8 Cybersecurity Stories a Review of 2018

Introduction

This blog post gives a brief overview of 2018's Cybersecurity News Stories. These eight chosen news stories are listed in no particular older.



  1.  Cybersecurity Trends 2019: Privacy and intrusion in the global village (https://www.welivesecurity.com/2018/12/18/cybersecurity-trends-2019-privacy-intrusion-global-village/) An article that summarizes the events and developments in Cybersecurity over 2018 and discusses the potential trends that may happen in 2019.  
  2. Czech Cyber Security Agency Warns Against Use of Huawei (https://www.nytimes.com/aponline/2018/12/17/business/ap-eu-czech-huawei.htmlThe Czech Republic's cybersecurity watchdog is warning against the use of products by Chinese electronics giant Huawei and another Chinese telecommunications company, ZTE. This is the latest devolvement in the backlash against Huawei in supplying key infrastructure for telecoms. Following Huawei being blocked in the USA, Canada, Australia, New Zealand and other countries. 
  3. Australian Government Passes Contentious Encryption Law (https://www.nytimes.com/2018/12/06/world/australia/encryption-bill-nauru.html) The Australian Parliament passed a contentious encryption bill on Thursday 6th December to require technology companies to provide law enforcement and security agencies with access to encrypted communications. Privacy advocates, technology companies and other businesses had strongly opposed the bill, but Prime Minister Scott Morrison’s government said it was needed to thwart criminals and terrorists who use encrypted messaging programs to communicate. This is a continuous saga in the battle between privacy and law enforcement requirements.  
  4. FACEBOOK BUG EXPOSES 6.8 MILLION USERS' HIDDEN PHOTOS TO THOUSANDS OF THIRD-PARTY APPS (https://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-bug-data-breach-hack-accounts-photos-a8684031.html) Facebook has once again been hit by a major bug exposing the accounts of millions of users. The bug gave third-party apps access to photos of up to 6.8 million users, though Facebook says the issue has now been fixed. Over the whole of 2018, it has been a tumultuous year for Facebook as it faced increasing scrutiny of its business practices and how it handles its user data. Unless there is a major change in the company it is likely we see more scandals emerge from Facebook, Instagram (owned by Facebook) and Whatsapp.
  5. 'Meltdown' and 'Spectre' guidance (https://www.ncsc.gov.uk/guidance/meltdown-and-spectre-guidance) At the beginning of 2018 it was disclosed that major design in flaws in Intel's, ARM and AMD chips named 'Meltdown' and 'Spectre' are two related, side-channel attacks against modern CPU microprocessors that can result in unprivileged code reading data it should not be able to. Most devices - from smartphones to hardware in data centres - may be vulnerable to some extent. The Vendors worked on patches to mitigate the issue. Though it will still be a couple of more years until the chip manufacturers are able to redesign their hardware prevent vulnerabilities like this from occurring. Though this could just lead to new vulnerabilities coming into existence hopefully the chip manufacturers and designers will avoid this. 
  6. Home Addresses Are Up for Sale. Time to Take Back Your Privacy. (https://www.nytimes.com/2018/12/16/opinion/editorials/data-privacy-address-swatting.htmlHome addresses have always been public information. But now they’re too easy to search. In 2017, an internet troll named Tyler Barriss called a SWAT team to what he thought was the home address of another gamer who had insulted him online in Wichita, Kan. It was the wrong address. In the confused confrontation that followed, a police officer shot and killed Andrew Finch, a 28-year-old father of two. The issue of people keeping control over public information has only now started to be tackled with the passing of GDPR and in 2019 how we tackle the issues of people understanding of how to limit their exposure of information online we continue to build and develop. 
  7. MiSafes' child-tracking smartwatches are 'easy to hack (https://www.bbc.co.uk/news/technology-46195189?intlink_from_url=https://www.bbc.co.uk/news/topics/cz4pr2gd85qt/cyber-security&link_location=live-reporting-storyA location-tracking smartwatch worn by thousands of children has proven relatively easy to hack. Hopefully, in 2019 we will get ahead of the manufactures so that instead of these types of devices being withdrawn from sale after the vulnerabilities are found instead they are prevented from going on sale in the first place because they tested for how secure they are. 
  8. The Top 25 Passwords in 2018 Are an Embarrassment to Humankind (https://www.popularmechanics.com/technology/security/a25575197/top-passwords-2018/) We all can do better. 


Conclusion 

In general looking back on 2018 the types of cybersecurity news that have come out and been reported is that as a whole we are still going around in circles when it comes to implementing Cybersecurity measures, data protection and privacy design. Hopefully, with the passing of GDPR and the upcoming ePrivacy regulation and the NIS directive things will begin to change in 2019. 

Comments

Post a Comment

Popular posts

Balancing functionality, usability and security in design

Image
Introduction When designing new devices or applications there is a requirement nowadays to consider there functionality, usability and security. While there has been a push through secure-by-design guidelines for security to be built-in from the beginning there are still gaps in implementation and part of these gaps are design considerations of functionality and usability. Part of this that doing security well is hard work, but it should never block useful functionality for the user. Ideally, when security interferes with key software capabilities, the security must be tweaked. The answer should never be to abandon the functionality and certainly not to abandon the security. Though achieving this balance is admittedly not straightforward. This blog post will aim to look at this triad and how they can be balanced and not compromise each other. Defining the Triad in design A triangle can be used to help explain the relationship between the concepts of security, functionality and ea
Read more

Personal Interest - Unbuilt fleets of the Royal Navy

Image
Introduction Throughout the 20th Century the Royal Navy designed and examined different types of fleets that were never realised either due to budget constraints, arms treaties or the changing nature of war. These are only a few examples of the different types of unbuilt fleets. Some of these had prototypes built and tasted for the Royal Navy which would serve as technological testbeds. Images and info from secret projects forum, shipbucket, popular mechanics/science and naval-matters. Washington Naval Treaty (WNT) The  Washington Naval Treaty  was a treaty signed during 1922 among the major nations that had won  World War I , which agreed to prevent an  arms race  by limiting naval construction. It was negotiated at the  Washington Naval Conference , held in  Washington, D.C. , from November 1921 to February 1922, and it was signed by the governments of the United Kingdom, the United States, France, Italy, and Japan. It limited the construction of  battleships ,  battlecruisers
Read more

Personal Interest - RAF Unbuilt Projects

Image
  Introduction This blog post looks at the different groups of cancelled RAF projects. It will focus on the 50s, 60s, 90s/00s and a brief look at hypersonic research projects. While these projects were often cut or cancelled for budget or austerity reasons, they were also pushed by the changing nature of warfare firstly from conventional style WW2 warfare to the predicated quick, short scale nuclear war which was expected from 1947 to 1989. Later from the 90s and into the 21st Century a change from state on state conflict to facing insurgencies, counter-terrorism and peacekeeping missions again led to a change in how wars are fought. Though the work and research done on these projects would rarely go to waste with it being used and applied in other projects and works even if sometimes it could take another ten or twenty years before anything operational came of that work. There won't be large amounts of text explaining or exploring the designs there are far better sources for th
Read more