you're reading...


Aussie companies lag on security as cyberthreat intensifies overseas

Ever vigilant on citizen privacy, EU regulators were promising action on Google’s privacy policy changes while the EU Parliament made more than 900 amendments to proposed new data-privacy laws.

Also on the international front, security firm Mandiant was alleging that it had information about the Chinese-backed ‘PLA 61398’ cyber-army hacking into US firms. In an ironic twist, the report was used as bait in further spear-phishing attacks on Japanese and Chinese users, building on an Adobe Reader 0-day vulnerability.

Not everyone thinks it’s necessarily an act of war, however – especially China’s Defense Ministry, which refuted the claims. Yet the cybersecurity environment is nonetheless heating up, as British prime minister David Cameron signed a cyber security deal with India. Others argued that the escalating cyberwar between the US and China could evolve into something resembling the Cold War. Users, however, need to make much better use of available security tools to improve their response time to spear-phishing attacks like that used in the Chinese hack.

In a relatively rare occurrence, Apple confirmed that it was hit by an internal malware attack while UK firm Tesco had called in the police after the details of a number of its Clubcard loyalty-program members were compromised.

A Malaysian government Web site was hacked with a faked ‘resignation’ from the country’s prime minister. And, in another sign that cyberhacking knows no boundaries, there were reports that China has been helping Zambia master deep packet inspection eavesdropping technology.

Meanwhile, spy agencies were keeping mum on reports that five countries were working together to declassify crucial security
vulnerability and threat information. Also on the collaboration front, US university students are among those working to crack Chinese malware code.

New research suggests many Australian organisations aren’t as good at establishing disaster recovery plans as they think. Further damning evidence came from CERT Australia, which says many security incidents within Australian organisations are going unreported.
Rounding out the trifecta was the revelation that a large volume of financial and health-related data had been dumped in Sydney rubbish
bins where they could be easily compromised by identity thieves.

Read the whole article at:



No comments yet.

Post a Comment