Security policy and user awareness

Russian cyber espionage group targeting hotel Wi-Fi

A Russian cyber espionage group is targeting hotel Wi-Fi networks to carry out malware infections and potentially steal credentials, researchers warn Continue Reading

Gaming apps ‘main source’ of mobile phishing attacks, research shows

Analysis of 100,000 corporate devices shows more than a quarter of traffic going to phishing domains was from gaming apps Continue Reading

CW ANZ: Cyber security plan bears fruit

Australia’s Cyber Security Strategy, aimed at protecting citizens, companies and critical infrastructure, has made significant headway over the past year, but the jury is still out on its long-term impact. In this month’s CW ANZ, we take a look at the progress of Australia’s national cyber security blueprint and what else needs to be done to better protect Australia’s interests in the global cyber security landscape. Also, read about what the Australian government is doing to better guard public sector IT systems against cyber attacks. Continue Reading

CW ASEAN: Stay alert to threats

With cyber threats intensifying in recent years, from the global outbreak of ransomware to intrusions of university networks to access government data, the role of threat intelligence in anticipating and mitigating threats has become more important than ever. In this month’s CW ASEAN, learn how organizations can make the most out of threat data feeds in an intelligence-driven security strategy. Also, find out how companies can navigate the ominous cyber threat landscape by investing in cyber security technology and processes. Continue Reading

Newcastle council data leak shows need for security automation

Leak of child adoption information by Newcastle City Council resulted from accidental email attachment by employee Continue Reading

NHS urged to spend extra cyber defence funds wisely

The NHS has been urged to invest wisely in cyber defences after the government announced plans to increase data security funding by millions of pounds in response to the Caldicott review Continue Reading

Criminal law: Are Twitter threats taken seriously?

As threats of violence become increasingly common online, law enforcement is taking stronger action against the perpetrators Continue Reading

Petya ransomware hits Aussie businesses

The latest ransomware attack has reached Australia’s shores, prompting calls to dump on-premise IT infrastructure for the cloud Continue Reading

Abu Dhabi uses surveillance tech to protect Grand Prix

Police use surveillance technology and monitoring software to ensure public safety when Formula One visits the UAE each year Continue Reading

Australia’s decryption plan seen as untenable

Experts say efforts to get technology and social media firms to cooperate with the authorities in decrypting communications will be hard to achieve Continue Reading

Microchips implanted in hands could be in use for payments in 20 years

UK consumers are becoming more accepting that biometric authentication will become the norm for payments Continue Reading

People can be strongest link in cyber security, says NCSC

People are often seen as the weakest link when it comes to cyber security, but that must change, says the National Cyber Security Centre Continue Reading

Interview: Nick Bleech, head of information security, Travis Perkins

Last year, Travis Perkins implemented Splunk to help it to respond more quickly to security threats. Now, the business is looking into machine learning and a single customer view Continue Reading

HSBC voice authentication tricked by twins

Twin brothers managed to trick HSBC’s voice recognition security system into giving account access to the wrong person Continue Reading

Singapore universities hit by advanced persistent threat attacks

The attacks on NUS and NTU networks appear to be the work of APT actors and not casual hackers Continue Reading

Barclays launches £10m UK digital safety campaign

Barclays is to lead a £10m campaign against digital fraud as research reveals London, Bristol and Birmingham are scam hotspots, with young adults most at risk Continue Reading

Human interaction still key to cyber attacks, study reveals

An analysis of threats faced by organisations in the first quarter of 2017 reveals that cyber attackers still rely heavily on user interaction Continue Reading

Security as a service on the rise in the UAE

Organisations in the United Arab Emirates are increasingly turning to security services Continue Reading

How UK organisations are leaving themselves open for cyber attack

UK organisations are leaving themselves wide open to cyber attack despite huge investments in cyber security systems, according to two former hackers now working in cyber defence Continue Reading

Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things

Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices Continue Reading

How IT can be more defensible

A renowned Google engineer calls for the IT industry to build devices capable of being defended and for enterprises to take a balance sheet approach in managing risks Continue Reading

Thorn CEO on using machine learning and tech partnerships to tackle online child sex abuse

The CEO of US-based no-profit Thorn explains how cross-industry collaboration and machine learning is helping her organisation stay one step ahead of online child sex abusers Continue Reading

Threats grow in Saudi Arabia’s cyber sector

Saudi Arabia's wealth makes it an attractive target for cyber criminals, but what have been the recent trends in cyber crime? Continue Reading

CW ASEAN: Raising national security standards

In this month’s CW ASEAN, we describe how Singapore is improving its cyber security defenses and preparations through a partnership with British security company BAE Systems. We also find out why the Thai military plans to recruit civilian cyber warriors and we take a look at evolving security approaches. Read the issue now. Continue Reading

CW ANZ: Take cover from cyber threats

In the latest issue of CW ANZ we focus on security, with analysis of why Australian organisations are not sold on cyber insurance. It certainly isn’t a lack of cyber attacks – Australia is, in fact, making cyber security headlines for the wrong reasons. We also take a look at the need for organisations to meet IoT security challenges head-on. Read the issue now. Continue Reading

APAC topped the world in number of cyber attacks in 2016

The prevalent use of pirated software is one of the possible reasons for the APAC region’s poor showing in Trend Micro’s annual study on the state of cyber security Continue Reading

NCSC to educate UK politicians on the cyber threat

The National Cyber Security Centre is to deliver tailored seminars for politicians on how to protect their email communications and voters’ data to defend against cyber threats to the political system Continue Reading

CW Europe: Technology poses new risks to jobs, economies and society

Rapid advances in technology could have destabilising effects on employment and economic growth, and could exacerbate social unrest, the World Economic Forum (WEF) warned. Society’s failure to keep pace with technology change was a key risk under discussion at Davos in January. Continue Reading

CW Nordics: Top IT priorities for Nordic CIOs in 2017

In this first issue of CW Nordics in 2017 we take a look what CIOs in the region are expecting in the year ahead. We asked a select group of CIOs and analysts in Denmark, Finland, Norway and Sweden what IT projects are at the top their priority lists. Also read about the Nordic region as a hotspot for IT startups, with Sweden punching above its weight in financial technology. And find out how board executives at healthcare company Elekta are analysing workforce data to make better strategic decisions. Continue Reading

Beware printer helpline scam, warns NTS eCrime Team

National Trading Standards is warning consumers about a scam targeting those looking for help with printer problems Continue Reading

TechUK launches framework to build public trust in the IoT

Tech sector association techUK wants to help overcome public distrust in the internet of things Continue Reading

Top 10 IT security stories of 2016

Here are Computer Weekly’s top 10 IT security stories of 2016: Continue Reading

Data danger: Cyber threats lurk inside every company

In this week’s issue, we investigate the hidden threats lurking in every company and discuss what options CIOs and heads of security have to limit damage. We also look at how CIOs can fund digital initiatives when costs are under pressure, and how Boots has built an SAP centre of expertise to take back control of the strategic direction of its IT organisation from its previously outsourced structure. Read the issue now. Continue Reading

Typo allowed Russian hackers to access US Democratic Party emails

Typographical mistake in an email warning of a phishing attack on the US Democrats led to thousands of private emails being accessed and published by Russian-backed hackers Continue Reading

European law enforcement seeking smart ways to fight cyber crime

Cyber criminals are always likely to be better resourced than law enforcement. Now, national and regional police forces in Europe are switching tactics to even the odds. Under-resourced law enforcement needs a smarter approach as cyber crime becomes increasingly prevalent and sophisticated, backed by the money and expertise of organised crime groups set up and run as well-resourced and efficient professional business organisations. Cyber crime operations typically have teams dedicated to looking at open source intelligence, targets’ physical environments, weaknesses in supply chains, and potential collaborators inside target organisations to enable sophisticated, blended attacks that involve a combination of actions against a range of vulnerabilities, making them difficult to detect and defend against. Continue Reading

Security Think Tank: Communication is key to cyber security in digital era

How can information security professionals help organisations to understand the cyber risks across increasingly digital businesses? Continue Reading

Top 10 ANZ enterprise IT stories of 2016

Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016 Continue Reading

One in four Wi-Fi hotspots vulnerable to attack, study finds

At least one in four Wi-Fi hotspots are open to attack, a study by Kaspersky Lab reveals Continue Reading

Government data security confusing, finds PAC

A Public Accounts Committee hearing shows the government’s data and cyber security landscape is chaotic and confusing Continue Reading

Counting the cost of financial cyber crime

In this week’s Computer Weekly, the cyber security of banks is under scrutiny after an attack on Tesco Bank leads to millions lost in fraudulent transactions. Our latest buyer’s guide, on server operating systems, looks at the new features in Windows Server 2016. And Coca-Cola explains how a move to the cloud is helping motivate staff. Read the issue now. Continue Reading

Amber Rudd orders Lauri Love extradition to US to face hacking charges

Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health Continue Reading

412 million user accounts exposed in FriendFinder Networks hack

Another huge data breach has exposed poor security of user details and continued poor user password practices Continue Reading

Russian banks hit by IoT-enabled DDoS attacks

DDoS attacks on Russian banks have been linked to IoT botnets, further confirming this worrying trend and highlighting the need for IoT suppliers to improve security capabilties Continue Reading

CW ASEAN: SMEs present security weakness

In this month's CW ASEAN, we look at how the cyber security defences at small and medium-sized enterprises in Southeast Asia may have some vulnerabilities, resulting in cyber security attacks on the large corporations they work with. We also consider the need to educate users of smartphones and tablets across the region as card fraud rates rise, with high use of mobile devices considered a contributing factor. Read the issue now. Continue Reading

CW ANZ: Using gamification to build cyber security skills

In this month's CW ANZ, we look at how PwC is using an online game to give its customers first-hand experience of what it means to face a cyber attack. We also look at how identity is gaining greater prominence in the security debate in Australia as the DTO takes the wraps off plans for a national identity system. Read the issue now. Continue Reading

The cyber threats lurking within every company

Insider threats have been around for a long time, but it is only recently that people have begun to acknowledge the true danger they pose Continue Reading

Reinventing Bahrain’s Kanoo Group through digital technology

In this quarter’s CW Middle East ezine, we feature the IT journeys of three companies in the region with detailed analysis of recent IT projects that were designed to support business transformation in a changing world. We hear how Bahrain-based conglomerate Kanoo Group is dealing with a company-wide digital transformation, Zahid Group’s biggest-ever IT investment, and how Rotana Hotels is centralising security. Continue Reading

Armed forces minister wants military recruiters to "think different" to attract cyber security pros

Armed Forces minister Mike Penning says military must rethink how it recruits trainees to attract people with the cyber security skills the country needs to protect itself Continue Reading

Saving Lauri Love: activists plan their next move

An eclectic bunch of activists, charity workers and reformed hackers spent a rainy Sunday afternoon plotting their next move in a campaign to save Lauri Love from extradition to the US on hacking charges Continue Reading

Most businesses vulnerable to cyber attacks through firmware, study shows

Company culture and overall attitude to security is a major contribution to vulnerability to cyber attack through firmware, a study by Isaca has revealed Continue Reading

Almost two-thirds of US office workers unaware of ransomware threat

Nearly half of ransomware attacks are aimed at office workers, but almost two-thirds of those polled in the US are unaware of the threat Continue Reading

Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition

Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon Continue Reading

NGOs challenge UK and US mass surveillance in human rights court

Privacy International, Liberty and the American Civil Liberties Union are among 10 human rights groups backing a landmark challenge to mass surveillance in the European Court of Human Rights Continue Reading

Lauri Love - my battle with extradition

A court ruled today that Lauri Love, a 31-year old electrical engineering student, from Suffolk, can be extradited to the US to face hacking charges. Continue Reading

Use ransomware to get security buy-in, says Trend Micro CTO

Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes Continue Reading

Get protected: The importance of security

It is not uncommon for computer systems to be compromised by a company’s own employees. In this week’s issue we look at the Sage data breach, which highlights the risk every organisation faces from its staff. Staff are often motivated by revenge, but sometimes internal logins can be compromised, enabling hackers to circumvent firewalls. Our CIO interview is TalkTalk’s CTO, Gary Steen, and we have a report from the Intel Developer Forum on the chipmaker’s future plans. Continue Reading

CW Benelux: Painting by numbers

In this issue of CW Benelux, we describe how data scientists in the Netherlands have applied technology to art. The Dutch are renowned for being creative with technology and the country has a deep history in art, boasting some of the most celebrated painters. It is therefore apt that the combined tech brains of ING, Microsoft, the Technical University of Delft and other contributors have created The Next Rembrandt, which serves as a visual showcase for big data. The new portrait in the style of Rembrandt van Rijn was put together by a combination of big data technology and 3D printing. All of Rembrandt’s 346 paintings were analysed using data analytics, making it possible to create a seemingly genuine Rembrandt image, while a 3D printer made accurate emulation of his paint patterns and textures a reality. Also in the Netherlands, we feature a case study about how The Hague is solving a bike parking headache with a mobile app. Continue Reading

CW Nordics: Dealing with digital disruption

The Nordic countries are renowned for being home to thriving tech startup scenes, so it is hardly surprising that IT is a disruptive force in the region. In this quarter’s CW Nordics ezine we look more closely at how the Nordic region is being affected by technology disruption across industry sectors and how organisations are reacting to it. Continue Reading

MI5 staff repeatedly overrode data surveillance rules

Security service MI5 is responsible for 210 “clear contraventions” over five years for the way it accessed private internet and telephone data Continue Reading

Date set for landmark hearing into EU-US data transfers

Irish court hearing triggered by Austrian law student Max Schrems could have huge implications for EU-US trade and the data privacy rights of millions of EU citizens Continue Reading

CIO Interview: Elly Resende, CIO, Rio 2016 Olympics

As Rio de Janeiro gets ready to host the Olympics, Computer Weekly speaks to the man in charge of its IT Continue Reading

IBM sets up security centre in Canberra

IBM leads the charge as large private businesses invest heavily in security resources across Australia in an attempt to close the security gap Continue Reading

CW ASEAN: July 2016

Lessons from the Philippine government hack: In this issue we ask why a hack on the Philippine Commission on the Elections (Comelec) was allowed to happen and what organisations in Southeast Asia can learn from this breach of security. Retailers in the region are concerned – read how the theft of customer data is their biggest worry. Continue Reading

CW ANZ: July 2016

Australia knows it has a cyber security problem, but not the scale. In this month’s CW ANZ we describe how Australia's $230m security strategy serves as a wake-up call to enterprises. We also reveal the techniques and technologies being used to protect one Australian school, as well as a more general look at the main cyber threats to orgainsations in Australia. Read the issue now. Continue Reading

Lauri Love may be faking mental illness claims lawyer for US

Prosecution lawyer Peter Caldwell questions whether activist Lauri Love is exaggerating mental health problems to avoid extradition to face hacking charges in the US Continue Reading

Lauri Love suicide risk if extradited to US over hacking allegations

Westminster Magistrates’ Court hears evidence from medical experts that alleged hacker Lauri Love is at risk of suicide if extradited to the US Continue Reading

Cyber security industry mostly welcomes report on TalkTalk breach

Most of the recommendations of a government committee inquiry into the TalkTalk breach have been welcomed, but pundits have expressed reservations about some, particularly proposed new fines Continue Reading

Lower average cost of Australian data breaches is not a sign of comfort

The average cost of a data breach to Australian organisations dropped in 2015, according to research Continue Reading

The password’s the problem – lessons from the LinkedIn breach

In this week’s Computer Weekly, after millions of LinkedIn users had their data compromised, we look at the lessons to be learned from this latest data breach incident. Our buyer’s guide looks at NoSQL technologies and compares the offerings from database leaders Microsoft and Oracle. And we examine the benefits of cloud-based data analytics and how to make it work for your organisation. Read the issue now. Continue Reading

NHS data security standards to be designed around technology, people and processes

The Care Quality Commission’s delayed review of NHS data security standards will encourage NHS organisations to have senior information risk owners and Caldicott Guardians at board level Continue Reading

CW Benelux: May-July 2016

Welcome to the Computer Weekly ezine focused on the Benelux region. This quarterly publication will look at the issues facing CIOs in Belgium, the Netherlands and Luxemburg. Continue Reading

Lessons from LinkedIn data breach revelations

There are several important lessons to be learned from revelations about LinkedIn's 2012 data breach, say security experts Continue Reading

Business failing to learn lessons of past cyber attacks, report shows

Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals Continue Reading

GCHQ told analysts to assume surveillance 'bulk data' is legal

Documents obtained by charity Privacy International reveal insights into GCHQ’s collection of sensitive bulk data, as lawyers question the impact of surveillance on legal privilege, fair trials and protection of whistleblowers Continue Reading

Employees’ use of personal devices puts firms at risk of malware infection, says report

Downloaders care about their own security while grabbing pirated content, not that of their employers Continue Reading

Israeli volunteers ready their cyber defences as Anonymous affiliates attack

Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way Continue Reading

NCA attempts 'back door' access to obtain activist Lauri Love’s passwords

Court told that use of civil proceedings to force disclosure of alleged hacker Lauri Love's passwords is disproportionate and would breach human rights law Continue Reading

QA launches cyber attack defence training facility in London

Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills Continue Reading

Activist Lauri Love faces order to disclose encryption keys

The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys Continue Reading

DDoS attacks on universities normally performed by “disgruntled” students or employees

The majority of distributed denial of service attacks on universities are made by students or employees, says the head of infrastructure services at the University of London Continue Reading

Most students say cyber security is a growing threat

Some 70% of higher education students say they are aware that cyber crime and attacks are a threat, but less than half think security is their responsibility Continue Reading

Robots at your service

In this week’s Computer Weekly, we find out how financial services firms are investing in artificial intelligence to create robo-advisors to help customers with financial advice online. We ask if virtual reality is ready for mainstream business adoption or is still just an over-hyped technology. And we examine the key steps needed to successfully build smart cities using internet of things and networking technologies. Read the issue now. Continue Reading

Security Think Tank: Many breaches down to poor access controls

In the modern business environment, what are the most common access control mistakes – and how best are these corrected? Continue Reading

The problem with passwords: how to make it easier for employees to stay secure

An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading

Surviving broadband failure

In this week’s Computer Weekly, after the recent BT broadband outage, we examine the options to keep your communications in place in the event of a failure, to ensure business continuity. We look at the prospects for the OpenStack open source cloud platform in the enterprise. And we see how Ireland is making progress on delivering a digital health service. Read the issue now. Continue Reading

Social engineering confirmed as top information security threat

Cyber attackers shifted away from automated exploits in 2015 and instead tricked people into doing the dirty work, Proofpoint researchers found Continue Reading

How AstraZeneca saved $350m by insourcing IT

In this week’s Computer Weekly, we talk to pharmaceutical giant AstraZeneca to find out why it brought its outsourced IT back in-house, and how it saved $350m per year as a result. As the data protection debate rages around Europe, we ask if the new EU/US Privacy Shield agreement will protect citizens’ data. And we examine the relative merits of datacentre colocation and the cloud. Read the issue now. Continue Reading

Google’s Chrome to flag deceptive embedded content

Browser will warn of any embedded content such as ads that pretend to act like, and look and feel like, a trusted entity Continue Reading

HSBC online services hit by DDoS attack

HSBC was hit by a distributed denial of service (DDoS) attack, which targeted its online personal banking services. Continue Reading

CW Europe - January 2016

This month, CW Europe looks in-depth at an issue that is set to affect people across all 28 European Union member states – the abolition of mobile roaming charges, set for mid-2017. Continue Reading

Most Android devices running outdated versions

Nearly a third of Android devices in enterprises today are running version 4.0 or older of the operating system, leaving them highly susceptible to vulnerabilities, a study shows Continue Reading

UK not involved in mass surveillance, says Theresa May

Coffee shops and libraries could be the target of interception warrants, Theresa May tells MPs and peers Continue Reading

UK IoT research hub opens with support from academic world

A consortium of nine UK universities have come together to work alongside the Engineering and Physical Sciences Research Council on research into the internet of things Continue Reading

Interview: James Bamford on surveillance, Snowden and technology companies

Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading

National security ‘not affected’ by failed e-Borders programme, says Home Office

Despite the key Warnings Index system suffering an average of two high-priority incidents a week – such as a system component not being available – Home Office officials deny it causes risk to national security Continue Reading

The most influential people in UK IT 2015

In this week’s Computer Weekly, we announce our sixth annual UKtech50 list of the 50 most influential people in UK IT, and talk to this year’s winner – BT chief executive Gavin Patterson, about the challenges facing the telecoms giant in 2016. Also, we find out how the genomics industry is pushing big data technology to its limits. Read the issue now. Continue Reading

Cyber attacks an increasing concern for Asean countries

Organisations in the Association of Southeast Asian Nations are increasingly the targets for cyber criminals, according to a report focused on the region Continue Reading

Workday ringfences support in Europe after Safe Harbour ruled unsafe

US cloud HR and financial services provider reponds to Safe Harbour failure by ringfencing European data Continue Reading

Dridex banking Trojan regains strength to mount attacks on the UK

Fresh Dridex banking Trojan campaigns target the US, UK and France – despite a recent law enforcement takedown operation – warn security researchers Continue Reading

UAE recognises importance of cyber security, says official

Like the UK, the UAE federal government has identified the importance of creating an environment in which it is safe to do business online Continue Reading