OUCH! is the world’s leading, free security awareness newsletter designed for everyone. Published every month in multiple languages, each edition is carefully researched and developed by the SANS Security Awareness team, instructors and community members.
Click the link below to see the OUCH! Newsletter:
LeverettNet now has 2 middle-mile uplinks, with automatic fail-over protection from the primary path (Crown Castle) to the back-up path (MBI).
Path diversity between LeverettNet and the Internet provides resiliency and reliability for the whole network. Automatic fail-over means the network switches to the back-up path if the primary path fails, without manual intervention.
Path diversity and automatic ring-protection was activated December 1, 2020, by HG&E, Network Operator for LeverettNet. The project design, planning, testing, and implementation was a nearly 8-year effort. The system also involves an inter-municipal agreement with Shutesbury’s Municipal Light Plant. This means the path diversity and ring-protection protect their network as well.
Have a fitness band, smart thermostat or other smart IoT device? Here’s how to make sure it’s secure.
“As connected consumer devices become more powerful and gain more capabilities, they will become more attractive targets for malicious actors looking to exploit these capabilities,” said Rob Sadowski, director of technology solutions at RSA in Bedford, Massachusetts. “For example, we have already seen attacks exploit vulnerabilities in consumer routers for use in DDoS attacks and consumer NAS [network-attached storage] devices for illicit cryptocurrency mining.”
“Many vendors in the IoT space seem to have little or no concern regarding the safety and security of their customers,” said Craig Young, a security researcher with Tripwire in Alpharetta, Georgia.
Take smart home hubs, for example, which let homeowners automate their electronics and their overall security. Young warned that these hubs tend to come with a lot of risks. For example, one of the top-selling home-automation hubs — Young wouldn’t say which one — currently ships with a deprecated version of firmware that contains numerous publicly known vulnerabilities, as well as a handful of new vulnerabilities.
“Despite these serious security problems,” Young said, “the vendor has not updated the firmware in this device for over a year, even though they have since developed a somewhat less vulnerable firmware. Even worse, the vendor has stated they have no intention of encouraging their users to upgrade.”