Information Technology

Image: Apple
In case you thought the recent interview of Tim Cook, where the Apple CEO said allowing users to load apps from outside its app store would “destroy the security of the iPhone”, was a one-off, Apple returned to the topic on Wednesday in a paper released on its site. To paint a picture of Apple’s missive, one only needs to keep in mind the warning from Dr Peter Venkman about “human sacrifice! Dogs and cats living together. Mass hysteria!” because make no mistake, Apple wants you to think it would be a disaster of Biblical proportions. “Allowing sideloading would degrade the security of the iOS platform and expose users to serious security risks not only on third-party app stores, but also on the App Store,” the paper states. “Malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users, thereby expanding the set of weaponized exploits and attacks …. that all users need to be safeguarded against. “This increased risk of malware attacks puts all users at greater risk, even those who only download apps from the App Store.” In attacking a hypothetical future where Apple is forced to offer sideloading, by the nature of the argument, it would be impossible to quantify exactly how much worse that future would be. The iPhone maker is correct that sideloading would open a new avenue for malware, and Apple wants regulators around the world to picture it as a vomitorium where malware would flow onto its platform to do very bad things. Apple also made clear the downsides would impact its entire population of users, because when you fight a political battle, it’s important to make sure your side is able to “think of the children” in a better way than the alternative.

“[Sideloading] would also make it more difficult for users to rely on Ask to Buy, a parental control feature that allows parents to control their children’s app downloads and in-app purchases, and Screen Time, a feature to manage their and their children’s time with their devices,” the paper said. “Scammers would have the opportunity to trick and mislead kids and parents by obfuscating the nature of their apps, making both features less effective.” Using the life of a father, dubbed John, and his daughter Emma, aged 7, Apple showed how a sideloaded apps could ruin their day through unauthorised purchases, ransoming John’s photos on his camera roll, and purchasing pirated apps. “This means that users like John, who had grown to take the safety and protection of iPhone and the App Store for granted, would have to constantly be on the lookout for the ever-changing tricks of cybercriminals and scammers, never knowing who or what to trust,” Apple said. Imagine having to live in a world where a trickster was around the corner looking to benefit from you, and you needed to be on alert to not be ripped off. Let’s hope Cupertino doesn’t find out about cryptocurrency hustlers, or even the dodgy furniture salesman at the local strip mall. Another thing to keep in mind when reading this paper is that Apple has succinctly described the world of MacOS where users, at the time of publication, are still able to install random apps from strange places on the internet. In its fight with Epic, Apple has taken to saying the level of malware on the Mac was unacceptable. And what is the level of malware that has turned the Mac into this vertible malware free-for-all? A couple of pieces a week. How Microsoft must weep over reaching such plague-like levels. But the real thing to be worried about, for Apple and its users alike, would be anything that pushes iOS into being more like Android — for religious reasons, if nothing else. To get a handle on the raging malware party on Google’s ecosystem, the advertising company regularly publishes the levels of potentially harmful apps (PHA), which can absolutely be read as pieces of malware. For all devices running Android with Google Mobile Services enabled — so not pure open source or some Chinese manufacturers — the level of PHAs is just coming off a two-year high, reaching 0.122% of devices. For an ecosystem of around 3 billion devices, that’s around 366 million devices — small percentages, but big absolute numbers. Google says that as the Android version on devices increases, the level of PHAs goes down to 0.076% for Android 10, and 0.031% for Android 11. For phones that only install apps from the Play Store, the PHA levels drop to 0.065%, with India leading the world with the highest rate at 0.121%, followed by Japan at 0.084%, Indonesia at 0.075%, and the US at 0.071%. Having higher rates of malware in places like Japan is something that Proofpoint has observed, with malware being advertised with web redirects after a user’s location is pinned.”As the official app stores become more restrictive with respect to the types of programs allowed within the marketplace, we anticipate a continued uptick in the downloading and usage of unofficial apps. Software like Fortnite, advanced ad blocking apps, torrenting apps, and rooting apps are popular enough that people will utilise third-party sources in order to run the program on their phone,” Jacinta Tobin, Proofpoint VP of Cloudmark Operations told ZDNet earlier this week.”As long as highly coveted applications are barred from mainstream outlets, users will continue to seek out those sources elsewhere. “App capabilities are a concern regardless of the download source. Users should be extremely diligent and be cautious of apps requesting permissions to contact lists, accessing SMS, or permissions relating to the phone.”Sage advice regardless of platform or where apps are coming from.However, given Apple’s more rigorous app inspection standards, the Android numbers would certainly be a top line for the more than one billion iPhone users, although potentially having 122 million devices infected with malware is nothing to sneeze at. But that is also something that Google and Microsoft, as well as Apple with MacOS, have to deal with each and every day. It might not be solvable and will take the gloss of the iOS walled garden, but users will still be able to choose not to use any potential sideloading feature that Apple might be forced to introduce. After all, that’s what user choice is all about. Related Coverage More

Smart home gadgets are all the rage, but it’s a slippery slope. As soon as you’re done installing your first gadget, you’re in the market for the next, and it can get pretty expensive.Amazon Prime Day is a good time to pick up your next smart home device for less, because there are some fantastic deals out there on a whole range of devices. With that in mind, I’ve trawled through the unbelievable number of deals that are available over Prime Day 2021 — tens of thousands! — and distilled them down into a handful of the best. Deals come and go over the two days, and I’ll be updating this post with fresh deals, so keep checking back. Also, if you find a good deal I’ve missed, feel free to drop me a note (a Twitter DM probably gets the quickest response). 

35% off

That router that was supplied by your internet provider is junk. Really. The demands that modern internet use puts on it will bring it to its knees. And if you plan on putting together a smart home, you need to have a solid connection to the internet.The Amazon eero 6 is a high-end, pro-grade solution to your problems. And now you can pick up a set that will cover up to 5,000 sq. ft. at an unbeatable price.

$181 at Amazon

33% off

You have Alexa everywhere else, so why not in your ears! Great earbuds with a decent 5 hour battery life, charging case, and, the addition of Alexa!Don’t use Alexa? No problem! These earbuds will also work with Siri and Google Assistant.

$79 at Amazon

28% off

This is a great deal on the Echo Show 10, the perfect hub or control center for your smart home, and you also get a free bulb thrown in.Because, who doesn’t need an extra bulb?

$189 at Amazon

70% off

Add Alexa to your car. Why? Because at this price, if you’re a fan of the platform… why not!

$14 at Amazon

62% off

An Echo Dot (4th Gen) and a Sengled Bluetooth Smart Color bulb. The perfect starter kit for a smart home. Makes a great gift for someone starting out on their smart home journey.

$24 at Amazon

47% off

This smart vacuum cleaner does pretty much everything other than buy itself and come to your home!  It’s bagless, self-emptying base holds up to 45 days of dirt and debris, which means you can get on doing other things, and the deep-cleaning power is perfect for large debris and pet hair on carpets and floors.

$319 at Amazon

40% off

Kick-start putting together your command center with this bundle that includes two battery-powered Stick up Cams and a 2nd-gen Echo Show 5. A great way to know who’s at your door before answering.

$169 at Amazon

50% off

It might be tiny, but it packs all the power and punch of a full-sized Echo. There’s a reason why this is Amazon’s most popular smart speaker!A perfect starter for someone at the beginning of putting together a smart home, or for extending your coverage to another room or outbuilding.

$19 at Amazon

20% off

I remember when smart bulbs were expensive. I remember when dimmable ones were crazy expensive. And I remember when a four-pack required a follow-up Asprin and a sit down with a cold flannel on the forehead.Now you can pick up a four-pack for dimmable LED smart bulbs for just over $20!

$22 at Amazon

27% off

Ring

With its 8-inch HD touchscreen, adaptive color, and stereo speakers, the all-new Echo Show 8 is the perfect hub for your smart home setup.8.0-inch touchscreen 1280 x 800 resolution display13 MP camera that uses auto-framing to keep you centeredBuilt-in camera shutter and microphone/camera off button

$94 at Amazon

20% off

Put an end to manually turning off outlets and devices with the Gosund smart plugs! These work with Alexa and Google Home Assistant. With just a simple voice command, you have the power to turn devices on and off, and you can use the app for remote access (so you can turn off lights that others have left on from far away!). 

$19 at Amazon

40% amount off

Protect your home with this superb 8-piece home security kit. This is perfect for 1-2 bedroom homes.This kit includes:Base stationKeypadFour contact sensorsOne motion detectorOne range extenderOptional 24/7 professional monitoring with Ring Protect Plus for $10/month.

$149 at Amazon

33% off

The Roomba 692 is the perfect way to keep your smart home squeaky clean. Just schedule it to clean up daily dirt, dust, and debris with the iRobot HOME app or your voice assistant.It runs for up to 90 minutes before automatically docking and recharging.

$199 at Apple

40% off

The Blink Outdoor camera system is a completely wireless battery-powered HD security camera complete with built-in infrared night vision.The great thing is that each camera can run for up to two years on two AA lithium batteries (which are included). No wiring or professional installation is required.You can also see, hear, and speak to visitors with live view in real-time and two-way audio features on your Blink app.

$149 at Amazon

More Prime Day 2021 deals

We plan to update this guide with more smart home device deals as we spot them.

Amazon Prime Day 2021

The best Amazon Prime Day 2021 deals: Windows 10 laptops

The best Amazon Prime Day 2021 deals: Robots, Raspberry Pi, Arduino, and electronic kits

The best Amazon Prime Day 2021 deals: Webcams, mics, green screens, and video studio gear

The best Prime Day 2021 deals: Storage, SSD, and flash drives

The best Prime Day 2021 deals: Chromebook laptops

The best anti-Prime Day deals: Sales from Walmart, Best Buy, and elsewhere

Amazon Prime Day creates halo effect for large rival retailers, email marketing More

Cybersecurity vulnerabilities in small and medium sized businesses in the defence industry are leaving the companies themselves – and larger organisations further up the supply chain – vulnerable to cyber attacks.Researchers at cybersecurity company BlueVoyant examined hundreds of SMB defence company subcontractor firms and found that over half of them had severe vulnerabilities within their networks, including unsecured ports and unsupported or unpatched software, making them vulnerable to cyber attacks including data breaches and ransomware.With the defence industry a prime target for cyber criminals – including state-backed hacking operations attempting to steal intellectual property and other sensitive information – attackers are ready to exploit any weakness they can to gain access to networks.Unsecured ports, including remote administration tools and RDP ports represent one of the most common vulnerabilities, potentially allowing cyber criminals to gain access to networks.It can be relatively simple for attackers to gain remote access to these services if they’re only protected by default or weak credentials, while it’s also possible to for attackers to gain access to these services via phishing attacks.The rise of remote working over the last year has also meant that remote access and cloud services have become a popular means of network entry for cyber criminals, as it’s less likely that their activity on the network will be detected as suspicious.SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

Researchers also found that many of the companies examined were running unpatched or unsupported software, making them vulnerable to cyber attacks which exploit known vulnerabilities – and something they suggests means there’s an absence of a patch management strategy.Cyber criminals regularly take advantage of known vulnerabilities in an effort to gain access to networks – and in the case of the defence industry, a small contractor being compromised could lead to a larger company on the supply chain being subject to cyber attacks.”A simple compromise of a valid email address can serve as a great vector to spread a malicious attachment throughout supply chain partners or simply victimize a less prepared contractor to get a foothold in the chain and work their way up-stream,” Austin Berglas, global head of professional services at BlueVoyant told ZDNet.It’s often difficult for smaller companies to stay on top of cybersecurity and there’s a arguement that larger organisations should play a role in helping their supply contractors secure their networks – because by providing this help, not only do they protect their contractors from malicious hackers, they’re also ultimately helping to protect their own networks.”Empowering contractors to secure the supply chain, implementing continuous monitoring, and proactively identifying threats will help secure the defence industrial base and ensure the safety of a vital national security asset,” said Berglas. MORE ON CYBERSECURITY More

A new report from WhiteHat Security has found that the average time taken to fix critical cybersecurity vulnerabilities has increased from 197 days in April 2021 to 205 days in May 2021. In its AppSec Stats Flash report, WhiteHat Security researchers found that organizations in the utility sector had the highest exposure window with their application vulnerabilities, spotlighting a problem that made national news last week when it was revealed more than 50,000 water treatment plants across the US had lackluster cybersecurity. In addition to an attack on a water treatment plant in Florida earlier this year, it was revealed that there had been multiple attacks on utilities that were never reported.  According to the report, more than 66% of all applications used by the utility sector had at least one exploitable vulnerability open throughout the year. Setu Kulkarni, a vice president at WhiteHat Security, said over 60% of applications in the manufacturing industry also had a window of exposure of over 365 days.  “At the same time, they have a very small number of applications that have a window of exposure that is less than 30 days — meaning applications where exploitable serious vulnerabilities get fixed under a month,” Kulkarni explained, noting that the finance and insurance industries did a better job of addressing vulnerabilities.  “Finance has a much more balanced window of exposure outlook. About 40% of applications have a WoE of 365 days, but about 30% have a WoE of fewer than 30 days.” WhiteHat Security researchers said the top five vulnerability classes seen over the last three months include information leakage, insufficient session expiration, cross-site scripting, insufficient transport layer protection and content spoofing.  The report notes that many of these vulnerabilities are “pedestrian” and require little effort or skill to discover and exploit. 

Kulkarni said the company decided to switch from releasing the report annually to publishing it monthly due to the sheer number of new applications that are developed, changed and deployed, especially since the onset of the COVID-19 pandemic. The threat landscape has also evolved and expanded alongside the explosion in application development.  Kulkarni noted that the situation had spotlighted the lack of cybersecurity talent available to most organizations and the general lack of resources for many industries struggling to manage updates and patches for hundreds of applications.  “We look at the window of exposure by the industry as a bellwether metric for breach exposure. When you look at industries like utilities or manufacturing that have been laggards in digital transformation when compared to finance and healthcare, we find that they have a window of exposure data in a complete disbalance,” Kulkarni told ZDNet. “The key takeaway from this data is that organizations that are able to adapt their AppSec program to cater to the needs of legacy and new applications fare much better at balancing the window of exposure for their applications. That is what I am calling it two-speed AppSec: focusing on production testing and mitigation for legacy applications; focusing on production and pre-production testing and balancing mitigation as well as remediation for newer applications.” Every application today is internet-connected either directly or indirectly, Kulkarni added, explaining that this means the impact of vulnerabilities can potentially affect hundreds of thousands of end-users, if not millions.  Kulkarni suggested organizations distribute the responsibility of security more broadly to all the stakeholders beyond just security and IT teams that often lack the budget or the resources to handle security meticulously. “Security is a team sport, and for the longest time, there has been a disproportionate share of responsibility placed on security and IT teams. “Development teams are pressed for time, and they are in no position to undergo multiple hours of point-in-time dedicated security training. A better approach is for the security teams to identify the top 1-3 vulnerabilities that are trending in the applications they are testing and provide development teams bite-size training focused on those vulnerabilities.” More

Ransomware has become such a significant problem that now even leaders of the global superpowers are discussing these attacks at high-profile summits. The cyberattacks – which involve criminals encrypting networks and demanding payments that can reach millions of dollars in exchange for the decryption key – were one of the key discussion points during the first face-to-face meeting of US President Joe Biden and Russian President Vladimir Putin. Ransomware was on the agenda following several high-profile campaigns against US targets, which caused significant disruption.

First, cyber criminals using DarkSide ransomware hacked the network of Colonial Pipeline, resulting in services being shut down – disrupting gasoline supplies for much of north eastern United States – and forcing the company to pay a ransom of almost $5 million in bitcoin. Just weeks later, criminals using REvil ransomware hit meat processor JBS, which paid a ransom of $11 million in bitcoin. SEE: Network security policy (TechRepublic Premium) Like many ransomware groups, both DarkSide and REevil are thought to be the work of cyber criminals working out of Russia. The consensus among cybersecurity researchers is that the Kremlin turns a blind eye to these activities. That’s why President Biden directly brought up the issue of ransomware during his meeting with President Putin. “I looked at him and said: ‘How would you feel if ransomware took on the pipelines from your oil fields?’ He said: ‘It would matter.’ I pointed out to him that we have significant cyber capability. And he knows it,” Biden told reporters.

Biden’s warning to Putin came following the G7 Summit in Cornwall, England, where the leaders of Canada, France, Germany, Italy, Japan, the United Kingdom and the United States issued a joint declaration on ransomware, agreeing that international action is needed to combat the issue. Ransomware has been a problem for years, but attacks have become increasingly disruptive and damaging for victims while cyber criminals make more and more money from campaigns. A few years ago, ransoms were hundreds of dollars – now cyber extortionists are demanding millions or even tens of millions of dollars in ransoms. And ransomware groups are able to keep demanding huge sums of bitcoin and other cryptocurrencies because, for one reason or another, victims are paying the ransoms. “It’s an effective business model because, from a criminal’s point of view, it works because people are paying. Then there are more attacks as a result as it’s so successful,” says Eleanor Fairford, deputy director for incident management at the National Cyber Security Centre (NCSC). SEE: Network security policy (TechRepublic Premium) For cyber criminals, ransomware is the easiest and most efficient way to make money from a compromised network. An intruder within a corporate network could spend months stealing sensitive information then struggle to find a way to make money from it. Or they could use that time and effort to move around a network laying the foundations for a ransomware attack – and walk away with millions of dollars. The most well-organised ransomware operations will even cherry-pick the organisations they see as potentially the most lucrative or most likely to pay a ransom and focus their efforts on those in order to maximise profits. “If you’re worth $40 million to someone to compromise, is your security good enough to prevent somebody who thinks they can get $40 million out of you? That’s a really hard question to answer,” says John Hultquist, VP of analysis at Mandiant Threat Intelligence. “The prices of ransoms has sky-rocketed and it’s going to be even harder than ever for organizations to secure themselves against an actor, who can afford advanced capabilities to gain access.” It’s because of this situation that hackers are targeting organisations that operate essential infrastructure, factories and other critical services that are reliant on uptime in order to remain functioning. It’s possible that an office-based business that gets hit by ransomware can take the time to restore the network without paying a ransom, even if it disrupts services for days or weeks. Ease of attack Not only is ransomware a lucrative activity, it’s often via relatively simple means that cyber criminals gain access to networks in the first place, exploiting common cybersecurity vulnerabilities as the first step in a ransomware attack. “It’s not super-sophisticated zero-day vulnerabilities or that the threat actor wrote an exploit; it’s things like VPN without multi-factor authentication, things like unpatched Microsoft Exchange servers, it’s things like remote desktops on a port that was publicly available to the internet, that are being leveraged for ransomware,” says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. Despite repeated warnings, organisations may be completely unaware that these vulnerabilities exist or may not have the procedures in place to apply the relevant security patches to close vulnerabilities in RDPs and VPNs. And the COVID-19 pandemic has exacerbated the problem as organisations have far more staff working remotely than before, making it harder to manage security updates or monitor for potentially unusual behaviour. Ransomware attacks are already damaging and disruptive enough, but many of the most successful ransomware gangs have added another string to their bow – double extortion. SEE: This company was hit by ransomware. Here’s what they did next, and why they didn’t pay up Not only do criminals encrypt data and demand a ransom in exchange for a decryption key, the access they’ve gained to the network means they’re able to steal sensitive information. They’re not looking to sell it on to rival firms or governments; they simply threaten to publish it if the victim doesn’t pay. It isn’t an empty threat, with ransomware gangs running dedicated leak sites where they publish data stolen from organisations that didn’t pay up – and that could scare some victims into paying the ransom, although there’s no real guarantee that cyber criminals won’t exploit that data in the future. Hard-to-trace payments When organisations do pay the ransom, it’s paid in cryptocurrency – and there’s an argument that it’s helped cyber criminals easily make money from ransomware. For criminals, getting the money out is the key thing and by using cryptocurrency like bitcoin, they’re able to do it in a way that’s difficult to trace – and crucially, avoids anything like a regular bank account that could be used to identify them. “When it comes to cybercrime, monetization becomes really complicated. It’s always been sort of the bottleneck – you can get your hands on a bajillion credit-card numbers, but the part where you convert it, that’s where everything stops,” says Hultquist. “Cryptocurrencies provided sort of a way around that because it allows them to move this cash freely around outside of regular systems and provided much easier monetization. It’s not necessarily the cryptocurrency that is fuelling this, the tremendous payouts are fuelling this. Cryptocurrency just makes the monetization easier,” he adds. The Russian angle And when ransomware attacks are this financially successful, they’ll keep happening – especially if cyber criminals are operating from countries where their governments turn a blind eye to their activities. The consensus is that many of the most notorious ransomware gangs are operating from within Russia and that they’re allowed to make money from ransomware, so long as they focus their activities against the west. “The Russian state and Russian criminal underworld are not the same thing, but there is understanding between them and understanding is that as far as the state’s concerned, Russians can make money a way that suits them,” says Ciaran Martin, professor of practice at the University of Oxford’s Blavatnik School of Government – and former director of the NCSC.

ZDNet Recommends

The best cyber insurance

The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.

Read More

“But the conditions are: leave Russians and Russian interests alone, and when we need your best people, they have to come; that’s the way the model has worked.” SEE: Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again Cyber criminals take heed of this warning, with many coding their ransomware with instructions to terminate if a scan reveals that it’s on a Russian language system. On top of this, it’s against the Russian constitution to extradite Russian citizens, so even if authorities in the West were able to identify members of a ransomware operation, they’re unlikely to be able to make arrests. Meanwhile, a ransomware group would be unlikely to succeed for long if it was working out of a western nation because law enforcement would quickly take action. “Why are there no major international ransomware syndicates in the West? Because if you set one up in London or Oxfordshire or Northern Ireland, the National Crime Agency will be kicking down the door within a week, you just couldn’t do it,” says Martin. “You can’t really do it in the West, but you can do in Russia. Why? Because it’s allowed.” Time for change? Ransomware has been a problem for years – particularly with hospitals regularly falling victim to attacks during the peak of the coronavirus pandemic, but the attack against Colonial Pipeline has struck a particular chord. The pipeline that provides almost half the gasoline supply to the north eastern United States was shut down and that was obvious to all: this wasn’t just a business not being able to operate without the use of particular files, this was critical infrastructure that got shut down due to ransomware. “There will be ‘before Colonial Pipeline’ and ‘after Colonial Pipeline’, it’s that much of a milestone in the way that the threat actor economy is going to work,” says DeGrippo. “It’s not a ransom of files any more, it’s a ransom of your existence. Ransoming the ability to get hot dogs and beer and gasoline is a whole different ballgame.” The United States has a strong relationship with oil and gas and that made the disruption caused by Colonial Pipeline ransomware attack impossible for the Biden administration to ignore – and it started with the Department of Justice seizing most of the bitcoin used to pay the ransom. Even the operators of DarkSide ransomware-as-a-service attempted to distance themselves from the attack, claiming that “our goal is to make money, and not creating problems for society”. They even claim that they’ll establish additional checks and balances on their “partners” in future. But now the ransomware gangs may have bitten off more than they can chew. “They don’t want this much notoriety, they want to be recognised, they want people to pay – but I don’t think they necessarily want the US government on their trail – they probably took it a step too far. I’m sure the other ransomware gangs are pretty upset with them,” says Hultquist. The threat from ransomware is still high – as evident by how Ireland’s healthcare service continued to suffer disruption weeks on from a Conti ransomware attack, which hit days after the Colonial Pipeline attack – but there’s a feeling that recent events could potentially be a turning point. “There is at least a plausible case to be made that the past month has been strategically damaging for the criminals and that one hopes that we might – please note, the very careful language – that we might be able to look back at some point on this period as peak ransomware,” says Martin. “Now that’s by no means certain yet, it’s not even likely yet, but governments are starting to see this can do real harm.” However, in the immediate future, ransomware will remain effective as long as organisations are vulnerable to being hacked by cyber criminals, as demonstrated by how attacks have continued to cause disruption around the world. But it is possible to build resilience to cyberattacks – including ransomware – and make it much harder for cyber criminals to compromise the network in the first place. SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  Much of this resilience can be built-up by ensuring that cybersecurity hygiene procedures, such as installing security patches in a timely manner, preventing the use of simple passwords and using multi-factor authentication, are applied across the network. Because ransomware gangs are opportunists, by making things more difficult for them, it decreases the likelihood of a successful attack. “The sorts of things that are useful: having visibility on your network to be able to see if precursor activity is taking place, understanding where your assets and network are, and properly having that mapped and understood. These standard good processes will defend against ransomware,” says Fairford. Regularly updating backups – and storing them offline – also provides another means of lessening the severity of ransomware attacks, because even in the event of the network being encrypted, it’s possible to restore it without paying cyber criminals, which cuts off their main means of income. Nonetheless, the rise of double extortion attacks has added an extra layer of complexity to this issue because if the organisation doesn’t pay a ransom, they’re faced with the prospect of potentially sensitive information about employees and customers being leaked. “Do you have a plan if if your information starts leaking out?,” says Hultquist. “Those pieces need to be in place now, not when it hits the fan” The fact that the US and other governments are talking about ransomware should also act as a catalyst for any organisation – that, for whatever reason, didn’t have any specific plans for preventing or protecting against a ransomware attack – to decide on their plans now. Because even in the worst-case scenario, when the network has been encrypted with ransomware, having a set plan can help manage the incident and potentially make it less damaging. “Companies must sit down with their executives and they must decide, ‘if we are a victim of ransomware, how much are we willing to pay, who on the board is going to be authorized to negotiate this and what is our relationship, going to be with law enforcement when it happens?’. Then every quarter, you revisit it and you ask, ‘is this still our decision if we come under a ransomware attack, is this still our plan of action?'” says DeGrippo. “If you haven’t made the decision on how you’re going to handle it yet, it’s not going to work out in your favour,” she adds.

MORE ON CYBERSECURITY More

Can it work? It’s surely worth trying to animate people on the topic.
Screenshot by ZDNet
It’s easy to admire those with lofty dreams.

As long as they don’t express them with depressingly egotistical certainty, that is. Which does rule out one or two tech CEOs and three or four tech PR people. Still, I was moved when a Japanese company contacted me and claimed its aim is “to create a secure cyberspace that people around the world can use safely.” Wouldn’t that be something? Yet here we are with President Biden cyber-rattling at America’s enemies and worrying that the nation’s cybersecurity just isn’t good enough. What, then, could Japan’s Cyber Security Cloud do with its pleasingly idealistic bent? First, sadly, I had to endure the product hard sell. Cyber Security Cloud insists it has WafCharm. The mere idea that a security cloud could enjoy any charm at all seems wildly fanciful. CSC persisted, however, that WafCharm is actually “the only service on the market that automatically builds, tests and tunes AWS WAF rules, and continuously defends against zero-day threats.” While presumably offering an occasional quip, witticism or flattering remark to make users feel warm all over.

I wanted to believe it. I had little reason not to, other than my terminal skepticism. So I thought I’d flex a little of my off-charm and asked: “Look, you can’t really have cybersecurity because humans are deeply imperfect and make terrible mistakes, such as opening attachments coming from nefarious sorts.” “We have an answer to that,” said a vibrantly serene CSC spokesperson. “Well, at least the beginning of an answer.” “Pray, what would that be?” “Cartoons.” I feared a translation had been lost in an insecure cloud.  “Seriously,” came the polite interjection from CSC’s CEO Toshihiro Koike. “Japanese people are very used to learning things such as history and science through anime/manga at a young age. In our culture, we believe that anime/manga is a great way to learn, especially because it is convenient and entertaining.” But that’s not going to work in America, is it? We love shooting and killing games for convenience and entertainment. Koike wasn’t having it: “We believe teaching Americans about cybersecurity through anime/manga would work really well. If you educate Americans about cybersecurity using anime characters popular in the US, it will be easier for the audience to understand cybersecurity, especially since most people are unfamiliar with the topic.”

Past research has suggested that millennials are twice as likely to ignore office IT rules. Which warms CSC’s heart. “The anime/manga strategy may be especially relevant for millennials and Gen Z, who grew up with anime in American pop culture,” said Koike. So, I asked, does CSC teach its own employees this way?  “We create anime for our new employees so they can learn about cybersecurity basics,” said Koike. “We also utilize anime to teach our clients about security threats and countermeasures since, most of the time, they are unaware of certain strategies or don’t have enough knowledge regarding the topic.” Wait, significant companies don’t have enough knowledge about cyberthreats? Could this be one of the reasons why they’re being hacked? I can’t promise you cartoons will animate your cybersecurity. Somehow, those who created the internet-based systems upon which we rely didn’t sufficiently consider how easily they could be breached. Still, it’s worth exercising a little imagination to make things even slightly better. So, President Biden, perhaps cartoons are the way to get Americans to be more cyber-conscious.  Perhaps there might be some congressional money for this. After all, there are so many cartoon characters in Congress that they’ll surely all support it. More

GlobalFoundries has begun construction works on a $4 billion manufacturing plant in Singapore to meet growing global demand for semiconductors. It says i”long-term” customer agreements already have been inked in key market segments, including 5G and automotive.  Slated to be up and running in 2023, the new Singapore fab would be built with co-investments from customers, GlobalFoundries said in a statement Tuesday. The chip manufacturer is owned by United Arab Emirates state-owned wealth fund, Mubadala Investment Company.  Global semiconductor revenue climbed 10.8% year-on-year to hit $464 billion in 2020, according to IDC, which projected the market would continue to grow, at 12.5%, this year to reach $522 billion. The research firm pointed to high-growth markets 5G, automotive, consume products, and computing as key drivers for semiconductor demand. 

Revenue from smart phone chips, in particular, would increase 23.3% to hit $147 billion this year, IDC predicted. Its research director for connectivity and smartphone semiconductors Phil Solis said in a May report: “2021 will be an especially important year for semiconductor vendors as 5G phones capture 34% of all mobile phone shipments ,while semiconductors for 5G phones will capture nearly two-thirds of the revenue in the segment.” GlobalFoundries CEO Tom Caulfield said in the company’s statement that the new plant in Singapore would support “fast-growing end-markets in the automotive, 5G mobility, and secure device segments”. He noted that “long-term” customer agreements from these markets already had been inked. Caulfield added that the chipmaker was “accelerating” its investments worldwide as part of efforts to address the global semiconductor shortage, which the company said included plans to expand all its manufacturing sites in the US and Germany.The Singapore fab, when operational, would boost capacity by 450,000 wafers per year, pushing GlobalFoundries’ production of 300mm wafers in Singapore to some 1.5 million each year. 

The chipmaker said it was adding 250,000 square feet of cleanroom space as well as administrative offices, with the new plant creating 1,000 roles including technicians and engineers. Its launch was announced in partnership with Singapore’s Economic Development Board. The government agency’s chairman Beh Swan Gin said in the statement that global demand for chips also was fuelled by growth markets such as artificial intelligence and underscored the chip industry as “a key pillar” of the country’s manufacturing sector. According to stats from TrendForce, Taiwanese chipmaker TSMC led the global market by revenue in the first quarter of 2021, grabbing 55% market share. South Korean Samsung ranked in second with 17% market share, followed by Taiwanese UMC with 7% market share. RELATED COVERAGE More

In taking a forward-looking approach into what the future of South Australia will look like, the South Australian government has announced it will bolster investment in tech-focused sectors such as defence, space, and cybersecurity as it hands down the 2021-22 Budget [PDF]. “This Budget is our blueprint for a stronger South Australia, creating jobs, building what matters and delivering better services to further secure our growing global reputation as one of the safest and most attractive places in the world to live, work, and raise a family,” Treasurer Rob Lucas said on Tuesday. Some of the specific funding announcements include AU$20.8 million to upgrade the existing buildings at Lot Fourteen to make way for the expansion of space, digital, hi-tech, and cyber companies, with a particular focus on companies involved in small satellite development. Separately, AU$6.6 million will be contributed over five years to assist with the SASAT1 Space Services Mission, which will see a local manufacturer launch a small satellite in mid-2022 as well as deliver space-derived services to the state. South Australia’s Defence and Space Landing Pad program has also received a boost, with the state government saying it will deliver AU$860,000 over three years for the program that is used to support international defence and space companies that bring new, sought-after capability to South Australia. Local artificial intelligence and health technology companies are set to receive additional support through a AU$1.6 million allocation delivered over four years. Under this investment, AU$985,000 will be used for grants to support AI and health technology companies through matching co-funding for health application pilots, and $589,000 to deliver project support activities, including investment concierge services. Meanwhile, AU$2.6 million will be earmarked to support small businesses developing digital and cyber security capabilities as well as other capabilities to enter the national market.

The Budget papers also indicated AU$21.1 million over three years will be dedicated towards the implementation of stages three and four of the South Australia Police Shield project, which involves linking South Australia Police’s data and records management system directly with other justice sector agencies. The state government touted the move will improve collaboration and data sharing capabilities. In a bid to boost bushfire response, the 2021-22 Budget revealed that it will contribute AU$7.7 million over four years towards the ongoing management, support, and maintenance of automatic vehicle location systems (AVL) used by the emergency services sector. AVL provides real time location information of firefighting and other emergency response vehicles during incidents. AVL is expected to be installed in approximately 1,400 vehicles at a total cost of AU$12.7 million. Additionally, the 2021-22 Budget indicated support for the state government’s commitment to improving digital services for citizens remains ongoing through its AU$120 million Digital Restart Fund, noting that AU$4.3 million in 2021-22 will be put towards the South Australian government’s online services portal, AU$5.5 million over two years for the expansion of the residential aged care enterprise system, AU$1.3 million over two years for the child and family services information systems, and AU$500,000 in 2021-22 for the Safeguarding smartphone app. Related Coverage More