It’s not often that I say you absolutely need to buy something. But this is something you need to buy.Two-factor authentication — a combination of something you remember (such as a password) and something you have (a smartphone or a token) — offers far better security than relying on passwords alone. And while SMS-based authentication is better than nothing, what’s even better is hardware-based authentication.I’ve tested dozens of hardware-based security keys, and the one that I use to secure my online accounts is the Yubikey 5C NFC More

A new committee has been set up by the New South Wales government to provide it with information, advice, assistance, and training on how to best deliver information and privacy management practices in government, as well as facilitate collaboration between government, industry, and academia.
The Information and Privacy Advisory Committee will be responsible for advising the Information and Privacy Commission NSW, the Minister for Customer Service Victor Dominello, and the Attorney-General and Minister for the Prevention of Domestic Violence Mark Speakman.
“The digital age presents many opportunities, but it is important that our policies and laws reflect its challenges,” Dominello said.
Appointed to chair the committee is NSW Information Commissioner Elizabeth Tydd. She will be joined by NSW Privacy Commissioner Samantha Gavel, NSW government chief data scientist Ian Oppermann, Australian Institute of Health and Welfare CEO Barry Sandison, Allens Hub technology, law, and innovation director and University of New South Wales (UNSW) faculty of law professor Lyria-Bennett Moses, Information Integrity Solutions founder Malcolm Crompton, NSW Department of Communities and Justice executive director of justice strategy and policy Paul McKnight, and Data Synergies principal and UNSW Business School practice professor Peter Leonard.
“This new committee will bring together specialists from a range of sectors — including data science, technology, business and law — to ensure we remain at the forefront of these issues,” Dominello said.
See also: Digital venue registrations for contact tracing will be mandatory across NSW  
In addition to the core members, NSW government said experts in relevant areas may also be invited to attend and contribute as required by the committee.

“The committee has the expertise to provide assistance to public sector agencies in adopting and complying with information governance in a contemporary public sector context, including access to information rights, with information protection principles, and implementing privacy management plans in ways that account for these challenges,” Tydd said.
The launch of the committee will add to ongoing efforts the state government has been making when it comes to addressing information privacy.
In June, the state government announced its intentions to stand up a sector-wide cybersecurity strategy, which would supersede the cybersecurity strategy that was last updated in 2018.
The plan to create a new security document followed a AU$240 million commitment to improve NSW’s cybersecurity capabilities, including investments towards protecting existing systems, deploying new technologies, and increasing the cyber workforce. With that funding, it announced plans to create an “army” of cyber experts.
In a vow to keep customer data safe, the state government set up a dedicated cyber and privacy resilience group in October.
NSW Department of Customer Service Secretary Emma Hogan, who is the chair of the new group, said at the time that setting up the taskforce was in response to the cyber attack the state government suffered earlier this year.  
The breach resulted in 73GB of data, which comprised of 3.8 million documents, being stolen from staff email accounts. The breach impacted 186,000 customers.
Budget papers revealed in November the cyber attack would cost Service NSW AU$7 million in legal and investigation fees.
But this is not the only cyber incident that the state government has suffered. In September, it was revealed information on thousands of New South Wales driver’s licence-holders was breached, with reports indicating a cloud storage folder that had over 100,000 images was mistakenly left open. 
Cyber Security NSW confirmed a commercial entity was responsible for the breach of scanned driver’s licence images. It said it was the responsibility of the commercial entity to investigate this matter and notify any customers if their data had been breached.  
Related Coverage More

A new phishing campaign is attempting to lure victims into downloading the latest version of a malware trojan – and it has links to one of the most prolific cyber-criminal operations active in the world today.
The Bazar trojan first emerged last year and a successful deployment of the trojan malware can provide cyber criminals with a backdoor into compromised Windows systems, allowing them to control the device and gain additional access to the network in order to collect sensitive information or deliver malware, including ransomware.

More on privacy

The backdoor has been used in attacks targeting industries including healthcare, technology, manufacturing and logistics across North America and Europe. Researchers have linked it to the developers of Trickbot, one of the most common forms of malware for criminal hackers looking to gain entry to networks.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
Now cybersecurity researchers at Fortinet have identified a new variant of Bazar trojan, which has been equipped with anti-analysis techniques to make the malware harder for anti-virus software to detect.
These include hiding the malicious APIs in the code and only calling on them when needed, additional code obfuscation, and even encrypting certain strings of the code to make it more difficult to analyse.
The new techniques were added to Bazar towards the end of January and coincided with a phishing campaign designed to distribute the updated version of the malware.

Themes used by the phishing emails designed to draw interest from potential enterprise victims include fake customer complaint reports, fake billing statements and the phony offer of a financial bonus.
No matter the theme of the email, the Bazar trojan phishing attacks attempt to encourage a potential victim to click a link that claims to redirect to a PDF containing additional information about the subject of the message.
These links lead to a malicious web page referencing the initial email and directs users towards downloading a file – it’s this which downloads Bazar to the system and executes the installation process for the malware.
Once completed, the attackers have a backdoor onto the compromised system that they can either use for their own malicious purposes, or sell on to other cyber criminals to exploit.
Fortinet warns that this particular Bazar phishing campaign remains active and attempted attacks are frequently being detected.
SEE: Network security policy (TechRepublic Premium)
In order to avoid falling victim to phishing attacks distributing Bazar or any other kind of malware, researchers recommended that organisations provide guidance to employees on how to identify and protect themselves from attacks and scams.
Organisations should also ensure they have a patching strategy in place, which prevents malware from being able to exploit known vulnerabilities as a means of gaining access to networks.
MORE ON CYBERSECURITY More

Some internet service has returned to the residents of Yemen and Burkina Faso after violence in both countries led to outages over the last week. NetBlocks, an organization tracking internet access across the world, said internet was restored in Yemen after a four-day, nation-wide outage. 

At about 1 am local time on Friday, Yemen suffered a total internet blackout due to air strikes on a telecommunications hub in the port city of Al Hodeida. Some online shared photos of a telecommunications building damaged by bombs. The Associated Press eventually confirmed that the attack on the telecommunications hub in Al Hodeida was part of a larger aerial assault on Yemen’s Houthi rebels by a Saudi-led coalition. The Houthis now run the state-owned monopoly that controls the country’s internet access, TeleYemen. A news channel in Yemen said the attack on the telecommunications hub killed an unknown number of people. “Visual reports appeared to corroborate initial reports of a strike. Al Hodeida is the main landing point for internet connectivity in Yemen, hosting the undersea FALCON and SEA-ME-WE 5 cables that route via the Red Sea,” NetBlocks explained in a report. TeleYemen uses the FALCON cable to connect much of the country’s western population to the internet. SMEX, an internet advocacy organization in the Middle East, attributed the internet outage to Saudi-led airstrikes targeting Houthi-held cities like Al Hodeida. 

“Internet is now only available to large companies and banks still connected through satellites, as well as those subscribed to the ‘Aden Net’ network, which has a very limited number of subscribers,” SMEX explained, adding that all government servers were disrupted after the attack. The Saudi-led coalition did not confirm whether it specifically targeted the telecommunications hub in Al Hodeida but told the Associated Press that it did launch “accurate airstrikes to destroy the capabilities of the militia” in Al Hodeida.The Washington Post reported that citizens were terrified during the internet outage because they could not contact family members and friends during the deadly bombing campaign. Internet in Burkina Faso shut down during coupMobile internet in Burkina Faso was down for more than 35 hours as fighting between rival military factions broke out. Since the outage, the president of the country, Roch Marc Christian Kaboré, was overthrown and removed from power. The country’s government was dissolved, all of the borders were closed and the Constitution has been suspended, according to The New York Times. Internet access returned on Monday, according to NetBlocks.

“Analysis of Google Transparency metrics corroborates user reports of a mobile internet blackout, indicating that traffic has been significantly disrupted at national scale from Sunday morning around 10 am. VPN services, which can circumvent partial restrictions, are not generally able to work around this class of network disruption,” NetBlocks said.The country previously shut off the internet to deal with a coup attempt earlier this month. The government also shut off the internet in November amid unrest. Alp Toker, director of NetBlocks, told ZDNet that the trend of governments shutting off the internet as a response to security issues was concerning. Leaders in Kazakhstan, Sudan and Myanmar have all recently closed off internet access during military takeovers, coups or unrest.”The tendency toward more severe nation-scale Internet blackouts is alarming, particularly at a time of growing reliance on digital communications worldwide. Shutdowns imposed by governments are inherently disproportionate and they harm human rights as well as economies across the board,” Toker said.”Legal frameworks are lacking, and where international conventions do exist, these are rarely effective at halting the practice, so the trend is likely to continue. Whether a regime is invading a neighboring country or silencing their own population, shutdowns give governments a free reign over the general public, leaving independent media muzzled and human rights abuses unreported.” More

Australia’s Independent National Security Legislation Monitor (INSLM), Dr James Renwick, will not be recommending for the country’s encryption-busting Bill to be repealed and sent back for redrafting when he turns in his report by June 30.  Renwick, who appeared at the Lowy Institute in Sydney before his resignation from the post of INSLM — which […] More