Privacy issues in the Philippines have become headline news as 2017 gets underway. In January, the National Privacy Commission (NPC) in that country issued a statement placing the blame for a data breach that put the personal information of millions of voters at risk squarely at the feet of the Commission on Elections (COMELEC) and its Chairman Andres Bautista.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
700 scam websites pretending to offer online streaming services are taking advantage of the recent pandemic lockdowns to steal personal data and credit card information.
In addition to the DDoS campaign and claimed theft of Microsoft accounts, Anonymous Sudan has busied itself with a campaign of attacks against European banks as of late. Microsoft says there is no evidence of a data breach.
The present incarnation of the hacker collective opened up its cyber war against Russia by temporarily taking down a number of government websites, including those of the Kremlin and the Defense Ministry.
Data dump containing 269 GB of police files from hundreds of U.S. law enforcement agencies and the FBI is found to be tied to a breach at a shared third-party vendor.
Checkout bots are gaining popularity in coronavirus pandemic to snap up delivery time slots through Chrome extensions including those that may contain security vulnerabilities.
Recent ruling in New Jersey involving the NotPetya attacks indicates that insurers may not be able to use "cyber war" clauses as an excuse to not pay out for remediation of ransomware attacks.
MGM, one of the two largest casino-hotel chains on the Strip, has not yet confirmed the nature of the attack, calling it a 'cybersecurity issue.' The properties remain open, but operations such as front desk check-ins and payouts for casino games have had to shift to entirely manual operations.
Since June, some ransomware gangs have begun incorporating search functions into their data leak sites, making stolen data more accessible to put added pressure on victims.
While there is no evidence at present of a rash of "juice jacking attacks on public USB charging stations, or even any novel exploits of this nature, appropriate precautions should still be taken.