Anybody who uses the Internet uses, creates and leaves data behind. While in the past site visits were recorded in the depths of server log files rarely to surface again, these and related data are now the currency of the 21st century. Services are exchanged for data, this is the business model shared by Google, Amazon and many others. But people are becoming more aware that the uninhibited acquisition of their personal data may have negative consequences and no longer trust that their data is protected on the Internet.
Architects and city planners first began promoting the concept of Smart Buildings, or Building Automation Systems (BAS), around ten years ago. Smart buildings were meant to deliver untold benefits from energy efficiencies and greener lifestyles to cost savings and improved living standards for all. Early examples of IP-connected appliances, however, were not built to cope with the demands of an evolving threat landscape.
Tor (The Onion Router) is one of the most important tools for anonymity on the Internet. The Tor network, protocol and client, make it extremely complicated to trace user activity. However, Tor users are not completely invisible. Firstly, only the connection to the exit node – the last server before traffic leaves the Tor network – is encrypted. Whoever controls the exit node can see data traffic in plain text. Meanwhile attacks and statistical analysis methods are known which can allow an organization with access to large parts of global Internet traffic to de-anonymize users in some cases. Nevertheless, Tor can protect users against the curiosity of most unauthorized parties if it is configured correctly. And a better solution is currently not available – at least not for the average computer user.
For a couple of years now security breaches in the retail sector have seldom been out of the headlines. Breaches at large retail chains like Target, Neiman Marcus and The Home Depot in 2014 were followed in 2015 by Dungarees, Starbucks, CVS, Toys R Us and Wallmart Canada. Some of the latter stores were much smaller illustrating that when it comes to attacks a retailer’s size is not important. According to the annual Global Threat Intelligence Report, retail now makes up 22 per cent of all response engagements, up from 12 per cent the previous year. This is also reflected in the latest report from BDO which lists a possible security breach in joint top spot with “general economic conditions” as the biggest security risk to the retail sector.
Half of enterprises today store sensitive information within big data environments (up from 31 percent in 2015). Influential agencies like ENISA warn there are considerable cyber risks from using big data tools. There is concern, for example, that such developments are a possible point of compromise and there are calls for increased vigilance and compliance.