Cyber Catch Up 10/5/15

Here’s what you missed last week…

It’s bad enough to have to worry about your data getting stolen. Now officials are concerned about the next front in malicious cyber activity: efforts to deliberately manipulate data. As data theft continues, banks are now looking to retailers to bear the losses. News of the VW scandal continues, and one story indicates that “the faster we upgrade our roads and autos with better capabilities to detect and analyze what’s going on in the transportation system, the better we’ll be able to find hackers, cheaters and others looking to create havoc on the highways.”

Microsoft reported that the highly suspicious Windows update that was “delivered to customers around the world was the result of a test that wasn’t correctly implemented”– but this isn’t the first time a Windows update has been compromised. As cybercriminals move from online banking to the industrial supply chain, they find the Dyreza computer trojan a useful tool. On Thursday, T-Mobile announced that about 15 million of its U.S. customers may have been exposed in a data breach at one of its vendors. Also on Thursday, it was reported that newly discovered vulnerabilities in Android’s media file processing may lead attackers to compromise devices by tricking users into visiting maliciously crafted Web pages.

Apple’s new privacy policy was announced and has been given kudos in its design and simplicity, promising personalization without sacrificing privacy. In the meantime, privacy advocates increase efforts to beat back cybersecurity information-sharing legislation. Recently, Edward Snowden and a number of his supporters put forward a proposal to curb mass state surveillance. Could this be doomed?

With National Cyber Security Awareness Month in full swing, it’s time for millennials to step up their slacking security habits— according to a recent survey, they are least likely to protect their data, despite being the most concerned with cybersecurity. According to another survey, even though IT professionals often warn their superiors about pending IT security disasters, almost half of respondents report that executive management fails to take action.

Researchers have created an AI system to detect malware in shortened Twitter links, exposing a security flaw in Twitter’s site. Speaking of malware, are you searching for celebs in your spare time? Be careful who you search for– a study shows that celebrity searches are loaded with malware. Steer clear of getting the scoop on Kelly Brook, Nick Grimshaw, Kate Middleton, Idris Elba, Frank Lampard, Jeremy Clarkson and Tom Hardy, among others.

Screen Shot 2015-09-30 at 12.36.23 PMRebecca Foss is the Director of Social Media at the University of Maryland University College (UMUC). In her current role, she is working with stakeholders across the university to develop the overall strategic approach in using social media platforms and tools globally for UMUC. She has over 15 years of marketing and communications experience and has been involved with championing social media initiatives since the early stages of the medium’s existence in 2007. Rebecca specializes in content management, creation, and curation and serves as co-editor of the Cyber Connections blog. 

Cyber Catch Up

Here’s a recap of what you missed last week in cyber.

The charge that Beijing was behind the theft of the personal data of more than 20 million federal workers could become a primary topic for an important visit from China’s President Xi with hacking to shadow the China summit. At the start of President Xi’s visit, he sought to reassure American companies that his government was committed to protecting the interests of foreign companies and fighting cybercrime. But was it all double talk? Speaking of stolen personal data, it is reported that OPM underestimated the number of fingerprints stolen by approximately 4 million. The government now estimates this number to be 5.6 million.

Big news this week was Apple’s confirmation of the the discovery of malicious code in some App Store products. The Washington Post reported that the Obama administration has been exploring ways to bypass smartphone encryption to allow access to law enforcement. Also this week, a campaign was launched by a group of privacy advocates including former NSA whistleblower Edward Snowden for a new global treaty against government mass surveillance. Business advisory firm Grant Thornton International, released a report that indicates that global cybercrime has cost $315 billion over the past 12 months.

In policy news, cyber crime laws are showing their age and some are badly outdated, including the Computer Fraud and Abuse Act (CFAA) of 1986. Senator Ron Wyden of Oregon announced this week that the Section 603 provision on terrorist activity was removed from the 2016 Intelligence Authorization Act. Finally, a federal judge ruled this week that forcing suspects to give up their cell phone passwords is a violation of the constitutional right against self-incrimination.

Screen Shot 2015-09-30 at 12.36.23 PMRebecca Foss is the Director of Social Media at the University of Maryland University College (UMUC). In her current role, she is working with stakeholders across the university to develop the overall strategic approach in using social media platforms and tools globally for UMUC. She has over 15 years of marketing and communications experience and has been involved with championing social media initiatives since the early stages of the medium’s existence in 2007. Rebecca specializes in content management, creation, and curation and serves as co-editor of the Cyber Connections blog.