Security News

The U.S. Cyber Command's campaign to hack ISIS and disrupt its media operations faced some challenges, including a lack of data storage, but ultimately proved successful, according to government documents from 2016 that were made public Tuesday. The heavily-redacted documents published by the National Security Archive, a not-for-profit research organization, show that U.S. Cyber Command was not prepared to handle the amount of information it collected when it hacked ISIS. The command, which is part of the U.S. Defense Department and includes units from all military branches, also faced problems with interagency coordination and the lengthy process of vetting ISIS cyber targets.

The US military claims to have "Successfully" disrupted the online propaganda efforts of the Islamic State in a hacking operation dating back at least to 2016, according to declassified national security documents released Tuesday. The heavily redacted, previously top secret documents said the US Cyber Command "Successfully contested ISIS in the information domain" and limited its online efforts on radicalization and recruitment "By imposing time and resource costs" on the jihadist group.

Governments in the US and China are at the front of the line when it comes to knocking on Apple's door to request user data relating to fraud/phishing, according to the company's latest transparency report. Like any tech company that handles user data, Apple gets different types of requests: those that are made when an account holder is in imminent danger, those from law enforcement agencies trying to help people find their lost or stolen devices, those asking for Apple's help when thieves rip off credit card data so they can buy Apple products or services on somebody else's dime, and in situations where investigators think an account's been used to do something illegal.

Apple and the US government are at loggerheads for the second time in four years over unlocking iPhones connected to a mass shooting, reviving debate over law enforcement access to encrypted devices. Attorney General Bill Barr claimed Monday that Apple failed to provide "Substantive assistance" in unlocking two iPhones in the investigation into the December shooting deaths of three US sailors at a Florida naval station, which he called an "Act of terrorism."

Prime Minister Boris Johnson on Tuesday challenged US opponents of Britain's potential decision to let China's Huawei telecoms giant develop its 5G network to come up with a better choice. The United States and Australia have both banned their 5G providers from using Huawei on security grounds.

Those known risks are twofold: Huawei's coding practices are pisspoor, as Britain's Huawei Cyber Security Evaluation Centre found last year; and there is the ever-present fear that Huawei, or people within Huawei, could be forced to abuse their product knowledge to serve the Chinese regime, perhaps through espionage conducted on UK comms networks or helping with denial-of-service attacks. Although the US have been claiming for years that Huawei poses a threat to communication security, given the well-documented activities of American spy agencies over the last couple of decades this seems like a hollow concern.

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.

TechRepublic's Karen Roby talked to Steven Cardwell, vice president of program marketing at HBO, at CES 2020 about its Westworld display and the importance of data privacy. Just given the conversation happening right now at CES, predominantly around data privacy, we thought this was a really great way to integrate into the conversation to not only talk about data privacy, but actually make people experience what it feels like when a company such as Incite actually has the power perhaps for good or bad. SEE: CES 2020: The big trends for business.

British and American officials are meeting as U.K. Prime Minister Boris Johnson's government prepares to decide on whether there's a future for Chinese equipment maker Huawei in the country's next-generation telecom networks, his spokesman said Monday. "We have strict controls for how Huawei equipment is currently deployed in the U.K. The government is undertaking a comprehensive review to ensure the security and resilience of 5G and fiber in the U.K.".

A Westworld-themed experience gave CES attendees a creepy glimpse into tech consequences of the future.