Vodafone reveals details of government surveillance
Vodafone has released its first Transparency Report on the requests it receives from governments and law enforcement bodies for user data. This marks the first time a global telecommunications company has released a global data set, with transparency data from 29 countries. The report states that in as many as 6 countries, authorities have direct access to Vodafone’s network, which allows governments to monitor communications directly without having to go to the company for their customer data. Following release of the report, campaign group Privacy International is urging businesses to fight back against governments instead of quietly abiding by the laws and practices imposed on them.
PF Chang’s is latest credit card breach victim
Restaurant chain PF Chang’s is investigating claims of a data breach involving credit and debit card data stolen from various restaurant locations in the United States. A number of newly stolen credit and debit cards appeared on an underground website used by criminals on Monday, all of which had been used at the restaurant between March and May. A spokesperson from PF Chang’s has stated that matters are being taken very seriously with the situation currently being investigated and that further announcements will be made in due course.
US military reports South Korea databases hacked
The US military have announced that a hacking attack may have stolen the personal data of more than 16,000 South Koreans employed by American forces after two databases storing personal information had been compromised. The affected system is used for recruitment purposes and so while no defence-related classified information has been accessed, personal data on current and former Korean nationals employed by the command, along with data on job applicants has been. Any individuals potentially affected have been notified and investigations into the hacking are ongoing.
Wall Street’s brokers create cyber attack anxiety
According to officials from the Financial Industry Regulatory Authority (Wall Street’s industry-funded watchdog), the sloppy actions of brokers and other industry employees are placing Wall Street at an ever increasing risk of cyber attack. Findings include brokerage firm workers taping sensitive passwords to their computer monitors and storing them in binders labelled “passwords”, and firms forgetting to cut off access to systems by temporary workers after they have left. The US Securities and Exchange Commission is looking into measures that brokerages and asset managers have put in place to safeguard against cyber attacks.
Serious UK cybercriminals face life in prison
Current UK legislation sets no specific penalties for cybercriminals responsible for attacks that pose a threat to life or national security. That is set to change under new legislation which will see hackers who launch devastating cyber attacks on UK infrastructure behind bars for life. Those who obtain malware with the intention of committing criminal acts also face new legal punishments. However, proposals have been with met with concern due to the difficulty in ascertaining the damage inflicted by cyber attacks making consistent sentences difficult to apply.
British banks take action against cyber threat
The British Bankers’ Association (‘BBA’) has hosted a conference of financial institutions and government bodies as part of an effort to protect Britain’s vulnerable financial system from attack by criminals and enemy states. The call for greater collaboration between banks and law enforcement agencies follows the recent report published by BBA and Price Waterhouse Coopers, which indicates that 93% of large firms suffered security breaches over the past year. The Bank of England have also added to the initiative with the announced creation of a cyber attack test scheme to create better stress tests amongst financial institutions (the first initiative of its type to be led by any of the world’s central banks).
Red button leaves TVs open to attack
A critical vulnerability has been discovered in the specification that defines how smart TVs work, that could allow attackers to hijack home broadband networks. Most US and European households with broadband access now have at least one TV set which is also connected to the internet leaving millions of homes open to cyber attack. Researchers from the Network Security Lab at Columbia University have discovered that attackers could access and use the credentials stored in TV sets to access services such as social networks, e-commerce sites and perform fraudulent attacks on other devices within the home network. Fears lie in the finding that no user knowledge or consent is required as victims only have to keep watching their TVs to be targeted.