~ New Zealander's affection for sheep And lowering IQ levels is well known among South Pacific Whinging Poms ...
God wanted Trump to be president, says Sarah Sanders
God wanted Donald Trump to become US president, the White House press secretary has said in an interview.
IT WAS 50 YEARS AGO: The Beatles’ Rooftop Concert.
And hot off revisiting WWI, Peter Jackson is preparing a documentary using existing footage of another cataclysmic British battle: Peter Jackson to make new Beatles documentary using unseen footage from ‘Let It Be’ sessions.
Next year will be the 50th anniversary of Let It Be. Whether it’s the original movie, or Jackson’s reboot, I hope that’s enough to finally get the last footage of the Beatles as a group released on Blu-Ray — my nearly 40 year old VHS copy can’t last forever!
And hot off revisiting WWI, Peter Jackson is preparing a documentary using existing footage of another cataclysmic British battle: Peter Jackson to make new Beatles documentary using unseen footage from ‘Let It Be’ sessions.
Next year will be the 50th anniversary of Let It Be. Whether it’s the original movie, or Jackson’s reboot, I hope that’s enough to finally get the last footage of the Beatles as a group released on Blu-Ray — my nearly 40 year old VHS copy can’t last forever!
BBC: To prepare for a future where AI will likely disrupt entire industries, some say we’ll have to rethink how we educate future generations – “Estimates about how much of the workforce could be automated vary from about 9% to 47%. The consultancy McKinsey estimates up to 800 million workers globally could be displaced by robotic automation by 2030. Some jobs will change dramatically, while others will disappear altogether.
Bloomberg [paywall – alternate free article via Gadget Hours]: “Pelco, a California-based security camera maker, set lofty sales targets last year for a model with sharper video resolution and other cutting-edge features. That was until Congress derailed its plans. In August, updated legislation barred the U.S. military and government from buying tech gear from firms deemed too close to authorities in China. When the bill surfaced, Pelco scrapped any thought of providing its new GPC Professional 4K camera to the U.S. government and lowered its sales goals. The reason: The device uses parts from HiSilicon, the chip division of Huawei Technologies Co. Huawei, China’s largest technology company, is the target of a broad U.S. crackdown over allegations it has stolen trade secrets, violated sanctions against Iran and sells equipment that could be used by the country’s Communist Party for spying.
Councillors to consider investigation into CEO on Monday
An extraordinary general meeting has been called for Monday to give councillors the opportunity to consider reports into chief executive Mark Stapleton
Huge egos and selfish agendas will ruin political system
With much fanfare, Julia Banks has finally announced she will abandon her electorate of Chisholm to stand as an independent in the nearby electorate of Flinders. Low
SHOCKING NEWS FROM THE WORLD OF SCIENCE: The Best Hydration Plan Is to Drink When You’re Thirsty
DC DATING: My Boyfriend of a Year Had a Separate Life and Two Other Girlfriends. “Besides his name, I don’t know if anything he told me was true.”
International tax briefing with Wayne Barford, former Australian tax officer and Senior Advisor of the International Tax and Investment Center (ITIC)! Thank you for your usual trust and support! As always, your strategic insights are very much helpful as the Philippines continue to pursue a genuine tax reform! #TaxReformNow#AskTheTaxWhiz @consult.acg - Peter Stephen and Watts Inc
Aussies are being hit with seemingly legitimate texts from the “ATO”, but the tax office says they point to a disturbing new type of scam. ATO text scam, spoofing: How to spot a fake ATO text
CyberScoop
January 25,
2019
Prominent
House members are again seeking to create a high-level position within the
State Department dedicated to advancing U.S. cybersecurity interests worldwide.
The Cyber Diplomacy Act would require the department to open an Office of
International Cyberspace Policy, whose top official would report directly to
the secretary of State or deputy secretary of State. The office’s primary goals
would be to advocate democratic ideals for cyberspace and push back against
Russian and Chinese effects to “extort more control and censorship over the
internet,” say the bill’s sponsors, House Foreign Affairs Chairman Eliot Engel,
D-N.Y., and Michael McCaul, R-Texas, the panel’s ranking member. The
legislation closely resembles a bill passed by the House and approved by the
Senate Foreign Relations Committee in 2018. That version only specified that
the head of the new office should be designated an assistant secretary of
State. It also called for the office to have a broader purview that included
the “digital economy.”
Nextgov
January 24,
2019
Former
Homeland Security Department officials on Thursday warned the current
government shutdown will have a “long-term, extremely detrimental effect” on
country’s cyber and national security posture. While federal employees are
undoubtedly feeling the greatest immediate impacts of the shutdown, the
government’s efforts to combat cyber threats, respond to emergencies and fight
terrorism will continue to suffer long after agencies reopen their doors,
officials said during a panel hosted by House Homeland Security Committee Chair
Bennie Thompson, D-Miss. “From a security standpoint, we are letting our guard
down,” former Homeland Security Secretary Jeh Johnson said Thursday. “If the
shutdown ended tomorrow, I fear the damage already done to our security will
[last] months if not years.”
CyberScoop
January 23,
2019
A key House
Democrat wants the Department of Homeland Security to brief lawmakers “as soon
as possible” on a new domain name system hacking threat to federal computer
networks, and the emergency order the department issued in response. DHS should
brief members of the House Homeland Security Committee on the cyberthreat
because “we need to understand the scope of this action and how many agencies
were actually affected,” Rep. Jim Langevin, D-R.I., said in an interview
Wednesday. Langevin was reacting to a rare emergency directive that DHS issued
Tuesday ordering civilian agencies to tighten security controls in the face of
a suspected Iranian hacking campaign. DHS issued the order out of concern that
civilian agencies could be vulnerable to cyberattacks on platforms for managing
domain name system (DNS) records, which help ensure that a computer user
reaches an intended website. By manipulating DNS records, hackers could direct
unwitting users to malicious websites. At least six civilian agencies have been
affected by the recent malicious DNS activity, people familiar with the matter
told CyberScoop.
FCW
January 22,
2019
The House
panel devoted to information technology oversight is being rolled up into a
larger subcommittee, Rep. Gerry Connolly (D-Va.) confirmed to FCW. IT oversight
will now be handled by the Government Operations subcommittee of the House
Oversight and Reform Committee. "Marrying the two subcommittees was done
in recognition of the fact that so much of the federal government’s operations
are reliant upon information technology," Connolly told FCW in an emailed
statement. "Federal IT is helping us deliver some of the most important
functions and services our government provides to the public. Whether it is the
FITARA Scorecard or FedRAMP reform, our subcommittee will continue to drive
modernization in the federal government." Connolly first announced the
news in an interview with the public affairs program Government Matters. In
that interview, Connolly said the subcommittee is "going to do a lot of
work on modernizing how the federal government deals with information
technology and the procurement portfolio."
Nextgov
January 22,
2019
The
Washington, D.C. area will be getting another new round of Metro rail cars in a
couple years. But the predominance of foreign manufacturers is giving four
senators pause when it comes to the cybersecurity of critical transportation
infrastructure in the nation’s capital. The Washington Metropolitan Area
Transit Authority issued a request for proposals in September for the design
and construction of 256 new railcars, which will be known as the 8000 series.
In keeping with technology trends in every sector, the new cars will include
several technology upgrades for passengers, as well as for the overall
operation of the trains. Virginia Democrats Mark Warner and Tim Kaine and
Maryland Democrats Ben Cardin and Chris Van Hollen wrote to WMATA General
Manager and CEO Paul Wiedefeld last week noting the authority did not include
requirements in the RFP that would favor domestic companies.
ADMINISTRATION
The New
York Times
January 25,
2019
The special
counsel, Robert S. Mueller III, revealed on Friday the most direct link yet
between the Trump campaign’s and WikiLeaks’ parallel efforts to use Democratic
Party material stolen by Russians to damage the election campaign of Hillary
Clinton. In an indictment unsealed Friday, the special counsel disclosed
evidence that a top campaign official in 2016 dispatched Roger J. Stone, a
longtime adviser to President Trump, to get information from WikiLeaks about
the thousands of hacked Democratic emails. The effort began well after it was
widely reported that Russian intelligence operatives were behind the theft,
which was part of Moscow’s broad campaign to sabotage the 2016 president
election. The indictment makes no mention of whether Mr. Trump played a role in
the coordination, though Mr. Mueller did leave a curious clue about how high in
the campaign the effort reached: A senior campaign official “was directed” by
an unnamed person to contact Mr. Stone about additional WikiLeaks releases that
might damage the Clinton campaign, according to the court document.
Nextgov
January 25,
2019
The
Homeland Security Department’s lead cybersecurity official outlined the
rationale behind issuing an emergency directive with a list of actions and a
tight deadline for agencies to comply, all while the government feels the
pressure of a more than month-long partial shutdown. The newly named—and
elevated—Cybersecurity and Infrastructure Security Agency issued its first
emergency directive to federal agencies this week, giving agencies 10 days to
review their Domain Name System records for signs of potential hijacking, reset
passwords and to implement stronger security settings. “We took this action
after carefully considering the current and potential risk posed to federal
agencies,” CISA Director Chris Krebs said in a blog post Thursday. “Because
it’s our responsibility to take actions to protect federal systems, we felt an
urgent response was required to address the risk.” As part of a campaign linked
to Iranian hacking groups, bad actors have been seen using compromised
administrative credentials to access networks of governments across the globe
and reroute traffic through the attackers’ systems, giving them full access.
WKYC
Eight
members of the Ohio National Guard have been called in to assist following an
attempted cyber attack on the city of Akron's computer servers. The attempt,
which the city says "appears to be financially motivated," was
identified this past Tuesday before being "intercepted, and
prevented." At this time, there is no evidence that any personal material
was harvested or that there is any current risk to public safety. The incident
is currently under investigation. Officials say certain city operations could
be affected and temporarily taken offline by these efforts, and that citizens
will be notified should that occur.
Ars
Technica
January 24,
2019
The US
Federal government is in the midst of the longest gap in funding for many of
its agencies in history. As the "shutdown" extends into a second
month, the economic impact is mounting for federal workers—including civil
servants and government contractors working in IT and information security
roles for the government—as well as the communities they work and live in.
Furloughs have had a real impact on the government's security posture as well.
Work at the National Institutes of Standards and Technology on a number of
initiatives, including work on encryption, has been suspended. Some
"non-essential" agencies have had to furlough security teams, leaving
them with no way to respond to incidents during the shutdown. Routine
maintenance on IT systems, such as patches and updates to websites and server
operating systems, are being deferred. And those still at work at agencies
operating without a budget are doing so without pay and under financial
duress—not exactly an ideal situation for maintaining a top security posture.
But the real damage to the government may be waiting in the wings. Several
furloughed federal workers in information security who spoke to Ars this week
said that they are now actively seeking jobs in the private sector out of
necessity. A number of private companies recruiting talent in the field have
seen a spike in job applications from people in government service. And for
contractors who have no guarantee of regaining lost wages, the math is even
more vicious.
Politico
January 24,
2019
A former
top Republican fundraiser embroiled in charges of influence-peddling has
accused an executive at the prominent lobbying firm Mercury Public Affairs of
participating in a criminal conspiracy to disseminate his hacked emails to
prominent media outlets in a lawsuit filed in Washington on Thursday. The
complaint paints the fullest picture to date of an alleged globe-spanning
conspiracy by the government of Qatar to hack the former GOP official’s email
and provide damaging information about him to publications including The New
York Times, The Washington Post and the Associated Press. The suit, reported
first by POLITICO, could have implications for the future of political warfare
at a time when it is increasingly waged through “hack-and-leak” campaigns like
the one that targeted Hillary Clinton’s 2016 presidential campaign.
AP
January 23,
2019
Georgia's
new elections chief asked lawmakers Wednesday for $150 million to replace the
state's outdated electronic voting machines. In doing so, he all but closed the
door on a hand-marked paper balloting system that experts say is cheapest and
most secure. Secretary of State Brad Raffensperger told Georgia legislators
meeting for budget hearings that a new voting system is his top priority.
Cybersecurity experts and voting integrity activists say the touch-screen
machines Georgia has used since 2002 are vulnerable to hacking and can't be
audited effectively because they produce no verifiable paper record. The
current machines and Georgia's registration practices became the subject of
national criticism during last year's governor's race between Democrat Stacey
Abrams and Republican Brian Kemp. Kemp served as secretary of state and refused
calls to resign from overseeing his own election. He stepped down two days postelection
after declaring himself the winner.
FCW
The 2019
National Intelligence Strategy, meant to guide the nation's intelligence
agencies over the next four years, puts cybersecurity and technology issues front
and center. The document highlights cyberspace and emerging
"disruptive" technologies like AI and quantum computing as areas that
intelligence agencies must invest in heavily over the coming years. The
strategy calls for expanded reliance on both quantitative and qualitative
analysis capabilities to forecast threats, the production of more tailored,
actionable cyber threat intelligence to the rest of the government and the
exploration of novel operational applications of emerging technology to advance
tradecraft. Despite a growing awareness of cyber threats, "nearly all
information, communication networks and systems will be at risk for years to
come" and in the current environment, adversary nation states "are
already challenging public confidence in our global institutions, governance
and norms."
The New
Yorker
January 22,
2019
In the past
decade, Election Systems & Software (E.S. & S.), the largest
manufacturer of voting machines in the country, has routinely wined and dined a
select group of state-election brass, which the company called an “advisory
board,” offering them airfare on trips to places like Las Vegas and New York,
upscale-hotel accommodations, and tickets to live events. Among the recipients
of this largesse, according to an investigation by McClatchy published last
year, was David Dove, the chief of staff to Georgia’s then secretary of state,
Brian Kemp. Kemp, the new governor of Georgia, made news in the midterm
elections for his efforts to keep people of color from voting and for
overseeing his own election. In March of 2017, when Dove attended an E.S. &
S. junket in Las Vegas, Kemp’s office was in the market to replace the state’s
entire inventory of voting machines. “It’s highly inappropriate for any
election official to be accepting anything of value from a primary contractor,”
Virginia Canter, the chief ethics officer at Citizens for Responsibility and
Ethics in Washington, told McClatchy. “It shocks the conscience.” (Kathy
Rogers, E.S. & S.’s senior vice-president for governmental affairs, told
McClatchy that there was nothing untoward about the advisory board, which she
said has been “immensely valuable in providing customer feedback.”)
The
Augusta Chronicle
January 20,
2019
Just six
months after it opened its first building , the Georgia Cyber Center is helping
drive renewed interest in other areas of downtown Augusta, officials said. Some
of that business might come from tenants of the center itself. Augusta
University President Brooks Keel and others are planning for what the next
phase of the center will be as they gauge their future needs. But some of those
needs are more immediate and might not end up being met on the center’s campus
– food, for instance. “A definite need is just catering,” Keel said. “We’re
having more and more events here from outside, and that is what we had hoped to
be able to see. Businesses flock to this campus to take advantage of the
virtual world we have here and the auditorium. But our kitchen space here is
very small.” Keel is hoping area businesses will want to provide those dining
and retail services around the edges of the campus on Reynolds Street “so that
the private community can take advantage of the economic development associated
with that and we don’t have to use our very valuable land for those support
services,” he said. In the same vein, the university is hoping to find office
space outside the Riverfront Campus, Keel said. There might be a need for
housing at some point, and the university was encouraged by plans for the $94
million Riverfront at the Depot project, which would include housing as well as
retail at the other end of Reynolds Street.
INDUSTRY
Ars
Technica
January 24,
2019
Researchers
have uncovered a recent malicious advertisement campaign that’s notable for its
size, scope, and resourcefulness: a two-day blitz triggered as many as 5
million times per day that used highly camouflaged JavaScript stashed in images
to install a trojan on visitors' Macs. The ads were served by a group security
firm Confiant has dubbed VeryMal, a name that comes from
veryield-malyst[DOT]com, one of the ad-serving domains the group uses. A run
that was active from January 11 to January 13 on about 25 of the top 100
publisher sites triggered the image as many as 5 million times a day. In an
attempt to bypass increasingly effective measures available to detect malicious
ads, the images used steganography—the ancient practice of hiding code, messages,
or other data inside images or text—to deliver its malicious payload to
Mac-using visitors.
CyberScoop
January 23,
2019
If you are
a chief information security officer, the best place to meet your peers may not
be at the big events in Las Vegas, San Francisco, or the traveling roadshow
coming through your town. It may be at the restaurant around the corner.
Corporate security executives are beginning to favor exclusive, invite-only
meetings where they trade ideas with other security bosses on how to protect
business secrets, mainly as a way to fight the fatigue that comes from an
onslaught of sales pitches. Chief information security officers at Fortune 500
firms receive hundreds of sales calls, emails and LinkedIn messages every month
from vendors hawking the latest technology promising to protect them from the
next major breach. But many CISOs working 60-plus hours a week don’t have time
to sit down to listen to a pitch and, when they do, the technology often fails
to impress. So they’re seeking out other CISOs for advice on which vendors can
be trusted. These informal settings typically take place over lunch, drinks, by
phone or in situations where they can speak freely. While it’s not new for
CISOs to compare notes with their counterparts in other companies, the number
of invite-only sessions is growing as the pressure on executives grows to get
things right, said Dave Tyson, former CISO at SC Johnson.
The Wall
Street Journal
January 23,
2019
Shane
Huntley and his team have tracked Iranian hackers as they spread disinformation
in the U.S., unmasked North Korea’s responsibility for a crippling global
computer virus and probed Russians linked to the 2016 hack of the Democratic
National Committee. Mr. Huntley doesn’t work for the National Security Agency
or another government spy shop. He heads Google’s in-house counterespionage
group, the Threat Analysis Group, which has emerged as an important force in
the battle against hackers and a leading example of tech giants building up
powerful cybersecurity defenses in an age of rising nation-state hacks. Staffed
partly by former government agents, these groups at companies including Google,
Facebook Inc. and Microsoft Corp. play a central role keeping criminals and
spies away from the ocean of personal information online as people rely more on
their products. The tech giants’ access to that data and their huge user
networks mean they are in some ways more effective in fighting intrusions than
governments, executives say.
Ars Technica
January 23,
2019
Officials
with the widely used PHP Extension and Application Repository have temporarily
shut down most of their website and are urging users to inspect their systems
after discovering hackers replaced the main package manager with a malicious
one. “If you have downloaded this go-pear.phar [package manager] in the past
six months, you should get a new copy of the same release version from GitHub
(pear/pearweb_phars) and compare file hashes,” officials wrote on the site’s
blog. "If different, you may have the infected file.” The officials didn’t
say when the hack of their Web server occurred or precisely what the malicious
version of go-pear.phar did to infected systems. Initial indications, however,
look serious. For starters, the advice applies to anyone who has downloaded the
package manager in the past six months. That suggests the hack may have
occurred in the timeframe of last July, and no one noticed either it or the
tainted download until this week. What’s more, results from VirusTotal, the
Google-owned malware scanning service, suggest that the malicious PEAR download
installed a backdoor, possibly in the form of a Web shell, on infected servers.
If true, the backdoor almost certainly gives the hackers complete
control—including the ability to install applications, execute malicious code,
and download sensitive data—over any machine that installed the malicious
download.
Financial
Times
January 23,
2019
More than
half of people would buy personal cyber insurance to protect themselves from
the impact of fraud, data loss or identity theft, according to new research
from Swiss Re, the reinsurance company. The market for personal cyber
cover is still in its infancy, with only a few insurers offering the
product and less than $500m per year of premiums. But Swiss Re — which does not
directly sell personal cyber insurance — said it expected that to balloon to
more than $3bn by 2025 as people start worrying more about cyber attacks. “It
is heavily linked to people’s awareness of the topic,” said Fabian Willi, Swiss
Re senior cyber solutions manager. “People are going to be faced with more and
more cyber risks,” he added, pointing to the proliferation of internet linked
devices in the home. Personal cyber policies now on the market typically cost
between $50 and $150 per person per year. That provides cover for problems such
as financial fraud and cyber extortion.
Ars
Technica
January 22,
2019
At the
Shmoocon security conference here on January 19, two researchers from the
mobile security provider Lookout revealed the first details of a mobile
surveillance effort run by a yet-to-be-named state intelligence agency that
they had discovered by exploring the command-and-control infrastructure behind
a novel piece of mobile malware. In the process of exploring the malware’s
infrastructure, Lookout researchers found iOS, Android, and Windows versions of
the malware, as well as data uploaded from a targeted phone’s WhatsApp data.
That phone turned out to be one that belonged to one of the state-backed
surveillance efforts—and the WhatsApp messages and other data found on the
server provided a nearly full contact list for the actors and details of their
interactions with commercial hacking companies and eventual decision to build
their own malware.
INTERNATIONAL
AP
January 25,
2019
The
Associated Press has found that researchers who reported the role of Israeli
spyware in the targeting of Washington Post journalist Jamal Khashoggi's inner
circle are in turn being targeted by international undercover operatives. Twice
in the past two months men masquerading as socially conscious investors have
lured members of the Citizen Lab internet watchdog group to meetings at luxury
hotels to quiz them for hours about their work exposing Israeli surveillance.
Citizen Lab Director Ron Deibert on Friday described the stunts as "a new
low." Who these operatives are working for remains a riddle, but their
tactics recall those of private investigators who assume elaborate false
identities to gather intelligence or compromising material on critics of
powerful figures in government or business.
The New
York Times
January 25,
2019
A group of
transparency advocates on Friday posted a mammoth collection of hacked and
leaked documents from inside Russia, a release widely viewed as a sort of
symbolic counterstrike against Russia’s dissemination of hacked emails to
influence the American presidential election in 2016. Most of the material,
which sheds light on Russia’s war in Ukraine as well as ties between the
Kremlin and the Russian Orthodox Church, the business dealings of oligarchs and
much more, had been released in Russia, Ukraine and elsewhere, sometimes on
obscure websites. There were no immediate reports of new bombshells from the
collection. But the sheer volume of the material — 175 gigabytes — and the
technical challenges of searching it meant that its full impact may not be felt
for some time. The volume is many times greater than the total known material
stolen by Russian military intelligence from the Democratic National Committee
and Hillary Clinton’s presidential campaign nearly three years ago.
Reuters
January 25,
2019
Hackers
likely controlled by Russia are stepping up efforts to disrupt Ukraine's
presidential election in March with cyber attacks on electoral servers and
personal computers of election staff, the head of Ukraine's cyber police said
on Friday. Serhiy Demedyuk told Reuters the attackers were using virus-infected
greeting cards, shopping invitations, offers for software updates and other
malicious "phishing" material intended to steal passwords and
personal information. Ten weeks before the elections, hackers were also buying
personal details of election officials, Demedyuk said, paying in cryptocurrency
on the dark web, part of the internet accessible only through certain software
and typically used anonymously. "There are constant attacks - they go from
simple (software) to applications that one or another employee uses," he
said, adding they were reminiscent of cyber attacks on the country's energy,
transport and banking systems seen since 2014.
CyberScoop
January 24,
2019
Multiple groups of suspected Russian hackers have a relationship with
one another that includes sharing malicious software code and hacking
techniques, according to new research. The Moscow-based security vendor
Kaspersky Lab on Thursday released findings tying the espionage group
GreyEnergy with Zebrocy. Zebrocy is the name researchers have given to a group
affiliated with suspected Russian military hackers known as Sofacy (or Fancy
Bear, or APT 28), the alleged perpetrator in the hacking the Democratic
National Committee in 2016. Both groups used the same command-and-control
servers — the infrastructure that allows hackers to maintain communications
with compromised machines — to simultaneously to target the same organization,
according to Kaspersky. They also sent similar phishing emails disguised as
messages from the Ministry of the Republic of Kazakhstan within one week.
The Intercept
January 24,
2019
In October,
Bloomberg Businessweek published an alarming story: Operatives working for
China’s People’s Liberation Army had secretly implanted microchips into
motherboards made in China and sold by U.S.-based Supermicro. Bloomberg’s
report, based on 17 anonymous sources, including “six current and former senior
national security officials,” began to crumble soon after publication as key
parties issued swift and unequivocal denials. But while Bloomberg’s story may
well be completely (or partly) wrong, the danger of China compromising hardware
supply chains is very real, judging from classified intelligence documents.
U.S. spy agencies were warned about the threat in stark terms nearly a decade
ago and even assessed that China was adept at corrupting the software bundled
closest to a computer’s hardware at the factory, threatening some of the U.S.
government’s most sensitive machines, according to documents provided by
National Security Agency whistleblower Edward Snowden.
The Wall Street Journal
January 23,
2019
The
chairman of embattled telecom giant Huawei Technologies Co. is pushing back
against claims his company conducts espionage for the Chinese government,
contending that Huawei is being unfairly targeted without any proof. “If they
believe there’s a backdoor, they should offer evidence to prove it,” Liang Hua
told reporters on the sidelines of the World Economic Forum in Davos this week.
But the U.S. says that Huawei’s very structure, with its close ties to the
Chinese government and role as a supplier of key hardware in
telecommunications, makes the company a potential tool for espionage and thus a
security threat, according to current and former U.S. security officials. As a
Chinese company, Huawei has no choice but to comply with demands of the Chinese
government and its ruling Communist Party, these people say. What’s more,
Huawei’s potential to conduct surveillance has increased exponentially over the
past year as wireless providers near upgrades to 5G technology, which will make
it easier to connect cars, factory parts and other machinery and devices to the
internet. “It’s about where Huawei equipment is and how strong their market
position is, and how both of those things can be leveraged by the Chinese
government,” a Department of Homeland Security cybersecurity official said.
BuzzFeed
January 23,
2019
A British
think tank known for identifying Russian influence operations has been hacked,
seen its files leaked to the public, and been lambasted in Russian
government–owned media, echoing tactics the Russian government has used in
recent years to discredit opponents. The think tank, called the Integrity
Initiative, whose parent organization, the Institute for Statecraft, has
received most of its funding the past two years from the British government,
was hacked in late 2018. Starting in November and continuing through January,
someone posted four batches of its stolen files online. The UK’s National Cyber
Security Centre, as well as a private security firm, are examining the
Integrity Initiative’s servers and its employees’ devices for evidence of how
the organization was hacked, and neither has released to the public the details
of what has been found.
Reuters
January 23,
2019
A
Portuguese man arrested in Hungary on suspicion of extortion and secrecy
violations hacked football bodies' documents - which later appeared on the
Football Leaks website - because he was "outraged" by criminality in
the sport, his lawyers said. The man, named by his lawyers as 30-year-old Rui
Pinto, was detained in Hungary on Wednesday on a European arrest warrant filed
by Portuguese police who want to extradite him. His lawyers said they would
oppose this. Speaking to Reuters, the lawyers said Pinto, whom they described
as a "whistleblower", would remain under house arrest in Hungary
until a decision on his extradition had been made. Portuguese police said a
national had been detained on Wednesday on a European arrest warrant. The
individual was suspected of qualified extortion, violation of secrecy and
illegally accessing information, the police said.
The New York Times
January 22,
2019
A new law
in Australia gives law enforcement authorities the power to compel
tech-industry giants like Apple to create tools that would circumvent the
encryption built into their products. The law, the Telecommunications and Other
Legislation Amendment (Assistance and Access) Act 2018, applies only to tech
products used or sold in Australia. But its impact could be global: If Apple
were to build a so-called back door for iPhones sold in Australia, the
authorities in other countries, including the United States, could force the
company to use that same tool to assist their investigations. The Australian
law went into effect last month. It is one of the most assertive efforts by
lawmakers to rein in tech companies, which have argued for decades that
unbreakable encryption is an imperative part of protecting the private
communications of their customers.
The Register
January 22,
2019
France’s
defence secretary Florence Parly today declared: “Cyber war has begun.” And she
said the Euro nation's military will use its “cyber arms as all other
traditional weapons… to respond and attack,” as well as setting up a military
bug bounty program. Parly made her pledges during a speech to the Forum
International de Cybersecurite (FIC) in the northern French town of Lille. Her
speech was on a topic that most Western countries shy away from addressing
directly in public. “The cyber weapon is not only for our enemies,” said
France’s defence secretary this afternoon, speaking through a translator. “No.
It’s also, in France, a tool to defend ourselves. To respond and attack.”
TECHNOLOGY
The Wall Street Journal
January 21,
2019
In the
future, industrial robots may create jobs, boost productivity and spur higher wages.
But one thing seems more certain for now: They’re vulnerable to hackers.
Factories, hospitals and other big robot users often lack sufficient levels of
defense against a digital attack, according to cybersecurity experts, robot
manufacturers and engineering researchers. The risk levels are rising as more
robots morph from being offline and isolated to being internet-connected
machines, often working alongside humans. “There’s no concept of antivirus for
your robot. It just doesn’t really exist yet,” says Yossi Naar, a co-founder of
Cybereason Inc., a Boston-based company that provides cybersecurity services
for connected devices. “So protection tends to be very lax to nonexistent.”
Robot makers and buyers have become increasingly aware of their cyber risk.
Groups like the Geneva-based International Organization for Standardization, a
federation of national standards bodies, are studying the cyber risk for
robots.
