Tag Archive for: security

FCC Chairwoman Proposes New Measures to Enhance Internet Security

/in


Net Neutrality

The proposal would require broadband providers to report to the FCC on their efforts to implement industry standards.


Ted Hearn

FCC Chairwoman Proposes New Measures to Enhance Internet Security
Photo by Danny Lines via Unsplash used with permission

WASHINGTON, May 16, 2024 – In a move aimed at bolstering Internet security, FCC Chairwoman Jessica Rosenworcel on Wednesday advanced a proposal that would require major broadband providers to submit confidential reports on Border Gateway Protocol (BGP) security.

The initiative is intended to enable the FCC and its national security counterparts to gather more current data on this pivotal Internet routing nexus.

“It is vital that communication over the Internet remains secure,” Rosenworcel said in a statement. “Although there have been efforts to help mitigate BGP’s security risks since its original design, more work needs to be done. With this proposal, we would require broadband providers to report to the FCC on their efforts to implement industry standards and best practices that address BGP security.”






BGP serves as the backbone technology for routing information across the vast expanse of the Internet’s physical and digital infrastructure. National security experts have raised concerns about BGP vulnerabilities that could potentially be exploited by malicious actors. Such exploitation could lead to disruptions in critical services reliant on the Internet, along with the interception, manipulation, or misdirection of data.

In her statement, Rosenworcel said Russian network operators have been suspected of exploiting BGP to hijack “Americans’ personal information, enable theft, extortion, state-level espionage, and disrupt otherwise-secure transactions.”

Rosenworcel stressed the importance of BGP in keeping the Internet functioning properly.

“This technology is essential to the Internet and has been referred to as the “glue” that enables modern connectivity,” Rosenworcel’s statement…

Source…

Google Beefs up Android Security with Theft Protection, Live Threat Detection, and More

/in


Besides the rollout of Android 15 Beta 2, Google is offering new features to ramp up security on Android devices. To make sure that your data stays intact and doesn’t fall into the wrong hands, Google is adding theft protection and other safety measures on Android. Here’s everything you need to know about it.

Security and Theft Protection

In its recent blog post, Google has explained a new theft protection feature on Android that requires your device or Google account credentials to erase all data from your phone. The device will also need a PIN/password or biometric authentication to disable Find My Device or change the screen timeout timer.

Sensitive Content Password Requirement
Image Courtsey: 9to5 Google

In situations where the thief might probably know your PIN, pattern, or password, Android will now require biometric authentication. This will be required when trying to change critical Android settings. Like changing the lock screen password, and disabling theft protection.

Theft and Offline Detection Lock

Android will also be able to detect when your phone has been stolen from your hands using sensors and on-device models, and lock the device. On the other hand, attempting to turn off Wi-Fi or mobile data will result in the Offline Detection Lock. This will help to keep outsiders from accessing your data. These two features will be available for Android 10+ devices later this year.

Theft Detection in Android
Image Courtesy: 9to5 Google

Access Find My Device with Phone Number

Accessing your device through Find My Device will also become easier. Since many users can’t recall their Google account credentials required for actions like remote locking or wiping the device. Now you can just enter your phone number and a quick security challenge to access these options. These features are also coming out later this year.

Remote Lock Feature Android
Image Courtesy: 9to5 Google

Live Threat Detection for App

Google Play Protect is adding live threat detection. This will check app behavioral patterns related to the use of users’ sensitive permissions and how they interact with other apps. If Play Protect marks the behavior as suspicious, then it will send the app to Google for…

Source…

NCSC ramps up support for those at high risk of cyber attacks ahead of election – National Cyber Security Centre

/in



NCSC ramps up support for those at high risk of cyber attacks ahead of election  National Cyber Security Centre

Source…

China poses genuine and increasing cyber security risk to UK, says GCHQ director

/in


China poses a genuine and increasing cyber risk to the UK, the director of Britain’s electronic intelligence gathering agency said today.

Anne Keast-Butler used her first major public speech as director of GCHQ to call out China’s development of hostile hacking capabilities.

The warning reflects concerns by western intelligence agencies that the People’s Republic of China (PRC) is increasingly working with non-state cyber organisations to boost its hacking capabilities.

She warned that China’s “coercive and destabilizing” actions posed a significant threat to the UK and other western countries.

“In cyberspace, we believe that the PRC’s irresponsible actions weaken the security of the internet for all,” she said.

“China has built an advanced set of cyber capabilities and is taking advantage of a growing commercial ecosystem of hacking outfits and data brokers at its disposal,” she added.

The government has called out Chinese hackers for threatening the security of the UK in recent months.

These include a campaign by a Chinese state sponsored hacking group, which targeted email accounts of over 40 UK parliamentarians that had spoken out against China.

Chinese state sponsored hackers were also responsible for compromising the Electoral Commission between 2021 and 2022.

Vulnerabilities stockpiled

The Chinese government is stockpiling security vulnerabilities to use in future hacking attacks according to cyber security officials.

Under Chinese law, Chinese companies and cyber security organisations are required to report newly discovered security vulnerabilities to the Chinese government.

A Chinese hacking competition due to take place in June 2024, for example is offering $2.5 million in prize money for exploits and vulnerabilities in software, operating systems, network and security equipment.

Western intelligence agencies are concerned that Chinese state sponsored hacking groups are gaining access to computer networks of energy, electricity and other critical services providers to use as potential political leverage.

They warn that the groups are installing hacking capabilities that could be used at a later date to threaten to disrupt critical infrastructure of…

Source…