Security News
Garrison wants to move security away from software and into hardware
Britain's Financial Conduct Authority on Tuesday admitted to a data breach, in an embarrassing revelation for the regulator and its boss, who shortly takes over at the Bank of England. The FCA said it had mistakenly published the details of around 1,600 consumers who had complained about the regulator, which is tasked with overseeing the conduct of Britain's key financial sector, including any data breaches by banks for example.
Samsung said Tuesday that a "Technical error" caused its website to display other customers' personal information. People who logged on were able to see someone else's name, phone number, address, email address and previous orders.
U.S. and U.K. officials are blaming the Russian military for launching an October 2019 cyberattack on the country of Georgia that crippled at least 2,000 government, news media and court websites over the course of one day. A few hours after the U.S. and U.K. released their statements about Georgia on Thursday, the New York Times reported that U.S. intelligence officials had recently warned U.S. lawmakers that Russia has already taken steps to interfere in the U.S. presidential election.
The US and UK governments have both accused Russia of launching a cyber attack against the Georgian government last year. The attacks, mounted on 28 October 2019, came from Russia's notorious GRU military intelligence unit, according to announcements from the US State Department and the UK's National Cyber Security Centre.
Georgian authorities on Thursday accused Russia's military intelligence of launching a large-scale cyberattack that targeted the government and private organizations with the goal of destabilizing the ex-Soviet nation. Georgia's Foreign Ministry said the Oct. 28 cyberattack was "Targeted at Georgia's national security and intended to harm Georgian citizens and government structures by disrupting and paralyzing the functionality of various organizations, causing anxiety among the general public."
"The National Cyber Security Centre assesses with the highest level of probability that on 28 October 2019 the GRU carried out large-scale, disruptive cyber-attacks," said the Foreign Office in a statement, referring to the main Russian overseas spy agency. Russia has few qualms about letting APT28 loose against foreign countries, as its attacks against Italy a few years ago showed.
Britain and the United States on Thursday accused Russia of orchestrating a "Reckless" cyber assault against Georgia last year as part of an aggressive campaign of online attacks worldwide. The British government said its National Cyber Security Centre had decided Moscow was behind the Georgia cyber attack "With the highest level of probability".
British customers of High Street banking brand Natwest are being advised not to use the domain natwest.co.uk - by none other than Natwest itself. Consumers are increasingly becoming aware of threats to their online banking security through malware and malicious apps designed to steal credentials.
During the Brexit transition period, "It will be business as usual for data protection," which means mandatory compliance with the EU's General Data Protection Regulation remains in effect, the U.K. Information Commissioner's Office said in a Jan. 29 blog post. What happens after the transition period is over? From a privacy standpoint, that remains the million-dollar - or rather, pounds-sterling - question, and "Depends on negotiations during the transition period," as noted in a Brexit FAQ issued by the ICO. Odds are good that after 2020, U.K. organizations will have to continue to comply with GDPR. Otherwise, they could be shut out of easy trading with the EU, leaving Britain at a competitive disadvantage.