Tag Archive for: Highlights

Leak probe highlights U.S. Supreme Court’s problems protecting information

/in


WASHINGTON, Jan 20 (Reuters) – The investigation into the leak of a draft of last year’s Supreme Court ruling overturning the national right to abortion laid bare a persistent problem at the top U.S. judicial body and the broader federal judiciary – creaky tech systems and lax security protocols for handling sensitive documents.

The inquiry, detailed in a 20-page report released on Thursday, failed to uncover who leaked the draft authored by Justice Samuel Alito to the news outlet Politico last May, a month before the ruling was formally issued – in part due to information technology record-keeping deficiencies.

The investigation, ordered by Chief Justice John Roberts and headed by the court’s chief security official Gail Curley, found that “technical limitations” made it “impossible” to rule out whether any employees emailed the draft to anyone else and said the court lacked the ability to identify those who printed it out.

Investigators could not search and analyze many event logs maintained by the court’s operating system because, the report said, “at the time the system lacked substantial logging and search functions.”

The report said 34 court employees – out of the 97 interviewed – acknowledged printing out the draft. The investigators found few confirmed print jobs because several printers at the court had little ability to log print jobs and many were not part of its centralized network.

Cybersecurity expert Mark Lanterman, who has conducted training at the Supreme Court, said it appeared the court could stand to bolster controls to guard against leaks but noted that even highly secure networks can remain vulnerable to bad actors.

“People – we’re the weakest link,” said Lanterman, chief technology officer at the firm Computer Forensic Services. “They could invest millions of dollars in the federal judiciary’s cybersecurity, but all it takes is one person with a motive to leak.”

Carrie Severino, a former clerk to Justice Clarence Thomas who now heads the conservative Judicial Crisis Network, said Roberts bears much of the responsibility for creating an environment where “security measures were so inadequate.”

“It’s never going be possible to perfectly protect against leaking,”…

Source…

Twitter, Wordle, ChatGPT among 20 tech highlights of 2022

/in


Crashes and crackdowns

9. Tech retrenchments

News headlines about employees being let go kept appearing as major tech companies like Meta, Twitter and Microsoft cut thousands of jobs amid economic uncertainties. It marked an abrupt stop to the hiring spree of past years, boosted by the growth of digitalisation amid the pandemic. The authorities in Singapore have maintained that tech jobs are still widely available here owing to the growth of digital services.

10. Crypto crashes

The collapse of several cryptocurrency players sent investors into panic. Sam Bankman-Fried, disgraced founder of now-collapsed crypto exchange FTX, made headlines in November after he filed for bankruptcy in the United States and resigned from the company. Investors that have lost millions include Singapore’s Temasek, which wrote off its $377 million investment in FTX. Separately, Terraform Labs’ co-founder Do Kwon is on the run, with a US$56.9 million lawsuit in Singapore hanging over him for his alleged role in a wipeout of his company’s TerraUSD stablecoin and Luna token. The downfall of these platforms underscores the failure of corporate controls and dangers of hype in the field.

11. WhatsApp outage

The widely used online messaging app may have been down for only a few hours in October, but the crash affected millions of users globally. Business users, for example, were temporarily cut off from their clients. The outage, reportedly caused by a technical error, is a reminder to netizens to have alternative chat apps on standby in case of another crash, said cyber-security experts.

12. Counter-ransomware task force assembled

Singapore set up an inter-agency task force to help businesses and major institutions tackle the growing threat of ransomware. The number of cases reported here grew from 89 in 2020 to 137 in 2021, according to the Cyber Security Agency. In November, the task force published a blueprint for Singapore to counter such attacks, signalling the steps that enterprises and the Government should take to combat the scourge.

13. Crackdown on online harms

Singapore doubled down on its fight against online harms, with a proposed law that is set to launch in 2023 and will give…

Source…

Cloudflare highlights DDoS attack trends in latest report

/in


Cloudflare highlights DDoS attack trends in latest report

Cloudflare, the security, performance and reliability company helping to build a better Internet, has announced its 2022 Q3 DDoS report. This report includes insights and trends about the DDoS threat landscape – as observed across the global Cloudflare network.

Multi-terabit strong DDoS attacks have become increasingly frequent. In Q3, Cloudflare automatically detected and mitigated multiple attacks that exceeded 1 Tbps. The largest attack was a 2.5 Tbps DDoS attack launched by a Mirai botnet variant, aimed at the Minecraft server, Wynncraft. This is the largest attack Cloudflare has ever seen from the bitrate perspective. It was a multi-vector attack consisting of UDP and TCP floods. However, Wynncraft – a massively multiplayer online role-playing game Minecraft server where hundreds and thousands of users can play on the same server – didn’t even notice the attack since Cloudflare filtered it out for them.

Geopolitical tensions are reflected in cyberattacks. Cloudflare’s data centres saw attacks targeting Taiwanese companies increase nearly 20x and when looking at the war in Ukraine, the company saw that attacks on Russian websites surged 24x compared to last year.

Highlights of the DDoS Report

General DDoS attack trends

Overall in Q3, Cloudflare has seen:

  • An increase in DDoS attacks compared to last year
  • Longer-lasting volumetric attacks, a spike in attacks generated by the Mirai botnet and its variants
  • Surges in attacks targeting Taiwan and Japan

 

Application-layer DDoS attacks

  • HTTP DDoS attacks increased by 111% YoY but decreased by 10% QoQ
  • HTTP DDoS attacks targeting Taiwan increased by 200% QoQ; attacks targeting Japan increased by 105% QoQ
  • Reports of Ransom DDoS attacks increased by 67% YoY and 15% QoQ

Network-layer DDoS attacks

  • L3/4 DDoS attacks increased by 97% YoY and 24% QoQ
  • In Q3, Cloudflare saw a 4x increase in network-layer DDoS attacks attributed to the Mirai botnet. This underscores why securing IoT devices is critical
  • The gaming/gambling industry was the most targeted by L3/4…

Source…

The Hacking Of Hospitals Highlights Ransomware

/in


The Hacking Of Hospitals Highlights Ransomware

Directors Report: This Premium article is temporarily free to view. For unrestricted website access please Subscribe: £5 monthly / £50 annual.

The number of ransomware attacks on healthcare organisations is increasing significantly and more needs to be done to up-date and continually improve their cyber security.

Ransomware hacks, in which attackers encrypt computer networks and demand payment to make them functional again, have been a growing concern for both the private and public sector since the 90s. But they can be particularly devastating in the healthcare industry, where even minutes of down time can have deadly consequences and have become ominously frequent.

The number of ransomware attacks on healthcare organisations increased 94% from 2021 to 2022, according to a report from the cyber security firm Sophos and two-thirds (66%) of healthcare organisations were hit by ransomware attacks last year, up from 34% in 2020.

More than two-thirds of healthcare organisations in the US said they had experienced a ransomware attack in 2021, the study said, up from 34% in 2020.

Ransomware attacks on healthcare are particularly common in the US, with 41% of such attacks globally having been carried out against US-based firms in 2021.The new industrial age of the Internet came way back in the 2000’s and has only strengthened its presence in the age of man since then. The COVID-19 pandemic proved a great benefactor to online activity as people began spending more and more time on the internet, on social media and other websites and those new to the connected online world had to embrace it on some level. 

Now that a large number of people across the world have access to the Internet and go online frequently, be it on Twitter, Instagram or Facebook, the menace of cyber-bullying or online bullying is something we all should know and be vigilant about, irrespective of whether we have experienced it or not. Just as bullying in real world requires someone trying to hector a seemingly calm and timid person face-to-face in places like schools and colleges, cyber-bullying takes place in the online world…

Source…