Posted on July 31, 2018 by staff

Cyber Security Briefing: Man on the moon

Cyber Security Briefing: Man on the moon

Astronaut during lunar landing mission
Shutterstock/NASA
Astronaut during lunar landing mission

If we can put a man on the moon, why can’t we give the government a backdoor to read encrypted communications?

If that sounds like the kind of rubbish analogy that you might hear down the pub – or perhaps in an East London wine bar – then think again.

It is the view of no less than FBI director Chris Wray, who told the Aspen Security Conference that encryption allows criminals to “go dark” and therefore tech companies must find a way of giving them the key to any communications they have a warrant for.

“We’re a country that has unbelievable innovation. We put a man on the Moon. We have the power of flight. We have autonomous vehicle. The idea that we can’t solve this problem as a society – I just don’t buy it,” he said.

Ignoring the bizarre link with the Apollo space missions, the obvious flaw in his argument is that if you provide a route to access encrypted information then it can be identified and accessed by the bad guys as well as the good guys.

And – whisper it – perhaps the ‘good’ guys do not always turn out to be so good after all…

Talking about a Revolut-ion

Digital bank Revolut claims it has seen a 30 per cent fall in card fraud after introducing disposable virtual cards for online purchases in March.

Its customers are able to create the cards, which contain details that regenerate after each transaction, in mere seconds.

CEO Nik Storonsky (pictured below) said: “The recent security breach at TicketMaster, where an unknown third-party managed to gain access to their customer’s personal information, was a sharp reminder to all of us here at Revolut as to why we prioritised the launch of disposable virtual cards.”

Nik

Revolut is also rolling out machine learning technology which will automatically apply limits based on customers’ transactions. Its two million customers will notice their existing limits being removed over the next fortnight.

“This will allow us to really focus our investigation efforts in targeting the suspicious activity and allow our normal users to use Revolut hassle free,” said Alan Chang, VP of operations.

Crypto-mining apps banned

Google Play, the store where Android users download their apps, has banned crypto-miners.

Users can still download the apps from other sources if they grant special permissions, but Google clearly doesn’t want potentially unsafe content in its marketplace.

“We don’t allow apps that mine cryptocurrency on devices. We permit apps that remotely manage the mining of cryptocurrency,” the restricted content section of its updated policy reads.

‘Most powerful’ cyber security tech launched

A new  cyber security  technology developed in part by Oxford University claims to be the most powerful product on the market.

British firm CyberHive was founded this year and has launched Trusted Cloud, a server which uses a combination of hardware-based cryptography and advances in whitelisting technology.

It provides real-time threat detection on servers through automatic verification every five seconds. This allows organisations to take remedial action more rapidly than is currently possible.

Are you prepared for an IoT attack?

Almost half of IT decision makers consider security as an afterthought when it comes to Internet of Things projects, according to a report by Trend Micro.

Yet almost two-thirds of them agreed that IoT-related security threats increased in the last 12 months – and the figure was 71 per cent in the UK.

It. Just. Makes. No. Sense.

“IoT systems are the future for businesses and many new types of connected devices are being introduced to corporate networks,” said Kevin Simzer, chief operating officer at Trend Micro.

“While this is beneficial for business operations, the embedded operating systems of IoT devices aren’t designed for easy patching, which creates a universal cyber risk problem.

“The investment in security measures should mirror the investment in system upgrades to best mitigate the risk of a breach that would have a major impact on both the bottom line and customer trust.”

Ransomware concern drops despite huge cost

Fewer organisations are worried about ransomware despite it being one of the most costly cyber-attacks.

A report by Barracuda Networks found that concern remains high, with 84 per cent of the 145 companies polled in Europe, the Middle East and Africa saying it is a worry.

However that compares with 91 per cent a year ago – and the proportion of organisations targeted by ransomware has fallen from 48 per cent last year to 30 per cent this.