September 2016

RSA Conference | The Rise of Nation-State Cyber Attacks Makes Encryption More Crucial Than Ever

  |   Allegis News, The Latest

 

By Robert R. Ackerman Jr | Founder & Managing Director of Allegis Capital

 

global_security_blogNo entity is immune from a cyber attack. A successful, jaw-dropping cyber assault against a seemingly impenetrable target occurred again last month. This time, the humbled target was the National Security Agency, the nation’s premier electronic eavesdropper. Three hundred megabytes of sophisticated code developed by the NSA to penetrate computer security systems was posted online for all to see. Shortly afterward, the NSA web site went down for almost a full day. In both cases, Russia is the suspected culprit.

Encryption is Crucial

I’ve argued before and today feel even more strongly that ubiquitous, top-flight encryption of data and communications is crucial to a healthy Internet, and that it should be continually strengthened, notwithstanding naysayers who say that law enforcement and other authorities should have a back-door key into systems. I respect the challenges confronting law enforcement, but this particular goal is unacceptable. The United States, its companies and its allies are being breached relentlessly, and the number of high-profile targets is rapidly escalating. We must do everything possible to mitigate this.

Nation-state actors—the world’s best-financed and most sophisticated culprits—have become extremely effective. Even presidential campaigns are being infiltrated, apparently driven by intense interest in how candidates would treat foreign countries and construct trade policies, and in who they would appoint to high-level positions. Campaigns also have lots of sensitive information on donors and internal deliberations.

 

Nation-State Cyber Attacks

Other prominent and successful nation-state cyber attacks, perpetrated by Russia, China and Iran, include:

  • The recent attack on the Democratic National Committee that stole and posted emails showing that former Democratic National Chairman Debbie Wasserman Schultz undermined Bernie Sanders’ chances of garnering the Democratic presidential nomination—an unprecedented cyber intrusion into national politics.

  • A breach of the Democratic National Committee earlier in the year in pursuit of the email accounts of Hillary Clinton and other luminaries as part of an intelligence-gathering operation. (Researchers say Donald Trump and the Republican National Committee weren’t targeted in this email phishing campaign because if focused on Gmail users, and the RNC doesn’t use Google for its email accounts.)

  • The penetration of the State Department’s unclassified email system in 2014 by Russian hackers. The culprit remained locked in on the government server for months.

  •  China’s targeting last year of the United States’ Office of Personnel Management computer systems, from which it stole information about roughly 23 million current and former federal employees. In so doing, China bypassed a federal government multi-billion-dollar intrusion detection and prevention system.

  •  An attack by Iran in 2013 on the computerized controls of a small dam 25 miles north of New York City, a test of the quality of U.S. infrastructure protection, as well as a series of cyberattacks in 2013 and 2014 on dozens of U.S. banks.

  • North Korea’s cyberattack on South Korea earlier this year, an attempt to hack into the nation’s railway control system and the computer networks of financial institutions. Separately, South Korea also accused North Korea of trying to hack into the smartphones of 300 foreign affairs, security and military officials. Forty phones were compromised.

Encryption Must Be Expanded

To more effectively combat these players and others, encryption is a necessity, not a luxury, and a technology that must be expanded and improved to protect against the sort of attacks cited above and others that target intellectual property. That’s why Mozilla, the creator of the Firefox browser, has always taken encryption seriously, and it’s why Google recently tweaked its search engine to favor web sites that encrypt. Google also changed its email system to offer users the ability to more easily encrypt email. Internet users depend on encryption every day, often without realizing it, to safely shop and bank online, among other things, and we must continue moving in this direction.

In addition, we must fight government agencies and law enforcement officials who propose policies that will harm user security through weakening encryption. They contend that strong encryption helps bad actors. The truth is that it helps everyone who uses the Internet. Their proposals to weaken encryption— especially requirements for backdoors—amounts to a big, exploitable flaw that would erode the security of everybody on the Internet.

The brouhaha earlier this year between the FBI and Apple—an attempt to force Apple to open up an iPhone used in a terrorist attack—has come and gone. But the Justice Department continues to take an aggressive stance toward software companies that use end-to-end encryption. The Justice Department is currently debating how to resolve a similar standoff with WhatsApp, the world’s largest mobile messaging service, in a dispute similar to the FBI-Apple affair.

The Latest Challenge: WhatsApp

In the past year, WhatsApp has been adding encryption to user communications. This has made it nearly impossible for the Justice Department to read WhatsApp messages related to a criminal investigation in which a federal judge approved a wiretap but investigators have been unable to circumvent encryption. Those who say a judge should force WhatsApp to help the government get the information it wants are flat-out wrong.

Fortunately, encryption technology is moving in the right direction overall. WhatsApp, Facebook (which owns WhatsApp), Google, Snapchat and others plan to extend encryption services in the near future.

Encryption is not above vulnerabilities. So financial institutions and others must remain diligent in discovering and fixing encryption implementation weaknesses that present possible attack avenues. They also must get ready for the day when the bad guys make huge strides in their ability to thwart an encryption algorithm. At that point, they will need to take new approaches to encryption. A new encryption paradigm may even be required.

The latter, in particular, would be a daunting task, but if push came to shove would have to be accomplished. At stake would be nothing less than the future of a freely used and ubiquitous Internet.

Robert R. Ackerman Jr. is founder and managing director of Allegis Capital, a Palo Alto, CA-based early stage venture capital firm specializing in cybersecurity.

Read more: The Rise of Nation-State Cyber Attacks Makes Encryption More Crucial Than Ever  | RSA Conference | September 20, 2016

Read More

Introducing WithMoji™ and WithMoji App – The First and Only Animated Emoji

  |   Allegis News, The Latest

By Lindsay Aamodt  |  September 8, 2016  |  IMVU News & Commentary

 

 

 

WithMoji logoIMVU today announced the standalone WithMoji app, the first and only app that gives users personal animated emoji for the new iOS 10 Apple iMessage App Store. IMVU also announced a whole new 3D mobile experience that makes socializing and messaging friends more fun and immersive than ever before.

As the leader in expressive communication and 3D animated emoji, IMVU has skyrocketed to #3 in the top grossing social applications, leveraging their proprietary SSR technology to become an emoji platform .

The free WithMoji app allows users to customize their own avatar, then select from hundreds of emotions to bring their avatar and their conversations to life with animation. The result is the user’s own 3D animated emoji, which is more expressive than typical cartoons and stickers, to share with friends in the new iOS 10 Apple iMessage app.

“IMVU avatars are the vehicle for users to uniquely express themselves to make emotional connections,” says Brett Durrett, CEO of IMVU. “Now, using our WithMoji platform, which couples animated expressions with infinitely customizable avatars, and our 3D mobile experience, we will change the way people communicate universally.”

With over six billion emoji sent worldwide each day in 2015 , and growing 20 percent month-over-month in 2016, emoji as a visual digital language enables the expression of a nuanced range of thoughts and complex feelings. IMVU brings to life that otherwise static sticker or yellow smiley face through the animation of a user’s personalized avatar – their infinitely customized self representation (ranging from a dancing banana to the high fashion self they always dreamed of). The result is an incomparable way for users to convey what words and static emoji cannot.

Also announced today, IMVU is releasing a whole new 3D mobile experience with the following updates:

  •  Group WithMoji – The first and only personal animated emoji coupled with friends to communicate cooperative actions, like cheers, giving a hug, dancing together, and more.
  • WithMoji Shop allows users to buy themed packs of WithMoji like Romance, Celebration, Dance, Attitude, and many more to be released monthly.
  • To continue the immersive chat experience that IMVU users enjoy on the IMVU WebGL platform, IMVU iOS users are now able to keep up with their friends in 3D rooms where they can chat, move about, and have a 360 degree view of their IMVU experience at their fingertips.

IMVU Mobile is available for free on iOS and Android. Additionally, iOS users can now enjoy sending personal animated emoji using the free WithMoji standalone app available in the iOS 10 Apple iMessage App Store. For more information, visit the WithMoji website.

News distributed by IMVU Inc.

Article found here http://blog.imvu.com/

Read More

Signifyd racks up $19 mln

  |   Portfolio News, The Latest

By Iris Dorbian  |  September 8, 2016  |  PE Hub Network

 

 

San Jose, California-based Signifyd, a provider of fraud protection for ecommerce businesses, has raised $19 million in funding. The investors were Menlo Ventures, TriplePoint Capital and American Express Ventures.
San Jose, Calif. – September 02, 2016 – Signifyd, the fastest-growing provider of fraud protection for e-commerce businesses, today announced it has secured $19 million in capital from Menlo Ventures, TriplePoint Capital and American Express Ventures. This announcement comes on the heels of Signifyd’s $20 million Series B round in February 2016, which included funding from Menlo Ventures, Allegis Capital, IA Ventures, QED Investors, Bill McKiernan and Tim Eades. This latest investment allows Signifyd to scale its infrastructure and further optimize its best-in-class machine learning technology.

E-commerce businesses do not have the time and resources to effectively combat fraud on their own, resulting in lower margins from chargebacks, people costs and declined orders from legitimate customers. Signifyd’s unique 100 percent financial guarantee against fraud allows merchants to see up to 20% increases in margins. Under Signifyd’s guarantee, Signifyd will pay for any fraud costs stemming from a transaction if Signifyd approved the transaction. Merchants of any size can use Signifyd to drive cash flow predictability by completely eliminating fraud losses.

Existing solutions only provide retailers with a cryptic score based on rules, and rely on human expertise to ultimately decide whether or not to accept a transaction. Signifyd has created a new class of risk-assessment technology, using cutting-edge machine learning algorithms that leverages the data of the programmable web. Signifyd simply tells merchants whether or not a purchase is legitimate and if they should ship the product, while guaranteeing every transaction it approves.

“We’re thrilled to partner with Menlo Ventures and American Express,” said Raj Ramanand, CEO and Co-founder of Signifyd. “They are pioneers in financial innovation, enhancing core capabilities and accelerating digital commerce. Our unique approach to delivering a 100% financial guarantee is disrupting digital commerce by driving cash flow predictability to businesses. This was previously not possible and our growth validates the appetite in the market.”

“Merchants of all sizes have a growing need for fraud-management solutions as more consumers shop online,” said Rohit Bodas, Partner, American Express Ventures. “By leveraging machine learning and providing a 100% guarantee, Signifyd is making it possible for even the smallest merchants to combat fraud and achieve measurable cost savings in the process.”

Signifyd was founded by ex-PayPal fraud and risk experts, Raj Ramanand and Mike Liberty. At the end of 2015, the company announced that it had increased to a run rate of $5.6 billion in transaction volume, with an 8x year-over-year revenue growth, and tripled its number of employees. Signifyd now serves over 5,000 e-commerce companies, including several Fortune 1000 retailers such as Jet.com, Lacoste, and Peet’s Coffee & Tea.

For more information about Signifyd, please visit www.signifyd.com.

About Signifyd

Signifyd was founded on the belief that e-commerce businesses should be able to grow without the fear of fraud. Signifyd solves the challenges that growing e-commerce businesses persistently face: billions of dollars lost in chargebacks, customer dissatisfaction from mistaken declines, and operational costs due to tedious, manual transaction investigation. E-Commerce Assurance, Signifyd’s financial guarantee protecting online retailers in the case of chargebacks, is supported by a full-service machine learning platform that automates fraud prevention allowing businesses to increase sales and open new markets while reducing risk. Signifyd is in use by companies on the Fortune 1000 and Internet Retailer Top 500 list. Signifyd is headquartered in San Jose, CA.

News distributed by PE Hub Network

Article found here https://www.pehub.com

 

Read More