source: cnet.com

In an interview, Amazon's head of devices and Ring's CEO talk about Amazon completing its purchase of the smart doorbell maker and a new price drop for Ring's first smart doorbell.

Amazon Key, the e-commerce giant's in-home delivery service that's off to a bumpy start, may soon get backup from one of the hottest smart home startups around.

Fortunately for Amazon, that startup is now part of the family.

The e-commerce titan on Thursday said it has completed its purchase of Ring, a maker of video doorbells and security cameras, after revealing the deal in late February. Now the work starts in earnest to figure out how to combine forces, including potentially adding Ring into Key, according to Dave Limp, head of Amazon's devices and services.

"As it relates to Key, that's obviously one that we'll look at pretty closely," he said Tuesday. "I wouldn't want to make any commitments at this point in time, but it's certainly one that's on the list that we'll start thinking about."

Limp's comments, which were part of an interview that included Ring CEO Jamie Siminoff, offer a hint as to how Ring fits into Amazon's broader strategy for the smart home. The deal comes as Amazon is working hard to maintain its dominant position in the area, where its Echo devices control 70 percent of the US smart speaker market. Also, its Alexa voice assistant works with thousands of gadgets, including Ring's products. 

But with Google, Apple and Samsung all pushing into the same business, Amazon is trying to keep its edge by continually growing its portfolio of devices, from the Fire TV stick to the Cloud Cam security camera to smart doorbells.

The acquisition also marks a shaky time in Amazon's relationship with smart thermostat and camera maker Nest, a long-time Alexa partner that's owned by Alphabet, Google's parent company. Google in early February merged itself back with Nest so both companies can work more closely together and create a potentially stronger competitor to Amazon. Meanwhile, Amazon has decided not to stock several new Nest devices, including the Nest Hello doorbell that competes against Ring's products.

 source:  forbes.com

Welcome to Industry 4.0, the new age where smart technology and smart appliances are moving us closer and closer to a fully digitized society. Potentially valued at almost $4 trillion by 2020, studies show that businesses everywhere will be able to benefit by embracing the fourth industrial revolution. And, with the emergence of blockchain, we're already on the pathway there.

What is Industry 4.0 ("i4.0")

Industry 4.0 is not a new technology, nor is it a new business structure. It is our society's current trend of data exchange and automation in the creation and development of new technologies. It is simply an acknowledgement that technology had advanced so much since the 19th century, where we saw the beginnings of mass production.

 

1st Revolution 2nd Revolution 3rd Revolution Industry 4.0
Factory Production Mass Production / Assembly Line Digital Automation Smart-Systems / Cyber-Physical Systems

 

The Revolutions

 

The First and Second Industrial Revolutions

In the 19th century, we witnessed Britain move from farming to an industrial sector, focusing on factory production. The Second Revolution, introduced mass production and steel. Factories were becoming more 'electrical,' giving birth to Henry Ford's assembly production line, allowing for voluminous production and mass distribution to come into play.

 source: tripwire.com

The war between security experts charged with the responsibility of protecting information and cyber-criminals who threaten to compromise the integrity of data for different entities has become a cat and mouse game.

For instance, as soon as white hats counter one form of malicious behavior using encryption tools, there is the almost immediate development of yet another malevolent form of threat for information systems.

The increasing digital connectivity and the automation of virtually all processes in the world of business throughout the whole value chain have led to the creation of agility. This has also led to the development of extremely high levels of threat and significantly raised the risk of cybersecurity.

The building of cyber-security into applications is critical in addressing such risks, as well as all the devices that are interconnected from the very beginning. In this article, we are going to highlight the emerging technologies that will boost the security of information systems from being compromised by hackers.

HARDWARE AUTHENTICATION

It is a well-known fact that passwords and usernames used by a majority of data users are weak. This makes it easy for hackers to get access to the information systems and compromise sensitive data of a business entity or government agency.

In turn, this has exerted pressure on experts of systems security to come up with authentication methods that are more secure. One of the ways that has been used is the development of user hardware authentication.

 source: securityweek.com

Adversaries Most Likely Want to Acquire a “Red Button” Capability That Can be Used to Shut Down the Power Grid

Last October the United States Computer Emergency Readiness Team (US-CERT) published a technical alert on advanced persistent threat (APT) activity targeting energy and other critical infrastructure sectors. Recently, it was updated with new information uncovered since the original report, and there are some interesting revelations this time around.

Since the initial alert, The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI), working with U.S. and international partners, determined that attacks were already underway and being carried out by unspecified threat actors. The new report contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks.

The boldest revelation is the decisive manner in which the unspecified “threat actors” are explicitly identified. There is no equivocation; what was once believed to be an amorphous “threat actor” has now been identified as the “Russian Government”.

Also eye opening is the update of the campaign timeline. In the original alert, the earliest detection of the threat was May 2017. It has been subsequently amended to March 2016. This underscores that the threat and targeting of critical infrastructure began nearly 15 months earlier than previously thought. One thing that hasn’t changed in the updated alert is that the attack campaign is “still ongoing,” meaning targets are still vulnerable and at risk.

As for reconnaissance and weaponization, in the original alert DHS identified the then “threat actor” as being interested in website and open source material pertaining to critical infrastructure. The report stated that no compromise was detected. The new alert reneges the “no compromise” statement and provides a very detailed description of how the Russians used malware to compromise industrial control system (ICS) networks. Moreover the use of zero day, APT and backdoor techniques all indicate the sophistication and intent of the activity designed to take over US critical infrastructure.

The breadth of these attacks are not only deeper but also broader than originally thought. Because it is infinitely easier to hack into a trade magazine website than into a critical infrastructure network, the report also notes the use of “watering hole” attacks; architected to compromise machines belonging to ICS personnel that visited popular online news outlets. Once installed this malware could be easily used for account takeovers.

The updated alert also reveals the effort put into exploitation. The October alert stated, “there is no indication that threat actors used Zero Day exploits to manipulate the sites.” This statement has been removed from the March report, meaning the Russians were specifically targeting and significantly investing in advanced exploits in order to access U.S. critical infrastructure. Also new, for the first time, the attackers attempted to cover their tracks, making it much harder to understand exactly what facilities were compromised.