• Martin Kienzle

Ransomware a national security risk! and other security and privacy news

Updated: May 7

Security


The biggest security news theme last week was about ransomware. Hackers Claim to Have Stolen 250 GB From Washington DC Police and now they threaten to release DC police data in apparent ransomware attack, including data about police informants. It’s become a huge business risk: Ransomware extortion demands are growing, and so is the downtime caused by attacks to the point that It’s now or never: Society must respond to the ransomware crisis. There appears to be a consensus that Ransomware is now a national security risk. This group thinks it knows how to defeat it. Here’s a bit more detail about the 60-Member Ransomware Task Force Has a Plan to Crack Down on Ransomware Criminals


In particular, the Anti-Ransomware Task Force Calls for Tighter Regulation of Cryptocurrencies, an interesting tack, as the main point of cryptocurrencies is that they are not regulated! Aside from ransomware, cryptocurrencies have their own risks: WeSteal: A ‘shameless’ cryptocurrency stealer sold in the underground. It’s not just thieves wanting to get into Cryptocurrency wallets: The IRS Wants Help Hacking Cryptocurrency Hardware Wallets



As usual, several new consumer data leaks were exposed:

· Paleohacks data leak exposes customer records, password reset tokens

· This password-stealing Android malware is spreading quickly: Here's what to watch out for

· How Identity Thieves Took My Wife for a Ride

· Contact-tracing apps: Android phones were leaking sensitive data, find researchers



Given all these hacks and leaks, it’s good to see some efforts to address them:

· FBI: Russian hackers are still trying to break into networks, here's how to protect yours from attack

· Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild

· Microsoft mulls over tweaks to threat data, code-sharing scheme following Exchange Server debacle


So far, most deep fakes have been used with people. But now, Deepfake satellite images pose serious military and political challenges



Privacy


In an interesting move, Biden administration says DHS can’t collect even more social media info at the border and even the Supreme Court is asked to review case against border device searches


With IOS 14.5 released last week, the ad tracking opt-in requirement was a big part of the conversation. Here’s Why Apple’s new privacy feature is such a big deal, resulting in the fact that Facebook and Instagram notices in iOS apps tell users tracking helps keep them ‘free of charge’. Are we supposed to believe they will charge for their apps? And it’s not just Apple that addresses ad tracking: Facebook expects ad tracking problems from regulators and Apple


As China calls out 33 apps for collecting more user data than deemed necessary, it raises the question what data the government collects.


While Google's Grand Plan to Eradicate Cookies Is Crumbling, the Vivaldi browser tries to end your cookie consent nightmare



Regulation


In a potentially significant ruling, California appeals court finds Amazon responsible for third party sellers’ products. This illustrates the difference between the physical and the digital world: Section 230 is still in force, web sites are not responsible for their submitted content.


Refusing to regulate the most dangerous robots, The EU's proposed AI laws would regulate robot surgeons but not the military ,


Apple distorted competition in the music streaming market, says EC, addressing Apple’s use of their platform power.


The global regulatory disconnects have long created problems. Here’s an interesting overview: Divided we fall: Why fragmented global privacy regulation won’t work

14 views0 comments