Displaying items by tag: cybersecurity
On Thursday, WikiLeaks founder Julian Assange was arrested by British Police at the embassy of Ecuador in London.
The 28 EU members have been asked to share some data to assess any risks involved with the rollout of 5G technology in Europe, according to Reuters.
The Reuters report stated that Andrus Ansip, head of the European Commission, is set to make the recommendations on Tuesday.
Ansip plans to use the processes which are outlined in the directive on network and information systems from 2016 and has also very recently passed the Cyber Security Act.
For the past couple of years, the US has been trying to dissuade its allies from benefitting Chinese businesses, namely Huawei. The US and Huawei have been at odds recently with regards to 5G deployment. Washington has claimed that Huawei’s products could be used to spy on other countries by the Chinese government which they have no solid proof of. Huawei sued the US on 7 March.
Many countries have not reacted to the claim. However, Australia and New Zealand have barred the use of Huawei gear.
With the UK leaving the EU soon, it is still uncertain whether they will follow the European Commission’s suggestion. Last month at a conference in Brussels, the head of the UK’s National Cybersecurity Centre, Ciaran Martin, said that any threat posed by Huawei was manageable.
“Because of our 15 years of dealing with the company and 10 years f a formally agreed mitigation strategy which involves detailed provision of information, we have a wealth of understanding of the company,” said Martin.
He continued, “We also have strict controls for how Huawei is deployed. It is not in any sensitive networks, including those of the government. Its kit is part of a balanced supply chain with other suppliers. Our regime is arguably the toughest and most rigorous oversight regime in the world for Huawei.”
On 9 April, an EU-China summit will take place where discussions surrounding this topic will be held alongside other relevant topics pertaining to the Chinese economy.
Security researcher Victor Gevers has uncovered a database of 1.8 million women in China who have their names, addresses, marital status, education levels, and phone numbers listed however the most troubling part of this database is the fact that women of a certain age group were also categorized as “breed ready”.
Gevers has said that anyone with an IP address has access to this database. This comes after his discovery of the Chinese database that leaked 300 million private messages last week.
“We don’t know who is behind this database and what the intention was… that is the part that worries us the most,” said Gevers. Most of the women in the database were located in Beijing.
Gevers reported the database on Twitter and had it closed down by 4am ET on Monday.
Some of the women are linked to their Facebook profiles and as Facebook is banned in China, they must have accessed it through the use of a VPN.
“In China, they have a shortage of women. So an organization started to build a database to start registering over 1.8 million women with all kinds of details like phone numbers, addresses, education, location, ID number, marital status, and a “BreedReady” status?” he tweeted.
Also, around 90 per cent of the women on that list were listed as single and were between the ages of 15 and 95. The “BreedReady” women were categorized, the youngest status was given to 18 year olds and the oldest with the status was 39.
The purpose of this database still remains uncertain however, many internet users said that it may have been the Chinese government’s effort to track the fertility of Chinese women as China’s birth rate has hit an all-time low.
China’s National Statistics Bureau found that only 15 million children were born in 2018 which was 2 million less than the previous year.
The House of Lords has called for a new central digital super-regulator to be created in order to inspect the different bodies protecting the internet and to replace the ‘clearly failing’ system of self regulation in place.
The Lords’ communications committee report has recommended a new Digital Authority. The report warns that the contribution of several regulators for the digital realm can be more problematic than helpful as it creates overlaps and gaps.
The report also states that large tech companies have failed to tackle cybersecurity issues and Ofcom should, in the future, expand their services to involve implementing a duty of care on those companies.
Lord Gilbert of Panteg, Chair of the committee, stated: “The government should not just be responding to news headlines but looking ahead so that the services that constitute the digital world can be held accountable to an agreed set of principles.”
He continued: “Self-regulation by online platforms is clearly failing and the current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation. Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people’s lives.”
The Lords said that the new Digital Authority should be guided by 10 guiding principles pertaining to online regulation. Some of these basic principles include: transparency, parity, recognition of childhood, accountability, privacy and human rights.
Last month, a Digital Culture, Media and Sport committee held Facebook responsible for being run by “digital gangsters” and as a result, recommending that tech and social media companies could regulate themselves independently under a ‘code of ethics’ which could be overseen by Ofcom.
The report by the Lords echoed this sentiment. It stated that self-regulation from internet behemoths from the likes of Google and Facebook were “clearly failing”.
Lord Panteg wrote: “Policy makers across different sectors have not responded adequately to changes in the digital world.”
He added: "The Digital Authority should be empowered to instruct regulators to address specific problems or areas. In cases where this is not possible because problems are not within the remit of any regulator, the Digital Authority should advise the Government and Parliament that new or strengthened legal powers are needed.”
The report recommends many changes to already existing regulations whether the Digital Authority is created or not. An example of these proposed changes is the public interest test for mergers and acquisitions which would protect peoples’ data from being bought and sold with no prior consent from the individual.
Additionally, the report recognizes the power which this new Digital Authority would hold and justified it by stating: “This is necessary because of the magnitude of urgent social and political problems caused by regulatory fragmentation in the digital world. These problems are less likely to become more complex as technology develops.”
Internet giants such as Google, Amazon and Facebook were not held in high regard amongst the Lords, especially in the report.
It concluded, “Major platforms have failed to invest in their moderation systems, leaving moderators overstretched and inadequately trained. Online platforms should make community standards clearer through a new classification framework akin to that of the British Board of Film Classification.”
The profiles and personal messages of 364 million users of Chinese social media sites were leaked online, exposing private records such as photos and identity card numbers which were being gathered by the Chinese government through a surveillance program.
Cybersecurity researcher for the NGO GDI Foundation, Victor Gevers, revealed in a series of tweets that the Chinese government was using a social media surveillance program which was “retrieving messages per province from 6 social platforms and extracts named, ID numbers, ID photos, GPS locations, network information, and all the conversations an file transfers get imported into a large online database.”
He continued “Around 364 million online profiles and their chats & file transfers get processed daily. Then these accounts get linked to a real ID/person. The date is then distributed over police stations per city/province to separate operators’ databases with the same surveillance network name.”
Gevers went on to say that the program used to retrieve all the private and sensitive information looked “like a jerry-rigged PRISM clone of the NSA.” NSA was the US government’s surveillance system that Edward Snowden revealed back in 2013.
In a direct message on Twitter, Gevers voiced some of his concerns regarding the situation.
“These surveillance systems are dangerous when they are open and fully accessible to anyone, which increases the risk of remote data manipulation. We have seen databases get ‘ransomed’ in the past.”
A great deal of the leaked data included information about cybercafés, which Gevers pointed out in a screenshot and said that those cafes may have been used as a potential tool to gather data on users.
QQ and WeChat were among the six Chinese messaging services which are both operated by Tencent.
In the past, WeChat denied their monitoring of user chat logs for government surveillance, however according to the Chinese legal system, all internet companies operating in China are expected to collect and store user data locally in case of an official inspection.
Security researcher Jane Manchun Wong said: “If sensitive information was exchanged in some of those conversations, it could have been sold to black markets, the same way how stolen credit card info from compromised databases work.”
She continued, “Except this one, it’s effortless to hackers. They could essentially just walk in and everything seems to be in plain text and accessible without any login information.”
The database was allegedly secured after Gevers exposed the issue.
There have been a few major leaks in China over the past few years.
Just last month Gevers reported a case regarding a Chinese tech company, SenseNets, which stored the data of 2.6 million people in the region of Xinjiang which is of Muslim majority and is under heavy police surveillance. The data included the ID numbers and addresses of the residents.
Chinese media outlets have launched a scathing attack on the United States for its role in the arrest and subsequent detainment of Huawei’s CFO in Vancouver earlier this week.
The Japanese government has announced that it will ban telecommunications equipment manufactured by Chinese vendors Huawei and ZTE amidst fears about cybersecurity.
Russia, Ukraine, and other areas have been hit by a new strain of ransomware called ‘Bad Rabbit’. The ransomware is said to bear similarities to the WannaCry and Petya outbreaks that caused chaos earlier this year. According to reports, it’s unknown how far this new malware will spread.
US officials said “multiple reports of Bad Rabbit ransomware infections” had been reported “in many countries around the world”. The US computer emergency team said it “discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored.”
Russian news agency Interfax was affected by the ransomware and also Fontanka.ru. Ilya Sachkov, head of Russian cybersecurity firm Group-IB, said, “In some companies, the work has been completely paralyzed – servers and workstations are encrypted.” Most of the victims were located in Russia, according to Kaspersky Lab, and a few cases in Turkey and Germany.
Victims of the ransomware had their computer contents encrypted. The hackers asked for a payment to release the data – in this case 0.05 bitcoins which is about $280. It was only a matter of time before a new strain of ransomware came along, said Gregg Petersen from software firm Veeam. The attack appeared to be targeted at corporate networks.
“We continue to see this lucrative business of ransomware wreak havoc, as the perfect storm of poor maintenance of updates, weak security measures, employee and user errors of judgment, and pseudonymous crypto-currencies exist,” Petersen said.
Most anti-virus programs aren’t able to detect the ransomware, according to analysis by virus checking site Virus Total. The malware was distributed via a bogus Adobe Flash update, claims security firm Eset. The malware’s code, according to a screenshot posted by researcher Kevin Beaumont, referenced pop culture characters including the names of two dragons from Game of Thrones.
To prevent further attacks, Petersen suggests that updates should be maintained, processes to support IT securities policies should be adhered to, and robust IT defenses should be put in place. Organizations should also have backup data located off the live IT network, he said, which should be “a key part of your data management strategy.”
WeDo Technologies, a worldwide leader in revenue assurance and fraud management, announced that TPx Communications, a US-based premier provider of unified communications, managed IT and network connectivity, has selected its RAID Fraud Management Solution (FMS) to protect its expanding network and its customers from fraud.
With more than 80,000 enterprise customers, which include the country’s top financial services, education, government, retail and healthcare providers, TPx prides itself on guaranteeing 5-nines connectivity and bringing the latest technology advances to its customers.
Recently, the company was the first managed services provider in the US to offer 4G/LTE managed service offerings to business customers. While TPx sees an exciting future with these new technology developments, it also sees how complexity in the networks leaves it vulnerable to fraud.
The rise of LTE networks is providing huge industry opportunities for communication service providers that help better support customers, each day, every day. There is a high level of awareness on how complex fraud prevention really is, as traffic volumes escalate and fraudsters become more sophisticated. It is essential to ensure and use the best in class tools and managed services that can support end customers’ services, in a fully protected network environment.
“WeDo is pleased that TPx has joined our roster of clients in the U.S,” said Thomas Steagall, Vice President North America and Caribbean, WeDo Technologies. “By recognizing the challenges that new digital networks and services are posing to their legacy fraud prevention solutions, TPx is taking a proactive approach to protecting themselves from potentially expensive and wide-ranging threats that may be difficult to contain, as we’ve seen from the increasing occurrence of ransomware attacks.”
WeDo Technologies provides a simpler, faster, smarter approach to managing telecom fraud.
RAID FMS enables CSPs to gain a holistic view of fraud by monitoring internal and external information from a single platform. The WeDo Technologies’ Fraud Management software system is a flexible application that runs on top of WeDo’s RAID Platform, enabling CSPs to integrate siloed data sources, as well as accommodate different strategies and operational requirements for diverse portfolios and product lines across the entire organization.
RAID can help stop losses from fraudulent activity, before they occur. By combining multiple detection methods – a hybrid rule based approach and machine learning – CSPs get greater accuracy and better predictive performance. RAID is available on-premise, as a managed service and via the Cloud. Visit RAID.Cloud for a free 60 day trial.
Large digital security breaches are a common occurrence in the corporate world today. The latest breach, experienced by consumer credit reporting agency Equifax, follows a trend of troubling hacks that have played out across the globe this year. It seems adversaries will stop at nothing to evolve their threats, move with even more speed, and find new ways to widen their operational space.
Equifax chief executive Richard Smith said his company “will make changes” after a massive security breach in July that may have exposed the data of up to 143 million people, he said in an opinion piece in USA Today on September 12. Smith said the company first learned of the breach on July 29, but didn’t go public with the information for six weeks because “we thought the intrusion was limited.”
Smith described the hack as the “most humbling moment” in the company’s 118-year history. Founded in 1899 and based in Atlanta, Georgia, it is the oldest of the three largest American credit agencies along with Experian and TransUnion. “We are devoting extraordinary resources to make sure this kind of incident doesn’t happen again,” Smith wrote, promising to “make changes and continue to strengthen our defenses against cyber crimes.”
The company has been highly scrutinized for its handling of the data breach, which compromised the personal information of as many as 143 million Americans. Residents in the United Kingdom and Canada were also impacted. After detecting the breach, Equifax waited six weeks before it notified the public in early September. Rather than informing people whose data had been compromised, the company set up a website that wasn’t ready for days.
Yahoo experienced similar scrutiny when it dealt with massive data breaches. The company announced in September 2016 that hackers in 2014 had stolen data from more than 500 million of its users’ accounts. Yahoo then announced in December 2016 another breach dating back to 2013 in which over a billion users had their data stolen. The US Securities and Exchange Commission opened an investigation into whether Yahoo should have informed investors sooner about the breaches.
To make up for its failure to protect users’ data, Equifax, which rakes in around US$ 3.1 billion in annual revenue, offered free credit monitoring services to its customers. But the company was criticized for requiring those who enrolled for the offer to waive their right to sue the company. Soon enough, Equifax backtracked on the requirement, allowing customers to sue the company if they sent it in writing within 30 days.
Nevertheless, Equifax has been forthcoming about the wider issue of cybersecurity and the need for change. Smith acknowledged some of the company’s problems in his article, admitting that consumers and media have raised “legitimate concerns” about the services Equifax offered and the operations of its call center and website. “We accept the criticism and we are working to address a range of issues,” he said.
Smith said the company is now committed to doing everything it can to support those affected by the breach. “Our team is focused on this effort and we are engaged around the clock in responding to millions of inquiries from consumers,” he said. Equifax has warned, however, that credit card numbers of around 209,000 people have been exposed, in addition to “personal identifying information” on roughly 182,000 customers involved in credit report disputes.
Prior to Equifax’s data breach, Time Warner-owned US TV network HBO was the latest major corporation to fall victim to hackers. HBO confirmed on July 31 that a whopping 1.5 terabytes of material had been stolen – a significantly larger amount than the 200 gigabytes stolen from Sony Pictures in 2014. Similar to Equifax’s breach, HBO’s hackers obtained potentially sensitive information, including employee data and even access to internal corporate emails.
The string of corporate hacks this year, including the global “WannaCry” ransomware attack in May and the subsequent “Petya” attack in late June, represent a chilling trend taking place all over the globe, in which cyber hackers are finding more avenues to infiltrate even the most seemingly protected organizations, by findingnew ways to widen their operational space.
An ever-evolving threat
Hackers today have more tools at their disposal than ever before. They also have a keen sense of when to use each one for maximum effect. In Cisco’s Annual Cybersecurity Report 2017, it explains how the explosive growth of mobile endpoints and online traffic work in favor of cyber hackers. Adversaries have more space in which to operate, the report claims, and more choices of targets and approaches.
It may not be possible to stop all attacks, the report says, but you can minimize both the risk and the impact of threats by “constraining your adversaries’ operational space and, thus, their ability to compromise assets.” Cisco suggests that companies should simplify their collection of security tools by integrating them into an automated architecture to streamline the process of detecting and mitigating threats. That leaves companies with more time to address more complex and persistent ones.
According to Cisco’s 2017 Security Capabilities Benchmark Study, organizations that have not yet suffered a security breach may believe their networks are safe. This confidence is probably misplaced, the report says, considering that 49 percent of the security professionals surveyed said their organizations have had to manage public scrutiny following a security breach.
Take Yahoo for instance: Following the shocking revelation that 1.5 billion of its users accounts were hacked on two separate occasions, the company was forced to slash the price of its core internet business in the sale to US telecom giant Verizon by $350 million. Yahoo is also in the midst of lawsuits related to the way the hacks were handled. In an effort to diffuse the situation and make up for damage to its reputation, Yahoo announced that it would not award CEO Marissa Mayer a cash bonus for 2016.
The Cisco study found that nearly a quarter of the organizations that have suffered an attack lost business opportunities, and four in ten said those losses were substantial. One in five organizations lost customers due to an attack, and nearly 30 percent lost revenue. When breaches occur, operations and finance were the functions most likely to be affected (36 percent and 30 percent, respectively), followed by brand reputation and customer retention (both at 26 percent).
The report once again emphasizes the importance of companies focusing their resources on reducing their adversaries’ operational space if they want to avoid the aforementioned consequences. As a result, attackers will find it difficult to gain access to valuable enterprise resources and to conduct their activities without being detected. Automation, the report says, is essential to achieving this goal.
Automation helps companies to understand what normal activity is in the network environment, so they can focus their resources on more significant threats. Simplifying security operations, the report says, is the most effective way of eliminating adversaries’ unconstrained operational space. Unfortunately, most organizations are using more than five solutions from more than five vendors, according to the study, creating a complex web of technology, which can be a recipe for less, not more, protection.