Archive: September 2018

1
2018 Trends in Cyber-crimes so far…
2
Cyber-attack on Bristol Airport – Ransomware leaving travellers in the dark about their flights!
3
Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?
4
Privacy Standardization in the United States: We Need Consensus
5
Open Government? – political misstep leads to privacy breach

2018 Trends in Cyber-crimes so far…

By Cameron Abbott and Colette Légeret

The first half of 2018 has been busy for cyber-criminals and cyber-security alike. According to Trend Micro, cryptocurrency mining detections have jumped 96% in this six month period compared to the total number detected in 2017.

In that same time, over 20 billion threats were blocked by Trend Micro’s Infrastructure, a few billion threats less than in the first half of 2017. Of these threats, less were “spray and pay” ransomware attacks and breaches, as cyber-criminals are flying under the radar with crypto-jacking, along with fileless, macro and small file malware techniques.

Read More

Cyber-attack on Bristol Airport – Ransomware leaving travellers in the dark about their flights!

By Cameron Abbott and Colette Légeret

In response to a cyber-attack on the administrative systems of Bristol airport, believed to be ransomware, the airport took a number of applications down as a precautionary measure, including the application that provides flight data for flight information screens.

Read More

Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?

By Cameron AbbottRob Pulham and Colette Légeret

Cyber attackers are able to search for that one weak link in corporations defences whereas corporates have to create a completely strong chain of defence against every possible scenario.  This asymmetrical fight would you think mean organisations would have to outspend attackers by many multiples.

However, according to software company, Carbon Black, the situation is worse than that because it appears that cyber criminals are outspending corporation!  Cyber-crime is big business, and as such, cyber-criminals are spending an estimated $1 trillion each year on finding weaknesses in the cyber defences of organisations and developing new ways of attacking them, in comparison to the $96 billion spent by organisations in an attempt to secure themselves from these cyber-attacks.

Read More

Privacy Standardization in the United States: We Need Consensus

By Susan P. Altman

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced this month that it has launched a collaborative project to develop a voluntary privacy framework to help organizations manage risk relating to protecting privacy in complex networking environments. The goal of the project is to develop a privacy framework that can deliver practical tools for developers of innovative technologies (such as IoT and AI) that will ultimately yield stronger privacy protections for individuals. NIST, which promotes innovation and industrial competitiveness, has had great success with broad adoption of its Cybersecurity Framework Version 1.1 released earlier this year, according to Under Secretary of Commerce for Standards and Technology and NIST Director Walter G. Copan. It is now sponsoring outreach efforts throughout the U.S. to gather the best ideas for a useful and effective privacy framework.
NIST correctly notes that cybersecurity is central to managing privacy risk, but not sufficient in itself. Privacy professionals both inside and outside the U.S. are responding to (and perhaps leading) consumer privacy expectations with positions that NIST politely understates as reflecting “multiplying visions.” A framework of balanced standards for building privacy protections into technology design will benefit society broadly.
NIST, which focuses on standards for technology developers, is only one of several U.S. agencies addressing privacy concerns. For example, the U.S. Department of Commerce’s National Telecommunications and Information Administration is currently engaged in gathering input in order to formulate core, high-level principles on data privacy with a stated goal of avoiding contributing to a fractured and stifling regulatory landscape. And of course, the Federal Trade Commission, the big dog in consumer protection enforcement, continues its efforts to protect consumer privacy while critically analyzing the economic impact of such protection on competition and innovation.

Open Government? – political misstep leads to privacy breach

By Cameron Abbott and Keely O’Dowd

Navigating the political terrain and party politics can be a treacherous journey for any politician.

Recently, we have been captivated by a political misstep that involved the tabling of approximately 80,000 confidential and unredacted Cabinet documents of a former Government in the Victoria Parliament. In usual circumstances, these documents would have remained confidential for 30 years, unless the former Government consented to the release of the documents.  However, in an attempt to seek an advantage in the political arena, the Victorian Government of the day decided to release these documents in Parliament and online.

Read More

Copyright © 2018, K&L Gates LLP. All Rights Reserved.