Posted on June 19, 2018 by staff

Cyber Security Briefing: Dogs enlisted in cyber crime fight


Dogs have long played an instrumental role in physical security as the keen noses of trained animals are able to sniff out weapons.

Now law enforcement agencies in the United States are enlisting their canine units in the fight against cyber crime.

Dogs at both federal and local level are being trained to find hidden electronic devices such as mobile phones, hard drives and microSD cards by identifying a chemical compound found within them called triphenylphosphine oxide, or TPPO. Last month ‘electronic storage detection’ dogs helped catch a student hacker who hid an incriminating thumb drive.

CNet reported that only one out of every 50 dogs tested qualifies to become an ESD dog as many are “too energetic” for the task.

Kaspersky Lab halts European collaborations

Security firm Kaspersky Lab has suspended all collaboration with European agencies and organisations, including Europol, the EU’s law enforcement intelligence agency.

The move was in response to a European Parliament motion which called its anti-virus software “malicious”.

Russian firm Kaspersky Lab said the accusation was “untrue” and demonstrated a “distinct lack of respect”. It says it will not resume collaborations “until we receive further official clarifications from the European Parliament”.

The company has also halted its work with the No More Ransom project, which provides free decryption tools to ransomware victims.

Founder Eugene Kaspersky tweeted:

British cyber security start-up raises $10m

British start-up Panaseer has raised $10m in funding to assist in its bid to clean up the poor “cyber hygiene” of the world’s largest businesses.

It will use the cash to boost its research and development efforts in the UK while expanding sales and marketing operations in the US.

The subscription service automatically detects which systems within a company are most vulnerable to attack, eliminating human error.

Smart padlock isn’t so smart

Last week was a bad one for Canadian firm Tapplock after it was revealed that anyone with a smartphone could unlock its smart padlocks.

The gadgets are secured with a person’s fingerprint – but researchers at Pen Test Partners discovered that they could be unlocked in seconds without the print.

This was because the unlock code is generated from a unique networking ‘MAC’ address contained within all Bluetooth devices which can be seen by all.

All a malicious hacker would have to do is obtain this and convert it using a ‘MD5 hash’ algorithm to unlock the device.

Tapplock has already issued “an important security patch” to prevent this from happening in future.

Dixons Carphone hack should serve as wake-up call

Security experts have urged companies to decide what personal data is worth defending and adopt an “encrypt-everything” approach in the wake of Dixons Carphone’s huge data breach.

The consumer electronics retailer admitted that hackers were able to gain access to 5.9 million payment cards and 1.2 million personal data records – but that there was no evidence to date of any fraudulent use of the data.

Chief executive Alex Baldock said the company was taking the breach “extremely seriously” and admitted the business had “fallen short” in protecting its customers’ data.

We spoke to several experts about what can be learned from the hacking incident.

It’s alive!

Android smartphone owners have been put on alert about a Frankenstein-style virus.

Security researchers from ThreatFabric discovered MysteryBot, which combines the worst features of ransomware, keyloggers and banking Trojans to attack on many fronts.

The Daily Express had the most creative headline for this story: ANDROID WARNING: Smartphone owners put on alert about terrifying FRANKENSTEIN virus.

How CIA can improve your cyber security

Paul Harris, MD of global ethical hacking company Secarma, explained to BusinessCloud how CIA can help you keep your business secure.

No, not America’s infamous Central Intelligence Agency – but a simple three-step process: Confidentiality, Integrity and Availability.