29 June 2021

Demand for more powerful, flexible but simple integrated security and site management solutions – in applications including datacenters, healthcare, banking, and critical infrastructure – is being met by a new technology tie-up between Korea’s IDIS and Australian-headquartered, Inner Range. The collaboration brings together IDIS’s end-to-end video offering with Inner Range’s enterprise-level access control and intruder detection system Integriti, giving end-users everything they need for more efficient and productive control of their security, safety, and building systems from a single management platform. IDIS technology is easy to install with Integriti, with a simple three-step process, and is already proving its value with small to enterprise-level projects in key regional markets. The partnership will support continued growth in Asia and Australasia where IDIS has strategic partnerships with some of the most respected distribution partners, including Hills Limited in Australia, while major US and European applications are also now confirmed or in prospect say the two companies. Examples include a global data and asset storage provider which has just completed a significant upgrade. Projects in retail, commercial office space, and local government are also underway. Inner Range’s Integriti access control and integrated management platform works seamlessly with the IDIS’s DirectIP range of NVRs and cameras giving them additional control and management via the totally cost and license-free video management software (VMS), IDIS Center. The comprehensive choice of door controllers, readers and keypads from Inner Range can be extended with a range of third-party readers including Mifare, HID, biometrics and mobile credential support from multiple vendors. Linking access and alarm devices with IDIS’s award-winning video tech including deep learning analytics allows granular monitoring and recording of activity across single and multiple sites – for example door entry, forced-door, and a range of alarm trigger events – and provides instant visual verification of threats and faster incident response, together with comprehensive audit trails and reporting for both incident investigations and improved site management. Together, the Inner Range’s intelligent access control and security management system and IDIS end-to-end video solutions can be used as the foundation platform for fully integrated solutions that incorporate everything from security, life safety, and building management systems to visitor management and site-specific systems and devices. This integrated approach helps customers mitigate current risks, while ensuring a futureproof platform that will provide them with the scalability and flexibility to adapt as they face future operational challenges and an ever-evolving threat landscape. “Our modular, out-of-the-box approach integrates simply and effectively with Inner Range’s Integriti system offering customers integrated security management in a more affordable way. Our partnership ensures a lower total cost of ownership (TCO), combined with assured local support, extended equipment warranties, and easier maintenance,” says Dennis Choi, General Manager, IDIS Middle East & Africa. “Our new seamless integration with IDIS is a simple three-step process, allowing security managers and integrators to quickly and efficiently associate cameras with any entity on the Integriti system and plot them on schematic maps. Our partnership extends the technology choice available to systems integrators and offers attractive new options for their customers,” says Tim Northwood, General Manager, Inner Range.   To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitynewsdesk.com

Hard Off Security are one of the latest companies to join the official police security initiative Secured by Design. Hard Off Security are a British organisation built out of the need to solve a problem that affects hundreds of thousands of people driving keyless-entry/keyless-start vehicles that are susceptible to ‘relay theft’.  These vehicles are susceptible to the cloning of their key fob’s signals, by scanning for them from over 30 yards away. This is commonly done outside your house at night, by 2 thieves and commonly known as ‘relay hacking’. They are able to silently gain entry to your car and start the engine within seconds without the need to have physical access to the vehicle’s smart keys.  This is where criminals use specialist equipment that has the ability to grab the signal from the car to the smart key, so that it appears to the car that the key is present. Vehicles are most vulnerable overnight, particularly if parked on a driveway or directly outside a home. Hard Off Security’s smart tamper proof Hard-Off Fob Protector stops cars from being stolen in this way. A “Hard-Off” solution is at the core of this protection.  No Faraday cages, tin cans or metallic pouches or accidentally microwaving keys, the solution relies on stopping the transmission and reception of signals, not blocking them.  The Hard Off Fob Protector does this by cutting the power to the key fob using a simple ‘unhackable’ power circuit-break or “Hard-Off”. The Hard-Off Fob Protector Protects Passive Keyless Entry (PKE) vehicles against relay theft Adds value to your car once it is protected Simple to fit by wrapping device around the key fob’s battery Works intuitively by turning the key fob on and off as needed Simple to use and easy to live with because keyless functions remain unchanged No need to do anything different as it works completely automatically Designed and manufactured in the UK to the highest quality standards Money-back guarantee and a 2-year international and transferable warranty Doug Skins, Secured by Design, said: “It is a pleasure to welcome Hard Off Security as new members of Secured by Design. They are the first company to join Secured by Design with this type of solution to Relay Theft and I am really looking forward to working alongside them over the coming years”. Mark Churchward, Managing Director of Hard-Off Security Ltd., said, “When my daughter’s car was stolen from her driveway in the early hours, I was infuriated and astonished at how easy ‘relay theft’ was to do. Within days I realised the solution was in some kind of power off arrangement on the Fob and Hard-Off was born. The latest device which has been approved by SBD is the sixth generation and one of which we are very proud.” Secured by Design (SBD) is owned by the UK Police Service with the specific aim of reducing crime and helping people live more safely. SBD developed a product based accreditation scheme over 20 years ago – the Police Preferred Specification, which provides a recognised standard for all security products that can deter and reduce crime. SBD work with manufacturers and standards authorities to ensure that security standards are current and updated to keep pace with emerging crime trends. There are currently many hundreds of companies producing thousands of attack resistant crime prevention products, across over 30 different crime categories, which have achieved Police Preferred Specification. SBD is the only way for companies to obtain police recognition for security-related products in the UK.   To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitynewsdesk.com

As the price of bitcoin surged in the recent months, so too have the volume and sophistication of cyberattacks relating to the popular cryptocurrency. This is according to new research by Barracuda Networks, Inc., a leading provider of cloud-enabled security solutions, which found that impersonation attacks relating to cryptocurrencies grew 192% between October 2020 and April 2021 – aligning with the near 400% increase in the value of bitcoin over the same period. The report found that attackers are now expanding their range of cryptocurrency attacks from extortion and ransomware, to now incorporating digital currencies into spear phishing, impersonation, and business email compromise (BEC) attacks. “Cryptocurrency seems to be a perfect currency for criminal activity — it’s unregulated, difficult to trace, and increasing in value. For these reasons, it has fuelled and enabled a multibillion economy of ransomware, cyber-extortion, and impersonation,” said Fleming Shi, CTO at Barracuda. “The increased digitalisation of businesses since the onset of the pandemic has resulted in more data being created and stored in collaboration apps, and more information being exposed. This has created more targets and potential value for criminals. Combined with the increased price of bitcoin, these factors have presented strong motivation for cybercriminals to come up with more sophisticated schemes to cash in on bitcoin-mania.” Barracuda’s researchers found that one of the most common methods of attack was the impersonation of digital wallets and other cryptocurrency-related apps with fraudulent security alerts to steal log-in credentials. In the past, attackers impersonated financial institutions targeting victims’ banking credentials. Today they are using the same tactics to steal valuable bitcoins. Cybercriminals have also included bitcoin as part of their business email compromise (BEC) attacks, impersonating employees within an organisation. They target and personalise these emails to get their victims to purchase bitcoin, donate them to fake charities, or even pay a fake vendor invoice using cryptocurrency. Barracuda’s Artificial Intelligence (AI) based natural language processing of these BEC emails revealed the key phrases and calls to action that hackers are using to incite their victims. Most commonly, cybercriminals create a sense of urgency by using phrases like “urgent today” or before the “day runs” out. Their call to action is typically for their victim to go to the “nearest bitcoin machine.” They also play on their victims’ sentiments to request that a payment be made as a “charity donation,” making their victims believe they are doing a good thing. Growing cost of ransomware As an unregulated and difficult to trace digital asset, cryptocurrency has long been the preferred payment method for ransomware demands. Now, as the value of cryptocurrencies has surged, the ransom amounts hackers are asking for have been going up as well. In 2019 ransom demands ranged from a few thousand dollars to $2 million at the top end. By mid-2021 most demands were in the millions, with a significant number over $20 million. “Cybercriminals might still be requesting the same amount of bitcoin, but with the price of cryptocurrency going up it costs more for organisations to pay out,” said El Inati. Offering advice to businesses that have fallen victim to ransomware, Shi said, “When faced with ransomware attack, a lot of organisations and consumers don’t know what to do other than to pay the ransom. This feeds the appetites of cybercriminals, encouraging them to attack more and ask for even bigger ransoms. If it can be avoided, don’t pay up, and work with government agencies to get a resolution.” “As bitcoin and other cryptocurrencies become more mainstream, their value will continue to grow. But so will government intervention and regulations. It’s a rapidly evolving threat landscape and organisations and individuals must remain vigilant as cybercriminals will continue to demonstrate their ingenuity in formulating new and convincing ways to exploit the hype and ambiguity that surrounds cryptocurrencies,” Shi concluded.   To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here. Media contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitynewsdesk.com

Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority  National Infrastructure are those facilities, systems, sites, information, people, networks and processes, necessary for a country to function and upon which daily life depends.  It also includes some functions, sites and organisations which are not critical to the maintenance of essential services, but which need protection due to the potential danger to the public (civil nuclear and chemical sites for example).  In the UK, there are 13 national infrastructure sectors: Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water. Several sectors have defined ‘sub-sectors’; Emergency Services for example can be split into Police, Ambulance, Fire Services and Coast Guard.  Each sector has one or more Lead Government Department(s) (LGD) responsible for the sector, and ensuring protective security is in place for critical assets. Not everything within a national infrastructure sector is judged to be ‘critical’. The UK government’s official definition of CNI is:  Those critical elements of infrastructure (namely assets, facilities, systems, networks or processes and the essential workers that operate and facilitate them), the loss or compromise of which could result in:  Major detrimental impact on the availability, integrity or delivery of essential services – including those services whose integrity, if compromised, could result in significant loss of life or casualties – taking into account significant economic or social impacts; and/or  Significant impact on national security, national defence, or the functioning of the state.  National Cyber Security Strategy  The Covid-19 pandemic has highlighted the vulnerability of the UK’s critical national infrastructure (CNI) to disruption by malicious actors, and ensuring the resilience of such essential services will be a clear priority throughout 2021, according to the government’s annual National Cyber Security Strategy 2016-2021 (NCSS) progress report, which was last updated at the end of 2020.   In the introduction to the 2020 progress report, which reflects on progress already made against the NCSS goals and outlines future priorities as the strategy enters its final year, Paymaster General, Penny Mordaunt wrote that the tumultuous events of the Coronavirus pandemic has done much to reinforce the importance of cyber security to the UK’s national wellbeing.  “Millions of us have been relying more heavily on digital technology to work, shop and socialise,” wrote Mordaunt. “It has been an empowering and liberating force for good at a time when people have felt confined. It has been a lifeline keeping people connected with family and friends, ensuring the most vulnerable receive medicines and food deliveries, and is underpinning the operational delivery of our ongoing response to the pandemic.  “But alongside the clear benefits technology brings come growing opportunities for criminals and other malicious actors, here and abroad, to exploit cyber as a means to cause us harm. That is why the role of this strategy and the diverse range of talented and committed cyber security professionals across all sectors of our economy are so important in keeping citizens and services safe.  “The UK’s departure from the European Union presents new opportunities to define and strengthen our place in the world as a sovereign and independent country. That includes how we tackle existing and emerging cyber security threats at a time when the global landscape is changing dramatically.”  Mordaunt added: “Our approach to cyber security strategy post-2021 will reinforce the outcome of the current Integrated Review of the UK’s foreign, defence, security and development policy. It will ensure we can continue to defend the UK against evolving cyber threats, deter malicious actors, develop the cyber skills and cyber sector we need and build on the UK’s international leadership, influence and action on cyber security in the years ahead.”  In the past year, the government has run several initiatives to evolve and strengthen the approaches that CNI organisations take to cyber security, working across government, with various regulators and public and private sector organisations to build a collective understanding of the challenges faced by CNI owners, and develop new strategies to address them.  This work has included improvements to cyber security regulatory frameworks and the establishment of a Cyber Security Regulators Forum, and the ongoing implementation of the Network and Information Systems (NIS) regulations, which a post-implementation review seems to suggest are proving quite effective at strengthening security approaches among operators of essential services.  Throughout this year, the government will continue to work across CNI sectors to improve assessment and reporting processes, and plans to develop bespoke penetration testing frameworks to help telco operators in particular defend against, manage and recover from cyber attacks.  It will also put more energy into improving understanding of the UK’s supply chains and dependencies – which is especially vulnerable to disruption thanks to the government’s approach to Brexit.  The report outlined plans to extend the deployment of the National Cyber Security Centre’s (NCSC’s) Active Cyber Defence (ACD) programme beyond traditional government sectors in support of private sector CNI. An ACD Broadening project will aim to build on the success of the programme and expand it out to a broader range of sectors to allow them to benefit from automated protection from commodity cyber threats.  Currently, the service includes protective domain name services, web and mail checks, host-based capability, logging, vulnerability disclosure, the Exercise in a Box programme and the Suspicious Email Reporting Service (SERS). While some of these – most notably Exercise in a Box and SERS – are currently publicly available, others are only made available to public sector bodies.  The NCSS progress report also outlined other key priorities for 2021, which include: enhancements to the UK’s threat intelligence capabilities; the expansion of cyber crime deterrence programmes such as the National Crime Agency’s (NCA’s) CyberChoices scheme and the ongoing introduction of Cyber Business Resilience Centres around the UK; improving the NCSC’s ability to respond to cyber incidents, including possibly automating some aspects of the process; enhancing security by design standards for connected products and services, working with bodies such as ETSI; bolstering cyber