Forget Hackers And Cyberwarfare, Rising Sea Levels Could Pose The Biggest Threat To The Internet

The results aren’t great. Within 15 years as many as 6,500 kilometers (4,000 miles) of buried fiber optic conduit could be submerged and 1,100 traffic hubs could be besieged by water.

Advertisements

Forget about Internet on Mars and Li-Fi, the Internet we rely on to run our hospitals, feed our cities, tweet celebrities, and watch animals do stupid things here on Earth could be at risk – and rising sea levels are to blame.

The Internet relies on a large physical network combining colossal data centers and thousands of kilometers of fiber optic cable buried underground. If this was to somehow falter (whether through cyberwarfare, space weather, or climate change), things could get bad pretty quick.

As a recent peer-reviewed study highlights, this infrastructure (the so-called “physical Internet”) is not currently built to withstand significant changes in sea level. Even more worryingly, we could see the consequences of this as soon as 2033.

Quite a bit of this framework is covered and takes after since quite a while ago settled privileges of way, ordinarily paralleling thruways and coastlines, Paul Barford, a University of Wisconsin-Madison teacher of software engineering and an expert on the “physical Internet”, said in an announcement.

“When it was fabricated 20-25 years back, no contemplation was given to environmental change.”

Barford introduced the investigation at a gathering of the Association for Computing Machinery, the Internet Society. what’s more, the Institute of Electrical and Electronics Engineers on July 16. While there has been look into rising ocean levels and urban foundations, for example, streets, lodging, and even whole islands, this has all the earmarks of being the principal evaluation analyzing the hazard that rising ocean levels posture to the Internet.

cyberwarfare-defense-illustration-100727705-large

The results aren’t great. Within 15 years as many as 6,500 kilometers (4,000 miles) of buried fiber optic conduit could be submerged and 1,100 traffic hubs could be besieged by water.

The team came to this conclusion after overlaying Sea Level Rise Inundation data on the Internet Atlas, which allowed them to compare the forecasted sea level rises with a map detailing the Internet’s physical network.

The system has been intended to endure some water, yet it is just water-safe, not waterproof. This implies the determined level of flooding could represent a genuine hazard to the working of the Internet as we utilize it today. The tempest surges that took after Hurricane Sandy and Hurricane Katrina indicate the issues to come, Barford included.

The most exceedingly terrible influenced regions will be low-lying beach front urban areas. The analysts particularly named New York, Miami, and Seattle as high hazard. Be that as it may, if the system in these regions is harmed the impacts will “swell” over the Internet, Barford says. This is on the grounds that these urban areas are the place transoceanic marine links come aground and it is these transoceanic marine links that connection the US to whatever remains of the world, in any event from an online perspective.

Things being what they are, what would we be able to do? Solidifying the framework may defer the inescapable yet it won’t be compelling over the long haul, Barford clarified. This examination ought to be viewed as a “reminder”.

“The vast majority of the harm that will be done in the following 100 years will be done sooner than later,” cautioned Barford.

“That amazed us. The desire was that we’d have 50 years to get ready for it. We don’t have 50 years.”

More at  http://bit.ly/2JBeK3c

Your guide to cybersecurity threats and how to deal with them

An exploit is the act of using that vulnerability to attack or breach a system or network in a particular way.

Cyber attacks have come a long way since your Hotmail account received a random message from a Nigerian prince looking to loan you a million dollars. In the wake of incidents like the recent Cambridge Analytica-Facebook scandal and last year’s WannaCry ransomware outbreak, global anxiety surrounding privacy and cybersecurity is at an all-time high.

So it should be, because the stakes are high. Cyberattacks, where customer records or critical business data are lost, are expected to cost Australian businesses with 100 to 500 employees around A$1.9 million each, on average, according to research by security firm Webroot.

This A–Z guide to cyberthreats will help you understand and arm yourself against everything from Android malware to zero-day exploits (attacks that exploit a previously unknown security vulnerability).

Vulnerability, exploit or malware?

No, they’re not all the same thing. Before we get into specific threats, key terms describe the different types of cyberthreat.

Vulnerability is a hardware or software flaw that leaves systems open to potential attacks or breaches. An exploit is the act of using that vulnerability to attack or breach a system or network in a particular way.

One way to do this is to develop malware – a catch-all term short for malicious software; including computer viruses, worms, Trojan horses, spyware and other nasties.

A

Advanced Persistent Threat (APT) 
An APT is a series of attacks that targets a particular organisation that has high-value data, such as a government agency, bank or manufacturer. The hackers are generally highly skilled and extremely persistent in their attempts to gain unfettered access to the organisation’s network.

Their aim is to remain undetected for a long period of time, so they can steal as much data as possible for a range of reasons, such as industrial espionage.

Android malware 
The more popular an operating system becomes, the more susceptible it becomes to malware, and that’s certainly the case with Android. There are now more than 2.5 billion Android devices worldwide and 20 million malware threats, according to security researcher AV-test.org.

Google itself admitted it took down more than 700,000 “bad” apps from its Google Play store in 2017.

B

BlueBorne Bluetooth vulnerabilities
Security vendor Armis Labs identified a series of Bluetooth vulnerabilities collectively known as BlueBorne, which could impact more than 8.2 billion computers and devices running Android, iOS, Windows and Linux – including Amazon and Google smart speakers.

There are no known instances of hackers exploiting BlueBorne vulnerabilities, but potentially they could allow hackers to take control of – or spread malware to – any susceptible device when Bluetooth is on.

Botnet
A botnet is a (typically) large number of compromised connected devices that are taken over by bots designed to cause devices to participate in specific DDoS (distributed denial of service), spam and other attacks.

Brute force attack
This is a trial-and-error method of gaining information, such as a password. Hackers generally use software to automate and greatly accelerate the process.

Click here to continue C-Z Guide http://bit.ly/2ICfWCJ

What is GDPR and How to Comply and How to Protect Privacy?

When not implemented properly, can lead to havoc for the company.

A core law concerning the protection of data of all people living in the European Union (EU) is the General Data Protection Regulation (GDPR). The GDPR, which is codified as Regulation (EU) 2016/679, has been formulated to fulfil two important purposes:

  • Placing the control of personal data in the hands of citizens and residents of the EU
  • Easing the regulatory process and environment and standardizing and unifying data protection regulations across the EU with the aim of making global business within the EU easier.

The legislative and secretarial bodies of the EU, i.e., the European Parliament, the Council of the European Union and the European Commission, consolidate and strengthen all aspects relating to data protection for all individuals within the European Union (EU) through the GDPR regulation.  The GDPR also addresses the area of export of personal data to regions outside the EU.

GDPR-and-DPIA-Data-Protection-Impact-Assessment-What-the-DPIA-should-contain-at-least-according-to-Article-35-of-the-GDPR-General-Data-Protection-Regulation

Gain complete understanding of the GDPR

With the GDPR now being the law that companies that want to do business in the EU have to comply with; it is necessary for them to get proper and thorough understanding of all its elements. This learning is what a webinar from Compliance4All, a leading provider of professional trainings for all the areas of regulatory compliance, will be offering.

The speaker at this webinar is Derk Yntema, who has over 15 years of experience in ICT and security-management and has demonstrated capacity to implement innovative security programs that drive awareness towards information security and strengthen organizations and proven knowledge of privacy legislation and helping companies towards privacy compliance. Please visit http://bit.ly/2JurJbE to enroll for this webinar and get a full and proper understanding of the GDPR and how it matters to your business.

Explanation of the advantages and disadvantages of the GDPR

Derk will explain all the aspects of the GDPR, including its benefits and drawbacks. Among the advantages it carries are the greater and clearer insight it offers into Personally Identifiable Information (PII) processing within the company, the boost and synchrony it gives to security controls across the 27 EU members, the increased customer confidence that accrue from stronger safeguards for data protection, and the simplification of the process of doing business in the EU.

However, the GDPR, when not implemented properly, can lead to havoc for the company. It can result in unimaginably high levels of penalties, up to two percent of violating companies’ worldwide revenues, fines of up to € 20 million, complicated lawsuits, loss of reputation, and many liability cases.

The insights that Derk will offer at this webinar will help participants understand how to comply with the regulation in such a manner that their organizations fully derive the benefits of this regulation and neutralize the negative effects of not doing it right.

He will cover the following areas:

  • What is Privacy?
  • How to Protect Privacy
  • What is PII?
  • What is in the GDPR (General Data Protection Regulation)
  • How to Comply.

This webinar is of very high value to professionals such as Board of Directors, Supervisory Board, CxO’s and Compliance Managers/Officers.

http://data.consilium.europa.eu/doc/document/ST-9565-2015-INIT/en/pdf

http://mlawgroup.de/news/publications/detail.php?we_objectID=227

http://www.eugdpr.org/

https://goo.gl/forms/pYroJzGipxGafw4A2 For updates Please fill this

Australian government considers approach to cybersecurity

You talk to other countries and we have a chance here to lead the world.

The Australian government considers itself to be “world-leading” when it comes to cybersecurity, with Minister for Law Enforcement and Cyber Security Angus Taylor telling ZDNet that Australia has the opportunity to extend its global lead to create a thriving local industry.

“You talk to other countries and we have a chance here to lead the world, it’s very exciting not just so we can protect ourselves but so we can grow an industry,” he said on Wednesday.

“I don’t think anyone’s where they wanted to be, we’re all still facing risks, but I think we’re in a great position I think now to deal with these risks at a speed and with a level of collaboration that very few other countries have.”

To Taylor, it’s important to keep abreast of the threat landscape as it changes, noting also that it helps the country has a leader in Prime Minister Malcolm Turnbull that understands technology.

yYlvp

“I think one of the reasons why we are arguably leading the world is that we have a prime minister who actually understands that, which is I think pretty much unique,” he told ZDNet. “For me personally that is a huge help because it means I can have a detailed discussion with him about Intel chips, and he understands.”

The newly minted cyber minister drew on his time as the minister overseeing digital transformation to discuss the current approach to cybersecurity the government has, commenting that it’s important to ensure departments and agencies aren’t further creating silos for dealing with threats.

“There is a risk  I’m acutely conscious of that, and I’m acutely conscious of that because I hear people say this to me all the time,” Taylor said. “We can’t let that happen.

“The key in cyber, like most areas, is speed and that means you’ve got to share information in a collaborative way.”

While the government has determined a need to share and created a handful of avenues to do so, it doesn’t exactly have a way to measure such information sharing.

“It’s very easy to see afterwards,” Taylor said in response to a question asking how to ensure cross-department collaboration. “This is something I’m adamant about and we do need to share. It doesn’t mean you have to share sources, but you have to share the information people have to act on.”

Continue with out interruption click here http://snip.ly/aiify

49-day Hack shows need for cyber security beef up

At that point the agency had found out that about 200 email accounts were under the control of criminals.

It took one NSW Government agency 49 days to shut down a hack by fraudsters, a new report on cyber security in the public service has revealed.

The attempted financial fraud in 2017 involved a government agency and its IT systems provider, and spread to other agencies before it was reported and stopped.

The case study is part of a new report by the state’s auditor-general Margaret Crawford.

She called for urgent improvements in the public sector’s ability to respond to cyber security incidents.

“There is a risk that incidents will go undetected longer than they should, and opportunities to contain and restrict the damage may be lost,” the report said.

“Cyber security incidents can harm government service delivery and may include theft of personal information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.”

Google-Docs-Phishing

Hacked account sent out 450 bogus emails

The 2017 case study started with a compromised email account, and led to led to a shut-down of the agency’s financial payment system.

Six days later, the hacked account sent deceptive emails, known as phishing, in a bid to get the credentials of finance staff.

Two weeks after the initial hack, the agency’s IT provider detected a fraudulent invoice and raised the incident to major status.

Email account users were told to change their passwords, but by day-20, the hacked email account had sent out 450 bogus emails, and 300 staff had clicked on the link inside.

20160628_1516_FTI_Cyber_Security

At that point the agency had found out that about 200 email accounts were under the control of criminals, yet it failed to temporarily lock the accounts.

It was not until day 36 that the IT provider reported the incident to the Government’s chief information security officer.

Six days later, it was found that the account that had been hacked at the start was still compromised.

The agency’s payments gateway, which handled business invoices, staff salaries and superannuation, was finally re-opened on the 49th day.

Click here to go in detail http://snip.ly/cismk

WHK hires top cyber security talent

Crespo joined WHK in 2017 as the company’s Director of Product Development and Services.

Global online security exchange provider, WhiteHawk Limited (ASX:WHK) has announced that it has made a strategic investment in top cyber talent.

The company, which offers the first global online cyber security exchange which enables small-to-medium businesses to take smart action against cyber-crime and fraud, has made two new hires and promoted Antonio Crespo as Chief Information Officer.

Crespo joined WHK in 2017 as the company’s Director of Product Development and Services. He has expertise in security threat analysis and security product engineering, having gained experience at Computer Sciences Corporation and Security Risk Advisors prior to joining WHK. As CIO, Crespo will oversee the management and delivery of all customer facing WHK services, product lines, and business operations.

CYB-1

Soo Kim joins WHK as Director of Product Development from Accenture Federal Services. She brings more than 20 years’ experience in software engineering and technology strategy, having held senior positions at Accenture Federal Services, HP Enterprise Services, and TASC Inc. At WHK, Kim will lead the daily development, testing and advancement of the CyberPath Solution Engine and all data analytics efforts, to include the continuous improvement of the WHK online ecosystem.

Jason Beach has also joined the team as Senior Data Scientist, bringing recent data analytics and solution development experience from supporting customers such as Microsoft Corp, North Western Mutual Insurance, and US Departments of Treasury and Defense.

WHK also announced the promotion of Israel Villanueva, previously a WHK sales partner, who now joins as the Solutions Architect. Villanueva will work with and manage all cyber security vendors, and focus on how to tailor, market, price and deliver top products and services. He has over 12 years of VP and Account Executive experience in the marketing and sales of software and technology.

computer network backup_web

It’s worth noting that WHK is an early stage play and investors should seek professional financial advice if considering this company for their portfolio.

Executive Chair of WhiteHawk, Terry Roberts, commented on today’s announcement. “In a short period of time, Antonio has proven himself an insightful, driven, and results-oriented cyber businessman and I believe that he is well-suited for the role of CIO. I am also excited to welcome Soo and Jason to the team, both of whom are extremely talented and bring the level of expertise and innovation to ensure that our business and our website development move forward with efficiency and sophistication.”

He continued, “With the additional technical talent that we have been able to attract thanks to the investment of our shareholders, we are now able to start executing on our robust development plan which will, in turn, enable us to maximise value for our shareholders in the long term.”

to continue http://snip.ly/211s1

Telstra launching London cybersecurity centre

In regards to launching additional SOCs across the globe, Penn said Telstra has not yet formally announced any plans.

Telstra has announced that it will be launching a Security Operations Centre (SOC) in London, with CEO Andy Penn telling ZDNet that cybersecurity is becoming critical for all businesses.

Speaking during Telstra’s first-half financial results call, Penn pointed towards the telco’s growing capabilities in security.

“During the half, we enhanced our cybersecurity services with the opening of two new Security Operations Centres in Melbourne and Sydney,” he said.

357

“We have plans to open a further Security Operations Centre this year in London. We have seen strong demand for our cybersecurity offerings in the context of a market where this is becoming an increasingly important issue for companies and boards.”

Penn told ZDNet that the London SOC will have the “same dynamic” as its Melbourne and Sydney centres, which operate virtually as one room with interaction between all of the operators.

“It builds up the ecosystem of the security capability that we have,” he told ZDNet.

“What it enables us to do is either directly for our customers, particularly the large enterprise customers, and/or in partnership with our customers, monitor all of their own in-house networks to make sure that we can identify the aberrant behaviour and the aberrant traffic, any malware, also effectively intervene quickly, and the security operations centres also have crisis management centres in conjunction with them, and it enables us to actually [interact] quickly with the customer, with the teams wherever they are in the world to really manage an incident if and when it occurs.”

images

The London SOC will also house around the same amount of workers as its Sydney and Melbourne centres, he told ZDNet, which see teams of around 25 people from its 500-strong cybersecurity expert base monitoring 24/7.

In regards to launching additional SOCs across the globe, Penn said Telstra has not yet formally announced any plans.

“The only thing I would say is that undoubtedly cybersecurity is becoming an increasingly critical and important issue for large companies and small companies for that matter, for boards, for chairmen of companies, for CEOs,” he told ZDNet.

“So we are only likely to see this demand increase, and of course it’s a global risk, so whilst obviously much of our focus is on Australian companies and also in the Asia-Pacific, we also have to protect our customers wherever they may be doing business.”

Also beyond standard fixed and mobile telco offerings is Telstra’s Internet of Things (IoT) business, which Penn said is continuing to grow, pointing to the acquisitions of MTData and VMtech and the launch of its Cat-M1 IoT network during the half.

Telstra’s IoT business is nearing AU$200 million in revenue, which he said makes Telstra “one of the most successful IoT businesses globally”.

http://snip.ly/14zy1  Click the link to read the entire article.