Network security management

Millions of businesses vulnerable to fax-based cyber attack

Hackers could exploit security vulnerabilities in fax machines to launch cyber attacks in millions of organisations around the world, researchers warn, underlining the need for cyber resilience Continue Reading

By

• Warwick Ashford, Senior analyst

Brace for more Triton-like attacks, researchers warn

The world has not seen the last of industrial control system (ICS) attacks like Triton, researchers have warned Continue Reading

By

• Warwick Ashford, Senior analyst

Industrial control systems a specialised cyber target

Cyber attackers specialising in industrial control systems are fast, efficient and able to move between IT and OT environments, a study has revealed Continue Reading

By

• Warwick Ashford, Senior analyst

Virus outbreak at iPhone chip plant could delay shipments

A computer virus at an iPhone chip manufacturing plant could delay shipments of Apple’s latest smartphones, but the impact will be limited, say analysts Continue Reading

By

• Warwick Ashford, Senior analyst

UK security centre to launch IoT security standard

The London-based Centre for Strategic Cyber Space and Security Science is working on an internet of things security standard and has roped in participants from eight markets Continue Reading

By

• Aaron Tan, TechTarget

Briton ran pro-Kremlin disinformation campaign that helped Trump deny Russian links

A British IT manager and former hacker from Darlington ran a disinformation campaign that duped former US intelligence agents and provided Donald Trump with manufactured “evidence” to deny that Russia interfered with the US election Continue Reading

By

• Duncan Campbell , 2QQ Ltd, Sussex University

Brace for PowerGhost cryptominer, warns Kaspersky Lab

Corporate networks are the target of a new illicit cryptocurrency mining malware that is difficult to detect and eradicate, security researchers warn Continue Reading

By

• Warwick Ashford, Senior analyst

Cyber security vulnerability concerns skyrocket

Security professionals are more worried about data breaches and cyber attacks than they were a year ago, with most fearing that Meltdown-Spectre attacks are becoming the norm Continue Reading

By

• Warwick Ashford, Senior analyst

Smart cities face challenges and opportunities

IHS Markit analysts Noman Akhtar and Kevin Hasley assess the way forward for smart city technology projects around the world Continue Reading

By

• Norman Akhtar and Kevin Hasley

Beyond GDPR: ePrivacy could have an even greater impact on mobile

From how we monitor air pollution and manage our public transport systems, to how we enable connected cars and the next generation of 5G mobile services, the forthcoming ePR could have a lasting impact on European society Continue Reading

By

• Jade Nester, GSMA

MPs call for inquiry into smart meter roll-out

Government urged to conduct a review of the roll-out of smart meters for electricity and gas, and to intervene to tackle a number of failures Continue Reading

By

• Alex Scroxton, Security Editor

Singapore public healthcare sector limits internet use

Healthcare workers who require internet access will have to use separate internet workstations following an unprecedented attack on Singapore’s public healthcare system Continue Reading

By

• Aaron Tan, TechTarget

Zero trust security model boosts business confidence

Organisations that combine the zero trust security model with next-gen access are more confident about meeting access control challenges, a study shows Continue Reading

By

• Warwick Ashford, Senior analyst

How Splunk is ‘splunking’ data for APAC enterprises

Splunk’s regional vice-president talks up the company’s business strategy and how its customers are using big data analytics in security and IT operations Continue Reading

By

• Aaron Tan, TechTarget

CW ANZ: Fix the weak links

Recent reports have suggested that cyber threats are increasingly aimed at critical information infrastructure such as power grids, water treatment plants and transportation networks. While the scale of the problem that Australian industry faces is hard to quantify, no one disputes the threat is real. In this edition of CW ANZ, we look at how Australia is securing its industrial control systems and how it is bridging the security gap between IT and OT teams. Read the issue now. Continue Reading

An insider’s look into the dark web

A principal research scientist at Sophos offers a glimpse into the abysses of the dark web in a bid to uncover what cyber crooks are up to Continue Reading

By

• Aaron Tan, TechTarget

A third of organisations do not have a security expert, survey shows

Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Hackers increasingly targeting cloud infrastructure

Cloud infrastructure is a growing target for cyber attackers because of available computing resources, as well as the repositories of valuable data, a report reveals Continue Reading

By

• Warwick Ashford, Senior analyst

Cyber attackers cashing in on ‘hidden’ attack surface

Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals Continue Reading

By

• Warwick Ashford, Senior analyst

Corporate networks vulnerable to insider attacks, report finds

Researchers found that 100% of corporate networks tested in 2017 were vulnerable to insider attacks, with Wi-Fi networks and employees among the top areas of weakness Continue Reading

By

• Warwick Ashford, Senior analyst

Inside one of the world’s largest bug bounty programmes

Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug Continue Reading

By

• Aaron Tan, TechTarget

UK government cyber security standard welcomed

The information security community has welcomed the publication of the government’s minimum cyber security standard, which could be used by any organisation to improve its cyber defences Continue Reading

By

• Warwick Ashford, Senior analyst

University of Melbourne claims quantum computing breakthrough

Australian scientists have simulated the power of quantum computing on classical computers to solve a mathematical problem, paving the way for future breakthroughs in the nascent field Continue Reading

By

• Aaron Tan, TechTarget

Brexit a greater risk to UK financial system than cyber attack

While Brexit is seen as the biggest risk to the stability of the UK financial system, cyber attack is the most difficult risk to manage for over half of firms Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Government must challenge popular smart city misconceptions

A report by the All Party Parliamentary Group on Smart Cities says many people feel alienated by the concept, and calls on the government to challenge some popular misconceptions Continue Reading

By

• Alex Scroxton, Security Editor

Global IoT security standard remains elusive

Despite the lack of a global internet of things security standard, existing security frameworks are on the same page in areas such as device upgradability and data stewardship Continue Reading

By

• Aaron Tan, TechTarget

Norway’s National Security Agency warns IT industry about security obligations

IT service providers serving organisations in Norway have received a timely reminder about their security obligations. Continue Reading

By

• Gerard O'Dwyer

Younger employees 'main culprits' for security breaches

UK senior decision makers believe younger workers are the biggest risk to cyber security, but are doing little to support them and reduce that risk, a report reveals Continue Reading

By

• Warwick Ashford, Senior analyst

Palo Alto Networks opens cyber range in Australia

The first of its kind in Asia-Pacific, the cyber range training facility will let Australian IT and security teams hone their skills through cyber security exercises Continue Reading

By

• Aaron Tan, TechTarget

Singapore faced cyber attacks during Trump-Kim summit

Russian attackers allegedly scanned IP phones in the city-state for vulnerabilities, although it was unclear what they were after or whether they were successful Continue Reading

By

• Aaron Tan, TechTarget

How Australia is keeping pace with ICS threats

Besides bridging the security gap between IT and operational technology teams, Australia is driving efforts to bolster the security of IoT devices Continue Reading

By

• Beverley Head

Cyber resilience key to securing industrial control systems

Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading

By

• Aaron Tan, TechTarget

Tech's role in tackling humanitarian crises

In this week’s Computer Weekly, we learn about how mobile connectivity is a lifeline for Syrian refugees in Turkey, thanks to the mobile network operators in that country. Our latest buyer’s guide examines how modern network security enables digital transformation at a range of companies. And we find out about the technology strategy of logistics firm Hermes from its CIO, and about British Airways’ use of Salesforce to globalise its B2B sales. Read the issue now. Continue Reading

Former Macedonian PM convicted in corruption case exposed by illegal government surveillance

Information exposed by leaked recordings that were part an illegal mass surveillance campaign orchestrated under the government of former prime minster Nikola Gruevski have led to his conviction for corruption. He was found guilty of rigging a tender and receiving a luxury Mercedes as a bribe. He may still appeal the ruling Continue Reading

By

• Tena Prelec

Grab outlines its approach to cyber security

Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement Continue Reading

By

• Aaron Tan, TechTarget

GDS seeks advice on migration from Public Services Network

The Government Digital Service has started the process of moving public sector organisations away from the Public Services Network Continue Reading

By

• Alex Scroxton, Security Editor

BSI launches kitemark for internet of things devices

The British Standards Institution has launched a new kitemark for IoT devices, designed to improve consumer trust in the technology Continue Reading

By

• Alex Scroxton, Security Editor

IoT and personal devices pose huge security risk to enterprises

After years of speculation about the risk IoT and personal devices pose to enterprise security, research has revealed the threat is “immense” and probably greater than most firms realise Continue Reading

By

• Warwick Ashford, Senior analyst

CNI providers face hefty fines for cyber security failings

UK providers of critical national infrastructure face hefty fines for cyber security failings from 10 May 2018 Continue Reading

By

• Warwick Ashford, Senior analyst

Security Think Tank: Five tips for killing the campers on your network

Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading

By

• Adrian Davis, (ISC)²

Virtual tripwire to keep elephant poachers out of Zambian national park

Cisco and Dimension Data are working to protect Zambia’s at-risk elephant population after a successful pilot project in South Africa Continue Reading

By

• Alex Scroxton, Security Editor

Security Think Tank: More time equals more opportunity for cyber attackers

Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading

By

• Rory Alsop

Fibre network breakthrough has implications for data security

Researchers have devised a new protocol that they claim vastly extends the range of quantum key distribution over fibre networks Continue Reading

By

• Alex Scroxton, Security Editor

Network security in the digital transformation era

 Continue Reading

City Police use Lego simulation to teach businesses cyber security

City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life Continue Reading

By

• Bill Goodwin, Computer Weekly

Security Think Tank: Prevention and detection are key to limit dwell time

Why is reducing cyber attacker dwell time important and how should this be tackled? Continue Reading

By

• Emma Bickerstaffe, Information Security Forum (ISF)

Security Think Tank: Containment should be top priority in cyber breaches

Why is reducing cyber attacker dwell time important, and how should this be tackled? Continue Reading

By

• Paddy Francis

Ransomware still a threat to business, F-Secure warns

Ransomware attacks tapered off towards the end of 2017 after an explosion in such attacks earlier in the year, but ransomware remains a threat to big business, a report reveals Continue Reading

By

• Warwick Ashford, Senior analyst

Google Chrome helps clean up certificate authority industry

The security industry has welcomed the introduction of measures by the Google Chrome browser aimed at achieving certificate transparency Continue Reading

By

• Warwick Ashford, Senior analyst

Finnish R&D and utilities in line of cyber espionage fire, say security police

Finnish research and development, as well as critical infrastructure, are being targeted by state-backed cyber espionage attacks, says report Continue Reading

By

• Tarmo Virki

Next generation of SCADA industrial controls will protect against cyber attack

Oil, energy and chemical companies are rethinking how to control big manufacturing plants, replacing expensive control technology with cheaper, more secure systems, taking their cue from biology Continue Reading

By

• Bill Goodwin, Computer Weekly

Security Think Tank: Use good practice to address cryptojacking risk

How can organisations best defend against cryptojacking? Continue Reading

By

• Simon Persin, Turnkey Consulting

Business at risk from unidentified network traffic, report warns

A lack of network traffic visibility poses significant security challenges to businesses, a report on network firewalls warns Continue Reading

By

• Warwick Ashford, Senior analyst

China’s ZTE a national security risk, UK telcos warned

UK national cyber security authority has warned telecommunications companies against using equipment and services from Chinese network equipment supplier ZTE, citing national security risks Continue Reading

By

• Warwick Ashford, Senior analyst

Flashpoint researchers warn of new VBS Loader

Researchers have issued warnings about a new VBScript downloader that behaves like a remote access Trojan, is designed to run undetected and can update and delete itself Continue Reading

By

• Warwick Ashford, Senior analyst

UK and US accuse Russia of targeting network infrastructure

The UK and US have accused the Russian government of targeting network infrastructure, calling on network operators to take the necessary protective measures Continue Reading

By

• Warwick Ashford, Senior analyst

Government to set up £13.5m cyber security centre

Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security Continue Reading

By

• Alex Scroxton, Security Editor

Podcast: Storage compliance for GDPR data subject requests

The General Data Protection Regulation is upon us. Mathieu Gorge, CEO of Vigitrust, talks you through the key areas needed for compliance in storage of data subjects’ data and how to find it quickly on request Continue Reading

By

• Antony Adshead, Storage Editor

Facebook announces more privacy control updates

Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns Continue Reading

By

• Warwick Ashford, Senior analyst

Dutch SMEs’ cyber security is insufficient

Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security Continue Reading

By

• Kim Loohuis

Application layer DDoS attacks increasing, Imperva data shows

Distributed denial of service attacks targeting applications almost doubled in the last three months of 2017, according to Imperva Incapsula data Continue Reading

By

• Warwick Ashford, Senior analyst

SD-WAN still too complex, survey shows

Despite SD-WAN adoption, WAN complexity remains a major challenge, a survey has revealed, driving firms to managed services, mainly because of security concerns Continue Reading

By

• Warwick Ashford, Senior analyst

Network security in the digital transformation era

Network security has always been a core focus for CISOs and IT security managers, but in an era of digital transformation, we examine if network security strategies are keeping up with new and emerging cyber threats Continue Reading

By

• Nicholas Fearn

Russia compromised core router in US energy attacks

Russian cyber attackers used a compromised core router in a series of attacks on the US energy sector, security researchers have revealed as the UK energy sector is placed on alert Continue Reading

By

• Warwick Ashford, Senior analyst

Network security in the age of the internet of things

Wireless devices and smart technologies are increasingly being brought into the workplace, and pose a growing risk to company data Continue Reading

By

• Peter Ray Allison

IT contractors not a risk despite Snowden leaks, GCHQ tells court

The government argues in the Investigatory Powers Tribunal that contractors with systems administration rights to computers holding GCHQ’s most sensitive intelligence pose no more of a security risk than the agency’s employees Continue Reading

By

• Bill Goodwin, Computer Weekly

SD-WAN needs software-defined security

Digital transformation is driving organisations to move to the cloud, which requires a new architecture that embraces cloud technology, but that in turn requires a new way of thinking about network security to ensure data is protected Continue Reading

By

• Klaus Gheri, Barracuda

Security Think Tank: Fileless malware not totally undetectable

What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading

By

• Greg Temm

Government ‘unlawfully delegated’ bulk data powers to GCHQ, court hears

Privacy International urges Britain’s most secret court, the Investigatory Powers Tribunal, to rule that the government illegally collected surveillance data from internet and phone companies until at least September 2017 Continue Reading

By

• Bill Goodwin, Computer Weekly

Businesses need to take cryptojacking seriously

Organisations must pay attention to cyber criminals hijacking computing resources to mine cryptocurrencies, because nearly half are affected and the impact is greater than many realise Continue Reading

By

• Warwick Ashford, Senior analyst

Security Think Tank: Human, procedural and technical response to fileless malware

What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading

By

• Mike Gillespie

Security researchers demonstrate ransomware attack on robots

Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against Continue Reading

By

• Warwick Ashford, Senior analyst

Cryptojacking cyber criminals up their game

Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found Continue Reading

By

• Warwick Ashford, Senior analyst

Mac malware more than doubled in 2017

Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes Continue Reading

By

• Warwick Ashford, Senior analyst

CW Europe: Germany’s Lemoncat takes catering to the cloud

Business catering startup Lemoncat has taken advantage of the affordable cost of living in Berlin and is shaking up the catering sector by harnessing the Amazon and Salesforce clouds. Also in this issue, read how Moscow’s government is taking advantage of high penetration of broadband and mobile internet to expand innovative services under the Russian capital’s smart city programme, and how organisations in the Netherlands still have much to do to comply with the General Data Protection Regulation. Continue Reading

Businesses warned not to ignore cryptojacking threat

Businesses should not ignore the threat of malware designed to carry out illicit cryptocurrency mining, warns NTT Security Continue Reading

By

• Warwick Ashford, Senior analyst

Only half of ransomware payments honoured

Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks Continue Reading

By

• Warwick Ashford, Senior analyst

Security Think Tank: Aim to detect and contain fileless malware attacks quickly

What should organisations do at the very least to ensure business computers are protected from fileless malware? Continue Reading

By

• Paddy Francis

New privacy fears as IT challenges delay surveillance oversight body by a year

IT challenges have delayed government plans for an independent body to authorise requests to access the public’s internet and phone records by nearly a year, raising new legal and privacy concerns Continue Reading

By

• Bill Goodwin, Computer Weekly

CW Nordics: Nordics CIOs’ priorities in 2018

A select group of CIOs and analysts in Denmark, Finland, Norway and Sweden give their views on the top IT priorities in 2018. As in 2017, digital transformation will continue to be a buzzword. Also read how Sweden is tightening up its cyber security defences as part of a wider national security strategy, and how Nordic banks cannot afford to slow their digital transformations as PSD2 comes into force. Continue Reading

A third of Brits plan to exercise right to be forgotten

After the General Data Protection Regulation compliance deadline, a third of Britons polled say they plan to exercise their right to be forgotten, but few fully understand the GDPR and how it will affect them Continue Reading

By

• Warwick Ashford, Senior analyst

Telegram zero-day exploit is a warning

The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned Continue Reading

By

• Warwick Ashford, Senior analyst

Why police forces need to be honest about mass mobile phone surveillance

Police forces across the UK are covering up their use of sophisticated mass surveillance devices, known as IMSI-catchers - the Bristol Cable and Liberty are campaigning for proper transparency Continue Reading

By

• Alon Aviram, The Bristol Cable

Moscow puts municipal vehicles online to save fuel

The city of Moscow has deployed a unified IoT platform to monitor and control all of its municipal vehicles Continue Reading

By

• Alex Scroxton, Security Editor

Teenager suspected of crippling Dutch banks with DDoS attacks

A large distributed denial of service attack on banks and other organisations in the Netherlands, first thought to emanate from Russia, is now thought to have been launched by a local teenager Continue Reading

By

• Tijs Hofmans

Lauri Love plans to use ‘internet as a force for good’

Engineering student Lauri Love says he plans to help businesses fight cyber crime, after the court of appeal ruled that he can be tried in the UK for allegedly hacking US computer systems, rather than face extradition to the US Continue Reading

By

• Julia Gregory and Niels Ladefoged

Researchers discover malicious Chrome extensions

Security researchers have discovered a new botnet delivered via malicious Chrome extensions designed to hijack computers to mine cryptocurrency and record victims’ every move Continue Reading

By

• Warwick Ashford, Security Editor

Europe’s shameful role in spy-tech exports that led to torture and jail

Governments in Europe actively assisted in government oppression in Iran, Bahrain and Russia by providing states with sophisticated surveillance equipment. The European Parliament is pressing for changes in the law to restrict exports of spy-technology to countries with poor human rights records Continue Reading

By

• Marietje Schaake, European Parliament

Security Think Tank: Automating basic security tasks

How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading

By

• Petra Wenham

UK finance sector cyber security pros admit shocking practices

UK financial sector IT security teams face immense challenges that are undermining business opportunities and continuity in financial services, a survey reveals Continue Reading

By

• Warwick Ashford, Security Editor

Navigating ASEAN’s patchy cyber security landscape

Cyber resilience remains low across Southeast Asia, a regional economic powerhouse that is increasingly susceptible to cyber threats as its digital economy grows Continue Reading

By

• Aaron Tan, TechTarget

IT Priorities 2018: Data protection a top priority ahead of GDPR

Data protection continues to be a key focus for IT security investment for European firms in 2018, as does the emphasis on cloud and mobile security as companies move to these technology platforms Continue Reading

By

• Warwick Ashford, Security Editor

How blockchain can secure the IoT

By doing away with a central authority in internet of things (IoT) networks, blockchain technology can reduce the risk of IoT devices being compromised by a single point of security failure Continue Reading

By

• Aaron Tan, TechTarget

AI is moving towards acceptance in cyber security, says Check Point

Artificial intelligence is well on its way to being a useful tool in the cyber security professional’s kit, but according to Check Point, there are still big challenges to overcome Continue Reading

By

• Alex Scroxton, Security Editor

UK urged to up spending on cyber defence

Cyber attacks that target military and civilian operations are one of the biggest threats facing the UK, according to a top military officer, but security experts say cyber defence spending must be carefully considered Continue Reading

By

• Warwick Ashford, Security Editor

Judge will take time to seek answers from EU court over Max Schrems Facebook privacy fight

The Irish High Court will take time to decide what questions to put before the European Court of Justice in a case with significant implications for EU and US trade and the privacy of EU citizens Continue Reading

By

• Bill Goodwin, Computer Weekly

Davos: Disintegration of the internet could create economic turmoil

Politicians and business leaders will discuss the risks posed by fake news, cyber attacks, and artificial intelligence to jobs, political stability and global security, at the World Economic Forum in Davos Continue Reading

By

• Bill Goodwin, Computer Weekly

Call for statutory regulation of police number plate cameras amid concerns over accuracy

The UK’s automatic number plate recognition database – one the largest non-military data-gathering systems – records up to 1.2 million false readings of number plates every day. It should be subject to statutory regulation, says an independent watchdog Continue Reading

By

• Bill Goodwin, Computer Weekly

How secure are smart energy grids?

The improved efficiency of smart grids need to be weighed against the cost of security - presenting a unique opportunity for the tech sector and a new market for security companies Continue Reading

By

• Peter Ray Allison

CES 2018: Hyundai and Cisco bring SDN to the automobile

Hyundai will debut a new generation of hyperconnected software-defined car in 2019, incorporating a Cisco-designed network platform Continue Reading

By

• Alex Scroxton, Security Editor