By Cameron Abbott and Giles Whittaker
Amazon Web Services rolled out an IoT service called IoT Device Defender to limit risks from unsecured IoT devices. The service will monitor an entire fleet of devices for compliance policies and best practices. As such, an organization can set the normal operational parameters and policies for a given fleet of devices and then Device Defender will make sure those policies are enforced.
By Cameron Abbott and Allison Wallace
It’s been revealed that Uber’s database has been hacked, with the personal information of more than 57 million users and drivers worldwide compromised. That’s a big number, but we are becoming increasingly numb to this kind of revelation, with all the cyber-leaks now making the news. What was the more astounding aspect of this particular incident is the fact it has taken Uber over a year to reveal the security breach – with the attack taking place in October 2016. Read More
By Cameron Abbott and Keely O’Dowd
Nausicaa Delfas, Executive Director and Chief Operating Officer at the Financial Conduct Authority (UK) recently presented a speech at the Cyber Security Summit and Expo 2017 in London.
During her speech, Ms Delfas cited an issue that often comes up in her conversations with firms, business people or leaders – how to manage risk that ‘lies beneath the surface’.
By Cameron Abbott, Keely O’Dowd and Olivia Coburn
The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight. The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.
By Cameron Abbott, Allison Wallace and Olivia Coburn
The personal details of almost 50,000 Australians have been published online by a third party government contractor, who is yet to be identified. And I guess you would feel a little shy about owning up to this one!
By Cameron Abbott and Giles Whittaker
The emergence of a booming dark web marketplace has facilitated the skyrocketing ransomware sales from US$249,287.05 in 2016 to US$6,237,248.90 as of September 2017, representing a growth rate of 2,502%. This rapid growth is in part due to not only the effectiveness of ransomware as a criminal enterprise but the increased availability to partake in such activities. According to a recent report by Carbon Black, The Ransomware Economy: How and Why the Dark Web Marketplace for Ransomware Is Growing at a Rates of More than 2,500% Per Year, there are 45,000 ransomware product lines at an average price of US$10.50 and includes various do-it yourself (DIY) kits.
By Cameron Abbott, Rob Pulham and Olivia Coburn
A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.
The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.
Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.
By Cameron Abbott and Olivia Coburn
A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program.
The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane project, Collins Class submarines and the warships HMAS Canberra and HMAS Adelaide. The Government has emphasised that the stolen data is commercially sensitive but not classified.
The announcement coincides with the release of the Australian Cyber Security Centre’s 2017 Threat Report, available here, which reveals that the hack is among 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.
By Cameron Abbott and Olivia Coburn
The United States Securities and Exchange Commission (SEC) is facing scrutiny on its handling of a data breach that occurred in 2016 – but was only publicly disclosed on 20 September 2017.
Hackers accessed information on corporate filings intended for investors, which would be used for insider trading.
By Cameron Abbott and Olivia Coburn
“Big four” accounting and consulting firm Deloitte revealed on Monday that it was targeted by a hack that exposed its email system and client records.
Although Deloitte has not yet provided details on the full extent of the breach, it confirmed that the information accessed includes confidential emails and plans of some of its blue-chip clients. It also said that “very few” clients were affected.
Copyright © 2024, K&L Gates LLP. All Rights Reserved.