Chinese cyberattacks

As experts say the number of cyber attacks being directed at Australia have reached a disturbing level, it can now be revealed that Chinese hackers came within minutes of shutting down two Queensland power stations . Had the attack been successful it could have been lights out for some 3 million homes.

Privacy and Streaming Services

A recent report from the USA found that most of America’s popular streaming services and TV streaming gadgets such as Netflix, Roku and Disney+ failed to meet minimum requirements for privacy and security practices. The lone exception was Apple.

See Common Sense Media report

Sharing User IDs

Can you give your User ID to someone else to use your account?  And what if that someone then uses your account for a purpose not allowed by the user agreement?  Are you responsible?  This is the subject of a possible lawsuit against CoreLogic in Australia.

See BCI Media Group Pty Ltd v Corelogic Australia Pty Ltd [2020] FCA 1556 https://www.judgments.fedcourt.gov.au/judgments/Judgments/fca/single/2020/2020fca1556

Is your mobile safe from the police?

How Police Can Crack Locked Phones—and Extract Information

A report finds 50,000 cases where law enforcement agencies turned to outside firms to bypass the encryption on a mobile device.

Read in WIRED: https://apple.news/Av8HKmpc-SIyx8vccKTIF2w

Australian Cyber Security Seminar

 Watch Seminar Here.

UK Financial Regulator Publishes Insights from the Cyber Coordination Groups

A UK financial regulator has published a report regarding cybersecurity risks.

"CCG members also noted the development of cloud security as an emerging risk area, and that data held in cloud environments should be encrypted and protected by appropriate intrusion detection/prevention controls. In some cases, it may be advisable to include “kill switch” technology, which allows for immediate disconnection to manage the risk of a cyber attack having a more widespread impact."

See
https://www.ropesgray.com/en/newsroom/alerts/2020/03/UK-Financial-Conduct-Authority-Publishes-Insights-from-the-Cyber-Coordination-Groups

Digital Watermarks on Printed Documents

"The question is how the government identified her so quickly, and the answer may be that she was inadvertently outed by the Intercept itself. That’s because the website posted an image of the leaked document containing an almost-invisible code applied by the printer that produced the document sent to the Intercept. The digital watermark identified the printer model and serial number, along with the time and date then document was printed out."

See LA Times

Apple v The Government

If you are following the Apple v US Government legal process over the FBI request to brute force break of the passcode on Syed Farook’s work phone, the link below has a good summary and also a link to the 65 page motion.

https://www.techdirt.com/articles/20160225/15240333713/we-read-apples-65-page-filing-calling-bullshit-justice-department-so-you-dont-have-to.shtml

Privacy

The Australian Privacy Commissioner has released a revised guide to "reasonable steps" to protect personal information.

Comments due 27 August.

"Effective ICT security requires protecting both computer hardware (the physical devices that make up a computer system) as well as the data (including personal information) that the computer hardware holds from misuse, interference, loss, unauthorised access, modification and disclosure. However, ICT security measures should also ensure that the hardware and the information stored on it remain accessible and useful to legitimate users."

http://www.oaic.gov.au/privacy/privacy-engaging-with-you/current-privacy-consultations/revised-guide-to-information-security-reasonable-steps-to-protect-personal-information/

However, absolute security is not only impossible but undesirable.  See for example, here and here