Category Archives: Internet Security
There are certainly fewer viruses around targeting Macspartly because it makes more sense for bad actors to target Windows, which has a significantly bigger user basebut macOS is certainly not immune to viruses. Don't think that just because you own an Apple computer, you don't have to worry about malware.
Your Mac comes with some impressive security features built right in, including XProtect and Gatekeeper, but there's no harm in installing extra protection for extra peace of mindthe right antivirus tool is only going to improve your Mac's defenses, and some of the best anti-malware software developers out there offer packages for macOS.
What's more, they often come with extras besides the virus-fighting capabilities, including web tracker blocking and junk file removal. Here we've picked out our current favorites, weighing up everything from the ease-of-use of the interface to the range of features.
Malwarebytes for Mac offers a clean, straightforward interface. Credit: Lifehacker
Malwarebytes is an antivirus tech veteran, and its Malwarebytes for Mac software comes with a variety of useful features: An at-a-glance look at your computer's current safety status, basic VPN features to improve the privacy of your web browsing, and quick and easy manual scans that run a comprehensive audit of all the files on your system.
Okay, it's not the most feature-packed security tool out there, but it does the basics (like scheduled scanning) very well, and couldn't be any easier to use. The basic Malwarebytes for Mac scanner is free, while the Premium version (from $6.67 a month after a 14-day trial) offers round-the-clock protection and the additional VPN shield for connecting to the web.
Intego Mac Internet Security X9 gives you a comprehensive set of features. Credit: Lifehacker
Few companies take Mac security as seriously as Intego does, and it makes several antivirus packages available for macOS, including Intego Mac Internet Security X9: It'll protect against viruses and other network attacks, and comes with protections against fraudulent websites and email threats too, all wrapped up in an intuitive interface.
A lot of what Intego Mac Internet Security X9 does to keep your computer safe happens automatically without much input from you, including malware definition updates, but you can run scans manually. You'll have to pay from $49.99 per year to use the software on your system, but you can try it out free of charge for 14 days to see if you like it first.
Bitdefender Antivirus for Mac includes some useful extras. Credit: Lifehacker
Bitdefender is another of the long-serving security software brands that you can trust, and it offers a variety of solutions to protect your Mac. Bitdefender Antivirus for Mac is the cheapest of those solutions, which will set you back $59.99 per year after the 30-day trial has expired (though at the time of writing, you do get a discount on your first year).
In return for that cash you get real time protection against viruses and ransomware, you get the blocking and removal of adware on the web, you get a basic VPN service, and you get additional tools for staying safe while shopping and banking online. Everything is handled in a smart interface that keeps you right up to date with your security status.
AVG Antivirus Free is a simple and free solution. Credit: Lifehacker
If you're in the market for a free and lightweight antivirus tool for macOS, then AVG Antivirus Free fits the bill: It's not particularly advanced (hence the free bit), but it can do a comprehensive virus scan of your system for you, and if you need extra protection and features then there are premium options too (starting at $59.88 for the first year).
Everything is straightforward to use, from the smart scan that you can launch manually, to the file shield feature that interrogates every new file that gets added to your system to make sure it's safe to use. You also get an impressive level of customization, considering this is a free piece of software, so you can turn off features you don't think you need.
Avast Free Antivirus is one of the more advanced free options. Credit: Lifehacker
Another free antivirus tool for macOS that's worthy of your consideration is Avast Free Antivirusand as with the AVG package, more advanced programs are available if you're prepared to pay (from $49.99 for the first year). It's a little more advanced than the AVG option above, but they're pretty similar (AVG and Avast are run by the same company).
The extra options you get here versus the AVG package include a network scanner, and a traffic monitor for measuring the data usage of your appsso you can tell if an app is using up more bandwidth than it really should. The smart scan is straightforward to use, and you'll also get advice about potential security vulnerabilities before they're exploited.
Commonwealth training on internet safety praised by Papua New Guinea judges | Commonwealth – Commonwealth
Judges in Papua New Guinea have commended a new Commonwealth training course aimed at upskilling them to handle cybercrime cases and make the internet safer for their citizens.
Supported by the United Kingdom, the Commonwealth Secretariat partnered with the Papua New Guinea Centre for Judicial Excellence to organise the training in the capital city, Port Moresby on 12 and 13 February 2023.
More than 40 judges and magistrates attended the training, engaging in simulations to deepen their understanding of cyber threats and computer-based offences.
They were equipped with practical skills to apply internationally recognised good practices within their jurisdictions, gather electronic evidence admissible in courts, and foster cross-border cooperation to prosecute cybercrimes.
Covering topics ranging from protecting user data to authenticating digital evidence, the training course aimed to address the challenges judicial officers often face in tackling cybercrimes, particularly in developing countries.
During the opening session, Justice Les Gavara-Nanu, a Supreme Court judge, commended the timely training and drew attention to the changing landscape of Papua New Guineas criminal justice system.
He underscored the challenge posed by the surge in cybercrime, which requires new approaches to evidence-gathering compared to traditional crimes.
Justice Gavara-Nanu continued:
We need assistance from the Commonwealth Secretariat to deal with these types of cases, from investigation [and] detection to prosecution and adjudication which is what concerns judges and magistrates as adjudicators.
John Carey, Judge Administrator of the Papua New Guinea Centre for Judicial Excellence, echoed Justice Gavara-Nanus sentiments, expressing full support for the training on behalf of the countrys Chief Justice, Sir Gibuna Gibbs Salika KBE.
Reports indicate a disproportionate increase in cybercrimes in the Asia-Pacific region, accounting for 31 per cent of all incidents remediated around the world in 2023.
Cybersecurity threats were estimated to cost organisations in the Asia-Pacific region about US $1.75 trillion in economic losses roughly the size of the worlds 13th largest economy, South Korea.
Addressing the participants remotely, Commonwealth Assistant Secretary-General Professor Luis G. Franceschi said:
Our research shows a particular need for enhancing the skills of judicial officers to effectively adjudicate cybercrime cases.
The knowledge and skills you will gain through training will help you identify practical solutions to the many challenges faced by our countries in making the internet a safer place for everyone.
He urged judges and magistrates to remain vigilant against cyber threats by regularly updating their security protocols, practices and policies while pledging the Commonwealths full support to them in this endeavour.
In her remarks, Anne Macro, the UKs Commissioner to Papua New Guinea, reiterated her countrys commitment to ensuring a safe and trusted cyberspace for all. She emphasised that the UK would continue working with international partners, including the Commonwealth Secretariat, to achieve this goal.
Established in 2018, the Commonwealth Secretariat has trained more than 1,000 law enforcement officers, prosecutors, and judicial officials from 55 Commonwealth member countries.
NordVPN delivers privacy through a number of features, an automatic kill switch and Double VPN, which as the name implies, doubles the VPN encryption for extra privacy. NordVPN has also stayed true to its promise not to keep IP addresses and VPN usage logs.
Our speed with NordVPN varied, but overall, NordVPN was reliably fast. Our speed test readings averaged 225 Mbps and 218 Mbps for downloads and uploads, which was about 90-percent of our 250 Mbps fiber-optic internet network. Thanks to its consistency, we consider NordVPN one of the fastest VPNs we tested. It never once let us down when it comes to bandwidth-heavy activities like streaming and downloading torrent.
>> See More: Download Torrent Privately with The Top VPNs
NordVPNs encryption is beyond reproach. It offers military-grade encryption, a.k.a. 256-bit AES, the highest encryption standard there is. There are additional safety and security measures in place as well. Whenever we connected to NordVPN, for example, it gave us access to a private DNS server, making sure we were not using our internet providers public DNS which could lead to IP address leakage.
With a NordVPN subscription, we ramped up our online privacy with its advanced features, 256-bit AES encryption, and top-notch VPN protocols, namely OpenVPN and NordLynx. We personally enjoyed using NordLynx on our Android, as we found that its about five-percent faster than OpenVPN. We also enjoyed lots of useful extras, like Threat Protection, which kept us out of malicious websites and kept ads out of our browsing experience. NordVPN, in our opinion, is more than just a VPN; its a multi-purpose tool for online privacy.
The VPN protocol is everything for a VPN, which is why its great that NordVPN offers two of the fastest, most reliable, and most secure VPN protocols: OpenVPN and WireGuard in the form of NordLynx. Heres a quick comparison, and for a more in-depth look, heres our comparison of the top VPN protocols.
NordVPN worked well with OpenVPN and NordLynx, but we found the latter more suitable for mobile devices because its lightweight, it adds less overhead data (useful for those in a data plan), and its faster. Our average Android download speed was 225 Mbps with NordLynx and 216 Mbps with OpenVPN. OpenVPn was still our top choice for privacy though, because it was more flexible and robust in terms of encryption.
Although not exactly a cheap VPN, we got more than our moneys worth from NordVPN thanks to its impressive feature-set. It protected us from malicious websites and trackers, gave us rare VPN features like Double VPN, and we found no fault in its performance. Wed happily pay the $1 per month extra cost of NordVPN compared to its competitors. Take a look at its pricing:
FYI: For a limited time, you can get three months of free service if you subscribe to the Standard, Plus, and Complete plan for either one year or two years. The cheapest subscription, Standard for two years, costs only $80.73 or about $2.99 per month.
So, which NordVPN plan is best for you? It depends on you. The Plus and Complete plans include extra digital security tools like a password manager and secure cloud backup, but even the cheapest Standard plan gives all the features we mentioned above.
NordVPN offers best-in-class digital security, making it the ideal option for those who are ultra-concerned about their privacy. That said, even novice and casual VPN users can benefit from NordVPNs impressive suite of extra features.
Surfsharks recent move to the Netherlands might raise some eyebrows since the country is a known member of the Nine Eyes, a government alliance with laws that could undermine the confidentiality of VPNs. However, we didnt bat an eye because Surfshark is known for its privacy practices. Just as we were wrapping up our Surfshark tests, Cure53 released a positive audit report on the privacy of the VPNs server infrastructure.
The speed we got from Surfshark was a mixed bag. We got excellent download speed readings that averaged 228 Mbps, but in some instances, the upload speed dropped to as low as 91 Mbps less than half of our internet speed. The average upload speed, however, was 167 Mbps.
Surfshark more than just kept our online traffic private; it also made sure to keep our VPN use a secret through Camouflage Mode. Enabled automatically in our Windows Surfshark app, this mode made our encrypted traffic seem like normal traffic, which is handy if youre in a country or network that restricts VPN usage. A colleague traveled to China recently and used Surfshark with no issues, despite it not being a government-approved VPN. We should mention that thanks to Camouflage Mode, Surfshark is one of the best VPNs that work in China.
>> Learn More: Must-Have VPNs for Traveling
Surfshark is a feature-rich VPN that offers beyond what most VPNs provide. In addition to the standard functionalities of VPNs, such as encryption and tunneling, Surfshark delivers a host of useful extras, such as the Camouflage Mode we previously discussed. Its also one of our favorite VPNs for Firestick, making it easy to stream content from all over the world.
On top of that, Surfshark can be your all-in-one digital security solution with its new Surfshark One offering, which combines malware protection, data leak detection, a secure search engine, and webcam protection for desktops. Head over to our page on Surfshark pricing to see all your payment options and see us take the antivirus software for a spin in our Surfshark One antivirus review.
VPNs encrypt and hide your browsing data, but those who have access to your network can tell if youre using a VPN based on how your data packets look. This could spell trouble if youre in a restrictive network (like office or school networks) or country (like China) that monitors the use of VPNs. But like we stated, a colleague was able to use Surfshark in China without any problem because Camouflage Mode made their traffic blend in. In VPN terms, this is also known as obfuscation.
Pro Tip: Another feature you might find useful is Alternative ID. Essentially, Surfshark creates an online alias (name, email address, etc.) to use for signing up for email newsletters or creating accounts on websites with shady or vague privacy policies. Alternative ID isnt included in the Surfshark VPN subscription, but is included in Surfshark One.
A nice little side-effect of using a VPN is gaining access to streaming content available outside your country. You can use it to unblock Hulu, for example, if youre outside the U.S., or access Disney+ shows that are not available in your country.
And its not just for Disneys streaming service although yes, Surfshark is one of the best VPNs for Disney+. Surfshark works quite well with any streaming service, including Netflix, HBO Max, Spotify, and even YouTube. It was also one of the most reliable VPN for Prime Video. So the next time youre shopping for the best Hulu VPN or any streaming service, for that matter for your travels abroad, consider taking a look at Surfshark.
Surfsharks Camouflage Mode is a solid stealth-mode VPN feature for users worried about government restrictions. If you think you might get into trouble if you connect to a VPN in school, at the office, or countries that are not VPN-friendly, Surfshark is for you.
Private Internet Access Windows speeds were fast during our tests, averaging 236 Mbps for downloads and 223 Mbps for uploads. Its one of the fastest VPNs for Windows. Its macOS and smartphone connections were also decent (200+ Mbps average), so overall, were happy with how PIAs speed turned out.
By default, Private Internet Access uses 256-bit AES encryption, but it was one of the few VPNs we tested that allow users to choose between 256-bit and 128-bit AES. The latter is less secure, but tends to be faster than 256-bit, which is why we preferred it for less privacy-demanding tasks like streaming Netflix or online gaming.
>> See More: Best Xbox VPNs
Private Internet Access speed on Windows was one of the reasons we considered it one of the best VPNs for Windows, but we also liked how easy it was to customize. The Windows app gave us endless options to personalize how our VPN connected, how it encrypted our data, and how it tunneled our traffic through the VPN. Its that flexibility that allowed us to optimize our VPN connections for different activities from simple browsing to work and even online gaming.
>> Related: The Top VPNs for Online Gaming
Not everything you do online requires Pentagon-level encryption, especially since tougher encryption can slow down your network. With Private Internet Access, we set the balance between speed and security. Fresh off the installation, we got maximum security from 256-bit AES encryption, but whenever we needed faster speeds, we switched to 128-bit AES, which is still secure but significantly speedier. We even found an option to turn off encryption altogether (proxy mode), which came in handy when we just wanted to change our IP address location to access anime from Netflix Japan.
Read More: Best Proxy Servers
A VPNs app can make or break the service. Private Internet Access is a great VPN with just as great an app thats easy to learn to use. Even our office intern, who apparently has never heard of VPNs before, learned to use it in no time. Because of that user-friendliness, Private Internet Access app has garnered high ratings from users.
One thing we really liked about the apps was their flexibility and customizability, which allowed us to fine-tune our connections and get the most out of our Private Internet Access subscription. For example, PIAs split tunneling feature is so advanced, it offers both conventional and inverse split tunneling (see our split tunneling guide for a detailed explanation).
With conventional split tunneling, we were able to exclude apps and websites from a VPN connection. One of the programs we use at work doesnt allow VPN traffic, so we set it to bypass PIAs tunneling on our computers. That way, we can continue to use it while keeping the rest of our device VPN-protected.
On the other hand, inverse split tunneling let us set apps that could connect to the internet only via a VPN connection. For this, we set apps like browsers to make sure were always on a secure line whenever were browsing.
>> Learn More: Are Private Browsers Really Private?
While PIA has pretty good mobile apps, the desktop apps offer the best functionalities. So this VPN is best for people who mostly use desktops for work and play.
>> More Options: The Best VPNs for India
UltraVPN uses a proprietary VPN protocol called Hydra from its sister company Hotspot Shield, highly-touted for its speed, but UltraVPNs speed wasnt exactly top-notch. Our download and upload speed dropped to about 160 Mbps about 40-percent less than our baseline network speed (250 Mbps). UltraVPN was still fast, but not as fast as NordVPN, thats for sure.
OpenVPN and WireGuard are the default protocols of many VPNs. We like those options because they are proven and tested, but UltraVPNs use of Hydra has a unique appeal. This protocol is exclusive to a few VPNs, so cyberattackers have less interest in exploiting it. It may not be as secure as OpenVPN, but in our tests, UltraVPN has proven enough that it encrypts traffic and hides IP addresses well (no IP address leaks whatsoever).
VPNs need not be complicated. While advanced and innovative features can be useful for some, especially those that need airtight privacy, a simple VPN that can do the job, is affordable, and is easy to use is the kind of perfect VPN for others. UltraVPN checked all those boxes. Thats why we think UltraVPN is the best day-to-day VPN.
While it lacked the advanced features and customizations we saw from Private Internet Access, UltraVPNs performance as a VPN was rock-solid. It gave us decent speeds, bug-free apps for desktops and smartphones, and a respectable number of VPN servers to choose from (1,000 servers in 125 locations). For its price $7.99 monthly or $1.99 per month if you sign up for two years its definitely a cost-effective solution for online privacy.
UltraVPN makes use of a VPN protocol called Hydra. Originally developed by Hotspot Shield, Hydra promises to deliver fast speeds, agile connections, and good security. Its actually one of the best VPN protocols after OpenVPN and WireGuard.
We especially liked UltraVPNs agility when using the Hydra protocol. It reconnected automatically and swiftly even when we changed Wi-Fi networks or switched from mobile data to Wi-Fi and vice versa on our phones. It left very little opportunity for attack. It also made day-to-day use a little bit easier as we didnt have to check our connection as often as we did with less agile protocols like OpenVPN.
FYI: Hydra proved great at protecting IP addresses. It passed our three sets of tests for DNS and WebRTC leaks, two common types of leaks that could happen to VPNs. So even though UltraVPN lacks the commonly offered protocols OpenVPN and WireGuard, Hydra is a great alternative.
>> See Also: What Can Someone Do With My IP Address?
UltraVPN can be quite affordable in terms of pricing. Even its monthly subscription, which is typically the priciest subscription plan of a VPN, costs only $7.99. Just for comparison, our top-pick NordVPN costs $12.99 with a monthly subscription.
If youre looking for a VPN for long-term use, UltraVPNs pricing gets even better. If you sign up for two years, youll pay only $47.76 per month. Thats an average of just $2 per month. See the pricing breakdown below.
The bottom line is, whether youre looking for a short-term or long-term VPN, UltraVPN is a practical choice.
UltraVPN is a good day-to-day VPN for average users, especially with its affordable pricing and easy to use apps. While it doesnt offer as many features as other options, UltraVPN is reliable and fast.
NortonVPN collects more information from users than other options. For example, while Private Internet Access let us opt out of providing aggregate usage data (bandwidth use, device ID, etc.), Norton logged mobile device data and aggregate bandwidth usage. Its still a no-logs VPN, though, as it did not log which websites we visited and IP addresses we used.
Norton Secure VPN ranked 12th in our VPN speed comparison, which is still decent considering we tested 35 VPNs in total. The download speed was impressive. It kept the speed loss to less than 12-percent. However, the upload speed (averaged 84 Mbps) and latency (averaged 120 ms) could be improved.
Norton Secure VPN had a particularly nifty feature where it automatically detected whenever we connected to a suspicious Wi-Fi network, such as password-less coffee shop Wi-Fi, and secured our connection with a VPN tunnel. While not rare, features like that one offer good digital security.
Norton is perhaps most famous for its Norton antivirus software and LifeLock (one of the best identity protection services; read more in our LifeLock review) but it also has a VPN, and its not half bad. Every time we connected to the macOS app, we got a different shared IP address, which is more preferable than static IP addresses because it made it difficult to trace us online. Not only did the IP address change everytime, but the IP addresses it provided us were shared with other users as well. Since online anonymity is what were after, we were satisfied with this VPN app.
Learn more: Static vs Dynamic IP Addresses
How much does the Norton Secure VPN cost, you ask?
Well, if you only sign up for a month on one device, its $4.99. However, for 10 devices for a year, the cost is only $59.99, which amounts to only about $0.50 a per device per month. If you need a VPN for the whole family, this plan is incredibly affordable, and one of the best VPN deals weve seen in a while.
Norton Secure VPN encrypted our web activity and hid our IP address using AES-256, the same encryption that the U.S. government and military use, so you know its secure.
Beyond that, in some locations, the VPN encrypted our web activity and changed our IP addresses multiple times, a process called multi-hop or double hop. That made it that much harder to track us online, from our personal emails to the items we bought on Etsy. No one needs to know about our obsession with vintage cookie jars, after all.
Norton Secure is best for those who are just starting to utilize cybersecurity tools to protect themselves online. Besides being easy to use, Norton Secure is from a brand most famous for its antivirus software.
You might be getting tired of VPNs that say they have a no-logs policy with no data to back it up, but Hotspot Shield actually has proof. In a transparency report, the company released that it received 56 subpoena and government requests in 2018, but that it hadnt been able to provide any information because, again, it doesnt log VPN usage and IP address information.
As you might remember, Hotspot Shield created the Hydra protocol used by UltraVPN. While its supposed fast speeds didnt materialize when we tested UltraVPN, we saw Hydras speed potential from Hotspot Shield. It was the fastest VPN we tested in terms of download speed, averaging 242 Mbps. Thats only four-percent less than our baseline internet speed.
Hydra is Hotspot Shields only VPN protocol. It doesnt use the tried-and-tested OpenVPN or even the newer protocol WireGuard that has been making waves in the VPN market recently. Although it has proven itself in speed, Hydra still has a lot to prove in terms of security. We would have liked to see more VPN protocol options from Hotspot Shield even NordVPN, which has NordLynx, still offers OpenVPN as an option.
Hydras speed played a huge part in why we picked Hotspot Shield. When it came to Netflix-watching parties, Hotspot Shield had us covered with fast speeds on our Mac and Windows computers. We also didnt experience huge delays or lags on Netflix when we used the app on our Android devices, which came in handy during commutes.
Of course, its fast speed was advantageous in more ways than just watching Netflix. Whether for downloading, streaming, or just general browsing, Hotspot Shield kept our data safe without sacrificing speed.
Money Saver: To get discounts, sign up for long term-lengths; typically, one or two-year subscriptions are cheaper than monthly plans.
These days, we see a lot of proprietary VPN protocols VPN protocols made and developed by a VPN company from the best VPN brands. Not many of them, however, can claim to be as fast as Hotspot Shields Hydra Catapult VPN protocol. Thanks to Hydra, the only VPN protocol offered by Hotspot Shield, we notched record-high download speeds during our recent VPN speed testing (more on that below).
Hydra is also plenty secure. Its actually built around OpenVPN, (which if you can remember is one of the most secure VPN protocols), but Hotspot Shield tweaked it a little to give it a boost in speed without compromising security.
We recently tested and compared the speeds of the top VPNs, and even though Hotspot Shield didnt take the top spot, it was right up there. We were most impressed by the download speed, as Hotspot Shield only made a negative 3.17-percent impact on our regular internet speed. That meant that with our roughly 250 Mbps connection, Hotspot Shield maintained an average download speed of over 240 Mbps.
>> Related: What Is ISP Throttling?
Hotspot Shield has strong streaming potential. Plus, Hotspot Shield is affordable, so its best for young people looking to expand their entertainment options without spending much.
IPVanish was the second fastest VPN weve tested overall, considering its impressive upload and download speeds as well as network latency. We measured only four- and five-percent decrease in download and upload speeds, respectively, and the VPN kept our network latency well below 80 ms. We tested IPVanish on a Windows laptop and subsequently named it one of the best Windows VPN because of its speed.
IPVanish security doesnt stand out in any particular way, but its admirable that it comes complete with all the features were looking for in a secure VPN. It has a kill switch, it offers several VPN protocol options, it uses 256-bit AES encryption, and it passed our DNS and WebRTC leak tests. All things considered, its a solid and secure VPN.
From Our Notes: IPVanish disconnected unexpectedly once during testing due to server maintenance, which showed us that its kill switch works. Because it stopped all internet connections on our device, the kill switch alerted us that we were no longer getting protection.
What sets IPVanish apart from other companies is its commitment to customer service. We cant tell you how much trouble we have sometimes getting companies to respond to our technical questions. Many VPNs dont offer phone support, and a fair number dont provide answers 24/7.
IPVanish has friendly customer service agents you can talk to any time, via both phone and online chat. Yet, the company doesnt charge any more than other VPNs. A one-year subscription, for example, is just $2.99 a month.
All VPNs can fail at any time without warning; thats just the reality. Thats also why we recommend looking for a VPN with a kill switch just like IPVanish. Its not that IPVanish is unreliable. It only ever got disconnected unexpectedly once, apparently due to server maintenance, but it showed us the kill switch in action. Without it, we would have kept browsing thinking IPVanish is protecting our data. But because it halted our devices network connection the moment IPVanish disconnected, the kill switch alerted us that we were no longer getting protection. We reconnected through a different server and got back online moments later.
All of the VPNs weve reviewed have privacy policies that outline what types of data they collect, why they collect those types of data, and how they use the data. Not all of them, though, have been audited like IPVanish.
The Leviathan Security Group, an independent security and privacy auditing firm, audited IPVanishs privacy and security practices just this year. Theyve found that IPVanishs claim that it doesnt log browsing and usage data is true. The firm also determined that IPVanish is non-invasive to its users privacy, making it a solid VPN for privacy-conscious users.
IPVanish has great mobile apps and its also affordable, so students looking to improve their digital security and privacy, not to mention access blocked sites on their schools network, could benefit from this VPN.
Privacy is ExpressVPNs bread-and-butter, and it made sure to use state-of-the-art technology to remain a top option. It has invested in making its VPN servers run on RAM, which we consider more private than traditional VPN servers that run on hard drives. If you remember, another VPN that offers RAM-only servers is Surfshark, which is number two on this list. That speaks to how high-quality ExpressVPNs network is.
ExpressVPN was middle-of-the-pack in terms of speed. It wasnt great, but it also wasnt bad. It was speedy enough to let us stream movies in 4K resolution. With ExpressVPN connected, our download speed averaged 230 Mbps while our upload speed averaged around 210 Mbps.
ExpressVPN uses a combination of 256-bit AES encryption and its speedy and lightway VPN protocol called Lightway to protect user traffic. It was a solid pairing. We found no IP address leaks from the Lightway protocol and its speed was well-within the average. We also liked how quickly Lightway established tunnels less than five seconds on average which meant we could connect to ExpressVPN anytime without hassle, even when were commuting via the subway.
ExpressVPN excels at doing the one thing every VPN should be able to execute well: Encryption. It uses 256-bit AES as the standard, and then improves on that by offering a swath of secure VPN protocols. ExpressVPN even came up with its own VPN protocol that is both well-encrypted and agile.
Another reason why we like ExpressVPN is how easy it was to install on our Firestick. With the VPN installed, we were able to stream different media libraries from all over the world.
Sure, the slightly higher cost of ExpressVPN may be a bit hard to swallow, but ExpressVPN is nothing if not one of the most secure VPNs around.
ExpressVPN is at the forefront of VPN technology. In addition to adopting existing VPN protocols, it developed a proprietary protocol that is both secure and fast, called Lightway. This VPN protocol runs on only 2,000 lines of code, much less than protocols like OpenVPN. And as a result, its lightweight and it provides a smooth user-experience.
Heres how it compares to OpenVPN:
There are VPNs that we consider leaky because their technology doesnt effectively block IP address and browsing data leakage. ExpressVPN is far from being that, though. Its one of the most secure VPNs on the market, capable of blocking DNS leaks and WebRTC leaks.
In fact, once youre connected to ExpressVPN, you can use its websites WebRTC leak detector to make sure it isnt leaking your IP address through your browsers WebRTC feature. Each time we tested ExpressVPN for those leaks, we didnt find any just the result we were hoping for.
ExpressVPN offers agile data protection, which is particularly ideal for frequent travelers. It has strong privacy features, and its lightweight proprietary VPN protocol also makes it a good travel companion, as it runs fast on most mobile devices and computers.
Like many of the VPNs here, such as Norton Secure VPN and Ivacy, CyberGhost provided fast download speeds but significantly slower upload speeds. Our upload speed went down by 70-percent, which meant we only got about 75 Mbps from our 250 Mbps network. Fortunately, the download speed, which is usually what matters most to us because we like streaming, remained high with an average reading of 223 Mbps.
In terms of security, we liked CyberGhosts IP address masking in particular. Normally, when trying to access sites like Netflix and Disney+ that block VPNs, theyd occasionally detect that were using VPNs. For example, in our X-VPN review, while we were eventually able to stream Netflix, two of the 10 servers we tried were detected. With CyberGhost, we connected to 10 different servers in different locations, and all of them worked. That was, to some degree, proof that CyberGhost was hiding our IP address well.
CyberGhost has over 7,500 servers in 91 different countries, so although we only tested it out in the United States, wherever in the world you are, you probably wont have trouble connecting either.
The company is based in Romania, not a member of those international surveillance networks we keep mentioning; plus, Romania as a country has almost no data retention laws of its own, making CyberGhost a great pick for privacy.
FYI: CyberGhost offers split tunneling on Android devices only, so if youre using a Windows, Mac, or iOS device, youll only be able to access private and not public networks.
CyberGhost offers a wide array of subscriptions to choose from, and this makes the VPN very flexible. You can sign up for a month subscription to try things out, or go all-in on a one-, two-, or three-year subscription. The best part is, youll get a discount depending on the length of your plan.
The highest discount is over 80-percent off, which you can get by signing a three-year subscription. All in all, youll pay only $56.94 every three years, which breaks down to just over $2 per month.
Read the original post:
Best VPN Services of 2024: Reviewed by Experts - Security.org
BALOCHISTAN: Balochistan, amidst rising security concerns due to a surge in terrorist attacks, has decided to limit internet services in sensitive polling stations leading up to the February 8 elections, as reported by Pakistan-based newspaper News International Jan Achakzai, the caretaker information minister, declared the decision, citing the potential threat of terrorist activities during the polling process. Taking to X, Jan Achakzair stated that there was a risk that the terrorists might use social media platforms as a means of communication for their nefarious plans. "Ensuring the safety and security of ordinary citizens is of utmost importance, as there is a concern that terrorists may exploit social media platforms such as Facebook, Twitter, and other similar channels for communication purposes," he wrote in an X post. He further stated that internet access will be restricted in the lead-up to the elections in regions including Turbat, Mach, and Chaman, the latest areas to witness a terrorist attack in the province. The move, aimed at safeguarding citizens, comes amid a challenging security landscape, particularly with an escalation in attacks targeting political parties and their campaign gatherings, as per The News International However, the intermittent network outages have posed challenges for independent candidates, like lawyer Jibran Nasir in Karachi, who heavily rely on social media for outreach due to budget constraints. According to The News International, Jibran Nasir, expressing concerns over the government's actions, deems the shutdowns as setting a "dangerous precedent" and violating constitutional rights, particularly freedom of expression. With less than a week until the polls, security measures have intensified nationwide to ensure a conducive environment for the electoral process. Despite the security measures, Chief Election Commissioner Sikandar Sultan Raja has assured the public of an uninterrupted polling day experience, ruling out the possibility of communication and internet service disruptions. However, the situation differs in Sindh, where caretaker Information Minister Ahmed Shah stated that no decision has been made regarding the suspension of internet and communication services on February 8.
Read the rest here:
Balochistan: Internet services restricted for security reasons - IndiaTimes
New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol – NIST
The Transport Layer Security (TLS) protocol allows us to send data over the internet securely, protecting passwords and credit card numbers when we provide them to a site. A new practice guide will help industries perform required monitoring of incoming data for malware while using TLS 1.3, the protocols latest version.
Credit: N. Hanacek/NIST
Companies in major industries such as finance and health care must follow best practices for monitoring incoming data for cyberattacks. The latest internet security protocol, known as TLS 1.3, provides state-of-the-art protection, but complicates the performance of these required data audits. The National Institute of Standards and Technology (NIST) has released a practice guide describing methods that are intended to help these industries implement TLS 1.3 and accomplish the required network monitoring and auditing in a safe, secure and effective fashion.
The new draft practice guide, Addressing Visibility Challenges with TLS 1.3 within the Enterprise (NIST Special Publication (SP) 1800-37), was developed over the past several years at the NIST National Cybersecurity Center of Excellence (NCCoE) with the extensive involvement of technology vendors, industry organizations and other stakeholders who participate in the Internet Engineering Task Force (IETF). The guidance offers technical methods to help businesses comply with the most up-to-date ways of securing data that travels over the public internet to their internal servers, while simultaneously adhering to financial industry and other regulations that require continuous monitoring and auditing of this data for evidence of malware and other cyberattacks.
TLS 1.3 is an important encryption tool that brings increased security and will be able to support post-quantum cryptography, said Cherilyn Pascoe, director of the NCCoE. This collaborative project focuses on ensuring that organizations can use TLS 1.3 to protect their data while meeting requirements for auditing and cybersecurity.
NIST is requesting public comments on the draft practice guide by April 1, 2024.
The TLS protocol, developed by the IETF in 1996, is an essential component of internet security: In a web link, whenever you see the s at the end of https indicating the website is secure, it means TLS is doing its job. TLS allows us to send data over the vast collection of publicly visible networks we call the internet with the confidence that no one can see our private information, such as a password or credit card number, when we provide it to a site.
TLS maintains web security by protecting the cryptographic keys that allow authorized users to encrypt and decrypt this private information for secure exchanges, all while preventing unauthorized individuals from using the keys. TLS has been highly successful at maintaining internet security, and its previous updates up through TLS 1.2 enabled organizations to keep these keys on hand long enough to support auditing incoming web traffic for malware and other attempted cyberattacks.
However, the most recent iteration TLS 1.3, released in 2018 has challenged the subset of businesses that are required by law to perform these audits, because the 1.3 update does not support the tools the organizations use to access the keys for monitoring and audit purposes. Consequently, businesses have raised questions about how to meet enterprise security, operational, and regulatory requirements for critical services while using TLS 1.3. Thats where NISTs new practice guide comes in.
The guide offers six techniques that offer organizations a method to access the keys while protecting the data from unauthorized access. TLS 1.3 eliminates keys used to protect internet exchanges as the data is received, but the practice guides approaches essentially allow an organization to retain the raw received data and the data in decrypted form long enough to perform security monitoring. This information is retained within a secure internal server for audit and forensics purposes and is destroyed when the security processing is completed.
While there are risks associated with storing the keys even in this contained environment, NIST developed the practice guide to demonstrate several secure alternatives to homegrown approaches that might heighten these risks.
NIST is not changing TLS 1.3. But if organizations are going to find a way to keep these keys, we want to provide them with safe methods, said NCCoEs Murugiah Souppaya, one of the guides authors. We are demonstrating to organizations who have this use case how to do it in a secure manner. We explain the risk of storing and reusing the keys, and show people how to use them safely, while still staying up to date with the latest protocol.
The NCCoE is developing what will eventually be a five-volume practice guide. Currently available are the first two volumes the executive summary (SP 1800-37A) and a description of the solutions implementation (SP 1800-37B). Of the three planned volumes, two (SP 1800-37C and D) will be geared toward IT professionals who need a how-to guide and demonstrations of the solution, while the third (SP 1800-37E) will focus on risk and compliance management, mapping components of the TLS 1.3 visibility architecture to security characteristics in well-known cybersecurity guidelines.
An FAQ is available to answer common questions. To submit comments on the draft or other questions, contact the practice guides authors at applied-crypto-visibility [at] nist.gov (applied-crypto-visibility[at]nist[dot]gov). Comments may be submitted until April 1, 2024.
With all the cybercriminals and digital threats, you shouldnt pinch pennies when protecting your devices. Using free antivirus software can actually put you at risk. You need smarter, more robust tools to combat increasingly sophisticated hackers and scammers.
When it comes to antivirus software, you get what you pay for. Invest in a security suite that protects your computer and smartphone from todays threats. Invest in our sponsor, TotalAV.
New hacks, malicious codes and clever ways to break into your system are coming out nearly daily. Free antivirus software cant keep up with the latest threats.
TotalAV protects you from threats you didnt even know were there. Its system will scan, locate, quarantine and eliminate viruses, trojans, adware, spyware and more. Most free programs dont offer impressive vulnerability scans like this that work.
Theres even a TotalAV Safe Site browser extension that analyzes and blocks any suspicious websites before they can cause you harm. Install it on Google Chrome or Firefox to clear your cookies with just one click, launch a private browsing window and delete your browsing history.
The days of worrying about protecting just one device are over. We all have multiple gadgets, including smartphones, laptops and tablets. As you know, these are vulnerable to attacks if they connect to the Internet.
It doesnt matter which format you use, either. Whether you use a PC, Mac, iPhone, or Android, TotalAV has you covered. It safeguards Windows, Mac, and Android gadgets while keeping your iPhone and iPad running at peak performance.
TotalAV keeps devices secure with its all-in-one, cross-platform security software. And it works at home, in the office or on the go.
TotalAV isnt just about antivirus protection. It has a range of integrated optimization tools at your disposal.
Here is a quick overview of why choosing TotalAV is the best thing you can do for your digital protection:
So, to answer the question, Is paying for antivirus software worth it? Wed have to go with a resounding yes. Dont wait until your device becomes infected. Turn to TotalAV today.
Go to ProtectWithKim.com to save 85% on total protection you cantrust. What are you waiting for?
Read more here:
Our pick for the best antivirus software you can trust - Komando
According to the company, the recent Cloudflare Okta breach has not caused any harm to any of the customers or users. However, the incident brought more questions about the Okta breach, which affects many different services and companies.
In todays digital world, online data security is constantly under threat, making news of cyberattacks almost routine. However, when a company like Cloudflarea leader in internet securityreports a breach, it grabs everyones attention, particularly when a nation-state is believed to be behind the attack. The Cloudflare Okta breach serves as a vivid reminder of the cyber dangers that loom in the shadows.
On November 14, Cloudflare found itself under attack. The intruders, suspected to be supported by a nation-state, targeted Cloudflares internal Atlassian server, aiming for critical systems, including the Confluence wiki, Jira bug database, and Bitbucket source code management.
This initial intrusion set the stage for a more aggressive attack on November 22, where the attackers established a strong presence on Cloudflares server, accessed the source code, and even attempted to infiltrate a console server tied to an undeveloped data center in So Paulo, Brazil.
The method of entry for the attackers was particularly concerning. They used credentials that were previously compromised during an Okta breach in October 2023, highlighting a critical oversight by Cloudflare in not rotating these credentials among the thousands affected, says Bleeping Computer.
Cloudflare CEO Matthew Prince, CTO John Graham-Cumming, and CISO Grant Bourzikas, said: They then returned on November 22 and established persistent access to our Atlassian server using ScriptRunner for Jira, gained access to our source code management system (which uses Atlassian Bitbucket), and tried, unsuccessfully, to access a console server that had access to the data center that Cloudflare had not yet put into production in So Paulo, Brazil. You can take a look at the full statement here.
1Password Okta breach unveiled by authorities
The companys response to the Cloudflare Okta breach was swift and comprehensive. Detecting the intrusion by November 23, they had cut off the attackers access by the following morning. A deep-dive investigation began three days later, leading to a robust response plan. Cloudflare rotated over 5,000 production credentials, isolated its test and staging systems, and conducted a forensic examination of nearly 5,000 systems. Every affected system, including all Atlassian servers and those accessed by the attacker, was refreshed.
According to CRN, despite the attackers attempts to breach the So Paulo data center, they were unsuccessful, and Cloudflare ensured the centers security by returning all equipment to manufacturers for a thorough check.
The remediation efforts concluded on January 5, yet Cloudflare continues to prioritize software hardening, credential management, and vulnerability management, showcasing their commitment to security.
Cloudflare has been transparent about the breachs limited operational impact, reassuring customers that their data and systems were not compromised. While serious, this incident did not affect Cloudflares services, network, or configurations. It serves as a testament to the companys quick response and the effectiveness of its security measures.
However, the breach revealed potential targets of interest to the attackers, including Cloudflares network architecture, security, and management systems. This insight into the attackers motives underscores the importance of continued vigilance and security enhancements.
Customer support users lose their data after the Okta hack
Cloudflares experience also sheds light on a previous security incident involving Okta, which affected Cloudflare among other customers. Despite these challenges, Cloudflares proactive and transparent approach to managing and mitigating the impact of these breaches stands as a model for the industry.
The recent security breaches at Cloudflare and Okta are powerful reminders that cyber threats are always evolving and can impact anyone. These events teach us valuable lessons on how to strengthen our defenses against cyberattacks. Heres a simpler breakdown of the main points and what actions we can take:
Cybersecurity needs constant attention. Keeping software and systems up to date helps close gaps that hackers might use to sneak in. The Cloudflare breach shows us why changing passwords and access keys regularly is important, especially after a security incident.
Extra layers of security, such as Multi-Factor Authentication (MFA), make it harder for hackers to get into your accounts. Using something you know (like a password) and something you have (like a code sent to your phone) can strengthen your security.
Everyone can accidentally open the door to hackers, often without realizing it. Regular training on spotting scams, like phishing emails, and following good security practices can make a big difference.
As cyber threats evolve, so must the strategies to combat them. Cloudflares response to this sophisticated breach exemplifies how companies can navigate the complexities of cyber security, ensuring resilience against the tactics of modern cyber adversaries.
Featured image credit: Cloudflare
Read the original here:
Cloudflare Okta Breach Doesn't Have A Big Impact, Company Says - Dataconomy
AMES The first of its kind Cybersecurity on the Farm Conference, offered by Iowa State University Extension and Outreach, will be held at the Iowa State University Alumni Center in Ames on Jan. 11, from 8:30 a.m. to 3:30 p.m.
Registration is available through Jan. 10, cost applies. Refreshments and lunch are included. Register online at https://go.iastate.edu/BPGFN4.
This one-day conference is designed to address the unique intersection of todays agriculture and cybersecurity. The resource fair will be available during the lunch hour and throughout the day and features experts and service providers at the juncture of farming and cyber tech.
For farmers, this workshop offers insights into the ever-evolving world of digital lending in farming and the shift toward online agricultural marketplaces. There will be critical discussions on the potential cyber threats that emerge when working in the agricultural sector. By the end of the day, farmers will be better equipped to navigate farming on the internet while keeping an eye on safety and security.
Through panel discussions with industry experts and a resource fair with trusted service providers, this conference is designed to support farmers as they work to create a seamless integration of cybersecurity into existing systems.
Register at the above site, or contact Madeline Schultz for more information at email@example.com or 515-294-0588.
It's that time of the year again, so while we wait for the final tick of the clock, let's look back over the past 365 days in the world of cybersecurity and predict what's coming next.
Throughout 2023 we saw the use of VPN services remain high as internet restrictions increased across the world, new privacy threats loomed, and governments enforced VPN censorship. The same goes for local and national-scale internet shutdowns, with Iran being the biggest perpetrator in the past 12 months.
It's not possible to talk about this year's cybersecurity landscape without mentioningAI. The boom of ChatGPT and similar tools have presented new challenges for online privacy, scams, and disinformation, but they certainly opened up new possibilities within the security software industry as well. At the same time, the race to bring encryption protections up to the post-quantum world has never been so fierce.
So, with these past events in mind, let's dive into our top 7 cybersecurity predictions to look out for in 2024.
As mentioned, in 2023, everyday people have increasingly turned to VPNs to access censored sites and apps, enjoy better online privacy, or simply boost their overall internet performance.
Short for virtual private network, a VPN is a security software that encrypts internet connections and spoofs IP addresses. As a result, VPNs are an incredibly versatile tooland they've never been more commercially accessible.
Experts expect this trend to consolidate during 2024, as censorship and privacy threats are on the rise. On this topic, Head of Product at Private Internet Access (PIA) Himmat Bains told me: "With the increasing of online scams and governments becoming more and more interested in people's data and what they do online, I think now than ever before VPNs are incredibly useful for customers to protect their most important access: their own digital privacy."
We already mentioned how generative AI shook the security industry this year, presenting it with a series of new threats to internet privacy and security.
Hackers have been using ChatGPT to write more effective malware, for example. Data-scraping practices behind these Large Language Models (LLMs) have also been worrying privacy experts. Online disinformation, deepfakes, and online scams are becoming more sophisticated, too, all thanks to AI tools.
Again, experts foresee this worsening throughout 2024especially considering that we still don't have proper AI regulations in place.
Andrew Whaley, the Senior Technical Director at Norwegian security firm Promon, said: "The emergence of advanced AI-assisted attacks, including deep fakes for social engineering and bypassing ID controls, can be anticipated. This raises the threat of AI being exploited for disinformation campaigns, with potentially major consequences for the upcoming US election."
As the name might suggest, passwordless authentication refers to the act of signing into a service without using a password. Instead, sign-in can be done with certificates, security tokens, one-time passwords (OTPs), or biometrics.
With data breaches on the rise, the industry has increasingly been moving in this more secure direction over the past few years, including the big tech giant Microsoft. Experts now expect a consolidation of the passwordless market in 2024.
Bassam Al-Khalidi, co-founder and co-CEO of passwordless solutions firm Axiad, said: "Next year, well start to see mergers between passwordless and credential management companies, which will create a new category in the authentication space: think passwordless plus. This movement will be similar to the consolidation we saw a few years back between identity management and access management companies, which resulted in the identity and access management (IAM) industry."
If, on the one hand, AI brought huge issues to people's privacy and security online, these powerful tools also have huge potential for doing good. That's why cybersecurity experts and software engineers will undoubtedly begin to harness their power more and more in 2024.
In August, NordVPN launched a new initiative aiming to do exactly this. NordLabswants to provide a platform for engineers and developers to test new ideas and approaches to ever-changing online security and privacy issues. A month later, the team launched Sonar, an AI-enabled tool to fight back against increasingly sophisticated phishing attacks.
"New emerging technologies raise challenges for cybersecurity, privacy, and internet freedom, but at the same time, they bring new opportunities. NordLabs will allow us to have additional flexibility when it comes to the development of experimental tools and services," said Vykintas Maknickas, the head of product strategy at Nord Security.
We are sure the new year will bring even more of these innovative AI-powered solutions.
The year of policymakers has been characterized by worldwide governments trying to regulate new technologies and the internet at large.
The long-awaited Online Safety Bill became law, despite heated debates. Similar proposed legislation, introducing stricter age verification rules and more power to check on people's communications in an attempt to protect children online, is also on the table elsewhere. So, we expect that we'll see new policies in 2024.
The race for a comprehensive AI Act has been fierce, too. The UK AI Summit ended with a world-first signed agreement among the UK, the US, China, and 25 more countries to develop safe and responsible AI software. The EU also managed to agree on the backbone of the future law, which is likely to become the go-to model for the West.
When it comes to data protection and privacy laws, the US took positive steps in Colorado and Virginia, finally enforcing privacy laws, but the ADPPA is still stalled at the time of writing. What's certain is that organizations will need to adapt their internal practice to keep up with an ever-changing environment.
Once again, internet shutdowns surged across the world in 2023. VPN provider Surfshark counted 42 instances affecting over 4 billion people in the first half of the year.
At the time, researchers pointed out how there was a 31% reduction in new internet restrictions compared to the same period in 2022. However, the decrease in new restrictions (from 42 in the first half of 2023 to 61 in the same period the year before) primarily resulted from the drop in cases acrossJammu and Kashmir(from 35 to only 2). Excluding this region, global restrictions suddenly increased by 54% compared to 2022, suggesting that digital freedoms across the world "may have worsened."
While it's not possible to say for sure, the data collected from 2015 onwards indicate that a spike in internet and social media shutdowns is, sadly, a very likely scenario we'll need to cope with next year.
Despite being a few years away from becoming commonplace, the threat of quantum computing to current encryption models is looming. That's because hackers in 2023 began to perform attacks deemed as "harvest now, decrypt later."
It's in this context that providers have been racing to implement quantum-resistant cryptography in their services. The list so far includes the encrypted messaging app Signal, secure email provider Tuta (previously Tutanota), and some VPN services, including ExpressVPN and PureVPN.
Again, we expect this trend to consolidate throughout 2024.
Compare today's best five overall VPNs on price
A smarter society, rise of the robots and security worries — Internet of Things predictions for 2024 – BetaNews
With ever increasing numbers of smart devices in our homes and workplaces, the Internet of Things has become an established facet of everyday life.
But like the rest of the technology industry the IoT isn't standing still. Here are some expert views on the opportunities and risks it's likely to present in 2024.
Eric Purcell, senior vice president of global partner sales at Cradlepoint, thinks the IoT will finally bring the 'smart' society to life -- from cities, to malls, to businesses. "From powering smart infrastructure to traffic management to smart parking, IoT devices throughout cities are actively creating seamless experiences and empowering the cities of the future In 2024, we'll see an increase in industries that leverage IoT devices to bolster connectivity opportunities to increase efficiency, bolster productivity, and meet the need for consumer and customer experiences. As such, we'll begin to see the inklings of a smart society as IoT-enabled establishments from shopping malls to public transportation to modern businesses take flight."
Felix Zhang, founder and CEO of Pudu Robotics, thinks the IoT will be a key part of a new robotic era. "If 2023 is the year of Gen AI, 2024 will be the year of the robot. As autonomous technology becomes more advanced and the integration of Gen AI makes robots more intelligent, we can expect to see robots in even more applications and places than just restaurants, warehouses, and factories. We are only years away (and in some cases months) from seeing robots in stores that can greet shoppers with personalized recommendations, clean and traverse large venues like casinos and outdoor spaces like amphitheaters, carry medicine in hospitals, and even monitor the elderly in senior living facilities. As robots gain more IoT-related controls, we anticipate architecture will follow, enabling robots to use elevators, control lights and other smart home devices, and literally open new doors."
However, Kevin Kumpf, chief OT/ICS security strategist at Cyolo, thinks this could be a double-edged sword:
In the coming year, industrial sectors will experience rising threats to OT and ICS security due to the increasing number of Industrial Internet of Things (IIoT). IIoT devices have historically enabled a wide range of advancements in smart factories, making them more efficient, safe and intelligent. For example, AI/ML-driven technologies can be used to automate factory lighting, monitor vital signs and performance metrics and enhance overall worker safety. AI-intelligent heavy machinery and recently deployed factory robot dogs can also assist in manufacturing processes and ensure the safety of workers in the field.
However, the accelerated integration of IIoT devices will also make organizations significantly more vulnerable to cyber threats. Smart factories generate lots of critical data, and this vast amount of information will become increasingly difficult to analyze and secure effectively, which can hinder its optimization and place organizations at risk of cyberattacks. This upcoming year and beyond, we'll see a growing demand for OT security experts, as there is currently a skills gap in this area which organizations will seek to be filled, especially as vulnerable smart technologies continue to be integrated within these environments.
Yaniv Vardi, CEO at Claroty, thinks generative AI will help handle data from IoT devices. "Generative AI will enhance the resilience of cyber-physical systems against AI-armed threat actors. With the rapid increase of IoT devices, there's an abundance of data, and generative AI will help harness this data for better security and operational insights. It will automate workflows and add better visibility into the attack surface which will in turn empower CPS defenders to anticipate malicious attacks."
Mike Nelson, vice president of digital trust at DigiCert, says devices will become more tamper-resistant. "As the world grows increasingly mobile and dynamic, device security is becoming more important than ever. With individual identity now frequently tied to smartphones and other devices, the root of identity must be specialized per device and per individual -- all protected under the umbrella of trust. We predict that more and more devices will be secured with identity and operational checks to confirm authenticity, enabling individuals to interact with devices that support everyday activity with the confidence that the devices are tamper-resistant and their information is secure. Increased levels of IoT trust will also open up more opportunities for particularly sensitive use cases, such as electric vehicle chargers and medical devices."
Ellen Boehm, SVP, IoT strategy and operations at Keyfactor, thinks cryptography will be part of this. "Similar to how AI has accelerated marketing content, AI will help developers iterate faster on designs and innovate features that might not have been possible through standard methods. The challenge with using any AI engine always comes back to proving the origin, authenticity, and record of how code has changed over time. This is where the new security vulnerabilities could be introduced into IoT products, if AI-based code development leverages an unknown source."
Rajeev Gupta, co-founder and chief product officer at cyber insurance company Cowbell, says, "The increasing connectivity of devices due to the Internet of Things (IoT) will likely create new vulnerabilities, making cybersecurity measures even more critical. As a result, there may be a growing demand for insurance coverage related to IoT security breaches."
VP of security services at Edgio, Tom Gorup thinks the IoT will drive more DDoS attacks:
DDoS attacks have been a thorn in the side of businesses for years, and it seems that they will not be letting up anytime soon. In fact, based on current trends and emerging technologies, DDoS attacks are on track to become even more frequent and larger in scale by the year 2024.
One of the reasons for this is the increasing availability of massive resources for cybercriminals to launch these attacks. Attackers are more often compromising web servers to run massive layer 7 or DDoS attacks, giving them more powerful compute capabilities to increase the intensity of their exploit attempts.
In addition, with the proliferation of Internet of Things (IoT) devices, more and more devices are becoming connected to the internet, which can be exploited by attackers to create massive IoT botnets for DDoS attacks. According to a recent report, the number of IoT devices is expected to reach 38.5 billion by 2025, providing cybercriminals with even more ammunition to launch DDoS attacks.
Seth Blank, CTO at Valimail, expects the IoT to come under attacks as other channels become more secure. "With advancements in email security, particularly through stringent authentication requirements, there will be a shift in the threat landscape. As email becomes more secure and less susceptible to attacks, attackers will pivot to other, less secure communication channels, such as SMS, phone calls, and IOT communications. This shift will reflect the adaptive nature of cyber-criminals, who continually seek out the weakest points in the security infrastructure, and highlight the ongoing challenge of maintaining a comprehensive security posture that evolves in response to the changing tactics of cyber attackers."
Debbie Gordon, founder and CEO of Cloud Range, echoes this view. "There will be a continued expansion of attack surfaces driven by Internet of Things (IoT) devices and a lack of security standards. As more devices become connected to the internet, entry points for cyber threats will become more present. The absence of uniform security standards for these devices will create more vulnerabilities and pose a risk to personal security."
Shankar Somasundaram, CEO at Asimily, says, "Healthcare organizations increasingly depend on vast fleets of internet-connected devices for patient care and outcomes. However, these devices come with thousands of new reported security vulnerabilities each month: an unparalleled challenge that no cybersecurity budget could surmount. In 2024, I think we'll see more healthcare organizations approaching this cybersecurity challenge by adopting risk-first strategies, and utilizing IoT device visibility to prioritize the 5-10 percent of vulnerabilities that represent true immediate risk considering their use cases, network configurations, and common cyberattacker practices. For healthcare organizations with limited budgets, this approach will optimize resources, and results."
Image credit: Jirsak / Shutterstock