Tag Archive for: introduce

UK to Introduce New Law Mandating Businesses to Disclose All Ransomware Attacks


ransomware

While ransomware is a sad modern reality (and risk) for both businesses and individuals, for the former it’s particularly tempting, wherever possible, to not actually disclose to the public when they have been the victim of a cyber security attack. In fact, with many cyber security insurance policies offering to just pay whatever ransomware fee necessary, in many respects hushing up such incidents can be both convenient and easy.

Following a report via TheRecord, however, the UK is set to introduce a new law which will ultimately require any business subjected to a ransomware attack to publically disclose the incident or potentially face fines of up to £17M.

hack hacking darkweb

UK to Crack Down on Ransomware Cover-Ups!

The new law would specifically look to target MSPs (managed service providers) but will essentially try to stop what we suspect are alarmingly high instances of businesses simply paying ransomware fees and then quietly hushing the matter up. And make no bones about it, this happens a lot as only last month information appeared online showing that cyber security insurance premiums were doubling each year due to payments being issued to these criminal organisations to stop the leak of sensitive information.

With this new law, however, all ransomware attacks will have to be publically declared, and more so, failure to do so will result in either the MSP or business being hit with anything up to a £17M fine!

Malware virus hackers

The overall hope, from a general consumer level, is that with ransomware attacks having to be declared, this will (hopefully) prevent businesses from not only attempting to protect their public image by paying the fee and keeping their mouths shut, but also their efforts to hide when their potentially incredibly sensitive data (such as information on its customers) may have been compromised. – And a side bonus, of course, is that with such declarations having to be made, this may stop them from, you know, actually paying the ransomware criminals.

I mean, to me, this is literally the definition of feeding the beast that’s trying to kill you!

What do you think though? – Let us know in the comments!

Source…

Google will introduce modern security measures for Android


Over the years, Google has given Android more and more security features. These are meant to ensure users are protected, often in the details and areas they don’t care about.

To make sure that Android becomes more secure, not only in newer versions, but extends to older versions. Thus there is an obligation to bring some new features associated with permissions to these older versions.

With Android 11, Google has brought new permissions and the way apps and services use them. Specifically, and in a very specific area, these permissions are removed after some time without using the app.

This novelty has ensured that no application can be hidden and data collected. To do this, you will have to show the user a new message asking for new permissions and alert them to use them.

With this little action being successful, Google decided that it should also be extended to other versions of Android. This news will be received with updates to other elements of Android itself, not depending on the brands or manufacturers.

From that point on, older versions of Android are also subject to these new rules. The permissions of the app have validity, which if it expires due to lack of use, it must be requested again from the users.

Permissions for Android Google Security Apps

The limits created by Google directly determine who will receive this news soon. We are talking about all versions of Android up to 6. Users here are subject to the rules set by this new policy.

This is an important step for Android and many smartphones that use this system. Thus Google ensures that the latest security measures created are passed on to older models, keeping them protected.

Source...

Blockchain may introduce new problems to voting system: Study


Read Article

While current election systems are far from perfect, security risks can persist in Internet- and blockchain-based voting systems, says a study by researchers from Massachusetts Institute of Technology (MIT).

The paper titled “Going from Bad to Worse: From Internet Voting to Blockchain Voting,” comes at a time when news reports of possible foreign interference in elections, of unauthorised voting, of voter disenfranchisement, and of technological failures have called into question the integrity of elections worldwide.

The calls for blockchain-based voting grew stronger after media outlets in the US waited to announce the winner of the presidential poll until the Saturday following the election day.

Internet- and blockchain-based voting would greatly increase the risk of undetectable, nation-scale election failures, said the MIT paper.

According to the researchers, claims that “voting over the Internet” or “voting on the blockchain” would increase election security have been found wanting and “misleading”.

For the study, Institute Professor Ronald Rivest of MIT’s renowned Computer Science and Artificial Intelligence Laboratory (CSAIL) and his colleagues analysed prior research on the security risks of online and electronic voting.

They showed that “not only do these risks persist in blockchain-based voting systems, but blockchains may introduce additional problems for voting systems.”

The paper pointed out that prior studies had shown that online voting may have little to no effect on turnout in practice, and it may even increase disenfranchisement.

“More importantly: given the current state of computer security, any turnout increase derived from with Internet- or blockchain-based voting would come at the cost of losing meaningful assurance that votes have been counted as they were cast, and not undetectably altered or discarded,” the researchers wrote.

“This state of affairs will continue as long as standard tactics such as malware, zero days, and denial-of-service attacks continue to be effective,” they added.

–IANS

If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]

Source…