Privacy and data protection

Data on children of armed forces personnel exposed in breach

Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence Continue Reading

Cyber skills gap affecting data privacy practice, finds ISACA

Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report Continue Reading

Korean researchers invent silk-based security device

Experts from the Gwangju Institute of Science have built a digital security device based on natural silk fibres that they claim is practically unbreachable Continue Reading

Navigating PIPL: European businesses plot their next steps into China

How does China’s strict new Personal Information Protection Law impact European businesses? Continue Reading

Integrating zero-trust practices into private 5G networks

One of the first steps in deploying a technology is protecting it from potential security threats. Learn how to secure a private 5G network with zero-trust security practices. Continue Reading

WikiLeaks founder Julian Assange can ask Supreme Court to hear extradition appeal

Senior judges said today that WikiLeaks founder Julian Assange can petition the Supreme Court to decide whether to hear an appeal against his extradition to the US Continue Reading

Tinder algorithm charging users more based on age

Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices Continue Reading

Mandiant analysts: Russia-backed APTs likely to ramp up attacks

More cyber attacks like those perpetrated against targets in Ukraine are to be expected, and they may become more destructive Continue Reading

ICO criticises government-backed campaign to delay end-to-end encryption

Data protection watchdog warns that delaying end-to-end encryption will put children at risk Continue Reading

Cyber pros: Don’t revel in REvil’s downfall just yet

The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely Continue Reading

Scam losses in Australia hit record high

Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses Continue Reading

Ransomware attacks dropped 37% in December, claims NCC

Latest monthly data reveals a significant decline in ransomware attacks at the end of 2021, but a new, emergent gang is making waves Continue Reading

Data of 515,000 vulnerable people stolen in Red Cross attack

The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised Continue Reading

Singapore to tighten digital banking security

Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state Continue Reading

Government funds charity campaign to warn big tech over the risks of encryption to children

Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’ Continue Reading

Investigators find Beijing 2022 app riddled with security flaws

Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack Continue Reading

Police take down VPN linked to multiple ransomware hits

German police led a multinational effort to seize and take down the LabVPN service, which was allegedly used by cyber criminals to facilitate ransomware attacks Continue Reading

‘Russian-backed’ hackers defaced Ukrainian websites as cover for dangerous malware attack

Kiev claims that a hacking group in Belarus – a close ally of Russia – was responsible for hacking Ukrainian government websites amid threats of military action Continue Reading

Podcast: 2022 compliance preview – GDPR goes global

We talk to Mathieu Gorge, CEO of VigiTrust, about what’s looming in compliance, with regulations based on the principles of the General Data Protection Regulation plus the concept of cyber accountability Continue Reading

MEPs demand EU probe into Pegasus spyware abuse

A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it Continue Reading

Banks accused of neglecting customer security measures

Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes Continue Reading

Companies propose scanning content pre-encryption to fight CSAM

Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain Continue Reading

Proofpoint acquires Singapore data security startup

Proofpoint’s acquisition of Dathena will bolster its data loss prevention capabilities, enabling organisations to better understand information risk through the use of AI Continue Reading

Ministry of Justice caught up in multiple cyber incidents

Besides multiple disclosed data breaches, department was also affected by two ransomware attacks Continue Reading

Singapore retailer hit by data breach

The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised Continue Reading

France fines Facebook and Google over alleged cookie malpractice

French data protection authorities clamp down on tech platforms for purposely making it more burdensome for users to decline tracking cookies Continue Reading

Judges to decide whether Assange can appeal against extradition as he reaches 1,000 days in jail

Mexican president Andrés Manuel López Obrador urges US to treat WikiLeaks founder Julian Assange with humanity and to consider Mexico’s offer to grant Assange asylum Continue Reading

How APAC firms can stay ahead of cyber threats

Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks Continue Reading

Top 10 crime, national security and law stories of 2021

Here are Computer Weekly’s top 10 crime, national security and law stories of 2021 Continue Reading

Top 10 technology and ethics stories of 2021

Here are Computer Weekly’s top 10 technology and ethics stories of 2021 Continue Reading

Top 10 cyber security stories of 2021

Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do? Continue Reading

Top 10 artificial intelligence stories of 2021

This year, artificial intelligence has moved to operationalisation, explainability and regulatory frameworks. Here are Computer Weekly’s top 10 artificial intelligence stories for 2021 Continue Reading

Security Think Tank: When will they ever learn?

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Online Safety Bill puts user protection onus on platform providers

The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas Continue Reading

Julian Assange can be extradited to the US to face espionage and hacking charges, court rules

High Court overturns decision not to extradite WikiLeaks founder after US government gives assurances over his treatment Continue Reading

UK and US to collaborate on privacy innovation contest

Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC Continue Reading

UK privacy chief denies conflict of interest in new role

UK information commissioner will join a private law firm that represents technology companies she used to regulate, raising questions about conflicts of interest and drawing ‘revolving door’ criticisms Continue Reading

Number of .uk domain suspensions at record low

Statistics from Nominet show how effective law enforcement action against cyber crime in the UK is paying off Continue Reading

Millions of credit card details for sale on dark web for as little as 75p

The credit card details of millions of people from across the world can be bought by criminals using the dark web for as little as $1 Continue Reading

Kaspersky introduces cyber policy for bionic devices

Cyber firm Kaspersky has become one of the first organisations in the world to develop and implement a security policy covering the use of bionic devices and other forms of human augmentation Continue Reading

A ‘whole of society’ approach to cyber may be on the horizon

Nominet Cyber managing director David Carroll reflects on the NCSC’s latest annual review amid 2021’s fast-evolving threat landscape Continue Reading

Compliance, device management a challenge for NHS cyber teams

Information gleaned by asset visibility specialist Armis reveals that despite improvements, some daunting security challenges still dog the NHS Continue Reading

HP patches bugs in over 150 printer models

More than 150 HP multifunction printers are at risk of compromise through a series of newly disclosed vulnerabilities, one of them wormable Continue Reading

ICO warns facial recognition company Clearview AI it could face £17m fine over privacy breaches

The UK’s information commissioner has issued a preliminary decision to fine Clearview over £17m for breaching UK data protection law and invited the company to make representations Continue Reading

British Army picks Immersive Labs for cyber training

The British Army will make Immersive Labs’ security training platform available to all serving personnel Continue Reading

UK’s surveillance culture may be normalising use of tech for abuse

Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships Continue Reading

Government must prove its plans to police encryption work, says ex-cyber security chief

Ciaran Martin, the former UK cyber security chief, says the government must explain how it can access encrypted communications without damaging cyber security and weakening privacy Continue Reading

UK consumers warned of increase in credit card application fraud

There has been a sharp rise in fraudsters using stolen personal details to open credit card accounts Continue Reading

Consumer cyber bill to protect mobiles, smart devices

Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings Continue Reading

Apple sues under-fire malware firm NSO

Lawsuit alleges spyware firm NSO Group targeted Apple’s users, adding to the pressure on the under-fire company Continue Reading

Police tech introduced with little scrutiny or training

A Lords inquiry into the adoption of advanced algorithmic technologies by police in England and Wales has been told that new tools are being introduced without proper training and with little scrutiny of their impacts Continue Reading

Schrems accuses Irish DPC of trying to block publication of Facebook documents

Austrian lawyer Max Schrems has filed a complaint after the Irish data protection commissioner put his privacy organisation under pressure to sign a non-disclosure agreement Continue Reading

Black Friday cyber warning for 4,000 card-skimming victims

NCSC warns thousands of small retailers that their websites are being exploited to steal customer data Continue Reading

Cloud storage compliance pitfalls: Post-pandemic and post-Brexit

We look at the key areas of cloud storage compliance that can trip you up, with shared responsibility with cloud providers and data residency among the most important Continue Reading

Sky ECC provided free cryptophones to a Canadian police force

Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation Continue Reading

Cryptophone supplier Sky Global takes legal action over US government website seizures

Canadian tech company Sky Global has filed a legal motion claiming that the US government unlawfully seized the company’s internet sites following police investigations into the use of its cryptophones by organised crime Continue Reading

AstraZeneca looks at the bigger picture in enterprise social media

How do you work with people in different time zones and from different cultures and what happens when people leave the company? Continue Reading

Security startups line up on Cyber Runway

Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator Continue Reading

One-fifth of NCSC-supported cyber incidents linked to Covid-19

National Cyber Security Centre has helped to thwart multiple cyber incidents that could have seriously disrupted the UK’s response to the pandemic Continue Reading

What are 3 best practices for storage encryption at rest?

Consider the fine print of encrypting data at rest. For example, access control permissions can make or break a storage encryption plan. Continue Reading

UK government proposes new rules for digital supply chain security

Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things Continue Reading

HPE’s Aruba networking unit hit by cyber attack

Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key Continue Reading

Scale of crime-as-a-service economy a growing concern, say researchers

The cyber criminal underground continues its evolution towards a service-based economy Continue Reading

The ICO is right to push back against government meddling

Some criticisms of the ICO are justified, but the answer to that is not to give Whitehall more oversight over the data protection regulator, argues legal expert Edward Machin Continue Reading

Lloyd v Google Supreme Court verdict brings end to privacy class actions against big tech in UK

A ruling by the Supreme Court has left it financially unviable for individuals to bring class actions in the UK against big tech companies for privacy breaches Continue Reading

EU artificial intelligence regulation risks undermining social safety net

Europe’s proposed artificial intelligence regulation will not adequately protect people from European governments' increasing use of the technology in social security decisions and resource allocation, says Human Rights Watch Continue Reading

Yoti develops age estimation algorithm for under-13s

Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm Continue Reading

Gig economy workforce nearly trebles over five years

Over four million people in England and Wales now work for gig economy platforms at least once a week, marking a nearly threefold increase since 2016 Continue Reading

How cosmetics retailer Lush made over its approach to authentication

Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle Continue Reading

The Netherlands works on resilience with large-scale national cyber exercise

For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care Continue Reading

Spyware firm NSO and others added to US banned Entity List

US government bans target Israeli spyware makers and cyber firms in Russia and Singapore Continue Reading

Facebook self-imposes facial recognition moratorium

Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in future products Continue Reading

UK’s Labour Party hit by third-party data breach

Data on Labour Party members was recently compromised in an apparent cyber attack on a third-party data processor Continue Reading

BlackMatter ransomware crew shuts down, leaves victims in a bind

The BlackMatter ransomware gang appears to be winding down its activities, possibly due to pressure from law enforcement Continue Reading

Adelaide healthcare network digitises manual processes

The Central Adelaide Local Health Network has digitised manual processes in more than 20 speciality areas to improve patient experience and alleviate the workloads of frontline staff Continue Reading

Electronic waste excluded from COP26 agenda

Data sanitation industry group calls on UK government to add electronic waste to the climate summit’s agenda Continue Reading

Convicted Silk Road admin stripped of £500k in crypto earnings

Jailed Silk Road administrator Thomas White, aka Cthulhu, has been ordered to hand over more than £490,000 of illicit earnings Continue Reading

Security Think Tank: Optimising privacy, post-GDPR

Airbus CyberSecurity CTO Paddy Francis explores the impact of regulation on data protection, and how it has changed how one goes about optimising data privacy in the enterprise Continue Reading

What the Budget means for UK technology

In this week’s Computer Weekly, we look through the Chancellor’s Autumn Budget and Spending Review to find what it means for the UK tech sector. As COP26 starts, we assess the green credentials of the IT industry. And we hear one CTO’s experiences of learning the privacy lessons of GDPR. Read the issue now. Continue Reading

Businesses and governments urged to take action over Trojan Source supply chain attacks

Businesses and governments have been put on alert to guard against Trojan Source hacking attacks Continue Reading

MPs and Lords grill Facebook over online safety efforts

Facebook answers British lawmakers’ questions about the social media giant’s efforts to ensure the safety of its users, as part of legislative security of the government's proposed online safety bill Continue Reading

Online Safety Bill puts user protection onus on platform providers

The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas Continue Reading

Facebook rebrands to Meta amid continuing controversies

Facebook has changed its corporate name to Meta to support its work on the next generation of “social technologies”, but concerns around trust and privacy persist Continue Reading

CIA sought revenge against Julian Assange over hacking tool leaks, court hears

The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court Continue Reading

Illegal state surveillance in Africa ‘carried out with impunity’

Analysis of surveillance laws and practices in six African countries finds that existing privacy laws are failing to protect citizens from illegal digital surveillance, which is being facilitated and enabled by global tech companies Continue Reading

How ransomware crews pile on the pressure to get victims to pay

Sophos researchers share some of the more common tactics ransomware gangs use to pressurise their victims into paying up Continue Reading

‘No-one extradited from UK to US has committed suicide,’ US tells court in Assange appeal

US government claims that a district judge has given WikiLeaks founder Julian Assange a ‘trump card’ to avoid extradition   Continue Reading

Government commits millions to security investment

Spending Review adds more than £750m of funding to improve cyber security resilience across government Continue Reading

DarkMarket takedown results in 150 arrests

A coordinated operation by law enforcement has seen 150 taken into custody amid allegations of buying or selling illicit goods on the dark web Continue Reading

MEPs vote to expand Europol data mandate

The European Parliament has voted in favour of expanding Europol’s mandate to process data and develop AI tools, but critics claim it contradicts a previous vote which opposed using new technologies to predict crime Continue Reading

US intelligence agencies issue advisory on BlackMatter gang

Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers Continue Reading

Police IT buyers should compel suppliers to prove AI claims

House of Lords told that UK law enforcement bodies should use their position as buyers to compel private sector suppliers to divulge more information about how their AI-powered technologies work Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

Time to take a step back on police use of facial recognition

We’ve all seen the detective shows on TV. The cops find a CCTV picture of the likely “perp”. The put-upon junior detective is tasked with wading through a database of photos in the hope of finding ... Continue Reading

How Samlesbury, Lancashire became the home of the National Cyber Force

The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region Continue Reading

Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts Continue Reading

NHS Digital enhances in-house cyber awareness drive

Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk Continue Reading

Encryption protects the marginalised – and it’s under threat

Encryption keeps marginalised groups connected and safe, but new regulatory attempts to break it put them at risk Continue Reading

FCA warns over future hybrid working security risks

Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure Continue Reading

Former signals intel leader named godfather of UK security

Sixth annual Security Serious Unsung Heroes Awards honours former Royal Corps of Signals colonel and infosec pioneer John Doody Continue Reading