Home Secretary Priti Patel is to warn of the dangers of Facebook’s encryption plans at the National Society for the Prevention of Cruelty to Children (NSPCC), according to BBC News. Facebook’s plans to roll out encryption – where only the sender and recipient can read messages – across its messaging services could jeopardise ongoing work to combat child abuse, the Home Secretary is to warn.
ISBuzz Team
As critics report that US sanctions on Russia following recently cyberattacks are mostly symbolic, the question arises: what long-term solutions exist to limit the increase in, and severity of, state-sponsored cyber-attacks? Please see a comment below from John McClurg, CISO at BlackBerry, discussing the problem with imposing reactive sanctions, and his thoughts on how proactive prevention can do critical work to prevent the success of these attacks, which could in turn lead to a decrease in their initiation.
Facebook is facing mass legal action from users whose data was compromised in a massive data leak. If found to be in breach, Facebook could face fines of up to 4% of its turnover.
“What, me worry?” While this disposition worked for Mad magazine’s Alfred E. Neuman for decades, it’s not advisable for small and medium-sized enterprises (SMEs) in considering cyber insurance. Large companies, of course, are increasingly investing in cyber policy coverage to protect themselves from the financial fallout of stolen data, disrupted operations, extortion and other cyber events. The frequency of such attacks against businesses of all sizes in all sectors drives a global cyber insurance market projected to grow to $20.4 billion by 2025 compared to $7.8 billion today. In our insurance and risk conversations with SME leaders, we see SMEs…
Following the White House announcement which has held Russia accountable for the SolarWinds breach, security experts commented below on the topic:
The NSA published an advisory identifying the top 5 vulnerabilities actively exploited by Russian government hackers and urging companies to mitigate as quickly as possible.
The Director of National Intelligence just recently released the Annual Threat Assessment report, which cites concerns of increasing cyber threats from China, Russia, North Korea and Iran. Experts have seen an increase in attacks targeting cyber, technological, and military branches of the U.S. The annual report also emphasizes that the COVID-19 pandemic would continue to be the gravest threat to both national and international security. Following two major cyber-espionage attacks (SolarWinds, Microsoft Exchange) involving Russia and China, the assessment stressed that cyberattacks remained an “acute” threat to national security.
The NAME:WRECK vulnerability disclosure showed the complexities developers are navigating through today. It remains to be seen if malicious actors have taken advantage of the vulnerabilities, but the scale of the software issue was evident as it affects millions of IoT devices. The disclosure put some blame on the developers who unknowingly were using insecure code to create the software. Developers have a tough job today to satisfy the growth needs of their employers who are looking for any competitive edge as the economy recovers from the pandemic. This need for speed forces developers to reuse code from open source…
The rise in cyber fraud cannot be disputed, with spam messages multiplying 220 times between February and March 2020 and malicious URLs increasing by 260%.
Please see below for comment by cybersecurity expert on the Irish Data Protection Commission launching an investigation into the Facebook data breach that caused the leak of 533 million phone numbers: