Tag Archive for: people

Cybersecurity labeling for smart devices aims to help people choose those less vulnerable to hacking

/in


WASHINGTON — The Biden administration and major consumer technology players on Tuesday launched an effort to put a nationwide cybersecurity certification and labeling program in place to help consumers choose smart devices that are less vulnerable to hacking.

Officials likened the new U.S. Cyber Trust Mark initiative — to be overseen by the Federal Communications Commission, with industry participation voluntary — to the Energy Star program, which rates appliances’ energy efficiency.

“It will allow Americans to confidently identify which internet- and Bluetooth-connected devices are cybersecure,” deputy national security adviser Anne Neuberger told reporters in a pre-announcement briefing.

Amazon, Best Buy, Google, LG Electronics USA, Logitech and Samsung are among industry participants.

Devices including baby monitors, home security cameras, fitness trackers, TVs, refrigerators and smart climate control systems that meet the U.S. government’s cybersecurity requirements will bear the “Cyber Trust” label, a shield logo, as early as next year, officials said.

FCC Chairwoman Jessica Rosenworcel said the mark will give consumers “peace of mind” and benefit manufacturers, whose products would need to adhere to criteria set by the National Institute of Standards and Technology to qualify.

The FCC was launching a rule-making process to set the standards and seek public comment. Besides carrying logos, participating devices would have QR codes that could be scanned for updated security information.

In a statement, the Consumer Technology Association said consumers could expect to see certification-ready products at the industry’s annual January show, CES 2024, once the FCC adopts final rules. A senior Biden administration official said it was expected that products that qualify for the logo would undergo an annual re-certification.

The director of technology policy at Consumer Reports, Justin Brookman, welcomed the White House proposal but cautioned in a statement that “a long road remains” to its effective adoption.

“Our hope is that this label will ignite a healthy sense of competition in the marketplace, compelling manufacturers to safeguard both the security and…

Source…

Public inquiry hears how Post Office security withheld evidence from people it suspected of theft

/in


The Post Office security department deliberately held back information on potential evidence that could support the cases of subpostmasters being investigated for alleged financial crimes, an official policy document has revealed during public inquiry.

During the latest hearing in the Post Office Horizon scandal public inquiry, it was revealed that reports sent to lawyers after initial investigations of subpostmasters suspected of theft and fraud included information about potential Post Office failures if relevant, but investigators were told to withhold this from the subpostmasters being investigated and potentially prosecuted.

Following the introduction of the Horizon computer system by the Post Office in 1999 to automate branch accounting, subpostmasters in large numbers began reporting unexplained accounting shortfalls. The Post Office blamed the subpostmasters and more than 700 were prosecuted, with many sent to prison. Thousands lost huge sums of money, with many going bankrupt.

Subpostmasters claimed the new computer system was causing the shortfalls, but the Post Office consistently denied this and suspected that subpostmasters did not have the computer expertise or resources to prove that errors existed. The Post Office used its power to prosecute privately and took advantage of the rule on the use of computer evidence that presumes that a computer system has operated correctly unless there is explicit evidence to the contrary

In 1999, this rule replaced section 69 of the 1984 Police and Criminal Evidence Act (PACE), which stated that computer-based evidence should be subject to proof that the computer system was operating properly. The Post Office was a supporter of this change and, as Computer weekly wrote in 2021, had replied to a Law Commission consultation on the proposed rule change claiming the existing rule was “somewhat onerous” when prosecuting people charged with crimes, such as the subpostmasters that run and own its branches.

A question of withheld evidence 

During the latest hearing, former Tony Marsh, head of security at Post Office until 2006 was asked about a Post Office policy used by teams investigating suspected theft or fraud by…

Source…

People are just realizing Android has special security setting that stops snoopers spying on you

/in


IF you’re an Android user and privacy is a top priority, it’s worth trying out an expert-recommended setting.

Lots of specialists recommend using a Private DNS setting for Android that gives you extra protection while you’re online.

Some experts recommend trying out a Private DNS feature on AndroidCredit: Getty

DNS stands for Domain Name Service.

It’s like the phone book of the internet and translates website addresses you’re searching for into IP addresses.

Cybersecurity experts at Kaspersky have pointed out flaws with DNS.

The Kaspersky blog explains: “Almost every internet query starts with a computer contacting a DNS server to translate a site name entered into its IP address.

“And almost always it’s be done by the DNS server of your internet provider, while the request to it is neither encrypted nor signed.

“This insecurity brings many side effects.”

Side effects include your internet service provider knowing what sites you’ve visited.

They may use this information to send you targeted adverts.

Most read in Phones & Gadgets

Hackers can also attack this technology and could lead you to malicious sites or control your Wi-Fi network.

To avoid this, users of devices with Android 9 or above can try Private DNS mode.

Open your Settings, and click More connections and then select Private DNS.

The route to this may be slightly different depending on your Android model.

Next, you’ll have to specify a server and then click to confirm.

You should be able to research a server that’s right for you.

Revert back to your original settings via the same method if you encounter issues.

Source…

Harvard Pilgrim ransomware attack impacted 2.5M people

/in


Recent filing with New Hampshire DHHS reveals Harvard Pilgrim ransomware attack impacted 2.5M people


Harvard Pilgrim has revealed that April’s ransomware attack impacted more than 2.5 million people.In a recent filing with the Department of Health and Human Services, Harvard Pilgrim said information like social security numbers and medical histories may have been stolen when data was copied from its system between March and April of this year.The health insurance company said it’s not aware of the data being misused at this point, but it is notifying those who are affected.According to the company’s website, the people impacted include some former and current members who had plans with Harvard Pilgrim between March 2012 and April 2023.

Harvard Pilgrim has revealed that April’s ransomware attack impacted more than 2.5 million people.

In a recent filing with the Department of Health and Human Services, Harvard Pilgrim said information like social security numbers and medical histories may have been stolen when data was copied from its system between March and April of this year.

The health insurance company said it’s not aware of the data being misused at this point, but it is notifying those who are affected.

According to the company’s website, the people impacted include some former and current members who had plans with Harvard Pilgrim between March 2012 and April 2023.

Source…