Security News
The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online. Just like with the passwords coming from the FBI, this massive collection has been added to the Pwned Passwords data that allows searching if a password has been compromised.
The UK government has officially included decapod crustaceans-including crabs, lobsters, and crayfish-and cephalopod mollusks-including octopuses, squid, and cuttlefish-in its Animal Welfare Bill. This means they are now recognized as "Sentient beings" in the UK. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
The British government has launched a £2.6bn National Cyber Strategy, intended to steer the state's thinking on cyber attack, defence and technology for the next three years - and there's some good news if you run a tech company. Its authors praised the formation of the National Cyber Force "Offensive cyber activity" unit, a joint venture between spy agency MI6, domestic intel agency GCHQ and the Ministry of Defence.
The global pandemic has provided cover for all sorts of phishing scams over the past couple of years, and the rise in alarm over the spread of the latest COVID-19 variant, Omicron, is no exception. U.K. consumer watchdog "Which?" has raised the alarm that a new phishing scam, doctored up to look like official communications from the National Health Service, is targeting people with fraud offers for free PCR tests for the COVID-19 Omicron variant.
The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure. It's a much more modest regulatory proposal, and unlike those proposals that aim to disrupt security and cryptography "Just in case we ever lock the keys in the car", its goal is to demand a modest increase in security and basic cyber-reliability in products such as mobile phones, fitness trackers, internet webcams, cloud doorbells, and temperature sensors for your pet fish.
Britain's plans to force internet-connected device vendors to declare legally binding product lifespans won't be easily evaded by shell companies, the government has told The Register. After the Product Security and Telecommunications Infrastructure Bill was introduced to Parliament last week, some questioned whether the legislation would prevent unscrupulous manufacturers and importers from avoiding legal liability by setting up shell companies.
Singapore and the UK signed three memorandums of understanding this week, hoping to strengthen digital connectivity between the two island nations. In a canned statement, Singapore's Minister for Communications and Information, Josephine Teo, said the agreement would "Further strengthen the links between Singapore and the UK in digital trade facilitation, digital identities and cybersecurity."
EB Associates, a London-based financial advisory business, is facing a £140,000 fine from the UK's data watchdog after it instigated 107,000 illegal cold calls to people about their pensions. The practice of pension cold-calling was banned by the government in January 2019 to stop people being scammed of their life savings.
The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked about reprimands made under the General Data Protection Regulation. Reprimands are a formal expression of the ICO's disapproval, issued to organisations that have broken data protection law.
The head of the UK's secretive Military Intelligence Section 6 agency - popularly known as MI6 - has delivered a rare speech in which he has warned that China, Iran, and Russia use information technology to destabilise rivals, and that the agency he leads can no longer rely on in-house innovation to develop the technologies the UK needs to defend itself. MI6 boss Richard Moore delivered a speech on Thursday at the International Institute for Strategic Studies, and opened with an explanation of why the normally reclusive agency had taken the unusual step of allowing its leader to speak in public.