Archive for March, 2018
Even in the United States, there are signs of movement toward embracing higher standards for data protection. The United States offers a program, called Privacy Shield, that enables American companies to certify that their data protection practices meet EU standards (though this program is questioned by privacy purists in the EU). And some of the most trusted US corporations go to great lengths to respect the data rights of people in other countries (see the recent Microsoft case before the Supreme Court). Likewise, individual states establish GDPR-like laws for their citizens (see New York’s recent cybersecurity regulation). The sheer volume of companies that are willingly modifying their data protection practices, at great cost, to become “GDPR compliant” should be evidence enough that there is appetite in the US business community for the certainty of a unified data protection regime.
Amnesty International announced Thursday it would initiate a social media campaign against Apple, because the Cupertino, Calif. tech giant caved to the Chinese government and agreed to allow its customers’ data to be housed on servers there.
It also follows only a month after Reuters reported that Apple agreed to store encrypted keys used to access customers’ (or, users’) data storage accounts (such as iCloud).
From: The Hill
Nine Iranian nationals and one Iranian entity on Friday were sanctioned by the Treasury Department and charged by the Department of Jusitice for allegedly hacking into hundreds of universities and other organizations, stealing information on behalf of Iran’s government.
The individuals worked in some capacity for an Iran-based company called the Mabna Institute, which investigators say was founded in 2013 to help Iranian universities and scientific and research organizations gain access to non-Iranian scientific materials.
A new issues paper from ASPI highlights the risks to Australia’s critical infrastructure, but suggests that regulation and new government structures may not be ready to face the challenge.
Finding the path to a secure Internet of Things (IoT) is like the old joke about a tourist asking for directions, according to Tom Uren. “Well if I were you, I wouldn’t start from here.”
Uren is a visiting fellow at the International Cyber Policy Centre (ICPC) at the Australian Strategic Policy Institute (ASPI), and is co-author with research intern Eliza Chapman of the issues paper, The Internet of Insecure Things, released on Monday.
NATO countries are working to determine when a cyber attack would trigger the collective defense provision
From: Raw Story
NATO countries are working to determine when a cyber attack would trigger the collective defense provision in the alliance’s charter, a US general said on Thursday.
The alliance is “dealing with the issue around this and in cyber and working to define an understanding of what would be a trigger for Article 5,” General Curtis Scaparrotti, the commander of NATO forces in Europe, told a US Senate committee.
From: The Times of Israel
Ben-Gurion University team was able to blast music through a baby monitor, turn off a thermostat and turn on a camera remotely
Cybersecurity researchers at the Ben-Gurion University of the Negev say they have found serious security issues in such off-the-shelf devices as baby monitors, home security and web cameras, doorbells, and thermostats. These were easily hacked into by the researchers as part of their ongoing study into detecting the vulnerabilities of the Internet of Things, internet-connected home devices and networks.
From: The Washington Times
By Andrew Blake
The top U.S. general in Europe has become the latest high-ranking official to acknowledge weaknesses in the country’s ability to effectively counter Russian cyber threats.
Appearing before the Senate Armed Services Committee, Army Gen. Curtis Scaparrotti told lawmakers Thursday that the U.S. needs a better approach for dealing with cyberattacks and other electronic threats attributed to Russia, adding his name to a growing list of of government officials still wary of the risks posed by state-sponsored operatives in the aftermath of Moscow allegedly meddling in the 2016 presidential race.
From: The Law Society Gazette
Ministers have defended their proposal to exempt the Home Office from a key part of the data protection regime despite concerns raised by the legal profession. Culture secretary Matt Hancock MP told the House of Commons yesterday that exemptions from subject access requests are necessary to ensure that ’a minority of individuals cannot abuse data protection law with the sole intent of undermining immigration controls’.