Why is the Technology Industry Shirking its Security Responsibilities?
No sooner have we had time to recover from the post-CES jet-lag in January than Mobile World Congress 2018 rolls around. These two events have cemented themselves into the mobile and consumer technology industries’ calendars as key opportunities to showcase the latest hardware and software products and services, amidst a flurry of media hype and eager expectation from early adopters worldwide. So what’s in store for the technology industry and its eager consumers in 2018?
If anything, CES this year was a little flat, with little to see in the way of real innovation. This year’s show was a year of ‘iteration’ not ‘innovation’, particularly in the IT security industry, where the conversation at the show was dominated by promises of ‘security by design’ but no real demonstration of this. I was personally very interested to find out more about the latest smart safe that was unveiled at the show, billed as “a smarter way to keep valuables safe”.
Here was a new IoT device that, if anything, surely had to have the best digital security baked into it by design, no?
Unfortunately, that particular internet-connected safe turned out to be something of a damp squib, mainly because it proved to be incredibly easy to crack open. One BBC Tech reporter reported a worrying error that failed to trigger a theft alert. We simply banged on the top of the safe and it opened. What is more remarkable is that this vulnerability is well known, I had an issue with a smart safe of my own when the battery ran out and of course I lost my key. One quick search on YouTube revealed banging on the top of the safe would work, and guess what… it actually did! So much for ‘digital peace of mind’…
That’s merely one example of a slightly broken product that clearly needs a little more development before it hits the market. But that single widely-publicized security snafu was, unfortunately, tellingly symptomatic of an industry-wide trend of shirking responsibility for consumers’ digital (and physical) security.
All too often, digital and mobile security is still considered to be an afterthought, by hardware manufacturers and software developers alike, which is simply no longer viable. Particularly given the context of the increasing number and sophistication of cyber-attacks on mobile devices. See, for a very good example of this, the results of McAfee’s latest Mobile Threat Report 2018 – to be released at MWC 2018 – which reveals an explosion in mobile malware and dramatic changes in the mobile landscape over the last year.
If smartphone manufacturers genuinely wish to charge consumers in excess of £1000 for handsets, and provide finance plans to fund them then simply put, we need to know they are trustworthy. Shifting the blame onto the user, rather than building adequate methods of prevention into our business models is not acceptable.
So onto Mobile World Congress 2018 in Barcelona this year, we will be making some major announcements regarding a number of strategic partnerships with some of the world’s telecoms giants, designed to keep mobile users and the data on their increasingly number of smart devices safe, both in the home and on the go.
After all, it’s not that flash £1000 phone in your pocket that the real cybercrimals are after. It’s the data that’s stored within it, that can potentially give them complete access to your bank account, your confidential business data and more. And as the number of devices we have in our homes, our bags, our cars and our offices continues to proliferate, so does the number of attack vectors that cybercriminals can use to fraudulently obtain money.
The post Why is the Technology Industry Shirking its Security Responsibilities? appeared first on McAfee Blogs.
More antivirus and malware news?
- Hackers Connected to NotPetya Ransomware Surface Online, Empty Bitcoin Wallet
- Malware attack! "You have received a secure message"
- Russia Moves to Ban Tools Used to Surf Outlawed Websites
- Hacking the Hackers? US Spy Agency at Center of Apparent Breach
- Unix: Tracking down ghost accounts
- Why is using more than one anti-virus at the same time a bad idea?
- Coding flaw leaves Zeus admin panels easily exploited
- Password denied: when will Apple get serious about security?
- Google Removes Vulnerable Library from Android
- Why legal departments begrudge the cloud