CyberSecurity Pulse 2016-05-26
|“The truth springs from arguments amongst friends.”|
Security and Defense Contractors Become the Central Focus
The attackers seem to have been able to steal very little data. According to RUAG, it amounted to less than 0.01 percent of the data managed by the company. They have stated that “no secret data was affected by the attack on RUAG”. However, the attack was apparently conducted “very professionally” according to the company.
Although ministries of defence and security agencies of each country are pretty concerned about cybersecurity by deploying the necessary measures to address their threats, the point is that contractors do not always have these levels of awareness. At this point, they are being targeted so as to undermine the security measures of their clients (in some cases, official organisations) and thus gain access to confidential information. In this sense, it is important to demand safety standards extended to the ontractors in a proportional way to the sensitivity of the material they deal with.
Microsoft’s Approach to Terrorist Content Online
Google Trust API Plans to Replace Your Passwords with Trust Score
The importance of increasing online security around personal information has risen due to the increase in cyberattacks and data breaches over recent years. The massive LinkedIn hack proves that people are absolutely awful at picking passwords. The data breach leaked 167 Million usernames and passwords online, out of which "123456" were used by more than 750,000 accounts, followed by "LinkedIn" (172,523 accounts), and "password" (144,458 accounts). In a typical authentication mechanism, two-factor verification is the second layer of security that is designed to ensure that you are the only person who can access your account, even if someone knows your password. But now Google also intends to use user's biometrics data to strengthen the second layer of authentication with a more trustworthy approach.
Rest of the Week´s News
BoE Demands UK Banks to Step up Cybersecurity after Bangladesh Attack
Following the attack in February on the Central Bank of Bangladesh, the Bank of England (BoE) has issued an urgent call for all British banks to carry out a security review of any computer connected to the SWIFT network. In the attack launched three months ago, hackers were able to compromise £56 million in what is thought to be one of the largest bank robberies in history.
Google Allo Engineer End Push for End-to-end Encryption by Default
A co-leader on Google's product security team has deleted part of a blog post in which he wished the Allo messenger app would provide end-to-end encryption by default. If it is the user's responsibility to deliberately turn on encryption by using the incognito mode, the critics have argued that most of them will never avail themselves of the protection that end-to-end encryption provides if it is turned off by default.
E-Health Companies Have Seen a Growth in Cyberattacks
Last summer, deceptive emails began targeting employees at the Centers for Medicare and Medicaid Services. The messages were crafted to look like official business, but they actually were from attackers seeking agency passwords. The influx of spearphishing emails significantly increased during the months of 2015 June and July.