L’Unione Europea riabilita Kaspersky ? Sembra di si, ma senza clamore...

E’ molto interessante notare come l’unione europea, spinta dal sacro fuoco della cyber defence, si sia spinta in passato in acque tempestose.

E’ di questi giorni un articolo firmato da Pierluigi Paganini su Security Affairs in cui si rende giustizia alla società russa Kaspersky, accusata dal Parlamento Europeo di produrre dei sistemi riconosciuti pericolosi, si legge infatti nel « Report on cyber defence» n. A8-0189/2018 dello scorso 25 maggio 2018 (pag. 19 e 20) :

“Calls on the EU to perform a comprehensive review of software, IT and communications equipment and infrastructure used in the institutions in order to exclude potentially dangerous programmes and devices, and to ban the ones that have been confirmed as malicious, such as Kaspersky Lab”

Il Report, interessantissimo per tanti aspetti, in particolare perché da evidenza dei programmi europei in corso di sviluppo nel settore cyber é stato criticato da vari stati che non hanno riscontrato attività di spionaggio condotte dai software Kaspersky ai danni dei clienti (per lo meno niente di diverso da quanto facciano tutti, raccolta di informazioni e Analisi allo scopo di prevenzione e individuazione di minacce cyber ).

Il report é stato ancora oggetto di interesse da parte di un deputato europeo belga, Gerolf Annemans, che il 6 marzo scorso ha chiesto spiegazioni relative a quanto affermato nel Report :

“Designating programmes and companies as ‘dangerous’ from the point of view of cyber defence

On 13 June 2018, the European Parliament adopted a Resolution on cyber defence. Paragraph 76 names a private business, namely Kaspersky Lab, whose programmes it brands ‘dangerous’ and even ‘malicious’, without any further explanation.

1. Does the Commission know of any reason other than certain press articles that justifies the labelling of Kaspersky as ‘dangerous’ or ‘malicious’, especially since Member States such as Germany, France and Belgium do not perceive any problems with cooperation with the firm concerned.

2. Does the Commission know whether any programmes and devices other than those of Kaspersky were discussed with a view to an EU ban?.

3. Does the Commission know of any reports or opinions of cyber experts or consultancies about Kaspersky Lab, and can it give me references to them? “

Stimolando di fatto la risposta scritta della Commissione Europea che con la risposta n. P-001206/2019(ASW) ha dovuto fare marcia indietro affermando di fatto di essersi sbagliati.

La Commissione infatti ha risposto di « … Commission is not in possession of any evidence regarding potential issues related to the use of Kaspersky Lab products. The Commission is following closely debates and developments concerning the security of IT products and devices in general, including discussions about potential measures related to access to the EU market. The EU is an open market, which can be accessed by foreign companies in compliance with EU rules. In addition, Member States have the competence to decide whether to exclude companies from their markets for national security reasons. Regarding reports or opinions published concerning the issue raised by the Honourable Member, the Commission did not commission any reports.”

Ora, mi preme soffermarmi su alcune considerazioni:

- a seguito del report del 2018 diversi paesi europei hanno bandito i prodotti Kaspersky dal proprio mercato nazionale, é il caso di UK, Lituania e Paesi Bassi. Il Report del 2018 infatti non lasciava adito a dubbi. Il comportamento ha dunque arrecato danno alla Società Kaspersky che probabilmente farà valere le sue ragioni in altra sede (magari legale !) ;

- la risposta della Commissione indica chiaramente di non possedere evidenze, contrariamente a quanto precedentemente affermato, ma aggiunge che non sarà commissionato alcun Report per approfondire la questione, relegandola cosi a « problema risolto, non degno di altra pubblicità… », cosa per lo meno dubbia. Infatti, sia che l’errore si sia verificato inizialmente indicando kaspersky Lab come non degna di fiducia, sia che l’errore sia commesso ultimamente, sarebbe logico dare luogo ad approfondimenti che dovrebbero essere resi pubblici in quanto vi potrebbero essere delle conseguenze sulla sicurezza cyber dei paesi membri (utilizzare o meno un prodotto significa infatti fare policy di sicurezza e non solo !!) ;

- si parla tanto dei prodotti di Cina e Russia e di presunte «problematiche di sicurezza» legate alla collaborazione tra le società e gli Stati di reciproca appartenenza (vedasi Huawey e Kaspersky… solo a titolo di esempio) ma non si parla affatto di quanto é accaduto nel tempo con prodotti di produttori occidentali e dei presunti atti di spionaggio da loro compiuti, perché? Se l’interesse é realmente quello di proteggersi, allora nella lista del Report Cyber UE potevano essere inclusi tanti altri «sospetti»…

Tutto cio’ per dire che, forse, é opportuno approfondire e fare attenzione ai giudizi affrettati, spesso forieri di decisioni errate e alle quali non sempre é possibile fare fronte semplicemente innestando la marcia indietro. A volte la mancanza di fiducia (immeritata) puo’ causare ferite difficili da rimarginare.

Alessandro Rugolo

Per approfondire:

- https://securityaffairs.co/wordpress/84022/breaking-news/european-commission-kaspersky.html

- http://www.europarl.europa.eu/doceo/document/A-8-2018-0189_EN.pdf?redirect

- http://www.europarl.europa.eu/doceo/document/P-8-2019-001206_EN.html

- http://www.europarl.europa.eu/doceo/document/P-8-2019-001206-ASW_EN.html

La Francia si impone alla Locked Shield 2019

Se pur la Locked Shield non è altro che una esercitazione, dunque con tutti i limiti del caso, si tratta di un evento importante nel panorama Cyber mondiale  e, almeno così sembra, la Francia ha raggiunto il suo obiettivo: vincere! Repubblica Ceca e Svezia si sono classificate rispettivamente seconda e terza. 

L'anno scorso vi era arrivata vicinissima, seconda dopo il team NATO e davanti ai vincitori del 2017, il team della Repubblica Ceca.  

Per la Francia non si può certo dire che si tratti di un caso, chi segue da vicino lo sviluppo della materia non avrà difficoltà a riconoscerlo.

L'organizzazione cyber nazionale francese e quella militare hanno infatti usufruito di un trattamento attento da parte delle istituzioni e delle necessarie risorse. Negli ultimi anni infatti sono stati realizzati investimenti in tutta la Francia, stimolando la nascita di start-up e la crescita della cultura cyber, sia nelle organizzazioni statali che tra le imprese e i cittadini. Il distretto di Rennes, con il suo "Pôle d’excellence Cyber", è divenuto il motore dello sviluppo del settore. 

Inoltre la recente esercitazione nazionale francese, "Defnet 2019", svoltasi tra il 18 e il 29 marzo, nel corso della quale tra le novità è stato posto in risalto il ruolo del nuovo sistema di scambio di informazioni "Cybercodex" testato da tutti gli attori della catena di cyberdefence. 

L'esercitazione Locked Shield 2019 prevedeva Blue Teams in difesa dei circa 4000 sistemi IT virtuali rappresentanti i sistemi nazionali, e Red Teams in attacco, responsabili di circa 2500 attacchi. I Blue Teams in primo luogo sono stati chiamati a proteggere servizi vitali e infrastrutture critiche per la sopravvivenza della nazione che rappresentavano ma anche a prendere decisioni strategiche, assieme ai decisori civili o a compiere analisi di intelligence e forense.

Al secondo posto la Repubblica Ceca, che si conferma tra gli stati più attivi e avanzati nel campo.

Alessandro Rugolo 
   
- https://www.ccdcoe.org/news/2019/france-wins-cyber-defence-exercise-locked-shields-2019/
- https://www.defense.gouv.fr/espanol/ema/transformation/actualites/defnet-2019-une-mobilisation-toujours-plus-accrue
- http://www.ccdcoe.com/news/2018/nato-won-cyber-defence-exercise-locked-shields-2018/
- https://www.scmagazineuk.com/czech-team-wins-locked-shields-2017-cyber-defence-exercise-tallinn/article/1474758
- https://www.rennes-business.com/fr/nos-secteurs-dexcellence/cybersecurite
- https://www.itu.int/en/ITU-D/Cybersecurity/Documents/draft-18-00706_Global-Cybersecurity-Index-EV5_print_2.pdf
- https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2017-R1-PDF-E.pdf

Apple to host annual Worldwide Developers Conference June 3-7 in San Jose

Press release

Cupertino, California — Apple today announced it will host its annual Worldwide Developers Conference in San Jose from June 3 through June 7 at the McEnery Convention Center. Now in its 30th year, Apple’s biggest event will bring together the world’s most innovative and creative developers. With more than 1.4 billion devices now running iOS, macOS, watchOS or tvOS, WWDC 2019 will give attendees insight into the future of these platforms and work alongside the Apple engineers behind the technologies and frameworks developers rely on. 

WWDC 2019 will deliver the latest Apple news from the keynote stage and celebrate the breakthrough work of developers who are creating new experiences in areas including machine learning, augmented reality, health and fitness, and more. This year’s program will feature technical sessions, hands-on labs and guest speakers to provide Apple’s existing developer community and the next generation of app developers with the knowledge and tools to help turn their next great idea into reality.   

“WWDC is Apple’s biggest event of the year. It brings thousands of the most creative and dedicated developers from around the world together with over a thousand Apple engineers to learn about our latest platform innovations and to connect as a community,” said Phil Schiller, Apple’s senior vice president of Worldwide Marketing. “Our developers are incredibly passionate about creating the next generation of mind-blowing experiences for the world through apps. We can’t wait to get together whith them and share what’s next.” 

Developers can apply for tickets today through March 20 at 5 p.m. PDT through the WWDC website. Tickets are issued through a random selection process, and developers will be notified of their application status by March 21 at 5 p.m. PDT. Developers and Apple enthusiasts everywhere can live-stream the conference on the WWDC app for iPhone, iPad and Apple TV as well as through the Apple Developer website. 

Students are an integral part of the Apple developer community, and last year WWDC saw attendance from student developers spanning 41 different countries. Up to 350 WWDC scholarships are available this year, providing students and members of all STEM organizations an opportunity to earn a free ticket and lodging for WWDC. Details on how to apply are now available on the WWDC website. 

https://www.apple.com/newsroom/2019/03/apple-to-host-annual-worldwide-developers-conference-june-3-7-in-san-jose/

“From Cloud to Cloud Intelligence” – Alibaba Cloud Outlines Strategic Upgrade after a Decade of Success

Press release

Product launches in China to broaden Internet and digital technology adoption and empower ecosystem.

Beijing, March 21, 2019 – Alibaba Cloud, the cloud computing and data intelligence arm of Alibaba Group, unveiled at its Beijing Summit the new strategy to develop the company into a more technologically inclusive platform. Jeff Zhang, President of Alibaba Cloud and Chief Technology Officer of Alibaba Group, for the first time elaborated publicly on the strategic upgrade of the business – evolving to serve as a key component of the Alibaba Business Operating System, and empowering customers and ecosystem partners to win in the digital era. Over 3,000 ecosystem partners and industry practitioners attending the Summit have shared the development journey of the company over the past 10 years.

Cloud computing is becoming the main business focus of Alibaba Group and over the past decade Alibaba Cloud has been the technology and public cloud platform underpinning the entire Alibaba economy from e-commerce and payment, to logistics and supply chain management. The scalability, reliability, and security of Alibaba Cloud are paramount to the business and the platform has successfully sustained real-world tests on a daily basis, most notably during the Alibaba 11.11 Global Shopping Festival, the scale of which provides one of the biggest stress tests possible. Businesses of all sizes have leveraged these proven successes to grow and innovate in China and overseas.

Becoming an enabler of SaaS
“Alibaba has championed cloud computing in China over the past 10 years and has been at the forefront of rapid technology development. Today, Alibaba Cloud not only provides infrastructural support to the entire Alibaba economy but has also developed proven technologies to empower millions of customers in China and worldwide, significantly lowering cloud adoption barriers, ensuring inclusive access, and enabling collaboration throughout the ecosystem,” said Jeff Zhang.

“In the future, our highly compatible and standards-based platform will allow SaaS partners to onboard easily and thrive. The offerings will also be enriched by our continued investment in research through the Damo Academy, that will align data science with the development of our products. To empower all participants in our ecosystem, we will boost the integrated development of technology, products and services on our open platform,” he added.

Alibaba Cloud is the IaaS market leader in China with a larger share than the sum of the second to eighth players. The development of the IaaS market meant that in 2018, the cost of technology adoption for businesses in China has reduced significantly compared to 10 years ago.

New product launches to facilitate cloud adoption in China
Adoption of the cloud is expected to continue and become more immersive in the traditional sectors across China. The importance of digital intelligence will become more apparent as enterprises need to derive deeper business insights, make data-driven decisions, and take real-time actions. Alibaba Cloud will continue to invest in technological research and development, ensuring that the company has the capability to offer powerful computing and Internet-based technology products for the further adoption of cloud and data intelligence.

Over the past decade, Alibaba Cloud has developed 162 products and activated 4,610 product features and functions, an average of more than one a day. At the summit, the company announced a full suite of new products in China, with 3 highlights – a super-computing product, a cloud-native database as well as the accelerator to boost the SaaS ecosystem:

• X-dragon Super-Computing Cluster instance SCC-GN6: The most powerful super-computing bare-metal server instance launched by the company to date, with the capability to enhance the cluster performance by more than 100%. This new instance provides 50 Gbps of RDMA networking throughput, 96 custom Intel Skylake vCPUs, 8 NVIDIA V100 Tensor Core GPUs, providing a total of 1000 TFlops to computational throughput, and high-performance parallel file system CPFS with 1TB/s R/W throughput. SCC-GN6 supports supercomputing scenarios such as autonomous driving, machine interpretation, natural language processing and recommendation systems.
• PolarDB: A cloud-native relational database service that is designed for enterprise-grade database applications. PolarDB is compatible with Oracle, MySQL and PostgreSQL and offers excellent scalability with the architecture of hardware-software co-design. It can scale up to 88vCPUs and 710GB of memory and allows customers to pay for usage by the minute, enabling customers to handle a business peak traffic while minimizing cost. It can also scale up to 100TB in storage which helps customers cope with big data development.
SaaS Accelerator: A highly efficient and agile platform where ecosystem partners can easily build and launch SaaS applications and leverage Alibaba’s proven business and technology know-how. The accelerator helps SaaS customers quickly deploy and test their applications on the cloud, shorten the implementation lifecycle, and accelerate time-to-market. It features an intuitive, drag-and-drop interface and launch kit while remaining highly compatible with other application programming interfaces (APIs). With the accelerator, a smart SaaS application can go live in as little as five days.

For more information about 2019 Beijing Alibaba Cloud Summit and to view Jeff Zhang’s keynote speech from the event, go to: https://yunqi.youku.com/2019/beijing/meeting

About Alibaba Cloud
Established in 2009, Alibaba Cloud (www.alibabacloud.com), the cloud computing and data intelligence arm of Alibaba Group, is among the world’s top three IaaS providers, according to Gartner, and the largest provider of public cloud services in China, according to IDC. Alibaba Cloud provides a comprehensive suite of cloud computing services to businesses worldwide, including merchants doing business on Alibaba Group marketplaces, start-ups, corporations and government organizations. Alibaba Cloud is the official Cloud Services Partner of the International Olympic Committee.

https://www.alibabagroup.com/en/news/article?news=p190321

How It Works Why Quantum XC News & Resources About Us Contact Quantum Xchange Gains Industry Momentum; Addresses the Shortcomings of Modern Day Encryption

Press release

Company is Positioned for Continued Expansion in 2019 Following Notable Recognition 

Bethesda, MD – Feb. 26, 2019 – Quantum Xchange, provider of the first quantum key distribution (QKD) network in the U.S., today announced their continued upward momentum, marked by numerous industry awards and earned speaking engagements scheduled for the first half of the year. Quantum Xchange is recognized as a provider of the most secure, hardened encryption available to address the shortcomings of today’s encryption standards, and the imminent threat of quantum computers. Today, Quantum Xchange offers commercial enterprises and government entities quantum communications  over unlimited distances.

“Since our formal company launch in June 2018, Quantum Xchange has accomplished some incredible things, not the least of which was to initiate, for the first time in the United States, quantum key travel from Wall Street, under and across the Hudson River and past the Statue of Liberty to northern New Jersey,” said John Prisco, President and CEO, Quantum Xchange. “Our developments will ensure the future of encryption regardless of quantum computing power, and we are grateful to offer a solution that is effective today while nefarious actors harvest and stockpile data that they will read when a suitable quantum computer is available.”

In January, Prisco was named a 2019 Cyber Star by DCA Live, a list that honors the entrepreneurs, investors, and community leaders who are solving big problems, and creating jobs and $ billions of new wealth in the greater Washington region. Taking the company’s vision further across the U.S., Prisco will speak at events in both San Diego and Boston next month. Starting with the Optical Society’s (OSA) OIDA Executive Forum, Prisco will serve as a panelist for the Commercial QKD and Encryption session on March 4. He will then present the QKD Hardware Markets session on March 20 at the Inside Quantum Technology event, The Future of Quantum Computing, Quantum Cryptography and Quantum Sensors.

In between these events, Quantum Xchange will spend a week at the RSA Conference in San Francisco, where newly appointed advisor Whitfield Diffie will present on the Cryptographer’s Panel on March 5. Shortly after, Prisco will make a special appearance at South by Southwest (SXSW) in Austin, Texas where the company’s quantum fiber network, Phio, will exhibit as a finalist for the SXSW Interactive Innovation Awards.  Attendees of the events that Prisco is set to speak at, and attend, in the coming weeks will gain comprehensive insights into the commercial future of all areas of quantum technology, including the latest opportunities in areas such as financial services, pharma and specialty chemical, healthcare, automotive and transportation, defense, government and R&D.

As a provider of quantum key distribution and secure communications, Quantum Xchange gives commercial enterprises and government agencies the ultimate defense to keep high-value data safe – today, tomorrow and in the future. For more information about Quantum Xchange, please visit https://quantumxc.com/.

https://quantumxc.com/quantum-xchange-gains-industry-momentum-addresses-the-shortcomings-of-modern-day-encryption/

HOSTKEY Deploys AMD EPYC™ Processors for Customers Needing Powerful Performance on Virtualized, HPC and Parallel Workloads

Press release

AMD EPYC 7281 and EPYC 7401P processors’ reliable and powerful hardware supports internet solutions and services for HOSTKEY customers

SANTA CLARA, Calif. 02 april

2019 

Today, AMD (NASDAQ: AMD) and HOSTKEY, a leading cloud solutions company representing clients across Europe, Russia and North America, has announced the release of AMD EPYC^TM processor-based servers across HOSTKEY’s infrastructure. This new deployment of AMD EPYC CPUs offers differentiated features, core-count, connectivity and memory bandwidth to HOSTKEY customers running virtualized environments and high-performance computing workloads.

The new HOSTKEY platform uses the 16-core AMD EPYC™ 7281 and 24-core EPYC™ 7401P processors delivered on Gigabyte platforms, which have support for up to 8-channels of RDIMM/LRDIMM DDR4 memory and 128 lanes of ultra-fast PCIe® Gen3 x4 connections to support increased user demand.

“AMD EPYC processors in single or dual-socket configurations enable HOSTKEY to provide a greater variety of services to our customers, expanding upon the available options for their processing needs,” said Anton Malina, Head of the Netherlands Datacenter Infrastructure. “As a leading provider of services in the regions we support, we are excited to work with a leader in the datacenter industry, AMD, to make the performance of AMD EPYC available.”

“We are excited to work with HOSTKEY and provide their customers with access to the AMD EPYC 7281 and EPYC 7401P processors. These AMD EPYC powered servers give HOSTKEY customers a new choice for running their virtualized, HPC or parallel processing workloads, while still experiencing the great service and support expected from HOSTKEY,” said Daniel Bounds, senior director, Datacenter Solutions, AMD

How to Access AMD Servers on HOSTKEY

AMD EPYC based servers are now available in the Netherlands. Customers can order their server with a configuration of choice on the HOSTKEY company site. The basic AMD EPYC 7281 processor-powered Servers, with 32GB RAM and 2x240GB SSDs, are available from €119/month. All HOSTKEY servers come with protection from DDoS-attack.

Additional Resources

• Learn more about AMD EPYC at AMD.com
• Follow AMD datacenter developments on Twitter @AMDServer

About AMD

For more than 45 years AMD has driven innovation in high-performance computing, graphics and visualization technologies ― the building blocks for gaming, immersive platforms and the datacenter. Hundreds of millions of consumers, leading Fortune 500 businesses and cutting-edge scientific research facilities around the world rely on AMD technology daily to improve how they live, work and play. AMD employees around the world are focused on building great products that push the boundaries of what is possible. For more information about how AMD is enabling today and inspiring tomorrow, visit the AMD (NASDAQ: AMD) website, blog, Facebook and Twitter pages.

About HOSTKEY

HOSTKEY provides dedicated and cloud infrastructure hosting services based in ultra-modern data centers to corporate as well as private clients. Our infrastructure is applicable to dedicated and hybrid solutions. HOSTKEY is available in Amsterdam, Moscow and New York. Our partners include such companies as Microsoft, NGINX, cPanel, RETN, Huawei, AMS-IX, Serverius, DataPro and many others. The experience and professionalism of our employees ensure high quality and prompt rendering of services requested, from installation to administering and full support of a client`s IT system.

Bitdefender Given 5-star Rating in CRN's 2019 Partner Program Guide for the 4th Year in a Row

1 april 2019 Press Release 

Annual Guide Recognizes the IT Channel’s Top Partner Programs

Bitdefender, a leading global cybersecurity company protecting over 500 million systems worldwide, announced today that CRN®, a brand of The Channel Company, has given Bitdefender a 5-Star rating in its 2019 Partner Program Guide. This annual guide identifies the strongest and most successful partner programs in the channel today, offered by the top technology suppliers for IT products and services. The 5-Star rating recognizes an elite subset of companies that offer solution providers the best partnering elements in their channel programs.

To determine the 2019 5-Star ratings, The Channel Company’s research team assessed each supplier’s partner program based on investments in program offerings, partner profitability, partner training, education and support, marketing programs and resources, sales support, and communication.

The Bitdefender global Partner Advantage Network is tailored to support each partner type in the most effective way. Constant innovation with a sharp focus on benefits for partners is the number one priority. As such, partners are entitled to many benefits including, sales and marketing tools, financial protected incentives, new opportunity registration, leads program, competitive training and certifications, and hands-on training. 

“With new technologies emerging every year, evaluating which IT vendors to partner with grows increasingly more complex for solution providers,” said Bob Skelley, CEO, The Channel Company. “We are proud the CRN Partner Program Guide has become the trusted resource to identify the most rewarding partner programs and provides crucial insight into their strengths and benefits for the channel.”

“As always, the Bitdefender team remains committed to our promise of ease of doing business and ly responding to our partners’ business needs,” said Joe Sykora, VP Global Sales and Channels at Bitdefender. “With integrated tools and comprehensive support, Bitdefender delivers high-quality service and technology.”

The 2019 Partner Program Guide will be featured in the April issue of CRN and online at www.CRN.com/ppg 

https://www.bitdefender.com/news/bitdefender-given-5-star-rating-in-crn&039;s-2019-partner-program-guide-for-the-4th-year-in-a-row-3657.html