An Australian IT consultant has been jailed for 3 years after hacking a WiFi network to get insider trading information.
Also creating problems was a concerted attack on the world’s telecommunications companies, which saw more than 100GB of call record data stolen but fell short of the worst-case scenario.
Telecoms providers aren’t the only ones that should be improving their cybersecurity game, however: with the introduction of new CPS 234 cybersecurity regulations on 1 July, boards of financial-services organisations face a new level of scrutiny and responsibility around cyber security.
That responsibility may shape board responses but it’s not the only thing that needs to change about cybersecurity: with DNS exploits reaching new levels of sophistication and nation-state hackers getting on the bandwagon, significant infrastructure threats are now very real.
The DNS problem has gotten so bad that Oracle has begun winding down its Dyn DNS platform – which was recently compromised by a massive DDoS attack – and pushing customers onto Oracle Cloud services.
Also moving to the cloud is VirusTotal, the security-scanning tool that will run on Google Cloud after a reorganisation of Alphabet-owned security venture Chronicle.
The escalating situation in Iran is spawning cyber attacks that have led the US government to recommend that everybody use two-factor authentication (2FA).
That’s hardly news for seasoned IT professionals, who have been screaming for ages about the importance of better security practices.
Better security will also be a focus for a newly appointed EU boss who will enforce a new law designed to improve cybersecurity standards across the continent.