Information Technology

Twitter has permanently banned or hidden over 500 accounts in response to blocking orders it received from the Indian government.
In a blog post published on Wednesday, Twitter said the orders were served under section 69A of the Information Technology Act, which means that failure to comply could result in the imprisonment of Twitter employees.
The social media platform has also reduced the visibility of various hashtags containing harmful content, which entailed prohibiting them from trending on Twitter and appearing as recommended search terms, and withheld various accounts from being viewed in India to comply with the orders.
These withheld accounts are only hidden in India, however, and are still available outside of India, Twitter said.
In response to the orders, Twitter said it is currently exploring options under Indian law as the company believes the orders for bans, as a whole, are not consistent with Indian law.
“We are exploring options under Indian law — both for Twitter and for the accounts that have been impacted. We remain committed to safeguarding the health of the conversation occurring on Twitter, and strongly believe that the Tweets should flow,” Twitter said in the blog post. 
In addition, Twitter said it has ignored two of India’s emergency blocking orders, which they had initially complied with, as the platform believes the two orders violate the company’s fundamental right to free expression under Indian law by calling for the accounts of activists and journalists to be banned.

The various blocking orders, in total, call for Twitter to block over 1,000 accounts. Many of the accounts are linked to the Khalistan movement and farmer protests, according to a local report.
Since last year, farmers, primarily from Haryana and Punjab, have been protesting in New Delhi against agricultural reform laws that they claim have lessened their bargaining power with corporations. Since the protests commenced, the Narendra Modi-run government has refused to make any changes to the agricultural laws, while also blocking mobile internet services in several areas where the protests have been occuring.
On the same day of Twitter posting the blog post, the company’s CFO Ned Segal confirmed that former US President Donald Trump has been permanently banned from Twitter and there would be no revocation of the ban.
“So the way our policies work when you’re removed from the platform you’re removed from the platform; whether you’re a commentator, or a CFO, or you are a former or current public official. So remember, our policies are designed to make sure that people are not inciting violence and if anybody does that we have to remove them from the service and our policies do not allow [these] people to come back,” Segal told CNBC in an interview.
Trump was banned last month after he made two tweets that were perceived to have escalated ongoing tensions and encouraged the storming of the US Capitol.
The Twitter suspension came after Facebook suspended Trump accounts on the social network and Instagram through inauguration day. 
Related Coverage More

Image: ZDNet
In the aftermath of the Oldsmar incident, where an unidentified attacker gained access to a water treatment plant’s network and modified chemical dosages to dangerous levels, the FBI has sent out an alert on Tuesday, raising attention to three security issues that have been seen on the plant’s network following last week’s hack.
The alert, called a Private Industry Notification, or FBI PIN, warns about the use of out-of-date Windows 7 systems, poor passwords, and desktop sharing software TeamViewer, urging private companies and federal and government organizations to review internal networks and access policies accordingly.
TeamViewer considered the point of entry
The FBI PIN specifically names TeamViewer as a desktop sharing software to watch out for after the app was confirmed as the attacker’s entry point into the Oldsmar water treatment plant’s network.
According to a Reuters report, officials said the intruder connected to a computer on the Oldsmar water treatment plant’s network via TeamViewer on two occasions last Friday.

In the second one, the attacker actively took control of the operator’s mouse, moved it on screen, and made changes to sodium hydroxide (lye) levels that were being added to drinking water.
While the operator reversed the changes the hacker made almost immediately, the incident became an instant point of contention and discussion among security professionals.
Among the most common point brought up in online discussions was the use of the TeamViewer app to access resources on US critical infrastructure.

In a Motherboard report published on Tuesday, several well-known security experts criticized companies and workers who often use the software for remote work, calling it insecure and inadequate for managing sensitive resources.
While the FBI PIN alert doesn’t take a critical tone or stance against TeamViewer, the FBI would like federal and private sector organizations to take note of the app.
“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” the FBI said.
“TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.
The FBI alert doesn’t specifically tell organizations to uninstall TeamViewer or any other type of desktop sharing software but warns that TeamViewer and other similar software can be abused if attackers gain access to employee account credentials or if remote access accounts (such as those used for Windows RDP access) are secured with weak passwords.
FBI warns about Windows 7 use… again
In addition, the FBI alert also warns about the continued use of Windows 7, an operating system that has reached end-of-life last year, on January 14, 2020, an issue the FBI also warned US companies about last year.
This part of the warning was included because the Oldsmar water treatment plant was still using Windows 7 systems on its network.
While there is no evidence to suggest the attackers abused Windows 7-specific bugs, the FBI says that continuing to use the old operating system is dangerous as the OS is unsupported and does not receive security updates, which currently leaves many systems exposed to attacks via newly discovered vulnerabilities.
However, a Cyberscoop report published today highlights the fact that the Oldsmar plant, along with many other US water treatment facilities are often underfunded and understaffed.
While the FBI warns against the use of Windows 7 for good reasons, many companies and US federal and state agencies might not be able to do anything about it, barring a serious financial investment into modernizing IT infrastructure from upper management, something that’s not expected anytime soon in many locations.
In these cases, the FBI recommends a series of basic security best practices as an intermediary way to mitigate threats, such as:
Use multi-factor authentication;
Use strong passwords to protect Remote Desktop Protocol (RDP) credentials;
Ensureanti-virus, spam filters, and firewalls are up to date, properly configured, and secure;
Audit network configurations and isolate computer systems that cannot be updated;
Audit your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts;
Audit logs for all remote connection protocols;
Train users to identify and report attempts at social engineering;
Identify and suspend access of users exhibiting unusual activity;
Keep software updated. More

Dell Technologies is offering to arm 3,000 students, fresh graduates, and mid-career professionals in Singapore with skills in cloud computing, data protection, data science, and big data analytics. It hopes to do so over the next two years via a new tech skills accelerator. 
The initiative would encompass two separate programmes, including a partnership with Singapore Management University (SMU) that would see more than 1,000 of the school’s undergraduates experience cloud-native technologies and content as part of their curriculum. 
Students from SMU’s School of Computing and Information Systems would undergo classroom training as well as hands-on lab sessions to acquire “practical technical skills” in cloud-native practices and technologies, Dell said in a statement Wednesday.

To be led by VMware, the programme also would include mentorship for final-year students, with Dell participating in guest lectures and technical workshops focused on cloud-native skillsets. 
A second initiative focuses on data capabilities, where a five-week training sessions will be offered to 1,000 employees of Dell’s local partners and customers that have enrolled in Singapore’s SGUnited Traineeship or Mid-Career Pathways programme. 
The government had introduced its SGUnited Jobs and Skills plan, with an aim to support 100,000 jobseekers, to provide job, traineeship, and skills training opportunities to support Singaporeans impacted by the COVID-19 crisis. 
Dell was looking to tap this with its Skills Up training sessions, which would equip participants with skillsets they needed for roles in data protection and management, data analysis, and converged cloud infrastructure. At the end of the five-week programme, participants would be assessed on their technical proficiency and issued certifications such as the Dell Certified Associate if they passed the examination. 

Another eight-week programme, called Getting Future Ready, also would be piloted by VMware to provide “structured learning paths” to help students tap cloud-native job roles and opportunities, Dell said. 
It added that Skills Up and Getting Future Ready collectively would train up to 2,000 fresh graduates and mid-career professionals in Singapore. 
The US tech giant said the new training programmes were put together to meet growing demand for tech skills and help drive digital transformation in the country.
Citing its Digital Transformation Index 2020, Dell noted that data privacy and cybersecurity concerns were amongst the top challenges faced by organisations in Singapore. These were further followed by the inability to extract insights from data as well as a lack of relevant in-house skills, it added.
Dean of SMU’s School of Computing and Information Systems, Pang Hwee Haw, said: “Companies and public agencies are employing digital technology to transform their business models and processes. The digital transformation of industries, economies, and societies will accelerate going forward. 
“It is, therefore, imperative that we equip our students with highly sought-after computing skills, including emerging technologies such as cloud-native skills, so that they become industry ready, innovation-enabled solution developers who are able to create value to business and society,” Pang said. 
Dell’s president of Asia-Pacific Japan and global digital cities, Amit Midha, noted that digital economy advancements had “shaken up” skills requirements and pushed demand for tech talent. Tech vendors, hence, played a key role in training talent with the skills needed to help bridge the critical skills gap. 
RELATED COVERAGE More

Google is rolling out its virtual private network (VPN) service for subscribers of its Fi network that should help people when they’re using online services on public Wi-Fi. 

VPNs are handy, so long as you trust the service provider to route your traffic safely through their servers. The key question is whether you, as a device owner, trust the service provider. 
A VPN gives you a private tunnel over the open internet and ensures that packets are encrypted so if they’re intercepted by a government agency or hacker, they can’t be deciphered. 
VPNs are not foolproof but they work well enough in situations many situations, like at the airport when you need to access your online bank account or Gmail. Normally a decent VPN costs money, but Google throws it in with its Fi broadband service to offer a shield against attackers and marketers using a device’s IP address to track a location. 
Google has delivered performance improvements to its Fi VPN and moving it out of beta for Android phone users. 
“This means you can get the benefits of the VPN while also getting a faster, stronger connection across your apps and services,” Google notes. 
It’s also coming to the iPhone, bringing coverage to all of Google’s Fi users. “We plan to roll out the VPN to iPhone starting this spring,” Google notes. Google is also bringing its privacy and security hub to Android devices, offering users a shortcut to features available to Android users, such as its VPN. 

Finally, Fi users can expect free spam call warnings and blocking to stop identified robocalls and scams and the company is stepping up its game to protect users from SIM swapping scams.  
“Your Fi number is tied to your Google Account and comes with security features that protect your phone number from threats like SIM swaps — that’s when bad actors try to take someone’s phone number and assign it to another SIM card without their consent,” Google said.  
“On Fi, you receive extra layers of protection by default, including a robust account recovery process and notifications for suspicious activity. You can also enable 2-step verification for more protection.”
Related stories: More

Cyber criminals are constantly adapting techniques to distribute phishing emails, but simply having your email address or other personal details exposed in a data breach makes you five times more likely to be targeted.
Google teamed with Stanford University to analyse over a billion of phishing emails cyber criminals attempted to send to Gmail users between April and August last year and found that having personal information leaked in a third-party data breach following a hacking incident drastically increases the odds of being targeted with phishing emails, compared with users who haven’t had their details published.
Other factors that might make it more likely for you to be hit with phishing according to Google’s model include;

Where you live also: in Australia, users faced 2X the odds of attack compared to the US, even though the US is the most most popular target by volume (not per capita). 

The odds of experiencing an attack was 1.64X higher for 55- to 64-year-olds, compared to 18- to 24-year-olds.

Mobile-only users experienced lower odds of attack: 0.80X compared to multi-device users. Google said this “may stem from socioeconomic factors related to device ownership and attackers targeting wealthier groups.”

Google says it prevents 99 percent  of the over one hundred million emails containing spam, phishing links and malware sent out cyber criminals each day from reaching inboxes – but there are common tricks which attackers use in an effort to bypass protections.
This involves a reliance on fast-churning campaigns, with certain email templates only sent out over a brief period. Sometimes campaigns can last less than a day before cyber criminals move on to attempting to use a different template for email scams.
SEE: Security Awareness and Training policy (TechRepublic Premium)
However, the research paper also notes that phishing is an ever-evolving area and continued study is required to ensure users are as protected as much as possible from attacks.

“Our measurements act as a first step towards understanding how to evaluate personal security risks. Ultimately, such estimates would enable automatically identifying, recommending, and tailoring protections to those users who need it most,” says the paper.
While the users targeted by phishing emails tends to change on a week to week basis, the pattern of attacks remains largely the same.
Geography also plays a large role in whether cyber criminals will attempt a phishing with users in the US the most popular targets, accounting for 42 percent of attacks. That’s followed by the UK, which is targeted by one in ten phishing attacks and Japan, which is targeted by one in twenty phishing attacks.
While most attackers don’t localise their efforts, using English in messages sent to countries around the world, there are regions where the emails are tailored towards particular languages. For example, 78 percent of the attacks targeting users in Japan occurred in Japanese, while 66 percent of attacks targeting Brazilian users occurred in Portuguese.
Google notes that Gmail’s phishing and malware are turned on by default, but also encourage users to use the Security Checkup function for personalised advice on how to keep their inbox safe from phishing and other malicious attacks.
It’s also recommended that enterprise users deploy Google’s advanced phishing and malware protection.
MORE ON CYBERSECURITY More

[embedded content]
Eight men were arrested across England and Scotland this week as part of a coordinated crackdown against a SIM swapping gang that has hijacked the identities and social media profiles of US celebrities.

The UK National Crime Agency, which made the arrests on Tuesday, said the gang targeted well-known sports stars, musicians, and influencers, primarily located in the US.
“These arrests follow earlier ones in Malta (1) and Belgium (1) of other members belonging to the same criminal network,” Europol, which coordinated the multi-national investigation, said today.
Officials said this gang engaged in SIM swapping attacks, where they tricked US mobile operators into assigning a celebrity’s phone number to a new SIM card under the attacker’s control.
While they had access to the victim’s phone number, the SIM swappers would reset passwords and bypass two-factor authentication on the victim’s accounts.
“This enabled them to steal money, bitcoin and personal information, including contacts synced with online accounts,” the NCA said.
Europol said the gang stole more than $100 million worth of cryptocurrency using this method.

“They also hijacked social media accounts to post content and send messages masquerading as the victim,” UK investigators added.
The investigation involved authorities in the US, the UK, Canada, Malta, and Belgium and got underway in 2020, after the infamous Twitter hack, where SIM swapping was also involved.
Former telco employee also charged in the US in unrelated case
Authorities previously noted a rise in SIM swapping-related incidents, as criminal groups find the technique easier to carry out when compared to orchestrating highly-technical phishing and malware campaigns.
The practice usually relies on tricking telco call center staff into assigning a phone number to a new SIM card, but it often also relies on rogue employees inside telephone companies willing to cooperate with criminal gangs.
One such employee was charged in the US on Monday. The US Department of Justice indicted Stephen Daniel Defiore for his role in helping SIM swappers steal the identities of at least 19 people while working as an employee for an unnamed US phone company between August 2017 and November 2018.
US authorities said Defiore received $2,325 in a series of twelve payments for his role in the scheme. If found guilty, he now faces a prison sentence of up to five years and a fine of up to $250,000. More

Hackers have been exaggerated to the point of parody in action movies and pop media, but one thing depictions of hacking got right is how useful a skill it is. Cybersecurity is one of the largest growing industries, and as more and more businesses rely more heavily on online services, the need for experts in the field will only increase. For those who want to take the leap into the cybersecurity industry while it’s booming, there is The All-In-One 2021 Super-Sized Ethical Hacking Bundle, a comprehensive course on coding, ethical hacking, and programming for only $42.99. 

The All-In-One 2021 Super-Sized Ethical Hacking Bundle is your key to new, marketable expertise in an industry that is fast becoming essential. With this 18-course bundle, you’ll get access to over 100 hours of instruction on coding with Python, introductory and advanced ethical hacking practices, and marketable experience in cybersecurity. 
If you’re taking every opportunity to make yourself a competitive candidate in IT and cybersecurity, then this bundle is the ideal match for your skills and ambition. All lessons come with lifetime access and are taught by experts in the field like Aleksa Tamburkovski, a Penetration Tester with over 5 years of experience in Ethical Hacking and cybersecurity who has worked and discovered vulnerabilities for multiple companies and governments.
With this bundle, you will learn to code with Python, to hack systems and mobile devices, master server security, and useful Linux tips, tricks, and techniques that you can use to impress future employers or factor into your practice immediately. 
The All-In-One 2021 Super-Sized Ethical Hacking Bundle normally costs over $3,000 but is available now for $42.99, a discount of 98%. Never has there been a better time to enter an industry that is fast becoming a necessity for every major business in the world. 
Prices subject to change

ZDNet Recommends More

Wall Street’s acceptance of data breaches and investor “fatigue” has numbed the reaction of traders following a cybersecurity incident, new research suggests.

Over the past decade, the rush to harness data to improve business operations, management, and customer relationships did not occur in tandem with improving cybersecurity hygiene in order to protect this data — and organizations are still courting huge risks to their share prices to this day as a result. 
According to IBM’s latest Cost of a Data Breach report, the enterprise sector can expect an average bill of $3.86 million — but in the case of large security incidents involving consumer records, this may rise to up to $392 million — to remedy a breach. 
Some companies will hide their head in the sand when told of a data breach, whether caused by open buckets, intrusion, insider operations, or accidental information loss. 
However, for businesses trading on public stock market platforms, failing to recognize a data breach has occurred or trying to hide it can have real, long-term repercussions. 
This week, Comparitech published its annual report on how data breaches can impact share prices which revealed that cybersecurity incidents do not have the same ramifications for the stock market as they did close to a decade ago.
This year’s research has tracked 34 companies and 40 publicly disclosed data breaches. The companies were chosen based on data breaches involving at least one million records, subsequent public disclosure, and an active listing on the NYSE. 

There are some limitations of the study, including possible sample sizes based on Comparitech’s criteria, as well as the impact of financial reports and the issue of class-action settlements. 
“If a data breach leaks particularly damaging information that ultimately incurs financial damages to a company’s customers, and the company was shown not to have adequately protected the information leaked in that breach, then customers often sue [..],” the researchers note. “These usually result in settlements, in which the company forks out millions of dollars to reimburse customers for damages. This does not always happen and the amount paid out varies, so we simply don’t have enough data to fit a practical model that shows how these settlements affect stock prices.”
However, the study still reveals some interesting trends. The share price of a breached company now falls by an average of 3.5% within 14 days of disclosure and will hit its lowest point after roughly 110 market days. A prior analysis conducted in 2019 suggested that stock prices would drop by an average of 7.27%.
Underperformance on the Nasdaq is within the range of -3.5% on average, and 21 out of 40 breaches caused worse stock performance in the six months following a breach in comparison to six months prior. On average, share prices grew by 2.6% prior to a breach and dropped 3% afterward.
One notable trend is that “older breaches” were once met with a more immediate, negative reaction by Wall Street. Share prices fell more substantially and according to the research, stocks took an average of 109 days to recover when a breach occurred in 2012 and earlier. 
For data breaches occurring between 2013 and 2016, drops in share price were “less severe” than in the earlier category, and there was less than 1% difference in value between the sixth months prior to and after a security incident’s disclosure. 
When it comes to breaches reported in 2017 and after, it took roughly 100 days for prices to recover and general performance was only “slightly poorer” in the six months after a breach. 
In today’s marketplace, technology and financial services companies suffered the most after a data breach, whereas e-commerce and social media companies are “the least affected,” according to Comparitech. 
“Breaches that leak highly sensitive information like credit card and social security numbers see more immediate drops in share price performance on average than companies that leak less sensitive info, but in the long-term, they do not necessarily suffer more,” the researchers noted. 
Data breach impacts on company stock prices do, it seems, diminish over time as memory fades and there are many other factors that can also negatively influence an organization’s stock price — such as the disruption caused by COVID-19, unrelated lawsuits, and management changes.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More