Security News
NIS is the main law controlling security practices in the UK today. Currently a straight copy of the EU NIS Directive, one of the benefits of Brexit leapt upon by the Department for Digital, Culture, Media and Sport is the new ability to amend NIS's reporting thresholds.
The British government's PR campaign to destroy popular support for end-to-end encryption on messaging platforms has kicked off, under the handle "No Place To Hide", and it's as broad as any previous attack on the safety-guaranteeing technology. Judging by videos earnestly distributed by organisations supporting it, the No Place To Hide campaign is much wider than merely targeting Facebook Messenger as was previously thought.
The UK's Competition and Markets Authority has invited comments from industry and interested parties about NortonLifeLock's proposed $8bn purchase of fellow infosec outfit Avast. "The CMA is considering whether it is or may be the case that this transaction, if carried into effect, will result in the creation of a relevant merger situation under the merger provisions of the Enterprise Act 2002," it said.
UK's National Cyber Security Center has published new guidance for organizations to follow when communicating with customers via SMS or phone calls. Use a five-digit number instead of a regular phone number.
Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they'll lean heavily on the "Think of the children!" rhetoric we're seeing in this current wave of the crypto wars.
A Nottingham man was imprisoned this week for more than two years after hacking the computers and phones of dozens of victims, some of them underage, and spying on them using remote access trojans. 32-year-old Robert Davies used fake online social media profiles and Skype accounts for catfishing his victims and hacking their devices by sending links that allowed him to infect them with RATs obfuscated using crypters.
Electric car chargers will have to include secure boot and automatic network disconnection if unsigned software runs on the smart devices - but only from 2023, the British government has said. New security requirements for smart chargers won't be enforced until the last day of this year, according to government papers reviewed by The Register.
The Information Commissioner's Office has confirmed that former New Zealand privacy commissioner John Edwards has started his new role as the UK's Information Commissioner. While legal experts have warned of the dangers of the UK straying too far from the EU's General Data Protection Directive - or risking the adequacy decision which currently allows data sharing between the UK and the EU to support business as usual - his message is don't stop believing.
One sector that I believe is ripe and particularly susceptible to cyber attacks currently is the UK's energy sector. Impacted by a surge in demand for energy by countries across the northern hemisphere, the supply chain that services the UK's critical need for gas and electricity is currently grappling with a widespread energy crisis as we head into winter.
The US Attorney's Office of Massachusetts on Monday announced the extradition of Vladislav Klyushin, a Russian business executive with ties to the Kremlin, on charges of hacking US computer networks and committing securities fraud by trading on undisclosed financial data. Klyushin, 41, a resident of Moscow, Russia, was arrested in Sion, Switzerland on March 21, 2021, reportedly upon disembarking from his private jet while on vacation with his family.