Internet Security

UK to toughen telecoms security controls to shrink 5G risks

Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns. However, it continues to hold off on…


Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns.

However, it continues to hold off on setting an official position on whether to allow or ban Huawei from supplying the country’s next-gen networks — as the U.S. has been pressurizing its allies to do.

Giving a statement in parliament this afternoon, the U.K.’s digital minister, Jeremy Wright, said the government is releasing the conclusions of the report ahead of a decision on Huawei so that domestic carriers can prepare for the tougher standards it plans to bring in to apply to all their vendors.

“The Review has concluded that the current level of protections put in place by industry are unlikely to be adequate to address the identified security risks and deliver the desired security outcomes,” he said. “So, to improve cyber security risk management, policy and enforcement, the Review recommends the establishment of a new security framework for the UK telecoms sector. This will be a much stronger, security based regime than at present.

“The foundation for the framework will be a new set of Telecoms Security Requirements for telecoms operators, overseen by Ofcomand government. These new requirements will be underpinned by a robust legislative framework.”

Wright said the government plans to legislate “at the earliest opportunity” — to provide the regulator with stronger powers to to enforcement the incoming Telecoms Security Requirements, and to establish “stronger national security backstop powers for government.”

The review suggests the government is considering introducing GDPR-level penalties for carriers that fail to meet the strict security standards it will also be bringing in.

“Until the new legislation is put in place, government and Ofcom will work with all telecoms operators to secure adherence to the

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

Twitter admits it used two-factor phone numbers and emails for serving targeted ads

Twitter has said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads. In a disclosure Tuesday, the social media giant said it did not know how many users were impacted. The issue stemmed from the company’s tailored audiences program, which allows companies…


Twitterhas said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads.

In a disclosure Tuesday, the social media giant said it did not know how many users were impacted.

The issue stemmed from the company’s tailored audiences program, which allows companies to target advertisements against their own marketing lists, such as phone numbers and email addresses. But Twitter found that when advertisers uploaded their marketing lists, it matched Twitter users to the phone numbers and email addresses users submitted to set up two-factor authentication on their account.

The issue was addressed as of September 17, the disclosure said.

Two-factor authentication is an important security feature that makes it far more difficult for hac

Read More

Continue Reading
Internet Security

Messaging app Kik shuts down as company focuses on Kin, its cryptocurrency

Updated with comment from Kik Kik Interactive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100…


Updated with comment from Kik

KikInteractive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100 employees, as it focuses on converting more Kin users into buyers.

“Instead of selling some of our Kin into the limited liquidity that exists today, we made the decision to focus our current resources on the few things that matter most,” Livingston wrote in a blog post, adding that the changes will reduce the company’s burn rate by 85%, enabling it to get through the SEC trial.

In an email to TechCrunch, a company spokesperson said “We can confirm that the Kik Messenge

Read More

Continue Reading
Internet Security

This game uses troll tactics to teach critical thinking

The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education. Enter Finnish Public Broadcasting Company, Yle, which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes.…


The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education.

Enter Finnish Public Broadcasting Company, Yle,which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes. It has put together an online game, called Troll Factory, that lets you play at being, well, a hateful troll. Literally.

The game begins with a trigger warning that it uses “authentic social media content” that viewers may find disturbing. If you continue to play you’ll see examples of Islamophobic slogans and memes that have actually been spread on social media. So the trigger warning is definitely merited.

The game itself takes the form of a messaging app style conversation on a virtual smartphone in which you are tasked by the troll factory boss to whip up anti-immigrant sentiment. You do this by making choices about which messages to post online and the methods used to amplify distribution.

Online disinformation tactics intended to polarize public discourse which are depicted i

Read More

Continue Reading
Internet Security

Police hijack a botnet and remotely kill 850,000 malware infections

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers. The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other…


In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

According to a blog post announcing the bust, security firm Avast confirmed the operation was successful.

The security firm got involved after it discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims’ computers” without pushing any code to victims’ computers, the researchers said.

The exploi

Read More

Continue Reading