Security News
The USA's policy of decoupling its technology industries from China lacks a strategy, a theory of success, and an understanding of how to achieve its ill-defined goals, according to a new paper by Jon Bateman from the thinktank Carnegie Endowment for International Peace. "The United States cannot afford simply to muddle through technological decoupling, one of the most consequential global trends of the early twenty-first century," wrote Bateman, a former senior intelligence analyst, policy adviser and speechwriter at the US Department of Defense, in the document, titled "US China Technological 'Decoupling', a Strategy and Policy Framework."
India's government and the European Union have signed up to create a "Trade and Technology Council" - an entity the EU has previously only created to enhance its relationship with the United States. Details of the Council's scope of operations have not been revealed, but the EU/US version of the entity works on standards for emerging technologies, tech supply chains, information security, data governance, preventing misuse of technology when it threatens security and human rights, and SME access to and use of digital technologies.
Trouble is brewing over moves by Taiwan to prevent China from gaining access to its chip technology, as the island nation proposes tougher laws to deter the leaking of trade secrets outside the country. China has reportedly hit back after Taiwanese Premier Su Tseng-chang called this week for a speedier introduction of legislation designed to protect the local semiconductor industry from what it sees as Chinese industrial espionage.
Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.
Cybercriminals have used fake emergency data requests to steal sensitive customer data from service providers and social media firms. As infosec journalist Brian Krebs first reported, some miscreants are using stolen police email accounts to send fake EDR requests to companies to obtain netizens' info.
The FCC Illegal Robocall Response Team and STIR/SHAKEN-the FCC-mandated initiative that provides a framework that voice service providers use to digitally sign each call that originates from their network-are an example of such initiatives. These variables complicate call authentication and highlight the need for a platform that serves as the industry standard source of trusted information.
Experts warn a lack of attention on cybersecurity could plague "Smart" car and electric vehicle systems - and users - in years to come, as the use of automotive technology continues to explode. "A hacker can gain complete and unlimited access to locking, unlocking, controlling the windows, opening the trunk, and starting the engine of the target vehicle where the only way to prevent the attack is to either never use your fob or, after being compromised, resetting your fob at a dealership," the post said.
The director of UK intelligence agency Government Communications Headquarters, Sir Jeremy Fleming, has warned that China is trying to introduce "Undemocratic values as the default for vast swathes of future tech and the standards that govern it." China believes Russia will support its digital markets and technology plans.
The UK's National Cyber Security Centre has advised users of Russian technology products to reassess the risks it presents. In advice that builds on 2017 guidance about technology supply chains that include links to hostile states, NCSC technical director Ian Levy stated that the agency has not found evidence "That the Russian state intends to suborn Russian commercial products and services to cause damage to UK interests."
If you're driving a Honda Civic manufactured between 2016 and 2020, this newly reported key fob hijack should start your worry engine. Their research suggests that Honda Civic LX, EX, EX-L, Touring, Si, and Type R vehicles manufactured between 2016 and 2020 all have this vulnerability.