It is a technology so innocuous that it hardly gets a second thought: electronic hotel key cards have been replacing the humble lock and key for over two decades. A recent study by Finnish security researchers has revealed a vulnerability in the technology. The discovery came as a result of the researchers’ obsession over many years to solve a mystery of how a laptop was stolen from a hotel room without leaving a trace. (Small consolation that it cannot have been easy to do given how long it took!)
Australia’s military cyber spy agency, the Australian Signals Directorate (ASD), could soon be receiving radical new espionage powers to monitor Australian citizens for the first time. If approved, the ASD may be able to secretly access the digital information of Australians including emails, health data, bank records, and text messages.
Last week, California police arrested Joseph James DeAngelo, the man suspected of being the “Golden State Killer” or “East Area Rapist”, a serial killer and rapist who terrorised parts of California in the 1970s and 80s.
Of particular interest is how he came to be arrested, with the help of DNA matched on a genealogy website.
Russian hackers are accused of penetrating up to 400 Australian businesses in 2017 as part of an alleged state-sponsored cyber-espionage campaign, targeting millions of computers across the world.
The Australian government made the announcement in light of an extraordinary joint statement from the US and UK governments pointing a stern finger at Russia for sponsoring cyber-attacks on government, private organisations, critical infrastructure providers and internet services providers.
While the recent Facebook saga has underlined the fact that using a password to protect your data doesn’t mean it won’t be improperly accessed, we have become used to needing to create, remember and use passwords in most aspects of our digital lives.
But the humble letter/number/symbol combination may soon be a thing of the past, with a new web standard – the Web Authentication (WebAuthn) – expected to be issued soon.
Facebook indicated in a blog post yesterday that information of up to 87 million people – 37 million more than originally revealed – may have been improperly shared with Cambridge Analytica.
Facebook also reported that this may have included data of more than 300,000 Australians. The company’s chief technology officer, Mike Schroepfer, said the company would make major changes to the way third-parties can access data on the platform. He also said users would be informed if their information could have been improperly shared with Cambridge Analytica.
The Australian Federal Police are investigating two members of the Bureau of Meteorology’s IT team for allegedly running an operation in which they made use of the Bureau’s powerful computers to “mine” cryptocurrencies.
It was revealed late last week that the AFP raided the Bureau’s Melbourne CBD offices on February 28, and questioned the two employees. No charges have been laid, or arrests made.
By Cameron Abbott and Harry Crawford
The NSW Government’s vulnerability to hacking has been exposed in a report by state’s auditor-general, in which it was revealed that one government agency took 49 days to shut down a hack.
This hack started with an email account of the unnamed agency being compromised and used to send out “phishing” emails to get the credentials of finance staff members. By day 20, 300 staff had clicked on the bogus link in the phishing email. 200 email accounts ended up being under the control of the hackers.