The week in security: Privacy, e-voting worries as Trump wins US election
- 14 November, 2016 23:18
The US election had the tech world – and, indeed, the entire world – waiting with bated breath as the FBI decided, again, not to charge Hillary Clinton in its investigation of her private email server. A security vendor demonstrated a hack of a US e-voting machine, just days before they were scheduled to be used in dozens of jurisdictions across the country. There were concerns about cyberattacks on election day and concerns about the integrity of the voting process.
The election of Donald Trump raised new concerns, with worries and uncertainty around his commitment to privacy rights. Suspected Russian hackers targeted US think tanks with phishing attacks shortly after the election, even as well-known Russian hacker Eugene Kaspersky took his grievances with Microsoft’s Windows Defender to Russia and the EU.
China passed a controversial cybersecurity law that gives it greater control over the Internet and confused many foreign businesses. France copped criticism after quietly merging two large databases into a single system holding biometric details of 60 million people.
Hackers were found to be abusing LTE mobile network protocols to disconnect phones from mobile networks. The banking arm of UK supermarket Tesco suspended online payments for 136,000 cheque account customers – and later refunded £2.5m ($A4.3m) to customers following mass fraud that hit 40,000 accounts.
Australian record labels and music rights holders were persisting in efforts to use new Australian legislation to make telcos block torrent file sharing sites, while Yahoo was exploring a possible insider angle to its major late-2014 hack. Also hacked was dating network FriendFinder Networks whose 412m accounts were exposed in a major security breach – the company’s second in two years.
Concerns about cloud-computing adoption revolve around visibility and security of corporate data, according to a new IDG survey. And while much has been made of the cybersecurity awareness gap between young and old Internet users, a new survey suggested millennials still aren’t getting the right messages about careers in cybersecurity. This is a problem, even though advances in AI are making security systems more flexible and intelligent.
New zero-days, detailed at the Black Hat Europe conference, offered new ways to expose Belkin IoT devices and Android smartphones. It’s yet another example of the battle between convenience and security, while competing hacker groups held their own battle that had the side effect of diluting the power of botnets based on the Mirai IoT DDoS attack.
An Israeli hacker demonstrated a router vulnerability that would have allowed him to take over an entire city’s public Wi-Fi network. Adobe was also fixing security issues with new flaws in Flash Player and Adobe Connect, while Google released new Android patches that fixed a dozen critical vulnerabilities.
Plans to bring together the operations of Symantec and Blue Coat Systems gained additional momentum, while Microsoft patched 68 vulnerabilities in its core tools and declared war on widespread ad-injecting malware that has infected 1.2m Windows PCs since September.