Security News

Prime Minister Boris Johnson on Tuesday challenged US opponents of Britain's potential decision to let China's Huawei telecoms giant develop its 5G network to come up with a better choice. The United States and Australia have both banned their 5G providers from using Huawei on security grounds.

Those known risks are twofold: Huawei's coding practices are pisspoor, as Britain's Huawei Cyber Security Evaluation Centre found last year; and there is the ever-present fear that Huawei, or people within Huawei, could be forced to abuse their product knowledge to serve the Chinese regime, perhaps through espionage conducted on UK comms networks or helping with denial-of-service attacks. Although the US have been claiming for years that Huawei poses a threat to communication security, given the well-documented activities of American spy agencies over the last couple of decades this seems like a hollow concern.

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.

TechRepublic's Karen Roby talked to Steven Cardwell, vice president of program marketing at HBO, at CES 2020 about its Westworld display and the importance of data privacy. Just given the conversation happening right now at CES, predominantly around data privacy, we thought this was a really great way to integrate into the conversation to not only talk about data privacy, but actually make people experience what it feels like when a company such as Incite actually has the power perhaps for good or bad. SEE: CES 2020: The big trends for business.

British and American officials are meeting as U.K. Prime Minister Boris Johnson's government prepares to decide on whether there's a future for Chinese equipment maker Huawei in the country's next-generation telecom networks, his spokesman said Monday. "We have strict controls for how Huawei equipment is currently deployed in the U.K. The government is undertaking a comprehensive review to ensure the security and resilience of 5G and fiber in the U.K.".

A Westworld-themed experience gave CES attendees a creepy glimpse into tech consequences of the future.

A database containing the personal details of 56.25m US residents - from names and home addresses to phone numbers and ages - has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough. He told us he found the 22GB database exposed on the internet, including metadata that links the collection to CheckPeople.com.

Kuwait on Wednesday denied reports that the United States had decided to withdraw its troops from the Gulf state, saying the Twitter account of its official news agency had been hacked. The state-run Kuwait News Agency tweeted that the Kuwaiti defence minister had been informed by the commander of US forces in the emirate of their intention to withdraw from the Arifjan base within three days.

The US Department of Homeland Security has issued a total of three warnings in the last few days encouraging people to be on the alert for physical and cyber attacks from Iran. The warnings directly address IT professionals with advice on how to secure their networks against Iranian attack.

Not only are the US elections arguably some of the most influential on the global stage, but the infamous cyber attack on Clinton campaign manager John Podesta during the 2016 presidential elections was a watershed moment. The threat of foreign interference takes many forms, from the more subtle use of fake news and online trolls to confuse and frustrate the political discourse, to direct attacks on vulnerable voting infrastructure and to disrupt or breach political parties and individuals.