Ransomware a national security risk! and other security and privacy news
Updated: May 7
The biggest security news theme last week was about ransomware. Hackers Claim to Have Stolen 250 GB From Washington DC Police and now they threaten to release DC police data in apparent ransomware attack, including data about police informants. It’s become a huge business risk: Ransomware extortion demands are growing, and so is the downtime caused by attacks to the point that It’s now or never: Society must respond to the ransomware crisis. There appears to be a consensus that Ransomware is now a national security risk. This group thinks it knows how to defeat it. Here’s a bit more detail about the 60-Member Ransomware Task Force Has a Plan to Crack Down on Ransomware Criminals
In particular, the Anti-Ransomware Task Force Calls for Tighter Regulation of Cryptocurrencies, an interesting tack, as the main point of cryptocurrencies is that they are not regulated! Aside from ransomware, cryptocurrencies have their own risks: WeSteal: A ‘shameless’ cryptocurrency stealer sold in the underground. It’s not just thieves wanting to get into Cryptocurrency wallets: The IRS Wants Help Hacking Cryptocurrency Hardware Wallets
As usual, several new consumer data leaks were exposed:
Given all these hacks and leaks, it’s good to see some efforts to address them:
So far, most deep fakes have been used with people. But now, Deepfake satellite images pose serious military and political challenges
With IOS 14.5 released last week, the ad tracking opt-in requirement was a big part of the conversation. Here’s Why Apple’s new privacy feature is such a big deal, resulting in the fact that Facebook and Instagram notices in iOS apps tell users tracking helps keep them ‘free of charge’. Are we supposed to believe they will charge for their apps? And it’s not just Apple that addresses ad tracking: Facebook expects ad tracking problems from regulators and Apple
As China calls out 33 apps for collecting more user data than deemed necessary, it raises the question what data the government collects.
In a potentially significant ruling, California appeals court finds Amazon responsible for third party sellers’ products. This illustrates the difference between the physical and the digital world: Section 230 is still in force, web sites are not responsible for their submitted content.
Refusing to regulate the most dangerous robots, The EU's proposed AI laws would regulate robot surgeons but not the military ,
Apple distorted competition in the music streaming market, says EC, addressing Apple’s use of their platform power.
The global regulatory disconnects have long created problems. Here’s an interesting overview: Divided we fall: Why fragmented global privacy regulation won’t work