ICSA Labs Blog: infosecurity

Exposing IoT Weaknesses - Before your consumer products unwittingly join a malicious DDoS Botnet

The Mirai botnet was used to carry out a DDoS attack in late October against one of the Internet’s domain name service (DNS) providers, Dyn, resulting in an Internet disruption for many.  It wasn’t the first time this botnet, comprised of Internet of Things (IoT) devices, was used in a DDoS attack.  Other earlier uses of the Mirai botnet were similarly successful in late September 2016.

Attention vendors, developers and consumers: You have a responsibility to help make the IoT secure

In light of the recent attacks that exploited Internet of Things (IoT) devices, it seems timely to reinforce the importance of IoT security.

The proliferation of IoT and what is anticipated makes privacy and security a critical consideration for device makers and more importantly for those enterprises and consumers looking to acquire them.  

Why is Advanced Threat Defense Important? Q&A with Jack Walsh of ICSA Labs

Enterprises today face an ever-evolving threat landscape with security breaches occurring at a fast pace. It’s becoming clear that enterprises must be able to not only identify and protect against known threats but also to protect against new and unknown malicious threats.

Jack Walsh, new initiatives & mobility programs manager at ICSA Labs discusses the latest rounds of Advanced Threat Defense (ATD) certification testing, and the security products being created to help protect end users against previously unknown threats.

Seeing ransomware before it strikes

Every day, there are articles in the news about Ransomware, but I’ll bet you don’t know just how prevalent this infectious menace has become.

At ICSA Labs, we’ve seen a tremendous spike in ransomware during the 2nd quarter of 2016.

Understanding the benefits of ICSA Labs certification

Knowing the benefits of certification is important for security product vendors and enterprises to understand.

The first step is to understand what certification is and what it is not.

Enterprises Can Benefit from ICSA Labs Advanced Threat Defense Testing

As threats change, security product vendors hurry to keep pace.  Enterprises wonder whether commercial advanced threat defense (ATD) solutions will be able to keep up with the ever-evolving threatscape.

Understanding the Samples Sources and Methodology Used in Advanced Threat Defense Testing

Samples Sources

A number of malicious sample sources feed into ICSA Labs’ Advanced Threat Defense (ATD) testing.

One source is the spam ICSA Labs collects. ICSA Labs collects hundreds of thousands of spam messages every day through its spam honeypots. Specific attention is paid to spam with attachments.  If the attachments are malicious, they are sample source candidates for ATD testing.

5 key attributes for cyberliability insurers to consider when insuring the IoT

The number of Internet-connected devices on the planet is projected to reach 25 billion by 2020, according to a 2014 report by Gartner. This goes beyond mobile phones to include household appliances, medical devices, automobiles, accessories and more.  

The connectivity and mobility the Internet of Things (IoT) technologies enable will fundamentally change the way consumers and businesses operate. While the benefits of mobility are clear, adding Internet connectivity to everyday devices introduces an unprecedented layer of complexity and risk.