Tag Archive for: Banning

Banning Ransomware Payments Brings New Challenges

/in


Cyber criminals will keep making ransomware attacks as long as they see profits outweigh the effort and risks. Some states have responded by prohibiting state and local government entities from paying the extortionists — a move North Carolina and Florida took in 2021 and 2022, respectively, and which several others have mulled as well.

State bans like these keep taxpayer money from funding cyber crime, but such small-level, standalone prohibitions are unlikely to have a big impact on the ransomware problem, said Jen Ellis — Institute for Security and Technology (IST) adjunct senior policy adviser and Ransomware Task Force co-chair — in response to a Government Technology question during an IST webinar yesterday.

A nationwide ban applying to both public- and private-sector victims would reach farther, however, and past years have seen cyber researchers debate the pros and cons. Deputy National Security Adviser Anne Neuberger said in May that federal officials had “grappled” with the question of whether to ban most extortion payments while allowing the federal government to grant waivers.


If the U.S. means to do so, there are plenty of risks and challenges to consider, cyber experts said during yesterday’s webinar.

That includes introducing and launching such a policy.

Silas Cutler is an adjunct senior cyber threat adviser at IST and a principal reverse engineer at cybersecurity company Stairwell. He worried that busy small-business owners may not be keeping up with the latest cybersecurity legislation and could accidentally commit a crime if they pay after a hypothetical ban passes. That would give cyber attackers leverage to keep extorting the businesses in exchange for keeping the fact of the payment quiet.

Another concern is attackers are likely to respond to a payment ban by testing how well it sticks. Attackers may intensify their focus on the victims most likely to feel compelled to pay, such as small- to medium-sized businesses — which may not be able to stay afloat during an interruption to their operations — and essential service and critical infrastructure providers where “disruption…

Source…

Opinion: Banning TikTok stifles internet innovation and freedom

/in


The popularity of TikTok, a Chinese-owned short-form video-sharing app, has provoked concerns among American policymakers and proposals to ban the platform. Although data exfiltration concerns are hard to dispel, the costs of banning TikTok far outweigh any benefits to national security.

TikTok isn’t a particularly unique or valuable source of American data, but it is a potent distributor of American culture. Banning TikTok would quash the voices of Americans who favor the platform and undermine the open internet that has served America so well.

Concerns about TikTok fall into two categories. Critics fear that TikTok’s algorithm could be manipulated to serve Chinese interests and that user data could be collected and misused by the Chinese Communist Party. The first concern is ably addressed by TikTok’s Project Texas, a deal with Oracle to host TikTok in America on Oracle servers, where its algorithm can be audited. The second is harder to dispel.

Like other apps, TikTok collects user information such as location and stored media. TikTok needs this data to host and serve user speech, but it can be misused. Unlike other apps, TikTok’s parent company, ByteDance, has its headquarters in China, where it is subject to China’s National Intelligence Law. Under the law, China can require its citizens and corporations to provide data relevant to state intelligence work.

There isn’t any evidence that TikTok is spying for the CCP. ByteDance’s only demonstrable misuse of user data was to track employees leaking information to journalists. But data is leaky, and employee access is hard to police. Under the National Intelligence Law, there is always a risk that ByteDance will be compelled to share TikTok user data with the CCP.

Further, there is little reason to believe TikTok is a unique intelligence goldmine. Other apps collect similar information, TikTok is not the only Chinese app used by Americans, and much of the more sensitive information TikTok collects, such as user location, can be purchased from unscrupulous data brokers. Absent broader data protections, banning TikTok at best forces China to buy Americans’ data instead of getting it for free.

To get vital data, China has repeatedly…

Source…

Leo Varadkar banning mobile phones in Cabinet meetings due to ‘security risk’

/in


New Taoiseach Leo Varadkar is banning ministers from bringing mobile phones into Cabinet meetings. Security risks from electronic spying are being cited for the new regulations.

ut the unprecedented move also follows controversies over leaking from Government. Mr Varadkar was investigated for providing a confidential document to a friend. And Higher Education Minister Simon Harris was accused on the Dáil record of leaking confidential information direct from the Cabinet table. 

Leaking from Cabinet is in breach of the Constitution. Ministers have now been instructed to leave their phones, tablets and devices in pigeon holes outside the room.

A Government source said it was the norm across European governments to not bring electronic devices into the room due to the risk of bugging by foreign powers. Mobile electronic devices can be hacked into to listen to confidential discussions.

Source…

China expresses serious concerns on India banning Chinese apps

/in


BEIJING: China on Thursday expressed serious concerns regarding India’s ban of Chinese apps over security reasons, adding that it hopes India would treat all foreign investors, including Chinese firms, in a transparent, fair and non-discriminatory manner.
“We hope India can take concrete measures to maintain the sound development momentum of bilateral economic and trade cooperation,” Gao Feng, spokesman for the ministry of commerce, told a press conference.
India has blocked access to 54 mobile apps, mainly Chinese, government sources told Reuters.

FacebookTwitterLinkedinEMail

Source…