Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 268

Need To Beef Up India’s Cyber Security Policies And Mechanisms – Analysis

I luv it — India get’s it. You have to make sure that your IT foundation is solid first before unleashing things like AI. Connected AI requires a solid and secured infrastructure foundation 1st. In order for customers to buy into Cloud & the whole IoT, and connected AI set of products and services; the customer must feel that they can trust you fully.

By Jayadev Parida

Take a stock of the past, analyse the present cliché and frame a strategy for future. In the recent years, India’s approach to cyber security has experienced a shift from style to substance. Prime Minister Modi’s foreign policy has made various strong interventions on cyber security matters. Those interventions need to be materialised to manoeuvre the interest. Presumably, the Prime Minister Office (PMO) is likely to invest both political and capital energy to enhance a cautious cyber-strategy. A dedicated Division in the Indian Ministry of External Affairs (MEA) for cyber security is a value addition to that. In 2015, Minister of Communications and Information Technology in a written reply to the Lok Sabha stated that government allocated Rs 755 crore to combat cyber security threats over a period of five years. But, this financial outlay is quite negligible as the nature of threat is quite huge and unpredictable.

Cheer up, the worst is yet to come! One of those famous words penned by noted American author and novelist Mark Twain a long ago. This sentence is a stark reminder of India’s dawdling approach to new threats. India’s cyber sleuth may be holding their nerves for the worst to frame a robust apparatus to secure cyber ecosystem. The Google Trends of 2015 demonstrated that Islamic State (IS) was a buzz word in India while terrorism continued to exist as the area of concern. Nonetheless, interest over the time for IS’ in Indian Cities is increasing significantly.

Baltimore hackers say they reveal potentially deadly cybersecurity weaknesses at area hospitals

What happens when a patient is in X-Ray and the X-Ray machine blows up like a bomb killing the patient and staff in the room? Well, a new report shows that it can happen where machines are connected to any network (including the net) because a team of hackers showed in their report how they were they hacked several D.C. and Maryland Hospitals medical devices and numerous machines including life support, X-Rays, etc.

Area hospitals are riddled with cybersecurity flaws that could allow attackers to hack into medical devices and kill patients, a team of Baltimore-based researchers has concluded after a two-year investigation.

Hackers at Independent Security Evaluators say they broke into one hospital’s systems remotely to take control of several patient monitors, which would let an attacker disable alarms or display false information.

The team says it strolled into one hospital’s lobby and used an easily accessible kiosk to commandeer computer systems that track medicine delivery and bloodwork requests — more opportunities for malicious hackers to create mayhem.

Ireland can become global cyber security hub — study

Ireland has real opportunity to benefit from increased global investment and establish itself as a world-class hub for cyber security practices, solutions and investment, according to a new report from Deloitte. Conducted in association with the International Sustainability and Investment Centre, the report found that Ireland has proven itself to be an innovative centre for technology and has the potential to become a world leader in cyber security.

Respondents to a survey for this report identified increased regulation on data privacy (73%), more sophisticated scamming and phishing (59%), and growth in identity theft (53%) as the major trends in the cyber area over the next five years. This will force businesses to change how they organise and manage their data security.

More than one third (36%) of respondents believe there will a trend towards outsourcing cyber management to third party organisations, and 27 percent think that businesses will establish global/regional centres of excellence for managing this function. The implication of this will be that a small number of locations will be preferred for basing these centres of excellence.

Cyber Security: How to Protect Your Firm and its Clients

Law Firms are prime targets for hackers.

Law firms are considered by many hackers to be soft targets with a wealth of valuable information. Data from social security numbers, credit cards, and client confidences is enough to make the criminal mind salivate with malicious intent. Between 31–45% and 10–20% of firms have been infected by spyware or experienced security breaches respectively. But what can a private practitioner or law firm do to prevent these trespasses on their networks?

In this episode of The Florida Bar Podcast, host Adriana Linares welcomes cyber security expert Sherri Davidoff to discuss the dangers to data that exist for law firms today. To begin their dialog, they define what ransomware is and tell us why so many firms give in to its extortion.

Tune in to learn what practitioners can do to counteract or mitigate some of the risks. Spam filters, employee training, role-based access controls, and anti-virus software are among many countermeasures available for even small firms. In addition, lawyers may want to consider network monitoring, cloud-based software platforms, and comprehensive backup and retrieval systems. The key to successfully implementing the latter is to test your IT firm’s ability to restore lost files.

Calif.‘s Harris Outlines ‘Reasonable’Data Security

I wish the CA AG a lot of luck; however, her approach is very questionable when you think about downstream access and feed type scenarios. Example, Business in Boston MA has an agreement with a cloud host company in CA, and Boston also has data that it pulls in from Italy, DE, etc. plus has a service that it offers to all of users and partners in the US and Europe that is hosted in CA.

How is the CA AG going to impose a policy on Boston? It can’t; in fact the business in Boston will change providers and choose to use someone in another state that will not impact their costs and business.

BTW — I didn’t even mention the whole recent announcement from China on deploying out a fully Quantum “secured” infrastructure. If this is true; everyone is exposed and this means there is no way companies can be held accountable because US didn’t have access to the more advance Quantum infrastructure technology.

https://lnkd.in/b9xXVAN

Feb. 17 — California Attorney General Kamala Harris (D) has released the state’s data breach report, laying out the legal and ethical responsibilities of businesses to keep information safe and perhaps most importantly outlining what the state believes is “reasonable security” that companies must employ to avoid possible enforcement actions.

Under the state’s information security statute, businesses must use “reasonable security procedures and practices” that “protect personal information from unauthorized access, destruction, use, modification, or disclosure,” the report said.

Under the guidelines in the report released Feb. 16, failing to implement all 20 of the Center for Internet Security’s Critical Security Controls that apply to an organization’s environment constitutes a lack of reasonable security. The controls define a minimum level of information security all organizations that collect or maintain personal information should meet.

Microsoft founder Gates backs FBI in encryption fight with Apple

Microsoft founder Bill Gates has broken with other Silicon Valley giants by backing the FBI in its battle with Apple over hacking into a locked iPhone as part of the investigation into last December’s San Bernardino terror attack.

In an interview with the Financial Times published Tuesday, Gates said a court order requiring Apple to help the FBI access a work phone belonging to gunman Syed Farook was” a specific case where the government is asking for access to information. They are not asking for some general thing, they are asking for a particular case.”

Gates went on to compare the FBI’s request to accessing bank and telephone records. However, he added that the government must be subject to rules about when it can access such information.

China’s newest tech can offer quantum of security

Very concerning news for the US security; we’ll see how the US responds. Remember, our largest hackers in the US is China; so we’ll need to determine what this means as well as how vulnerable we are.

http://www.globaltimes.cn/content/969692.shtml

China’s stock markets have been stabilizing in recent days after the rollercoaster ride at the start of the year. And one bright point has been stocks related to quantum communications, showing renewed investor interest in the new technology, which will play an important role in creating a safety net for the increasingly information technology-savvy economy.

The fact that China has taken an early lead in developing the technology and translating it into real-world quantum communications projects should give added fuel to the market hype about the apparently unfathomable yet promising investment theme.

Thus far, the practical application of the technology has mostly featured quantum key distribution, which uses tricks of quantum mechanics to enable encryption codes or keys shared between two parties that are written upon single photons of light. If an eavesdropper tries to hack the codes, they will immediately be detected because of having caused disturbance to the encoding of the photon.

Read more

/* */