd. Our survey asked respondents to opine first about the devices their company USES, and later about the devices their company MAKES or sells. When it came to devices that a company uses in-house, on-device and

link encryption was by far the most “wished for” security feature, garnering more than double the number of responses as the second-most popular security feature: Authenticated Code Updates and Booting. Results were similar when respondents were asked about devices that their company, themselves, made or sold.

“Smartphones” are a subset of the larger “smart devices ecosystem”—the collection of all non-PC computers that communicate via Internet Protocol. When we focus our responders on the smart phone subset of smart devices, and ask them about what attack types concern them the most, their answers change in interesting ways.

Also, when we rephrase the question to focus on the organizations “unaddressed needs” specific to smartphone (as opposed to the device ecosystem holistically), priorities seem to shift somewhat. We invite you to see the charts at right, and draw your own conclusions.


415.617.0055

What type of attacks against SMARTPHONES concern you the most? (Multiple responses allowed).

What do you think are your organization’s most pressing UNADDRESSED NEEDS when it comes to the security of the smartphones you use? (Multiple responses allowed).

Of the measures you DON’T use yet, which ones do you think your organization should apply NEXT to devices. (Multiple responses allowed).


Nearly one-third of device manufacturers surveyed report that their organizations are planning to introduce security-centric cloud services for their devices. That’s not surprising, considering that over 80% of our respondents said that such a cloud-delivered security service for their connected devices would be “very” or at least “somewhat” useful.

So-called “app stores” for mobile phones are proliferating, and we found that a surprisingly large segment of our sample worked for organizations that either have, or are planning to deploy their own internal “app stores” for their employees. Almost a quarter of our respondents said that their companies either had, or soon would have, an “app repository.”

Lots of companies develop their own software for internal use. Does your company yet offer its own internal MOBILE “app store” or app repository?

HOW USEFUL would it be to your company to be able to deliver (or subscribe to) customized, ad-hoc security services to your company’s devices…from the cloud?

(If your company builds or sells devices) — Are you planning to introduce security-centric cloud services for your devices?

Apps, The Cloud & Devices


415.617.0055

CONCLUSIONHeadlong, Into the Future

Virus attacks on PCs used to cost American organizations nothing. They were too infrequent, and of too little consequence. Then everything changed.

Virus attacks — and the global defense against them — now cost businesses billions every year. And viruses are just one category of the threat in an ecosystem that steals, spends, wastes, invests and destroys hundreds of billions of dollars annually. Our respondents acknowledge the fast emergence of the Internet of Things and see device security problems as inevitable and potentially serious. Because they are so closely integrated with our critical infrastructure, device security problems are even more likely than PC problems to result in physical consequences. But relatively few organizations are prepared. One can only conclude that when the inevitable tide of attacks on the device infrastructure rises, it will likely end up costing us a lot more than it should have.


Further Reading: Device Security in the News from Mocana’s DeviceLINE Blog: mocana.com/blog

FasTrak or FastHACK?September 30th, 2008 http://mocana.com/blog/2008/09/30/fastrak-or-fasthack/

Cisco Moves to Plug Router Software FlawsOctober 6th, 2008 http://mocana.com/blog/2008/10/06/cisco-moves-to-plug-router-software-flaws/

How Much Do You Really Know About (SSH) Security?October 6th, 2008 http://mocana.com/blog/2008/10/06/how-much-do-you-really-know-about-ssh-security/

Traffic Lights Hacked in Los AngelesNovember 24th, 2008 http://mocana.com/blog/2008/11/24/traffic-lights-hacked-in-los-angeles/

Nokia and the Internet of ThingsDecember 5th, 2008 http://mocana.com/blog/2008/12/05/nokia-and-the-internet-of-things/

Embedded Technologies On IceDecember 5th, 2008 http://mocana.com/blog/2008/12/05/embedded-technologies-on-ice/

25C3: Serious Security Vulnerabilities in DECT Wireless TelephonyJanuary 12th, 2009 http://mocana.com/blog/2009/01/12/25c3-serious-security-vulnerabilities-in-dect-wireless-telephony/

Researcher Creates ‘Write Once, Run Anywhere’ Cisco HijacksJanuary 12th, 2009 http://mocana.com/blog/2009/01/12/researcher-creates-write-once-run-anywhere-cisco-hijacks/

The Five Coolest Hacks of 2008January 12th, 2009 http://mocana.com/blog/2009/01/12/the-five-coolest-hacks-of-2008/

New Mobile Malware Silently Transfers Account CreditFebruary 9th, 2009 http://mocana.com/blog/2009/02/09/new-mobile-malware-silently-transfers-account-credit/

Building Firewalls for Embedded SystemsFebruary 9th, 2009 http://mocana.com/blog/2009/02/09/building-firewalls-for-embedded-systems/

Zombie Crossing?February 9th, 2009 http://mocana.com/blog/2009/02/09/zombie-crossing/

“War Cloning — It’s the New Hacker Sport,”February 9th, 2009 http://mocana.com/blog/2009/02/09/war-cloning-its-the-new-hacker-sport/

French Fighter Planes Grounded by Virus!February 9th, 2009 http://mocana.com/blog/2009/02/09/french-fighter-planes-grounded-by-virus/

Do You Know Where Your Phone is?February 23rd, 2009 http://mocana.com/blog/2009/02/23/do-you-know-where-your-phone-is/

Hackers Take Aim at SmartphonesFebruary 23rd, 2009 http://mocana.com/blog/2009/02/23/hackers-take-aim-at-smartphones/

Latest Cell Phone Worm Tricks UsersFebruary 23rd, 2009 http://mocana.com/blog/2009/02/23/latest-cell-phone-worm-tricks-users/

Netbook Web Surfers BewareMarch 9th, 2009 http://mocana.com/blog/2009/03/09/netbook-web-surfers-beware/

SCADA Under Fire… Again.March 9th, 2009 http://mocana.com/blog/2009/03/09/scada-under-fire-again/

Who’s responsible for Mobile Security?March 23rd, 2009 http://mocana.com/blog/2009/03/23/who%e2%80%99s-responsible-for-mobile-security/

Wireless Access Points Get Wireless Access Points Get SneakyMarch 23rd, 2009 http://mocana.com/blog/2009/03/23/wireless-access-points-get-wireless-access-points-get-sneaky/

Consumer (and Hacker) FriendlyMarch 23rd, 2009 http://mocana.com/blog/2009/03/23/consumer-and-hacker-friendly/

Pwn2Own, No WinnersMarch 23rd, 2009 http://mocana.com/blog/2009/03/23/pwn2own-no-winners/

Mobile Security’s “Big Rub”March 23rd, 2009 http://mocana.com/blog/2009/03/23/mobile-security%e2%80%99s-big-rub/

Smart Grid, Smarter HackersApril 6th, 2009 http://mocana.com/blog/2009/04/06/smart-grid-smarter-hackers/

Reinfected BIOS with every RebootApril 6th, 2009 http://mocana.com/blog/2009/04/06/reinfected-bios-with-every-reboot/

Malware hijacks 100,000 home routers into BotnetApril 6th, 2009 http://mocana.com/blog/2009/04/06/malware-hijacks-100000-home-routers-into-botnet/

Spies Hack into US Electricity GridApril 17th, 2009 http://mocana.com/blog/2009/04/17/spies-hack-into-us-electricity-grid/

Intel/GE and Next-Generation Home Health TechnologiesApril 17th, 2009 http://mocana.com/blog/2009/04/17/intelge-and-next-generation-home-health-technologies/

The (not-so) Dumb AdversaryMay 4th, 2009 http://mocana.com/blog/2009/05/04/the-not-so-dumb-adversary/

Conficker Infects Critical Medical DevicesMay 4th, 2009 http://mocana.com/blog/2009/05/04/conficker-infects-critical-medical-devices/

2009’s Five Most Dangerous AttacksMay 4th, 2009 http://mocana.com/blog/2009/05/04/2009s-five-most-dangerous-attacks/

Voice Encryption Comes to BlackberryMay 15th, 2009 http://mocana.com/blog/2009/05/15/voice-encryption-comes-to-blackberry/

Star Trek Security LessonsMay 15th, 2009 http://mocana.com/blog/2009/05/15/star-trek-security-lessons/

InformationWeek: 3G Security Coming Along, But…June 1st, 2009 http://mocana.com/blog/2009/06/01/informationweek-3g-security-coming-along-but/

DOE: First Smart Grid Security StandardsJune 1st, 2009 http://mocana.com/blog/2009/06/01/doe-first-smart-grid-security-standards/

Great Netbooks! Free Malware Included.June 1st, 2009 http://mocana.com/blog/2009/06/01/great-netbooks-free-malware-included/

Buggy Breathalyzer Bounces BoozersJune 1st, 2009 http://mocana.com/blog/2009/06/01/buggy-breathalyzer-bounces-boozers/

IP is the glueJune 16th, 2009 http://mocana.com/blog/2009/06/16/ip-is-the-glue/

Selling to the Government and FIPSJuly 21st, 2009 http://mocana.com/blog/2009/07/21/selling-to-the-government-and-fips/

Once More, With Feeling: Don’t Use WPA for Wireless SecurityAugust 28th, 2009 http://mocana.com/blog/2009/08/28/once-more-with-feeling-dont-use-wpa-for-wireless-security/

Security in Wireless Sensor NetworksSeptember 21st, 2009 http://mocana.com/blog/2009/09/21/mocana-byline-security-in-wireless-sensor-networks/

WALL STREET JOURNALOff-the-shelf mobile devices becoming government-issue standardSeptember 21st, 2009 http://mocana.com/blog/2009/09/21/wall-street-journal-off-the-shelf-mobile-devices-becoming-government-issue-standard/

Skype VoIP: Who’s listening in?September 21st, 2009 http://mocana.com/blog/2009/09/21/skype-voip-whos-listening-in/

Is Your Office Printer Secure?September 21st, 2009 http://mocana.com/blog/2009/09/21/is-your-office-printer-secure/

TI Calculators: Master Keys CrackedOctober 6th, 2009 http://mocana.com/blog/2009/10/06/ti-calculators-master-keys-cracked/

NIST Publishes Security Standards for Smart Grid DevicesOctober 6th, 2009 http://mocana.com/blog/2009/10/06/nist-publishes-security-standards-for-smart-grid-devices/


415.617.0055

Company Forced to Give Up Source Under GPLOctober 6th, 2009 http://mocana.com/blog/2009/10/06/company-forced-to-give-up-source-under-gpl/

Clobbering the CloudOctober 12th, 2009 http://mocana.com/blog/2009/10/12/clobbering-the-cloud/

Hacking robots to turn into murderous gangs… more news at 11October 12th, 2009 http://mocana.com/blog/2009/10/12/hacking-robots-to-turn-into-murderous-gangs-more-news-at-11/

Current trends in cyber attacks on mobile and embedded systemsOctober 18th, 2009 http://mocana.com/blog/2009/10/18/mocana-bylinecurrent-trends-in-cyber-attacks-on-mobile-and-embedded-systems/

So You Think You Can Hack?October 18th, 2009 http://mocana.com/blog/2009/10/18/so-you-think-you-can-hack/

President Obama declares October as National Cybersecurity Awareness MonthOctober 18th, 2009 http://mocana.com/blog/2009/10/18/video-president-obama-declares-october-as-national-cybersecurity-awareness-month/

Thousands of Unsecured Devices FoundOctober 26th, 2009 http://mocana.com/blog/2009/10/26/thousands-of-unsecured-devices-found/

Opening the “Closed Circuit”October 26th, 2009 http://mocana.com/blog/2009/10/26/opening-the-closed-circuit/

Cable Customers Open to AttacksOctober 26th, 2009 http://mocana.com/blog/2009/10/26/cable-customers-open-to-attacks/

Mobile Devices Leaking Their Own Crypto KeysOctober 26th, 2009 http://mocana.com/blog/2009/10/26/mobile-devices-leaking-their-own-crypto-keys/

Feds Putting the “Smart” Cart Before the Horse?November 3rd, 2009 http://mocana.com/blog/2009/11/03/feds-putting-the-smart-cart-before-the-horse/

CONFERENCE SUMMARY:2009 Control Systems Security ConferenceNovember 3rd, 2009 http://mocana.com/blog/2009/11/03/conference-summary2009-control-systems-security-conference/

Hackable FactoriesNovember 8th, 2009 http://mocana.com/blog/2009/11/08/hackable-factories/

Tech Heavyweights in Secret Crash Program to Fix Serious SSL FlawNovember 8th, 2009 http://mocana.com/blog/2009/11/08/tech-heavyweights-in-secret-crash-program-to-fix-serious-ssl-flaw/

4 Doors, Dual Airbags, 100 Million Lines of CodeNovember 8th, 2009 http://mocana.com/blog/2009/11/08/4-doors-dual-airbags-100-million-lines-of-code/

Delivering Phone Fixes Over the AirNovember 16th, 2009 http://mocana.com/blog/2009/11/16/delivering-phone-fixes-over-the-air/

iPhone Worm has 2 Million TargetsNovember 16th, 2009 http://mocana.com/blog/2009/11/16/iphone-worm-has-2-million-targets/

Integrity for Implanted Medical Devices?November 16th, 2009 http://mocana.com/blog/2009/11/16/integrity-for-implanted-medical-devices/

Cavium Buys MontaVistaNovember 16th, 2009 http://mocana.com/blog/2009/11/16/cavium-buys-montavista/

Cell DDoS Attacks ImminentNovember 22nd, 2009 http://mocana.com/blog/2009/11/22/cell-ddos-attacks-imminent/

Twitter Hacked via SSL FlawNovember 22nd, 2009 http://mocana.com/blog/2009/11/22/twitter-hacked-via-ssl-flaw/

The Body-Area-Network: Wide OpenNovember 22nd, 2009 http://mocana.com/blog/2009/11/22/the-body-area-network-wide-open/

Newer, Nastier iPhone Worm SpreadsNovember 23rd, 2009 http://mocana.com/blog/2009/11/23/newer-nastier-iphone-worm-spreads/

Mobile Devices Not Enterprise-ready. Yet.December 8th, 2009 http://mocana.com/blog/2009/12/08/mobile-devices-not-enterprise-ready-yet/

Another Top Security Exec Warns of Mobile Industry VulnerabilityDecember 8th, 2009 http://mocana.com/blog/2009/12/08/another-top-security-exec-warns-of-mobile-industry-vulnerability/

The Automated Home — Coming Soon to a Neighborhood Near YouDecember 8th, 2009 http://mocana.com/blog/2009/12/08/the-automated-home-coming-soon-to-a-neighborhood-near-you/

Kicking the Tires on Google’s Chrome OSDecember 8th, 2009 http://mocana.com/blog/2009/12/08/kicking-the-tires-on-googles-chrome-os/

FedEx Packages Sending Packets of Their OwnDecember 14th, 2009 http://mocana.com/blog/2009/12/14/fedex-packages-sending-packets-of-their-own/

Attacks on SCADA Equipment Up 37% in 2009December 14th, 2009 http://mocana.com/blog/2009/12/14/attacks-on-scada-equipment-up-37-in-2009/

FPGAs Vulnerable to Power Analysis Hacks?December 14th, 2009 http://mocana.com/blog/2009/12/14/fpgas-vulnerable-to-power-analysis-hacks/

The Best of the Internet of Things, 2009December 14th, 2009 http://mocana.com/blog/2009/12/14/the-best-of-the-internet-of-things-2009/

U.S. Military Surveillance Drones HackedDecember 16th, 2009 http://mocana.com/blog/2009/12/16/breaking-news-u-s-military-surveillance-drones-hacked/

New Technology to Connect The Internet of ThingsJanuary 10th, 2010 http://mocana.com/blog/2010/01/10/new-technology-to-connect-the-internet-of-things/

Expert Warns of Industrial Control Security RisksJanuary 10th, 2010 http://mocana.com/blog/2010/01/10/expert-warns-of-industrial-control-security-risks/

Fed Certified Flash Drives Easily HackedJanuary 10th, 2010 http://mocana.com/blog/2010/01/10/fed-certified-flash-drives-easily-hacked/

Cybersecurity of Airport Scanners Still Up in the AirJanuary 10th, 2010 http://mocana.com/blog/2010/01/10/cybersecurity-of-airport-scanners-still-up-in-the-air/

Mobile Market Poised for Massive ExpansionJanuary 10th, 2010 http://mocana.com/blog/2010/01/10/mobile-market-poised-for-massive-expansion/

Smart Grid Security Need Grows UrgentJanuary 17th, 2010 http://mocana.com/blog/2010/01/17/smart-grid-security-need-grows-urgent/

Google Hacked by Serious ProsJanuary 17th, 2010 http://mocana.com/blog/2010/01/17/google-hacked-by-serious-pros/

Moscow Billboard Hacked with Adult ContentJanuary 17th, 2010 http://mocana.com/blog/2010/01/17/moscow-billboard-hacked-with-adult-content/

Crypto Flaws Found in Smart Meter ChipsJanuary 24th, 2010 http://mocana.com/blog/2010/01/24/crypto-flaws-found-in-smart-meter-chips/

First Smart Grid Standards Guide IssuedJanuary 24th, 2010 http://mocana.com/blog/2010/01/24/first-smart-grid-standards-guide-issued/

Popular Portable Router Easily HackedJanuary 24th, 2010 http://mocana.com/blog/2010/01/24/popular-portable-router-easily-hacked/

Expert Warns of Enterprise Security Risks Posed by SmartphonesFebruary 4th, 2010 http://mocana.com/blog/2010/02/04/expert-warns-of-enterprise-security-risks-posed-by-smartphones/

Despite Warnings, KitchenAid.com Remains Infected with MalwareFebruary 4th, 2010 http://mocana.com/blog/2010/02/04/despite-warnings-kitchenaid-com-remains-infected-with-malware/

Are Cyber-spies Tracking You Across The Border?February 4th, 2010 http://mocana.com/blog/2010/02/04/are-cyber-spies-tracking-you-across-the-border/

Ensuring Security of Military Embedded SystemsFebruary 4th, 2010 http://mocana.com/blog/2010/02/04/ensuring-security-of-military-embedded-systems/

Malicious App Found in Android MarketplaceFebruary 4th, 2010 http://mocana.com/blog/2010/02/04/malicious-app-found-in-android-marketplace/


Smart Dust: Coming Soon (Security Not Included).February 9th, 2010 http://mocana.com/blog/2010/02/09/smart-dust-coming-soon-security-not-included/

Critical Infrastructure Under Persistent AttackFebruary 9th, 2010 http://mocana.com/blog/2010/02/09/critical-infrastructure-under-persistent-attack/

Cable Modems Make for Easy HackingFebruary 9th, 2010 http://mocana.com/blog/2010/02/09/cable-modems-make-for-easy-hacking/

Successful Attack on TPMFebruary 9th, 2010 http://mocana.com/blog/2010/02/09/successful-attack-on-tpm/

Smart Grid Security Spending to Jump to $3.7BFebruary 15th, 2010 http://mocana.com/blog/2010/02/15/smart-grid-security-spending-to-jump-to-3-7b/

Cisco Projects Mobile Traffic to Grow to >3.6 Exabytes per Month.February 15th, 2010 http://mocana.com/blog/2010/02/15/cisco-projects-mobile-traffic-to-grow-to-3-6-exabytes-per-month/

Cordless Phone Crypto HackedFebruary 15th, 2010 http://mocana.com/blog/2010/02/15/cordless-phone-crypto-hacked/

Cars With (Many) Minds of Their Own?February 15th, 2010 http://mocana.com/blog/2010/02/15/cars-with-many-minds-of-their-own/

Smartphone Hacks Paid $15,000 PerFebruary 22nd, 2010 http://mocana.com/blog/2010/02/22/smartphone-hacks-paid-15000-per/

25 Errors that Leave Software Vulnerable to AttackFebruary 22nd, 2010 http://mocana.com/blog/2010/02/22/25-errors-the-leave-software-vulnerable-to-attack/

Symantec to Vouch for Phone AppsFebruary 28th, 2010 http://mocana.com/blog/2010/02/28/symantec-to-vouch-for-phone-apps/

Experts Warn of National Cybersecurity WeaknessFebruary 28th, 2010 http://mocana.com/blog/2010/02/28/experts-warn-of-national-cybersecurity-weakness/

Rutgers Study Roots SmartphonesFebruary 28th, 2010 http://mocana.com/blog/2010/02/28/rutgers-study-roots-smartphones/

Experts Warn of Smart Grid Security WeaknessMarch 8th, 2010 http://mocana.com/blog/2010/03/08/experts-warn-of-smart-grid-security-weakness/

Android Platform Quickly Growing Beyond Phones, Security Concerns RemainMarch 8th, 2010 http://mocana.com/blog/2010/03/08/android-platform-quickly-growing-beyond-phones-security-concerns-remain/

British Press Execs in Phone Hacking ConspiracyMarch 8th, 2010 http://mocana.com/blog/2010/03/08/british-press-execs-in-phone-hacking-conspiracy/

Android Phone Now Shipping With Malware Pre-InstalledMarch 8th, 2010 http://mocana.com/blog/2010/03/08/android-phone-now-shipping-with-malware-pre-installed/

Serious Flaw Found in OpenSSLMarch 8th, 2010 http://mocana.com/blog/2010/03/08/serious-flaw-found-in-openssl/

Cyber-skimmers Stealing Credit Cards at the Gas PumpMarch 16th, 2010 http://mocana.com/blog/2010/03/16/cyber-skimmers-stealing-credit-cards-at-the-gas-pump/

Cybercriminals Stalking and Eavesdropping with Cell Phone SoftwareMarch 16th, 2010 http://mocana.com/blog/2010/03/16/cybercriminals-stalking-and-eavesdropping-with-cell-phone-software/

FDA Investigates Dangerous Insulin Pump MalfunctionsMarch 16th, 2010 http://mocana.com/blog/2010/03/16/fda-investigates-dangerous-insulin-pump-malfunctions/

The Expanding Machine-to-Machine SectorMarch 22nd, 2010 http://mocana.com/blog/2010/03/22/the-expanding-machine-to-machine-sector/

Blogger: Security Mainstream Still Ignorant of Security Problems in Industrial Controls & Embedded DevicesMarch 22nd, 2010 http://mocana.com/blog/2010/03/22/blogger-security-mainstream-still-ignorant-of-security-problems-in-industrial-controls-embedded-devices/

Project costs 60x higher when security addressed late in the development cycle – IOActive StudyMarch 22nd, 2010 http://mocana.com/blog/2010/03/22/project-costs-60x-higher-when-security-addressed-late-in-the-development-cycle-ioactive-study/

Over 100 Cars Remote Attacked by Disgruntled HackerMarch 22nd, 2010 http://mocana.com/blog/2010/03/22/over-100-cars-remote-attacked-by-disgruntled-hacker/

Will iPad be Secure Enough for the Enterprise?March 29th, 2010 http://mocana.com/blog/2010/03/29/will-ipad-be-secure-enough-for-the-enterprise/

New “Sniffer” Hijacks Wireless Data, Sends Rogue CommandsMarch 30th, 2010 http://mocana.com/blog/2010/03/30/new-sniffer-hijacks-wireless-data-sends-rogue-commands/

VIDEO: A New Look at The Internet of ThingsMarch 30th, 2010 http://mocana.com/blog/2010/03/30/video-a-new-look-at-the-internet-of-things/

Major Security Flaws Found in Smart MetersMarch 30th, 2010 http://mocana.com/blog/2010/03/30/major-security-flaws-found-in-smart-meters/

iPad Not Yet Available. But Already Hacked?March 30th, 2010 http://mocana.com/blog/2010/03/30/ipad-not-yet-available-but-already-hacked/

Connected Devices to Reach 1 TrillionMarch 30th, 2010http://mocana.com/blog/2010/03/30/connected-devices-to-reach-1-trillion/

iPod Your HotrodApril 5th, 2010 http://mocana.com/blog/2010/04/05/ipod-your-hotrod/

Security Industry Experts Warn of Enterprise IT WeaknessesApril 5th, 2010 http://mocana.com/blog/2010/04/05/security-industry-experts-warn-of-enterprise-it-weaknesses/

Understanding “The Internet of Things”April 7th, 2010 http://mocana.com/blog/2010/04/07/understanding-the-internet-of-things/

AT&T Wants Everything OnlineApril 7th, 2010 http://mocana.com/blog/2010/04/07/att-wants-everything-online/

Security Patching Now Necessary Every WeekApril 7th, 2010 http://mocana.com/blog/2010/04/07/security-patching-now-necessary-every-week/

Medical Devices HackedApril 8th, 2010 http://mocana.com/blog/2010/04/08/medical-devices-hacked/

New Wireless Standard for Medical DevicesApril 12th, 2010 http://mocana.com/blog/2010/04/12/new-wireless-standard-for-medical-devices/

Medical Device Malfunctions Cost Company MillionsApril 12th, 2010 http://mocana.com/blog/2010/04/12/medical-device-malfunctions-cost-company-millions/

Will Update Make iPhone Enterprise-ready?April 13th, 2010 http://mocana.com/blog/2010/04/13/will-update-make-iphone-enterprise-ready/

Security Expert Warns of Potential Economic AttackApril 14th, 2010 http://mocana.com/blog/2010/04/14/security-expert-warns-of-potential-economic-attack/

Industrial Control Systems Hit by MalwareApril 15th, 2010 http://mocana.com/blog/2010/04/15/industrial-control-systems-hit-by-malware/

Google Readies Cloud PrintingApril 18th, 2010 http://mocana.com/blog/2010/04/18/google-readies-cloud-printing/

Workplace Gaming Threatens Enterprise SecurityApril 20th, 2010 http://mocana.com/blog/2010/04/20/workplace-gaming-threatens-enterprise-security/

New Smart Grid Security Document ReleasedApril 25th, 2010 http://mocana.com/blog/2010/04/25/new-smart-grid-security-document-released/

Shrill Verizon Slams Security WhistleblowersApril 26th, 2010 http://mocana.com/blog/2010/04/26/shrill-verizon-slams-security-whistleblowers/

Microsoft Researcher Recommends Password Tattoos for PacemakersApril 27th, 2010 http://mocana.com/blog/2010/04/27/microsoft-researcher-recommends-password-tattoos-for-pacemakers/

Fraudulent Card Readers Skim Customer DataApril 28th, 2010 http://mocana.com/blog/2010/04/28/fraudulent-card-readers-skim-customer-data/


415.617.0055

Medical Device Malfunction Case ContinuesApril 28th, 2010 http://mocana.com/blog/2010/04/28/medical-device-malfunction-case-continues/

Researchers Find Ways to Track and Spy on Mobile Phones, LegallyApril 28th, 2010 http://mocana.com/blog/2010/04/28/researchers-find-ways-to-track-and-spy-on-mobile-phones-legally/

Create Your Own Cellphone NetworkMay 2nd, 2010 http://mocana.com/blog/2010/05/02/create-your-own-cellphone-network/

House Votes to Secure Energy GridMay 3rd, 2010 http://mocana.com/blog/2010/05/03/house-votes-to-secure-energy-grid/

New Bluetooth Coming To Your WristwatchMay 3rd, 2010 http://mocana.com/blog/2010/05/03/new-bluetooth-coming-to-your-wristwatch/

Getting Bigger Things from Smaller ProcessorsMay 3rd, 2010 http://mocana.com/blog/2010/05/03/getting-bigger-things-from-smaller-processors/

New Embedded Device Security Specs Now Online For CommentMay 3rd, 2010 http://mocana.com/blog/2010/05/03/new-embedded-device-security-specs-now-online-for-comment/

Jailbreak Your iPadMay 4th, 2010 http://mocana.com/blog/2010/05/04/jailbreak-your-ipad/

Connected Glucose Meter Scores Points For KidsMay 5th, 2010 http://mocana.com/blog/2010/05/05/connected-glucose-meter-scores-points-for-kids/

VIDEO: Huge Security Risk Found In Digital CopiersMay 6th, 2010 http://mocana.com/blog/2010/05/06/video-huge-security-risk-found-in-digital-copiers/

New Protocol Addresses RFID VulnerabilityMay 9th, 2010 http://mocana.com/blog/2010/05/09/new-protocol-addresses-rfid-vulnerability/

U.S. Army Plans for Wider Drone UseMay 10th, 2010 http://mocana.com/blog/2010/05/10/u-s-army-plans-for-wider-drone-use/

FDA Sets Tighter Standards For Medical DevicesMay 12th, 2010 http://mocana.com/blog/2010/05/12/fda-sets-tighter-standards-for-medical-devices/

Serious Security Risks Found in Modern CarsMay 13th, 2010 http://mocana.com/blog/2010/05/13/breaking-news-serious-security-risks-found-in-modern-cars/

Hacker Plans to Unveil ATM RootkitMay 17th, 2010 http://mocana.com/blog/2010/05/17/hacker-plans-to-unveil-atm-rootkit/

Depsite IT, Industrial and Utility Security Still WeakMay 17th, 2010 http://mocana.com/blog/2010/05/17/depsite-it-industrial-and-utility-security-still-weak/

USAF Unveils “Cyberspace” BadgeMay 18th, 2010 http://mocana.com/blog/2010/05/18/usaf-unveils-cyberspace-badge/

Secure E-Medical Records Now Available on iPhone, iPadMay 23rd, 2010 http://mocana.com/blog/2010/05/23/secure-e-medical-records-now-available-on-iphone-ipad/

Ex-Intel Exec Funds Medical Engineering ProgramMay 23rd, 2010 http://mocana.com/blog/2010/05/23/ex-intel-exec-funds-medical-engineering-program/

Designing Medical Device Antennae for Top PerformanceMay 25th, 2010 http://mocana.com/blog/2010/05/25/designing-medical-device-antennae-for-top-performance/

Man “Infects” Himself with Computer VirusMay 26th, 2010 http://mocana.com/blog/2010/05/26/man-infects-himself-with-computer-virus/

Bugs Leave Buildings’ Critical Systems VulnerableMay 26th, 2010 http://mocana.com/blog/2010/05/26/bugs-leave-buildings-critical-systems-vulnerable/

Spy Games In CyberspaceMay 31st, 2010 http://mocana.com/blog/2010/05/31/spy-games-in-cyberspace/

Nearly Half of TVs Will Ship With Internet By 2013May 31st, 2010 http://mocana.com/blog/2010/05/31/nearly-half-of-tvs-will-ship-with-internet-by-2013/

VA Medical Devices Infected With MalwareJune 2nd, 2010 http://mocana.com/blog/2010/06/02/va-medical-devices-infected-with-malware/

New Android Apps for Wiretap-proof CommunicationsJune 6th, 2010 http://mocana.com/blog/2010/06/06/new-android-apps-for-wiretap-proof-communications/

UK Researches Develop “Holy Grail” of CryptographyJune 7th, 2010 http://mocana.com/blog/2010/06/07/uk-researches-develop-holy-grail-of-cryptography/

Tech Giant Hands Out Malware at Security ConferenceJune 7th, 2010 http://mocana.com/blog/2010/06/07/tech-giant-hands-out-malware-at-security-conference/

FBI Warns of Growing Mobile Malware ThreatJune 8th, 2010 http://mocana.com/blog/2010/06/08/experts-warn-of-growing-mobile-app-dangers/

iPad Security Breach Embarrasses Apple, AT&TJune 9th, 2010 http://mocana.com/blog/2010/06/09/ipad-security-breach-creates-privacy-concerns/

Ford’s Planned “App Store for Cars” Raises Security ConcernsJune 10th, 2010 http://mocana.com/blog/2010/06/10/high-tech-cars-create-new-security-concerns/

60 MINUTES: Devices Controlling National Infrastructure Have Already Been HackedJune 13th, 2010 http://mocana.com/blog/2010/06/13/former-government-officials-warn-of-national-vulnerabilities/

Software Glitch in Respirator Device Kills Minnesota WomanJune 14th, 2010 http://mocana.com/blog/2010/06/14/womans-death-caused-by-possible-software-malfunction/

Malware Discovered in Olympus Digital CamerasJune 15th, 2010 http://mocana.com/blog/2010/06/15/malware-discovered-in-olympus-digital-cameras/

Windows Mobile Malware Targets GamersJune 16th, 2010 http://mocana.com/blog/2010/06/16/mobile-malware-targets-windows-gamers/

Intel Fields Prototype Home Appliance ControllerJune 17th, 2010 http://mocana.com/blog/2010/06/17/intel-develops-smart-energy-monitoring-prototype/

Nice Work if You Can Get It: Security Retrofit for 800 Million Smart Meters?June 20th, 2010 http://mocana.com/blog/2010/06/20/smart-meter-rollouts-continue-despite-major-security-concerns/

Juniper Exec: 4G Devices Bringing Malware with SpeedJune 21st, 2010 http://mocana.com/blog/2010/06/21/4g-smartphones-deliver-higher-speeds-new-security-concerns/

Android Platform Sees First Military ApplicationJune 22nd, 2010 http://mocana.com/blog/2010/06/22/android-platform-sees-first-military-application/

Anti-Virus Software To Become Required for Internet Access?June 24th, 2010 http://mocana.com/blog/2010/06/24/anti-virus-software-to-become-required-for-internet-access/

Smart Heart Devices in DevelopmentJune 27th, 2010 http://mocana.com/blog/2010/06/27/smart-heart-devices-in-development/

Buyer Beware: Android Security Study Cautions UsersJune 28th, 2010 http://mocana.com/blog/2010/06/28/buyer-beware-android-security-study-cautions-users/

Billions Slated for Smart Grid SecurityJune 29th, 2010 http://mocana.com/blog/2010/06/29/billions-slated-for-smart-grid-security/

The Evolution of Mobile ThreatsJune 30th, 2010 http://mocana.com/blog/2010/06/30/the-evolution-of-mobile-threats/

New Smart Grid Security Draft ReleasedJuly 1st, 2010 http://mocana.com/blog/2010/07/01/new-smart-grid-security-draft-released/

iTunes Store Hacked by Rogue DeveloperJuly 5th, 2010 http://mocana.com/blog/2010/07/05/itunes-store-hacked-by-rogue-developer/

Understanding EAX’ Smart Grid SecurityJuly 6th, 2010 http://mocana.com/blog/2010/07/06/understanding-eax-smart-grid-security/

50 Arrests Made in Smartphone Spyware ProbeJuly 7th, 2010 http://mocana.com/blog/2010/07/07/50-arrests-made-in-smartphone-spyware-probe/

Government Introduces “Perfect Citizen”July 8th, 2010 http://mocana.com/blog/2010/07/08/federal-surveillance-program-to-monitor-critical-infrastructure/


Imagining Cyber-WarfareJuly 11th, 2010 http://mocana.com/blog/2010/07/11/imagining-cyber-warfare/

Everything You Ever Wanted To Know About Mobile App DevelopmentJuly 12th, 2010 http://mocana.com/blog/2010/07/12/everything-you-ever-wanted-to-know-about-mobile-app-development/

FBI Reveals Telephony Denial of Service ScamJuly 14th, 2010 http://mocana.com/blog/2010/07/14/fbi-reveals-telephony-denial-of-service-scam/

Mobile Subscriptions Surge to 5 BillionJuly 15th, 2010 http://mocana.com/blog/2010/07/15/mobile-subscriptions-surge-to-5-billion/

Replacing Batteries With Radio WavesJuly 18th, 2010 http://mocana.com/blog/2010/07/18/replacing-batteries-with-radio-waves/

This Mobile Phone Will Self-DestructJuly 19th, 2010 http://mocana.com/blog/2010/07/19/this-mobile-phone-will-self-destruct/

Google and Blackberry Get Upgraded SecurityJuly 20th, 2010 http://mocana.com/blog/2010/07/20/google-and-blackberry-get-upgraded-security/

A Smart Grid Reference LibraryJuly 21st, 2010 http://mocana.com/blog/2010/07/21/a-smart-grid-reference-library/

Apple Leads the Pack in Security BugsJuly 26th, 2010 http://mocana.com/blog/2010/07/26/apple-leads-the-pack-in-security-bugs/

Millions of Home Routers Vulnerable to HackersJuly 27th, 2010 http://mocana.com/blog/2010/07/27/millions-of-home-routers-vulnerable-to-hackers/

Sophisticated Malware Exploits Zero-Day Vulnerability, Targets Industrial SystemsJuly 28th, 2010 http://mocana.com/blog/2010/07/28/sophisticated-malware-exploits-zero-day-vulnerability-targets-industrial-systems/

Citi Group Finds Flaw in Mobile AppJuly 29th, 2010 http://mocana.com/blog/2010/07/29/citi-group-finds-flaw-in-mobile-app/

BlackBerry Ban Coming to United Arab Emirates, Saudi ArabiaAugust 1st, 2010 http://mocana.com/blog/2010/08/01/blackberry-ban-coming-to-united-arab-emirates-saudi-arabia/

Apple Security Breach Allows for Total Unauthorized iPhone AccessAugust 2nd, 2010 http://mocana.com/blog/2010/08/02/apple-security-breach-allows-for-total-unauthorized-iphone-access/

Robbed At The Pump — Literally!August 3rd, 2010 http://mocana.com/blog/2010/08/03/robbed-at-the-pump-literally/

BP Spill Related to Control System Cyber IncidentsAugust 4th, 2010 http://mocana.com/blog/2010/08/04/bp-spill-related-to-control-system-cyber-incidents/

From The Internet of Computers to The Internet of ThingsAugust 5th, 2010 http://mocana.com/blog/2010/08/05/from-the-internet-of-computers-to-the-internet-of-things/


415.617.0055

ABOUT MOCANA

Mocana secures the “Internet of Things”— the 20 billion smartphones, datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. These devices already outnumber PC’s on the Internet by five to one, representing a $900 billion market that’s growing twice as fast as the PC market. Every day, millions of people use products sold by over 100 companies that leverage Mocana’s Device Integrity software, including Dell, Cisco, Honeywell, General Electric, General Dynamics, Avaya, Nortel Networks, Harris and Radvision, among others. Mocana won Frost & Sullivan’s Technology Innovation of the Year award for 2008 for Device Security, and was named to the Red Herring Global 100 as one of the “top 100 privately-held technology companies in the world” in January 2009.

ABOUT THE AUTHORKurt R. Stammberger, CISSP

Kurt Stammberger is a certified information systems security professional (CISSP) and Mocana’s VP of Marketing. He has spent most of his career around security and cryptography technologies, with over 20 years of experience in the industry. He joined cryptography startup RSA Security as employee #7, where he led their marketing organization for eight years, helped launch spin-off company VeriSign, and created the brand for the technology that now protects virtually every electronic commerce transaction on the planet. Together with Jim Bidzos, Mr. Stammberger founded the annual RSA Conference, the world’s largest gathering of computer security professionals, which draws over 25,000 people to events in the United States, Europe and Japan. He also founded Coda Creative, an award-winning technology marketing firm that focused on security startups, and served as VP of Content & Services for consumer healthcare startup Vimo.com. Mr. Stammberger holds a BS in Mechanical Engineering from Stanford University, and an MS in Management from the Stanford Graduate School of Business, where he was an Alfred P. Sloan Fellow. He can be reached at [email protected] or by calling Mocana at 415 617 0055.

Mobile & Smart Device Security Survey 2010

Documents

Transcript of Mobile & Smart Device Security Survey 2010