Subterms
Image: Getty Firefox is aiming to boost the privacy of users when browsing the web with a new feature that makes it easier to access private browsing. The latest update for the Mozilla Firefox browser adds a new shortcut button that users can pin to their desktop to automatically go to private browsing mode whenever […] More
Multilateral collaboration and information exchange between nations are key in the battle against cybersecurity threats, especially as global systems today are increasingly interconnected. Citizens also need to take responsibility for their personal cyber hygiene amidst growing adoption of Internet of Things (IoT), where one compromised device can bring down an entire network. There should be open dialogues and communication channels through which governments could share cyber threat details, urged delegates during a ministerial roundtable discussion held Wednesday at the Singapore International Cyber Week conference. “Cyber threats pose an existential threat to life as we know it. We need to look beyond individual country and individual interests o work together for our collective good,” said Ursula Owusu-Ekuful, Ghana’s Minister for Communications and Digitalisation. “Until we realise that and learn how to engage with each other, and promote dialogue and experience sharing, we will continue to remain at risk.”She underscored the need for greater international cooperation and capacity building, with emphasis on building core digital skills that were required to safeguard individuals and societies. Owusu-Ekuful added that nations should look to build trust in digital systems and allow international rules of engagement to work for the global community. Artur Lyukmanov, Acting Director of Russia’s Ministry of Foreign Affairs Department on International Information Security, also stressed the need for open communications between governments, where it was important for nations to have points of contacts and be able to call up their global counterparts in the event of a cybersecurity incident or when new threats emerged. Lyukmanov rebuked governments such as the US for being quick to put blame on Russia for cyber attacks without due investigation, describing this as an attempt to undermine efforts of international working groups, such as those led by the United Nations (UN), of which Russia was a part.Adding that political discussions should not be intertwined with cybersecurity dialogues, he said nations should refrain from militarising the digital sphere. He objected to countries that used ICT for military purposes, pointing instead to the need for dialogue. He further noted that the international community would not be able to take concrete action on establishing new cyber norms of state behaviour if there was no confidence and trust between nations. US warns of risks relying on China-built infrastructuresUS Secretary of Homeland Security Alejandro N. Mayorkas, also in Singapore for the conference this week to speak at a closed-door briefing, took questions from the media on Tuesday where he said the US cooperated with this region and other countries in different forms. Mayorkas said: “We share information with respect to the cyber threats that are known. We share information with respect to vulnerabilities in systems that are discovered. We share information with respect to how to patch those vulnerabilities. We assist in training. We have cyber emergency response teams that assist countries in responding to and remediating threats that have actually materialised. And the threats are diverse in nature, whether it’s phishing, spear phishing, [and] ransomware [which] is a threat that is growing so significantly. “So we have seen quite a number of attacks. They have been perpetrated by cybercriminals as well as by adverse nation-states such as Russia, the PRC, North Korea, and Iran,” he said. He also pointed to the need to work with the private sector and academia as part of a collective approach to cybersecurity. Noting that most US critical infrastructure were in the hands of the private sector, he said the US Cybersecurity and Infrastructure Security Agency (CISA) had established the Joint Cyber Defense Collaborative (JCDC) as the framework to drive public-private partnership. This ensured there was information exchange between both sectors, he said. “The cyber threat is not specific to governments. So many private and public businesses have been attacked by ransomware [and] have suffered cyber attacks that it really requires an all-of-society effort to strengthen the entire cyber ecosystem,” he added. Asked if the US saw risks in China’s efforts to build out subsea internet cables and global nations tapping these lines for connectivity, Mayorkas said: “I think that all of the countries participating in the Singapore International Cyber Week are well aware of the risks that are involved in doing business and relying upon the technological infrastructure provided by the PRC. We have seen the potential outcomes [and] adverse consequences of doing so. “When countries fall behind in their loan payments to the PRC, there is a technological vulnerability in predicating one’s infrastructure on PRC assets,” the US government official said. “It is a risk that we have communicated and that I intend to communicate [here at the conference].”No one country knows it allDuring the roundtable discussion, Owusu-Ekuful also highlighted the importance of global consensus. “We are all in this together…we sink or swim [together] in the cyber space, where there are no big or small countries. Countries cannot adopt a position where they know it all and have this ‘big brother’ attitude when dealing with the cyber space. We need to engage [in dialogue],” she said. Multi-stakeholder efforts at an international level should look to establish legal and regulatory frameworks that provided room for all to engage as equal partners, she added.Also emphasising the importance of information sharing, she noted that Ghana had established CERTs (Computer Emergency Response Teams) on both a national and sectoral level, with industries such as banking and financial services as well as telecommunications each with its own CERT. Plans currently were underway to also establish CERTs for the transport and and energy industries, she said, adding that the West African nation had designated 189 critical information infrastructure (CII) owners across 13 sectors. These CERTs constantly fed cyber threat and security information to the national CERT as part of efforts to facilitate faster response to attacks and potential risks, Owusu-Ekuful said. Because “one sneeze” in the cyber space could result in everyone else catching a cold, she said the ability to respond quickly was critical to cyber defence and safeguarding CIIs. RELATED COVERAGE More
Image: Getty Images/Jung Getty Law enforcement in France, Latvia and Spain have arrested 31 suspects believed to be part a group that used software to steal vehicles without using the physical key fob. According to the EU Agency for Criminal Justice Cooperation (Eurojust), the suspects built or used software that duplicated certain models’ ignition keys […] More
suphakit73/iStockphoto/Getty Images You may recall that Linus Torvalds recently added support for Rust in the Linux kernel. One of the big reasons for adding Rust was to put an end to Linux code memory problems. Open Source It can’t come soon enough. Recently, five serious Linux Wi-Fi security holes were uncovered. What did they all […] More
Is there any way to retrieve the data before it’s lost for good? Getty Images A few years ago a reader sent me an urgent request for help. His ancient Windows laptop (about 8 or 9 years old) had been sitting on his office shelf gathering dust for a few years but was still usable. […] More
Image: Getty/Tom Werner The way we work has changed. The rise of remote and hybrid working means that many office professionals are no longer tied to an office, at least not all of the time. While working from home is a very suitable option for many people, sometimes a change of scenery is nice – […] More
Image: Getty Images Microsoft has flagged a new piece of ransomware that’s hit transport and logistic organizations in Ukraine and Poland. Microsoft hasn’t seen the attackers use a specific software exploit but all the attacks utilize stolen Active Directory admin account credentials. The ransom note identifies itself as being “Prestige ranusomeware”, according to the the Microsoft […] More
Image: Getty Police tricked a ransomware gang into handing over decryption keys, providing victims with the ability to unlock their encrypted data for free. Working alongside cybersecurity company Responders.NU, the Dutch National Police obtained 150 decryption keys from ransomware group Deadbolt. With the decryption keys now in the hands of law enforcement, some victims of […] More
