Businesses and government organisations face a growing threat from freelance cybercriminals, one former US Department of Justice attorney has warned as turncoat security experts cause problems such as the recent malware attacks on Polish banks. No wonder financial giants are exploring the potential of Blockchain to improve the protection of data from manipulation and fraud.
The passage of long-stalled breach-notification laws is promising to expose many hacks that would have otherwise gone unnoticed – and there are already lessons to be learned from the sharing of case studies. Learning from the experiences of others will be particularly crucial for operators of water networks and other critical infrastructure.
Cloud-hungry Australian businesses must improve their identity and data protection, experts warned as they also offered recommendations for the US government to improve its security. Experts were also warning businesses to watch out for being compromised using their own data, while security researchers scored a small victory by tricking a business email compromise instigator into revealing his identity.
The need to address new risks posed by Internet of Things (IoT) endpoints has been widely recognised in theory, but the threat it poses became very clear after the takedown of a university’s network by hacking its vending machines. Small cities are also particularly exposed to the IoT threat, according to one report.
Such incidents highlight the changing notions of the network perimeter. On a similar note, US government security experts were concerned about the proper US response to foreign cybersecurity activity. Ditto the UK government, which opened a new National Cyber Security Centre at GCHQ.
Meanwhile, US authorities were concerned that president Donald Trump may be using a mobile phone running an insecure, old version of the Android operating system. Android was also blamed for an attack on Israeli soldiers and potential compromises of connected cars, even as researchers highlighted a way to jump between personal and business data secured using Google’s secure Android for Work containers.
Mobiles aren’t the only vulnerable devices: the same Russian spies that were blamed for hacking the US election were said to now be targeting Macs.
The use of machine learning offers great promise for improving security response, with IBM linking its Watson machine-learning platform with its security information and event management platform. Eric Schmidt was also talking AI at the RSA conference, where experts were offering their best cybersecurity advice.
Intel and McAfee were pushing towards settlement talks in their dispute over the use of John McAfee’s name, while Microsoft’s president was looking at a way to impose Geneva Convention-like rules on another kind of war. And tech groups were gearing up for a different kind of fight as they worked against a controversial provision in US law giving authorities the right to spy on people overseas.
- The week in security: As Trump ban hits tech, researchers ask: why are humans so bad at security?
- UK researchers get £1.1m to answer why humans keep failing at cybersecurity
- Australian businesses failing to convince young women about ICT’s possibilities
- The week in security: Spying toy banned as Yahoo learns the real cost of a data breach