Professional Documents
Culture Documents
Device Security
Report
By:
Kurt Stammberger, CISSP
Mocana
Mocana Corporation
350 Sansome Street Suite 1010 San Francisco, CA 94104
415-617-0055 Phone | 866-213-1273 Toll Free
info@mocana.com | www.mocana.com
Copyright © 2010 Mocana Corp.
EXECUTIVE SUMMARY
Respondents to our 2010 Mobile & Smart Device non-PC, connected devices. Yet over 57% responded that
Security Survey recognize the quickly growing world of their device security budgets would either be “staying the
connected smart devices — the Internet of Things — and same”, “decreasing” or “decreasing substantially.”
acknowledge that device security problems are not only
inevitable, but potentially serious. 71% of our respondents We can see from these results that there is a growing
expect a serious incident arising from attacks on, or awareness of the urgency of the security threats that face
problems with, connected smart devices within the next our expanding world of smart devices. The incredibly
24 months. Additionally, 65% report that attacks against popular smartphone market has likely aided this
their smart devices already require the regular attention awareness — 77% of our respondents report that they’re
of their IT staff, or will start requiring it this year. In fact, concerned about mobile phone security. Protective
23% of organizations surveyed already repel device measures, however, are lagging while new categories of
attacks at least once monthly, while 10% must do so on a smart devices continue to connect to networks across the
daily basis. globe. With virus attacks (just one category of the greater
ecosystem of device threats) — and the defenses against
Despite this level of awareness, results show that them — already costing businesses billions each year,
relatively few organizations are prepared for today’s now is the time to address smart device security head-on.
device security problems and those that lie ahead. Less
than half of respondents described their organizations
as having “completely” or “mostly” adequate resources
dedicated to protecting themselves from attacks targeting
INTRODUCTION
Methodology & Demographics
PCs are no longer the dominant form of computing. By Mocana distributed this survey via e-mail in July, 2010
far, most “computers,” and most nodes on the Internet to its internal database of over 11,000 professionals
are now non-PC smart devices—an “Internet of Things.” who have expressed an interest in learning more about
In the next few years, as this trend accelerates and “smart devices”—the 20 billion mobile, datacom,
everyday gadgets and machines of every imaginable type smartgrid, federal, consumer, industrial and medical
connect, security threats to individuals and society at non-PC devices that connect across every sector of our
large are likely to grow substantially. But how real is this economy.
threat to those actually creating the device ecosystem?
And to what extent are these organizations actually
preparing for it?
What
kind of
networked
devices
does your
company
use (or
make)?
Check all
that apply.
The 269 self-selecting respondents came from network printers, routers and datacom equipment
a variety of industries, with particular at their companies while over half said their
concentrations in manufacturing (including company used VoIP devices or networked
computers, electronics and telecom equipment); building security features (such as digital cameras
professional, scientific, and technical services; and and computerized electronic locks). As might
information (including software publishing). be anticipated in a survey of a population of
individuals connected to Mocana, a substantial
Our survey (unsurprisingly) confirms the percentage of respondents—much larger than
increasing pervasiveness of non-PC, connected would be anticipated among IT professionals
devices within business settings. Over two-thirds in general - participate in the actual creation or
of respondents reported the use of smartphones, marketing of these connected “smart devices.”
More than 76% of respondents said they were security incident” involving non-PC devices
“concerned” or “very concerned” about the within their line of business is imminent, and
security of mobile phones. Only about more than half believe that incident would
1 person in 20 said that they were “not very” probably occur sometime this year. (For
or “not at all” concerned about this issue. the purposes of the survey, we defined a
“serious incident” as one causing a personal
But when we asked our survey subjects injury or death, a service outage of at least 8
to comment on their industry as a whole, hours, the loss of more than $100,000, or the
less than half of respondents felt that their compromise of more than 1,000 records of
own industry has a “high” or “very high” sensitive information).
awareness of the threats to smart devices
like mobile phones. Still, the vast majority
anticipate a serious attack involving smart
devices—and soon. Over 80 percent of
respondents anticipate that a “serious
Who do you think should be While our survey subjects were largely in
PRIMARILY responsible for
delivering (selling or building-
agreement about the need for IT staffs to
in) security features for mobile start taking mobile device security threats
phones? seriously, our subjects were divided on who
should be held responsible for making security
features available in the first place. When
asked “who do you think should be primarily
responsible for delivering security features for
mobile phones,” our responders were almost
evenly split between the device maker (for
example, Samsung), and the OS vendor (for
example, Google). The carrier and security
software specialists came in a distant third and
fourth. The technology-savvy executives and
individuals among our sample seem to exhibit
a certain expectation that their security features
should come already “baked in” to the device
when they buy it—a marked departure from the
expectations of PC and workstation buyers of a
decade ago.
Our survey found that while most anticipate that most device attacks are yet to come, many
have already experienced first-hand the consequences of device security breaches. More than
two-thirds of respondents reported that device security issues have already disrupted their IT
networks, with more than one-third reporting “some” or “serious” operational impact from
these security incidents.
Over the past year, analysts and technology press have While attacks on devices are increasing exponentially,
forwarded the notion that attacks originally targeting they are still just a fraction of the millions of attacks
PCs will almost certainly be retargeted towards the targeting PCs every day. Therefore, device security issues
comparatively defenseless device infrastructure. These haven’t received much attention in the press—or in the
same analysts have noted that traditional PC security boardroom. So despite the inevitability, importance, and
approaches are rarely practical for the tight systems difficulty of solving the problem, devices aren’t getting
environments that are typical of today’s smart devices. So much respect: a “Dangerfield Paradox”. Our respondents
the device security problem will be, in the words of one make it clear that virtually all industry segments are
device expert, a “tough nut to crack.” Consider too that eagerly connecting new devices to their networks, but
industry experts frequently assert that smart devices often aren’t yet demanding much security from their device
perform more critical roles in our power, medical and vendors, or applying much add-on security software after
transportation infrastructure, so that a device failure or the fact. But like everything else on the Internet, this is
compromise is felt more acutely than that of a PC glitch. likely to change—and quickly—as the connected device
population grows into the double-digit billions.
With products ranging from medical devices, office link encryption was by far the most “wished for”
printers, smartphones and household appliances, security feature, garnering more than double the
to smart grid utility meters, security cameras and number of responses as the second-most popular
industrial controls; securing the Internet of Things security feature: Authenticated Code Updates and
is going to be a challenge. It’s not as simple as Booting. Results were similar when respondents
using an off-the-shelf software program to protect were asked about devices that their company,
a PC. Device platforms are as varied as the devices themselves, made or sold.
themselves, often consisting of proprietary
software coded over many years to run in very “Smartphones” are a subset of the larger “smart
specific environments for cars, dishwashers, and devices ecosystem”—the collection of all non-PC
televisions. Each device, each manufacturer has computers that communicate via Internet Protocol.
slightly different needs. Processor limitations, When we focus our responders on the smart phone
memory constraints, battery life and a slew of other subset of smart devices, and ask them about what
constraints and idiosyncrasies peculiar to device attack types concern them the most, their answers
environments conspire to make device security a change in interesting ways.
nontrivial undertaking.
Also, when we rephrase the question to focus on
There are widely recognized “best practices” the organizations “unaddressed needs” specific to
approaches to guarding the security of devices smartphone (as opposed to the device ecosystem
and the data they shepherd. Our survey asked holistically), priorities seem to shift somewhat. We
respondents to opine first about the devices their invite you to see the charts at right, and draw your
company USES, and later about the devices their own conclusions.
company MAKES or sells. When it came to devices
that a company uses in-house, on-device and
Virus attacks on PCs used to cost American organizations nothing. They were too
infrequent, and of too little consequence. Then everything changed.
Virus attacks — and the global defense against them — now cost businesses billions
every year. And viruses are just one category of the threat in an ecosystem that
steals, spends, wastes, invests and destroys hundreds of billions of dollars annually.
Our respondents acknowledge the fast emergence of the Internet of Things and see
device security problems as inevitable and potentially serious. Because they are so
closely integrated with our critical infrastructure, device security problems are even
more likely than PC problems to result in physical consequences. But relatively few
organizations are prepared. One can only conclude that when the inevitable tide of
attacks on the device infrastructure rises, it will likely end up costing us a lot more
than it should have.
FasTrak or FastHACK? Latest Cell Phone Worm Tricks Users Voice Encryption Comes to Blackberry
September 30th, 2008 February 23rd, 2009 May 15th, 2009
http://mocana.com/blog/2008/09/30/fastrak-or-fasthack/ http://mocana.com/blog/2009/02/23/latest-cell-phone- http://mocana.com/blog/2009/05/15/voice-encryption-
worm-tricks-users/ comes-to-blackberry/
Cisco Moves to Plug Router Software Flaws
October 6th, 2008 Netbook Web Surfers Beware Star Trek Security Lessons
http://mocana.com/blog/2008/10/06/cisco-moves-to-plug- March 9th, 2009 May 15th, 2009
router-software-flaws/ http://mocana.com/blog/2009/03/09/netbook-web-surfers- http://mocana.com/blog/2009/05/15/star-trek-security-
beware/ lessons/
How Much Do You Really Know About (SSH) Security?
October 6th, 2008 SCADA Under Fire… Again. InformationWeek: 3G Security Coming Along, But…
http://mocana.com/blog/2008/10/06/how-much-do-you- March 9th, 2009 June 1st, 2009
really-know-about-ssh-security/ http://mocana.com/blog/2009/03/09/scada-under-fire-again/ http://mocana.com/blog/2009/06/01/informationweek-3g-
security-coming-along-but/
Traffic Lights Hacked in Los Angeles Who’s responsible for Mobile Security?
November 24th, 2008 March 23rd, 2009 DOE: First Smart Grid Security Standards
http://mocana.com/blog/2008/11/24/traffic-lights-hacked- http://mocana.com/blog/2009/03/23/who%e2%80%99s- June 1st, 2009
in-los-angeles/ responsible-for-mobile-security/ http://mocana.com/blog/2009/06/01/doe-first-smart-grid-
security-standards/
Nokia and the Internet of Things Wireless Access Points Get Wireless Access Points Get
December 5th, 2008 Sneaky Great Netbooks! Free Malware Included.
http://mocana.com/blog/2008/12/05/nokia-and-the-internet- March 23rd, 2009 June 1st, 2009
of-things/ http://mocana.com/blog/2009/03/23/wireless-access- http://mocana.com/blog/2009/06/01/great-netbooks-free-
points-get-wireless-access-points-get-sneaky/ malware-included/
Embedded Technologies On Ice
December 5th, 2008 Consumer (and Hacker) Friendly Buggy Breathalyzer Bounces Boozers
http://mocana.com/blog/2008/12/05/embedded- March 23rd, 2009 June 1st, 2009
technologies-on-ice/ http://mocana.com/blog/2009/03/23/consumer-and-hacker- http://mocana.com/blog/2009/06/01/buggy-breathalyzer-
friendly/ bounces-boozers/
25C3: Serious Security Vulnerabilities in DECT Wireless
Telephony Pwn2Own, No Winners IP is the glue
January 12th, 2009 March 23rd, 2009 June 16th, 2009
http://mocana.com/blog/2009/01/12/25c3-serious-security- http://mocana.com/blog/2009/03/23/pwn2own-no-winners/ http://mocana.com/blog/2009/06/16/ip-is-the-glue/
vulnerabilities-in-dect-wireless-telephony/
Mobile Security’s “Big Rub” Selling to the Government and FIPS
Researcher Creates ‘Write Once, Run Anywhere’ Cisco March 23rd, 2009 July 21st, 2009
Hijacks http://mocana.com/blog/2009/03/23/mobile- http://mocana.com/blog/2009/07/21/selling-to-the-
January 12th, 2009 security%e2%80%99s-big-rub/ government-and-fips/
http://mocana.com/blog/2009/01/12/researcher-creates-
write-once-run-anywhere-cisco-hijacks/ Smart Grid, Smarter Hackers Once More, With Feeling: Don’t Use WPA for Wireless
April 6th, 2009 Security
The Five Coolest Hacks of 2008 http://mocana.com/blog/2009/04/06/smart-grid-smarter- August 28th, 2009
January 12th, 2009 hackers/ http://mocana.com/blog/2009/08/28/once-more-with-
http://mocana.com/blog/2009/01/12/the-five-coolest-hacks- feeling-dont-use-wpa-for-wireless-security/
of-2008/ Reinfected BIOS with every Reboot
April 6th, 2009 Security in Wireless Sensor Networks
New Mobile Malware Silently Transfers Account Credit http://mocana.com/blog/2009/04/06/reinfected-bios-with- September 21st, 2009
February 9th, 2009 every-reboot/ http://mocana.com/blog/2009/09/21/mocana-byline-
http://mocana.com/blog/2009/02/09/new-mobile-malware- security-in-wireless-sensor-networks/
silently-transfers-account-credit/ Malware hijacks 100,000 home routers into Botnet
April 6th, 2009 WALL STREET JOURNAL
Building Firewalls for Embedded Systems http://mocana.com/blog/2009/04/06/malware-hijacks- Off-the-shelf mobile devices becoming government-issue
February 9th, 2009 100000-home-routers-into-botnet/ standard
http://mocana.com/blog/2009/02/09/building-firewalls-for- September 21st, 2009
embedded-systems/ Spies Hack into US Electricity Grid http://mocana.com/blog/2009/09/21/wall-street-journal-
April 17th, 2009 off-the-shelf-mobile-devices-becoming-government-issue-
Zombie Crossing? http://mocana.com/blog/2009/04/17/spies-hack-into-us- standard/
February 9th, 2009 electricity-grid/
http://mocana.com/blog/2009/02/09/zombie-crossing/ Skype VoIP: Who’s listening in?
Intel/GE and Next-Generation Home Health Technologies September 21st, 2009
“War Cloning — It’s the New Hacker Sport,” April 17th, 2009 http://mocana.com/blog/2009/09/21/skype-voip-whos-
February 9th, 2009 http://mocana.com/blog/2009/04/17/intelge-and-next- listening-in/
http://mocana.com/blog/2009/02/09/war-cloning-its-the- generation-home-health-technologies/
new-hacker-sport/ Is Your Office Printer Secure?
The (not-so) Dumb Adversary September 21st, 2009
French Fighter Planes Grounded by Virus! May 4th, 2009 http://mocana.com/blog/2009/09/21/is-your-office-printer-
February 9th, 2009 http://mocana.com/blog/2009/05/04/the-not-so-dumb- secure/
http://mocana.com/blog/2009/02/09/french-fighter-planes- adversary/
grounded-by-virus/ TI Calculators: Master Keys Cracked
Conficker Infects Critical Medical Devices October 6th, 2009
Do You Know Where Your Phone is? May 4th, 2009 http://mocana.com/blog/2009/10/06/ti-calculators-master-
February 23rd, 2009 http://mocana.com/blog/2009/05/04/conficker-infects- keys-cracked/
http://mocana.com/blog/2009/02/23/do-you-know-where- critical-medical-devices/
your-phone-is/ NIST Publishes Security Standards for Smart Grid Devices
2009’s Five Most Dangerous Attacks October 6th, 2009
Hackers Take Aim at Smartphones May 4th, 2009 http://mocana.com/blog/2009/10/06/nist-publishes-
February 23rd, 2009 http://mocana.com/blog/2009/05/04/2009s-five-most- security-standards-for-smart-grid-devices/
http://mocana.com/blog/2009/02/23/hackers-take-aim-at- dangerous-attacks/
smartphones/
Clobbering the Cloud Integrity for Implanted Medical Devices? Expert Warns of Industrial Control Security Risks
October 12th, 2009 November 16th, 2009 January 10th, 2010
http://mocana.com/blog/2009/10/12/clobbering-the-cloud/ http://mocana.com/blog/2009/11/16/integrity-for- http://mocana.com/blog/2010/01/10/expert-warns-of-
implanted-medical-devices/ industrial-control-security-risks/
Hacking robots to turn into murderous gangs… more
news at 11 Cavium Buys MontaVista Fed Certified Flash Drives Easily Hacked
October 12th, 2009 November 16th, 2009 January 10th, 2010
http://mocana.com/blog/2009/10/12/hacking-robots-to- http://mocana.com/blog/2009/11/16/cavium-buys- http://mocana.com/blog/2010/01/10/fed-certified-flash-
turn-into-murderous-gangs-more-news-at-11/ montavista/ drives-easily-hacked/
Current trends in cyber attacks on mobile and embedded Cell DDoS Attacks Imminent Cybersecurity of Airport Scanners Still Up in the Air
systems November 22nd, 2009 January 10th, 2010
October 18th, 2009 http://mocana.com/blog/2009/11/22/cell-ddos-attacks- http://mocana.com/blog/2010/01/10/cybersecurity-of-
http://mocana.com/blog/2009/10/18/mocana-bylinecurrent- imminent/ airport-scanners-still-up-in-the-air/
trends-in-cyber-attacks-on-mobile-and-embedded-systems/
Twitter Hacked via SSL Flaw Mobile Market Poised for Massive Expansion
So You Think You Can Hack? November 22nd, 2009 January 10th, 2010
October 18th, 2009 http://mocana.com/blog/2009/11/22/twitter-hacked-via- http://mocana.com/blog/2010/01/10/mobile-market-poised-
http://mocana.com/blog/2009/10/18/so-you-think-you- ssl-flaw/ for-massive-expansion/
can-hack/
The Body-Area-Network: Wide Open Smart Grid Security Need Grows Urgent
President Obama declares October as National November 22nd, 2009 January 17th, 2010
Cybersecurity Awareness Month http://mocana.com/blog/2009/11/22/the-body-area- http://mocana.com/blog/2010/01/17/smart-grid-security-
October 18th, 2009 network-wide-open/ need-grows-urgent/
http://mocana.com/blog/2009/10/18/video-president-
obama-declares-october-as-national-cybersecurity- Newer, Nastier iPhone Worm Spreads Google Hacked by Serious Pros
awareness-month/ November 23rd, 2009 January 17th, 2010
http://mocana.com/blog/2009/11/23/newer-nastier-iphone- http://mocana.com/blog/2010/01/17/google-hacked-by-
Thousands of Unsecured Devices Found worm-spreads/ serious-pros/
October 26th, 2009
http://mocana.com/blog/2009/10/26/thousands-of- Mobile Devices Not Enterprise-ready. Yet. Moscow Billboard Hacked with Adult Content
unsecured-devices-found/ December 8th, 2009 January 17th, 2010
http://mocana.com/blog/2009/12/08/mobile-devices-not- http://mocana.com/blog/2010/01/17/moscow-billboard-
Opening the “Closed Circuit” enterprise-ready-yet/ hacked-with-adult-content/
October 26th, 2009
http://mocana.com/blog/2009/10/26/opening-the-closed- Another Top Security Exec Warns of Mobile Industry Crypto Flaws Found in Smart Meter Chips
circuit/ Vulnerability January 24th, 2010
December 8th, 2009 http://mocana.com/blog/2010/01/24/crypto-flaws-found-in-
Cable Customers Open to Attacks http://mocana.com/blog/2009/12/08/another-top-security- smart-meter-chips/
October 26th, 2009 exec-warns-of-mobile-industry-vulnerability/
http://mocana.com/blog/2009/10/26/cable-customers- First Smart Grid Standards Guide Issued
open-to-attacks/ The Automated Home — Coming Soon to a Neighborhood January 24th, 2010
Near You http://mocana.com/blog/2010/01/24/first-smart-grid-
Mobile Devices Leaking Their Own Crypto Keys December 8th, 2009 standards-guide-issued/
October 26th, 2009 http://mocana.com/blog/2009/12/08/the-automated-home-
http://mocana.com/blog/2009/10/26/mobile-devices- coming-soon-to-a-neighborhood-near-you/ Popular Portable Router Easily Hacked
leaking-their-own-crypto-keys/ January 24th, 2010
Kicking the Tires on Google’s Chrome OS http://mocana.com/blog/2010/01/24/popular-portable-
Feds Putting the “Smart” Cart Before the Horse? December 8th, 2009 router-easily-hacked/
November 3rd, 2009 http://mocana.com/blog/2009/12/08/kicking-the-tires-on-
http://mocana.com/blog/2009/11/03/feds-putting-the- googles-chrome-os/ Expert Warns of Enterprise Security Risks Posed by
smart-cart-before-the-horse/ Smartphones
FedEx Packages Sending Packets of Their Own February 4th, 2010
CONFERENCE SUMMARY: December 14th, 2009 http://mocana.com/blog/2010/02/04/expert-warns-of-
2009 Control Systems Security Conference http://mocana.com/blog/2009/12/14/fedex-packages- enterprise-security-risks-posed-by-smartphones/
November 3rd, 2009 sending-packets-of-their-own/
http://mocana.com/blog/2009/11/03/conference- Despite Warnings, KitchenAid.com Remains Infected with
summary2009-control-systems-security-conference/ Attacks on SCADA Equipment Up 37% in 2009 Malware
December 14th, 2009 February 4th, 2010
Hackable Factories http://mocana.com/blog/2009/12/14/attacks-on-scada- http://mocana.com/blog/2010/02/04/despite-warnings-
November 8th, 2009 equipment-up-37-in-2009/ kitchenaid-com-remains-infected-with-malware/
http://mocana.com/blog/2009/11/08/hackable-factories/
FPGAs Vulnerable to Power Analysis Hacks? Are Cyber-spies Tracking You Across The Border?
Tech Heavyweights in Secret Crash Program to Fix December 14th, 2009 February 4th, 2010
Serious SSL Flaw http://mocana.com/blog/2009/12/14/fpgas-vulnerable-to- http://mocana.com/blog/2010/02/04/are-cyber-spies-
November 8th, 2009 power-analysis-hacks/ tracking-you-across-the-border/
http://mocana.com/blog/2009/11/08/tech-heavyweights-in-
secret-crash-program-to-fix-serious-ssl-flaw/ The Best of the Internet of Things, 2009 Ensuring Security of Military Embedded Systems
December 14th, 2009 February 4th, 2010
4 Doors, Dual Airbags, 100 Million Lines of Code http://mocana.com/blog/2009/12/14/the-best-of-the- http://mocana.com/blog/2010/02/04/ensuring-security-of-
November 8th, 2009 internet-of-things-2009/ military-embedded-systems/
http://mocana.com/blog/2009/11/08/4-doors-dual-airbags-
100-million-lines-of-code/ U.S. Military Surveillance Drones Hacked Malicious App Found in Android Marketplace
December 16th, 2009 February 4th, 2010
Delivering Phone Fixes Over the Air http://mocana.com/blog/2009/12/16/breaking-news-u-s- http://mocana.com/blog/2010/02/04/malicious-app-found-
November 16th, 2009 military-surveillance-drones-hacked/ in-android-marketplace/
http://mocana.com/blog/2009/11/16/delivering-phone-
fixes-over-the-air/
Cordless Phone Crypto Hacked Blogger: Security Mainstream Still Ignorant of Security Medical Device Malfunctions Cost Company Millions
February 15th, 2010 Problems in Industrial Controls & Embedded Devices April 12th, 2010
http://mocana.com/blog/2010/02/15/cordless-phone- March 22nd, 2010 http://mocana.com/blog/2010/04/12/medical-device-
crypto-hacked/ http://mocana.com/blog/2010/03/22/blogger-security- malfunctions-cost-company-millions/
mainstream-still-ignorant-of-security-problems-in-industrial-
Cars With (Many) Minds of Their Own? controls-embedded-devices/ Will Update Make iPhone Enterprise-ready?
February 15th, 2010 April 13th, 2010
http://mocana.com/blog/2010/02/15/cars-with-many- Project costs 60x higher when security addressed late in http://mocana.com/blog/2010/04/13/will-update-make-
minds-of-their-own/ the development cycle – IOActive Study iphone-enterprise-ready/
March 22nd, 2010
Smartphone Hacks Paid $15,000 Per http://mocana.com/blog/2010/03/22/project-costs-60x- Security Expert Warns of Potential Economic Attack
February 22nd, 2010 higher-when-security-addressed-late-in-the-development- April 14th, 2010
http://mocana.com/blog/2010/02/22/smartphone-hacks- cycle-ioactive-study/ http://mocana.com/blog/2010/04/14/security-expert-warns-
paid-15000-per/ of-potential-economic-attack/
Over 100 Cars Remote Attacked by Disgruntled Hacker
25 Errors that Leave Software Vulnerable to Attack March 22nd, 2010 Industrial Control Systems Hit by Malware
February 22nd, 2010 http://mocana.com/blog/2010/03/22/over-100-cars-remote- April 15th, 2010
http://mocana.com/blog/2010/02/22/25-errors-the-leave- attacked-by-disgruntled-hacker/ http://mocana.com/blog/2010/04/15/industrial-control-
software-vulnerable-to-attack/ systems-hit-by-malware/
Will iPad be Secure Enough for the Enterprise?
Symantec to Vouch for Phone Apps March 29th, 2010 Google Readies Cloud Printing
February 28th, 2010 http://mocana.com/blog/2010/03/29/will-ipad-be-secure- April 18th, 2010
http://mocana.com/blog/2010/02/28/symantec-to-vouch- enough-for-the-enterprise/ http://mocana.com/blog/2010/04/18/google-readies-cloud-
for-phone-apps/ printing/
New “Sniffer” Hijacks Wireless Data, Sends Rogue
Experts Warn of National Cybersecurity Weakness Commands Workplace Gaming Threatens Enterprise Security
February 28th, 2010 March 30th, 2010 April 20th, 2010
http://mocana.com/blog/2010/02/28/experts-warn-of- http://mocana.com/blog/2010/03/30/new-sniffer-hijacks- http://mocana.com/blog/2010/04/20/workplace-gaming-
national-cybersecurity-weakness/ wireless-data-sends-rogue-commands/ threatens-enterprise-security/
Rutgers Study Roots Smartphones VIDEO: A New Look at The Internet of Things New Smart Grid Security Document Released
February 28th, 2010 March 30th, 2010 April 25th, 2010
http://mocana.com/blog/2010/02/28/rutgers-study-roots- http://mocana.com/blog/2010/03/30/video-a-new-look-at- http://mocana.com/blog/2010/04/25/new-smart-grid-
smartphones/ the-internet-of-things/ security-document-released/
Experts Warn of Smart Grid Security Weakness Major Security Flaws Found in Smart Meters Shrill Verizon Slams Security Whistleblowers
March 8th, 2010 March 30th, 2010 April 26th, 2010
http://mocana.com/blog/2010/03/08/experts-warn-of- http://mocana.com/blog/2010/03/30/major-security-flaws- http://mocana.com/blog/2010/04/26/shrill-verizon-slams-
smart-grid-security-weakness/ found-in-smart-meters/ security-whistleblowers/
Android Platform Quickly Growing Beyond Phones, iPad Not Yet Available. But Already Hacked? Microsoft Researcher Recommends Password Tattoos for
Security Concerns Remain March 30th, 2010 Pacemakers
March 8th, 2010 http://mocana.com/blog/2010/03/30/ipad-not-yet-available- April 27th, 2010
http://mocana.com/blog/2010/03/08/android-platform- but-already-hacked/ http://mocana.com/blog/2010/04/27/microsoft-researcher-
quickly-growing-beyond-phones-security-concerns-remain/ recommends-password-tattoos-for-pacemakers/
Connected Devices to Reach 1 Trillion
British Press Execs in Phone Hacking Conspiracy March 30th, 2010 Fraudulent Card Readers Skim Customer Data
March 8th, 2010 http://mocana.com/blog/2010/03/30/connected-devices-to- April 28th, 2010
http://mocana.com/blog/2010/03/08/british-press-execs-in- reach-1-trillion/ http://mocana.com/blog/2010/04/28/fraudulent-card-
phone-hacking-conspiracy/ readers-skim-customer-data/
iPod Your Hotrod
April 5th, 2010
http://mocana.com/blog/2010/04/05/ipod-your-hotrod/
Researchers Find Ways to Track and Spy on Mobile Ex-Intel Exec Funds Medical Engineering Program Windows Mobile Malware Targets Gamers
Phones, Legally May 23rd, 2010 June 16th, 2010
April 28th, 2010 http://mocana.com/blog/2010/05/23/ex-intel-exec-funds- http://mocana.com/blog/2010/06/16/mobile-malware-
http://mocana.com/blog/2010/04/28/researchers-find- medical-engineering-program/ targets-windows-gamers/
ways-to-track-and-spy-on-mobile-phones-legally/
Designing Medical Device Antennae for Top Performance Intel Fields Prototype Home Appliance Controller
Create Your Own Cellphone Network May 25th, 2010 June 17th, 2010
May 2nd, 2010 http://mocana.com/blog/2010/05/25/designing-medical- http://mocana.com/blog/2010/06/17/intel-develops-smart-
http://mocana.com/blog/2010/05/02/create-your-own- device-antennae-for-top-performance/ energy-monitoring-prototype/
cellphone-network/
Man “Infects” Himself with Computer Virus Nice Work if You Can Get It: Security Retrofit for 800
House Votes to Secure Energy Grid May 26th, 2010 Million Smart Meters?
May 3rd, 2010 http://mocana.com/blog/2010/05/26/man-infects-himself- June 20th, 2010
http://mocana.com/blog/2010/05/03/house-votes-to- with-computer-virus/ http://mocana.com/blog/2010/06/20/smart-meter-rollouts-
secure-energy-grid/ continue-despite-major-security-concerns/
Bugs Leave Buildings’ Critical Systems Vulnerable
New Bluetooth Coming To Your Wristwatch May 26th, 2010 Juniper Exec: 4G Devices Bringing Malware with Speed
May 3rd, 2010 http://mocana.com/blog/2010/05/26/bugs-leave-buildings- June 21st, 2010
http://mocana.com/blog/2010/05/03/new-bluetooth- critical-systems-vulnerable/ http://mocana.com/blog/2010/06/21/4g-smartphones-
coming-to-your-wristwatch/ deliver-higher-speeds-new-security-concerns/
Spy Games In Cyberspace
Getting Bigger Things from Smaller Processors May 31st, 2010 Android Platform Sees First Military Application
May 3rd, 2010 http://mocana.com/blog/2010/05/31/spy-games-in- June 22nd, 2010
http://mocana.com/blog/2010/05/03/getting-bigger-things- cyberspace/ http://mocana.com/blog/2010/06/22/android-platform-sees-
from-smaller-processors/ first-military-application/
Nearly Half of TVs Will Ship With Internet By 2013
New Embedded Device Security Specs Now Online For May 31st, 2010 Anti-Virus Software To Become Required for Internet
Comment http://mocana.com/blog/2010/05/31/nearly-half-of-tvs-will- Access?
May 3rd, 2010 ship-with-internet-by-2013/ June 24th, 2010
http://mocana.com/blog/2010/05/03/new-embedded- http://mocana.com/blog/2010/06/24/anti-virus-software-to-
device-security-specs-now-online-for-comment/ VA Medical Devices Infected With Malware become-required-for-internet-access/
June 2nd, 2010
Jailbreak Your iPad http://mocana.com/blog/2010/06/02/va-medical-devices- Smart Heart Devices in Development
May 4th, 2010 infected-with-malware/ June 27th, 2010
http://mocana.com/blog/2010/05/04/jailbreak-your-ipad/ http://mocana.com/blog/2010/06/27/smart-heart-devices-
New Android Apps for Wiretap-proof Communications in-development/
Connected Glucose Meter Scores Points For Kids June 6th, 2010
May 5th, 2010 http://mocana.com/blog/2010/06/06/new-android-apps-for- Buyer Beware: Android Security Study Cautions Users
http://mocana.com/blog/2010/05/05/connected-glucose- wiretap-proof-communications/ June 28th, 2010
meter-scores-points-for-kids/ http://mocana.com/blog/2010/06/28/buyer-beware-android-
UK Researches Develop “Holy Grail” of Cryptography security-study-cautions-users/
VIDEO: Huge Security Risk Found In Digital Copiers June 7th, 2010
May 6th, 2010 http://mocana.com/blog/2010/06/07/uk-researches- Billions Slated for Smart Grid Security
http://mocana.com/blog/2010/05/06/video-huge-security- develop-holy-grail-of-cryptography/ June 29th, 2010
risk-found-in-digital-copiers/ http://mocana.com/blog/2010/06/29/billions-slated-for-
Tech Giant Hands Out Malware at Security Conference smart-grid-security/
New Protocol Addresses RFID Vulnerability June 7th, 2010
May 9th, 2010 http://mocana.com/blog/2010/06/07/tech-giant-hands-out- The Evolution of Mobile Threats
http://mocana.com/blog/2010/05/09/new-protocol- malware-at-security-conference/ June 30th, 2010
addresses-rfid-vulnerability/ http://mocana.com/blog/2010/06/30/the-evolution-of-
FBI Warns of Growing Mobile Malware Threat mobile-threats/
U.S. Army Plans for Wider Drone Use June 8th, 2010
May 10th, 2010 http://mocana.com/blog/2010/06/08/experts-warn-of- New Smart Grid Security Draft Released
http://mocana.com/blog/2010/05/10/u-s-army-plans-for- growing-mobile-app-dangers/ July 1st, 2010
wider-drone-use/ http://mocana.com/blog/2010/07/01/new-smart-grid-
iPad Security Breach Embarrasses Apple, AT&T security-draft-released/
FDA Sets Tighter Standards For Medical Devices June 9th, 2010
May 12th, 2010 http://mocana.com/blog/2010/06/09/ipad-security-breach- iTunes Store Hacked by Rogue Developer
http://mocana.com/blog/2010/05/12/fda-sets-tighter- creates-privacy-concerns/ July 5th, 2010
standards-for-medical-devices/ http://mocana.com/blog/2010/07/05/itunes-store-hacked-
Ford’s Planned “App Store for Cars” Raises Security by-rogue-developer/
Serious Security Risks Found in Modern Cars Concerns
May 13th, 2010 June 10th, 2010 Understanding EAX’ Smart Grid Security
http://mocana.com/blog/2010/05/13/breaking-news- http://mocana.com/blog/2010/06/10/high-tech-cars-create- July 6th, 2010
serious-security-risks-found-in-modern-cars/ new-security-concerns/ http://mocana.com/blog/2010/07/06/understanding-eax-
smart-grid-security/
Hacker Plans to Unveil ATM Rootkit 60 MINUTES: Devices Controlling National Infrastructure
May 17th, 2010 Have Already Been Hacked 50 Arrests Made in Smartphone Spyware Probe
http://mocana.com/blog/2010/05/17/hacker-plans-to-unveil- June 13th, 2010 July 7th, 2010
atm-rootkit/ http://mocana.com/blog/2010/06/13/former-government- http://mocana.com/blog/2010/07/07/50-arrests-made-in-
officials-warn-of-national-vulnerabilities/ smartphone-spyware-probe/
Depsite IT, Industrial and Utility Security Still Weak
May 17th, 2010 Software Glitch in Respirator Device Kills Minnesota Government Introduces “Perfect Citizen”
http://mocana.com/blog/2010/05/17/depsite-it-industrial- Woman July 8th, 2010
and-utility-security-still-weak/ June 14th, 2010 http://mocana.com/blog/2010/07/08/federal-surveillance-
http://mocana.com/blog/2010/06/14/womans-death- program-to-monitor-critical-infrastructure/
USAF Unveils “Cyberspace” Badge caused-by-possible-software-malfunction/
May 18th, 2010
http://mocana.com/blog/2010/05/18/usaf-unveils-
cyberspace-badge/