Bloody thespians, always making a scene ;-)
The poor consumers buy Christmas presents, giving their money to the rich ... on and off line
"It is far better to be up front and say you are an autocratic country — you have strengthened the power of the Communist Party."
15 MINUTES ON SOCIAL MEDIA COULD TELL YOU THAT: More seeking mental help, but not those who need it most.
How
Germany is tackling the future of work: The impact of technology on jobs
requires new ways to support workers effectively
IZA, 30 November 2018. To address the implications of digitalization and automation, in 2015 the German government initiated a consultation with a wide range of partners from academia, unions, and the nonprofit and private sectors. The two-year consultation, which included commissioned research, debates, workshops and public consultations, culminated in a white paper, Work 4.0. Four main themes emerged during the process: lifelong learning, flexible working environments, health and safety, and protection for the self-employed.
IZA, 30 November 2018. To address the implications of digitalization and automation, in 2015 the German government initiated a consultation with a wide range of partners from academia, unions, and the nonprofit and private sectors. The two-year consultation, which included commissioned research, debates, workshops and public consultations, culminated in a white paper, Work 4.0. Four main themes emerged during the process: lifelong learning, flexible working environments, health and safety, and protection for the self-employed.
CyberScoop
December 7,
2018
Russian
interference in the 2016 U.S. election laid bare the vulnerabilities in
American society and institutions to hacking and information operations. Two
years later, policymakers are still searching for a comprehensive strategy for
dealing with those vulnerabilities. In a speech Friday, Sen. Mark Warner of
Virginia, the top Democrat on the Senate Intelligence Committee, proposed a
“whole-of-society” cyber doctrine rather than one that treats the cybersecurity
challenges in government and private sector separately. “It’s not enough to
simply improve the security of our infrastructure, computer systems, and data,”
Warner said at the Center for New American Security in Washington, D.C. “We
must also deal with adversaries who are using American technologies to exploit
our freedom, our openness, and basically attack our most important asset — our
democracy.” Warner called on the U.S. to redouble its pursuit of global cyber
norms; social-media companies to do more to combat disinformation; the Pentagon
to spend more on cyberdefense; and the U.S. government to require baseline
security standards in the devices it buys, among other proposals.
Nextgov
December 6,
2018
A
bipartisan pair of senators introduced a bill that would require the Homeland
Security Department to create an ongoing program to allow security experts to
report bugs on agency websites. The Public-Private Cybersecurity Cooperation
Act, introduced Thursday by Sen. Rob Portman, R-Ohio, and Maggie Hassan,
D-N.H., requires Homeland Security to create a vulnerability disclosure program
so hackers can report problems they find to the proper authorities without
being prosecuted for breaking laws like the 1986 Computer Fraud and Abuse Act.
“This bill encourages ethical hackers to come forward with information they
find about vulnerabilities in our government networks by assuring them that if
they do, they’ll have protection under the law,” Hassan said in a statement.
Nextgov
A House
lawmaker wants federal agencies to prioritize cybersecurity when buying
internet-connected devices. The Internet of Things Federal Cybersecurity
Improvement Act, which Rep. Robin Kelly, D-Ill., plans to introduce next week,
would require all internet-connected devices purchased by the government to
meet a set of basic cybersecurity standards. The bill would also pressure
agencies to avoid using so-called "lowest price technically acceptable"
criteria when choosing vendors for those devices. Under the legislation, the
government could only buy devices that accept security patches and allow users
to change passwords. Vendors would also need to notify agencies of any security
vulnerabilities they discover and issue software update as new threats arise.
“Everything from our national security to the personal information of American
citizens could be vulnerable because of security holes in these devices,” Kelly
said in an email to Nextgov. “As these devices positively revolutionize
communication, we cannot allow them to become a backdoor to hackers or tools
for cyberattacks.”
The Hill
December 5,
2018
A pair of
lawmakers on Wednesday introduced bipartisan legislation to create a grant
program at the Department of Education to add cybersecurity into career and
technical education curriculums. Reps. Jim Langevin (D-R.I.) and Glenn Thompson
(R-Pa.), who serve as co-chairmen of the Congressional Career and Technical
Education Caucus, said their bill would help promote an area of education that
they see as lacking. The grants, which would be capped at $500,000 for each
fiscal year, would be awarded on a competitive basis to partnerships between
educational institutions and local employers that can show how they will
incorporate cybersecurity education addressing critical infrastructure
functions, such as the power grid.
Politico
The House
GOP campaign arm suffered a major hack during the 2018 midterm campaigns,
exposing thousands of sensitive emails to an outside intruder, according to
three senior party officials. The email accounts of four senior aides at the
National Republican Congressional Committee were surveilled for several months,
the party officials said. The intrusion was detected in April by an NRCC
vendor, who alerted the committee and its cybersecurity contractor. An internal
investigation was initiated, and the FBI was alerted to the attack, said the
officials, who requested anonymity to discuss the incident. However, senior
House Republicans — including Speaker Paul Ryan of Wisconsin, Majority Leader
Kevin McCarthy of California and Majority Whip Steve Scalise of Louisiana —
were not informed of the hack until Politico contacted the NRCC on Monday with
questions about the episode. Rank-and-file House Republicans were not told,
either.
ADMINISTRATION
Yahoo
News
December 6,
2018
More than
five years after a major failure was identified in a system used to communicate
with CIA agents on the ground around the world, the agency has yet to fully fix
the problem, according to sources directly familiar with the matter. Between
around 2009 and 2013, the CIA’s online method of communicating with its human
sources on the ground all over the world was tragically compromised — leading
to the exfiltration, imprisonment or death of dozens of people spying for the
agency, according to a November investigation by Yahoo News. The failure
started when Iranian officials used a double agent to trace back a series of
websites the CIA was using to communicate with its sources. Iran then located,
detained and in some instances executed CIA sources it identified using this
system. The problem then spread to China, where roughly 30 CIA sources were
eventually executed. Once Iran and China were able to locate users of these
covert CIA platforms in their own countries, sources told Yahoo News, they were
very likely able to discover a large number of CIA sources using similar
systems worldwide. But the fallout from that disaster, including internal
battles at the CIA and struggles to replace and fix a complex web of
interlocking technical systems, continues to rage on to this day, according to
five former intelligence community sources familiar with the matter.
FCW
December 6,
2018
The
National Risk Management Center at the Department of Homeland Security is
working to develop a list of national critical functions, functions so
important that a disruption could cause a national or economic security crisis,
by the end of the year. Bob Kolasky, the center's director, said he's been
given marching orders to keep the list to a manageable size. "I've been
told I better not come up with a list of more than 100 national critical
functions, that's too many," said Kolasky at a Dec. 6 event hosted by ICF.
"But [even] 100 requires some prioritization." DHS hasn't decided how
public it will make that list. Kolasky said further discussion is needed among
officials and industry stakeholders around risk mitigation, but the new center
does plan on making aspects of the list and priorities public in some form.
Nextgov
In
cybersecurity, you’re only as strong as your weakest link. For the Defense
Department, the area with the fewest cyber protections are the defense
contractors the department works with, particularly the small businesses that
don’t have the expertise or resources to build a robust security posture. The
Pentagon put together a task force to assess whether small businesses within
the defense industrial base are complying with the cybersecurity framework
published by the National Institute of Standards and Technology and provide
assistance to companies that need help. The department issued a new rule last
year requiring vendors to show that they are in compliance with NIST standards
or have a plan to get there quickly. Those plans were due Jan. 1. “Where are we
in actually implementing the NIST standard? Is it working? I would argue right
now it’s not. We basically say, ‘Hey, tell us if you’re compliant.’ And we
don’t actually check,” Kevin Fahey, assistant secretary of defense for
acquisition, said during a keynote at the annual Charleston Defense Contractors
Association Summit in South Carolina.
FCW
December 5,
2018
The
Department of Defense isn't quite finished with its Windows 10 migration, but
according to Rory Kinney, the principal director for information enterprise in
the office of the CIO, its 99.9 percent of the way there. "But we're not
done," Kinney said during a presentation at the Armed Forces
Communications and Electronics Association Northern Virginia chapter's Air
Force IT Day Dec. 4. "There are still some migrations going on." DOD
scrambled to get more than 3 million users onto Windows 10 in 2017. The
end-of-service deadline for Windows 7 is in April 2019, and the goal is to move
users on program IT to Windows 10 to keep up with patches, features, and
functions in Windows 10, but letting remaining organizations steer their
migrations. "We're not going to tell everyone how to migrate, we're not
going to tell them what to migrate too, but we are going to say that we have to
be on the most current version, whatever that may be," Kinney said.
CyberScoop
December 5,
2018
Companies
that view cybersecurity as a competitive advantage and fail to exchange threat
data make the broader private sector more vulnerable to hacking, a Department
of Homeland Security official has warned. “Cybersecurity, infrastructure
security, is not a competitive advantage,” Bradford Willke, a top official in
DHS’s Cybersecurity and Infrastructure Security Agency, said Tuesday. If a good
product or company fails because of a breach that could have been thwarted by
sharing threat information, “there’s something that we’ve all lost,” Willke
said at the Public Sector Innovation Summit. By citing reported communication
failures elsewhere, DHS officials hope to spur U.S. companies to work more
closely with each other to harden their networks against advanced threats. In
doing so, the department is trying to overcome historical reluctance in the
private sector — fueled by concerns over revealing sensitive corporate
information — to share threat data. Willke cited a December 2015 blackout in
Ukraine caused by suspected Russian government hackers as a cautionary tale in
information-hoarding.
FCW
December 4,
2018
The
Transportation Security Administration unveiled a cybersecurity roadmap that it
says will not only line it up with current administration cybersecurity
efforts, but also expand its collaboration with private commercial critical
infrastructure partners. TSA Administrator David Pekoske announced the roadmap
that will guide its cybersecurity policy for the next five years in remarks at
the American Association of Airport Executives aviation security summit in Arlington,
Va. on Dec. 4. The roadmap, he said, "is a first" for the agency and
closely lines up with the overall DHS cybersecurity strategy, with its five
supporting "pillars" of managing cybersecurity risk announced last
spring. TSA's roadmap tasks IT officials with conducting tighter risk
assessment and mitigations for internal systems and puts an increased emphasis
on external engagement. The agency wants stakeholders in the aviation, mass
transit, freight rail, motor carrier and pipeline sectors to go beyond sharing
threat indicators and look at lessons learned, potential consequences and
vulnerability-related details, as well as response and recovery plans after a
cyber incident.
AP
Defense
Secretary Jim Mattis on Saturday took aim at Russian President Vladimir Putin,
accusing him of trying to “muck around” in the U.S. midterm elections, of
duplicity in arms control and of acting irresponsibly in last weekend’s naval
confrontation with Ukraine. In remarks at the Reagan National Defense Forum in
Simi Valley, California, Mattis said the U.S.-Russian relationship has
deteriorated over the last two years. "We are dealing with someone that we
simply cannot trust," he said. "There is no doubt the relationship
has worsened." Mattis did not elaborate on his claim that Russia tried to
interfere in last month’s elections, adding only, “We are seeing a continued
effort along those lines.” He added more generally, “It’s his efforts to try to
subvert democratic processes that must be defended.”
INDUSTRY
Reuters
December 5,
2018
Hackers
behind a massive breach at hotel group Marriott International Inc left clues
suggesting they were working for a Chinese government intelligence gathering
operation, according to sources familiar with the matter. Marriott said last
week that a hack that began four years ago had exposed the records of up to 500
million customers in its Starwood hotels reservation system. Private
investigators looking into the breach have found hacking tools, techniques and
procedures previously used in attacks attributed to Chinese hackers, said three
sources who were not authorized to discuss the company’s private probe into the
attack. That suggests that Chinese hackers may have been behind a campaign
designed to collect information for use in Beijing’s espionage efforts and not
for financial gain, two of the sources said. While China has emerged as the
lead suspect in the case, the sources cautioned it was possible somebody else
was behind the hack because other parties had access to the same hacking tools,
some of which have previously been posted online.
CyberScoop
December 5,
2018
Adobe
issued a new patch for a zero-day security vulnerability that exploited a flaw
in the company’s Flash Player. The flaw, uncovered by researchers from the
security vendor Gigamon, was exploitable through Microsoft Word, according to a
report published Wednesday. Researchers discovered the vulnerability after a
Ukrainian IP address submitted the details to VirusTotal, a malware analysis
site, the Gigamon report said. The document was made to look like a job
application form for a Russian health clinic, but in fact was meant to deliver
reconnaissance malware. Researchers also said the hacking technique was similar
to tools used by HackingTeam, an Italian surveillance company that had much of
its spyware leaked in 2015.
Financial
Times
December 4,
2018
A hacker
group has compiled a list of 35,000 chief financial officers, including some at
the world’s biggest banks and mortgage companies, so as to target them with
bogus requests to transfer money. The “London Blue” hackers are the latest
group to focus on “business email compromise” campaigns, according to the cyber
threat detection company Agari, which found a list of 50,000 targets, most of
whom worked.in accounting departments. The FBI warned in July that this type of
scam — where a chief financial officer is rushed into transferring money to an
unknown account — is on the rise and had cost companies more than $12bn since
2013, with the number of victims reaching 78,617. Agari has handed its evidence
to US and UK law enforcement agencies. If members of the hacking group are
found to be based in the UK and US, it could be easier to prosecute them than
in other territories.
Politico
December 3,
2018
The massive
Marriott data breach exposed sensitive information on some 500 million people,
but the most valuable loot may be hundreds of thousands of passport numbers
revealed in the hack. Marriott said Friday morning that the breach, which
appears to be the second largest behind the Yahoo hack that exposed information
on three billion accounts in 2013, compromised a reservation database and that
about 327 million of the records may have contained passport information. U.S.
consumers have become all too familiar with hacks targeting retailers and other
hotel chains. Since 2005, according to Privacy Rights Clearinghouse, some 11
billion personal records have been exposed in breaches. But passport theft is
another matter altogether as it increases the chance of identity theft and
other sorts of fraud. “Passports numbers, just like driver's license ID
numbers, they are one of the more sensitive elements of personal
information," said Emory Roane, policy counsel with advocacy group Privacy
Rights Clearinghouse. "Both of those can be use as authenticate documents
for basically anything really.” What's more, because of the difficulty of
replacing passport information, that information is much more valuable on
digital black markets where hackers buy and sell data.
ZDNet
December 3,
2018
Kubernetes
has become the most popular cloud container orchestration system by far, so it
was only a matter of time until its first major security hole was discovered.
And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is
a doozy. It's a CVSS 9.8 critical security hole. With a specially crafted
network request, any user can establish a connection through the Kubernetes
application programming interface (API) server to a backend server. Once
established, an attacker can send arbitrary requests over the network
connection directly to that backend. Adding insult to injury, these requests
are authenticated with the Kubernetes API server's Transport Layer Security
(TLS) credentials.
Ars
Technica
December 3,
2018
Brace
yourself for yet another massive data breach. Quora.com, a site where people
ask and answer questions on a range of topics, said hackers breached its
computer network and accessed a variety of potentially sensitive personal data
for about 100 million users. Compromised information includes cryptographically
protected passwords, full names, email addresses, data imported from linked
networks, and a variety of non-public content and actions, including direct
messages, answer requests, and downvotes. The breached data also included
public content and actions, such as questions, answers, comments, and upvotes.
In a post published late Monday afternoon, Quora officials said they discovered
the unauthorized access on Friday. They have since hired a digital forensics
and security firm to investigate and have also reported the breach to law
enforcement officials. “It is our responsibility to make sure things like this
don’t happen, and we failed to meet that responsibility,” Quora CEO Adam
D’Angelo wrote in Monday’s post. “We recognize that in order to maintain user
trust, we need to work very hard to make sure this does not happen again.”
Financial
Times
December 2,
2018
Cyber
attacks are increasingly causing acrimonious fights between corporate victims
and their insurance companies, raising questions about the value of policies
offering protection against damage from hacking. Cyber insurance is a
fast-growing market, with sales of policies growing by about 25 per cent a year
according to a recent report from RBC Capital Markets. But as the business
expands there are growing numbers of disputes. Earlier this year, the National
Bank of Blacksburg in Virginia sued Everest National Insurance Company after
the bank suffered losses in 2016 and 2017 from cyber attacks. It had claimed
$2.4m under its cyber insurance policy but the insurer disputed the claim, and
offered $50,000. The court case is due to start next year. “The mismatch
between what people think they have bought and what they have actually bought
is often very significant,” said Rob Smart, technical director of Mactavish,
which advises companies on the risks they face. “The products are put forward
as an all-singing, all-dancing solution to cyber risk, but the reality is more
nuanced than that.”
INTERNATIONAL
The Wall
Street Journal
December 7,
2018
U.S. allies
from Australia to Japan to the European Union raised new security questions
about Huawei Technologies Co. on Friday, putting fresh pressure on the Chinese
telecommunications giant. The head of Australia’s top military cyber defense
agency, Mike Burgess, said Chinese companies were blocked from the rollout of
5G mobile-phone capabilities in August because the new technology would
underpin not only communications, but also critical infrastructure that could
be brought down in a cyberattack. That makes the technology more strategically
important than previous innovations, he said. “If the 5G network of the future
isn’t there, there’s a good chance electricity supply might be interrupted,
water supply might be interrupted, the financial sector or elements of it might
be impacted,” said Mr. Burgess, the head of the Australian Signals Directorate,
in a rare television interview. “That’s why it was important to get security
right at the start. It was a foundational issue.”
The New York Times
December 6,
2018
The Australian Parliament passed a contentious encryption bill on
Thursday to require technology companies to provide law enforcement and
security agencies with access to encrypted communications. Privacy advocates,
technology companies and other businesses had strongly opposed the bill, but
Prime Minister Scott Morrison’s government said it was needed to thwart
criminals and terrorists who use encrypted messaging programs to communicate.
“This ensures that our national security and law enforcement agencies have the
modern tools they need, with appropriate authority and oversight, to access the
encrypted conversations of those who seek to do us harm,” Attorney General
Christian Porter said. Opponents of the bill argued that it not only
compromised Australians’ privacy but was vaguely written in a way that could
lead to abuses. They also said it was being rushed through Parliament without
proper consultation with the public. Lizzie O’Shea, a human rights lawyer,
called it “a terrible truncation of the process.”
Reuters
December 6,
2018
One third
of Germany’s small- and medium-sized companies have been spied on by foreign
states, competitors or employees, a team of experts including Germany’s Federal
Crime Office(BKA) said on Thursday. German officials and executives are worried
about industrial espionage in Europe’s largest manufacturing nation. Cyber
experts warn that Germany - with technology expertise - is a particularly
attractive target for cyber attackers, including state actors. German
prosecutors are pressing criminal charges against a former employee of
chemicals maker Lanxess for allegedly stealing trade secrets to set up a
Chinese copycat chemical reactor. It was not only global players being hit by
espionage, according to experts at the BKA, research institutes,
Baden-Wuerttemberg’s state office of criminal investigation and a police
school. “The results of our surveys show that no company can feel safe,” said
Esther Bollhoefer of the Frauenhofer Institute for Systems and Innovation
Research. “It can affect all sectors and companies of all sizes.”
Dark
Reading
December 5,
2018
As
nation-state cyberattacks continue to evolve into more complex and disruptive
campaigns, the pressure is on for countries to set specific cybernorms and
support one another in the attribution of nation-state hacks, according to
Marina Kaljurand, chair of the Global Commission on the Stability of Cyberspace
(GCSC) and Member of the UN Secretary General's High Level Panel on Digital
Cooperation. The former Estonian Foreign Minister, who was serving as the
ambassador to Russia in 2007 when her country was hit with historic distributed
denial-of-service (DDoS) attacks by Russia, said in an interview with Dark
Reading that without "a clear understanding" of attack attribution,
bad actors continue to operate in the "gray zone." "Russia
attacked Estonia, and nothing really happened. The next year it was the war and
cyberattacks on Georgia, and nothing really happened. Then the attack on the
Ukraine power grid, and nothing happened," Kaljurand said of Russia's
increasingly aggressive cyberattack campaigns. It wasn't until the US, under
President Barack Obama, called out Russian actors in the hack of the Democratic
National Committee (DNC) that nations began to name the culprits behind
state-sponsored hacking, she said.
Reuters
December 5,
2018
Bank of
England officials have agreed to delay work on its first test of how banks
respond to cyber attacks so they can focus on Brexit preparations, according to
a record of meetings in late November. The BoE's Financial Policy Committee
(FPC), which monitors the health of Britain's financial system, said it had
planned to discuss the details of the test, such as how quickly banks should
recover from a hacking. "(The FPC) agreed to delay until the first half of
2019 the setting of impact tolerances, given the focus on preparations for
Brexit," Wednesday's record said. The test pilot was due to launch at some
point in 2019 but Wednesday's minutes mean it will almost certainly take place
after Brexit, due on March 29.
ZDNet
December 5,
2018
In what
appears to be a first on the cyber-espionage scene, a nation-state-backed
hacking group has used a Google Chrome extension to infect victims and steal
passwords and cookies from their browsers. This is the first time an APT
(Advanced Persistent Threat --an industry term for nation-state hacking groups)
has been seen (ab)using a Chrome extension, albeit it's not the first time one
has used a browser extension, as the Russian-linked Turla APT previously used a
Firefox add-on in 2015. According to a report that's going to be published
later today by the ASERT team at Netscout reveals the details of a
spear-phishing campaign that's been pushing a malicious Chrome extension since
at least May 2018.
Bloomberg
December 4,
2018
China
announced an array of punishments that could restrict companies’ access to
borrowing and state-funding support over intellectual-property theft, a key
sticking point in its trade conflict with the U.S. News of the measures came
just days after President Xi Jinping promised to resolve the U.S.’s “reasonable
concerns” about IP practices in a statement after meeting President Donald
Trump at the Group of 20 summit on Saturday in Argentina. The White House said
the sides agreed to hold off on tariff action for at least 90 days as they
negotiate to resolve specific U.S. complaints. China set out a total of 38
different punishments to be applied to IP violations, starting this month. The
document, dated Nov. 21, was released Tuesday by the National Development and
Reform Commission and signed by various government bodies, including the
central bank and supreme court.
AP
December 3,
2018
An Israeli
company known for its sophisticated phone surveillance technology on Monday
rejected accusations that its snooping software helped lead to the killing of
Saudi journalist Jamal Khashoggi. The NSO Group has faced similar claims in the
past that its products were used to stifle dissent in other countries. But the
alleged connection to the Khashoggi killing is the most high-profile case to
date, drawing new attention to the secretive company's business practices and
the Israeli government's oversight of private defense contractors. The latest
case against NSO was spelled out in a lawsuit filed in an Israeli court Sunday
by a Saudi dissident. In the suit, Omar Abdulaziz, a sharp online critic of the
Saudi royals who lives in exile in Canada, said he was friends with Khashoggi
and that their communications were monitored by the Saudis using NSO software.
Reuters
December 3,
2018
Russia's
intelligence services were behind cyber attacks targeting the Czech foreign
ministry last year, the Czech security service said on Monday in its annual
report. The BIS counter-intelligence service has long warned against Russian
activity in the Czech Republic, a member of NATO since 1999 and of the European
Union since 2004. Many other Western countries have issued similar warnings. In
its report, BIS said two separate attacks on the Czech foreign ministry were
partly the work of the APT28 hacking group, which is linked to the Russian
government and has been blamed for past attacks in Germany and the United
States. "All the findings make clear that it was the Turla cyberespionage campaign,
originating from the FSB, a Russian intelligence service, and APT28/Sofacy,
which is credited to the Russian military intelligence, the GRU," the
annual report said.
The Hill
December 3,
2018
Nearly 100
nations and groups have added their names to an international agreement on
actions in cyberspace in the weeks since the document was unveiled. The “Paris
Call for Trust and Security in Cyberspace," unveiled by French President
Emmanuel Macron during the Paris Peace Forum on Nov. 13, has now earned more
than 450 signatories. Ghana announced Sunday that it would be the latest
country to sign on to the agreement. Rwanda and Kenya are also expected to join
in the coming days, according to a Microsoft spokeswoman. Microsoft played a
leading role in the creation of the cyber agreement, and other prominent tech
companies based in the United States like Facebook and Google are among the
signatories. The U.S. has declined to add its name to the list, making it one
of a handful of Western countries to distance itself from the document.
Australia was initially not among the participating nations, but has since
signed the agreement.
The
Times of Israel
December 2,
2018
Israel and
Japan have signed an accord to cooperate in research and development,
information exchange, and training programs in the field of cybersecurity. The
memorandum of understanding was signed in Tokyo at a cybersecurity conference
by the head of Israel’s national cyber directorate Yigal Unna and Israel’s
ambassador to Japan, Yaffa Ben-Ari, with Minister of the Interior and
Communications of Japan (MIC) Masatoshi Ishida.
TECHNOLOGY
Nextgov
December 5,
2018
Quantum
computers with the ability to crack today’s encrypted systems are at least 10
years away from development, according to a report compiled by the National
Academies of Sciences, Engineering, and Medicine. However, the report—released
Tuesday—makes clear that quantum computers pose a dramatic threat to the
encryption that secures today’s networks and computer systems and calls for the
development of cryptography immune to quantum computers as fast as possible.
“Even if a quantum computer that can decrypt current cryptographic ciphers is
more than a decade off, the hazard of such a machine is high enough—and the
timeframe for transitioning to a new security protocol is sufficiently long and
uncertain—that prioritization of the development, standardization, and
deployment of a post-quantum cryptography is critical for minimizing the chance
of a potential security and privacy disaster,” the report states. The report
was requested by the Office of the Director of National Intelligence in an
effort to determine the current state of the art in the field, progress toward
general-purpose quantum computers and the ramifications of the technology.
Nick
Leiserson
Big Four alumni on FTSE boards hardly changed from 2017
Despite increased scrutiny, there is still an inextricable link
between the boards of the FTSE 100 and the UK’s Big Four audit firms with
almost two thirds of FTSE 100 CFOs and audit committee chairs being former
partners or staff, according to Accountancy’s annual FTSE 100 and Big Four
alumni survey
Outsourcer Interserve reports £600m debt
Fears are growing around the fate of Interserve, one of the
biggest suppliers of services to the government, which is in financial crisis
as it tries to renegotiate an estimated £600m of debt, with concerns it could
collapse in a similar fashion to outsourcer Carillion