The Week In Review : 17th March

Every week it seems another story breaks about how data is stolen…

…people’s privacy is breached and a well known company eats technical humble pie and declares that they will fix a venerability in their systems that was compromised.

But this week a story about cyber security that must be the most saddening I’ve read landed in my inbox.

This wasn’t about a company, or about millions of passwords stolen. It wasn’t about money being extorted through ransomware or some celebrity losing highly personal photos. This was about how endangered animals with radio trackers to study their behaviour is being abused to aid “cyber-poaching”.

As the Naked Security blog from Sophos points out, this must be the most depressing cyber security phenomena yet discovered. The principle is clear, that live feed GPS trackers that are placed on endangered species to learn more about their behaviour, are having their signals intercepted and turned against the best intentions of the people who fitted them.

The article cites evidence of this occurring in India, the USA and Australia. Scientists who undertake this work and the technology companies who manufacture the technology are being urged to have discussions on their responsibilities of tagging equipment and data is consistent with the foundations of animal conservation and management.

Let’s hope this is one cyber story that is not repeated.

Malware continues to be prevalent across all computing devices but you would expect that if you purchased a new phone that it would be ‘malware free’ – not so. WIRED put a story online this week how security experts, Check Point Security, claims that almost 40 different Android smartphones are shipping infected with malware that has been installed during the supply chain and manufacturing process.

These phones, some of which are from Android handset manufacturing heavyweights Samsung and Lenovo, were, according to the security experts, infected with the complex malware called Loki, which can steal data and take full control of a device. It appeared that the ROM in the phone was ‘not official’ and had been added somewhere along the supply chain. Their advice is to only buy phones from official channels, whilst the manufacturers investigate further.

Of course, many of us have been encouraged in the past to use our own devices for both personal use and business use under the now fading BYOD (bring you own device schemes) that were popular a handful of years ago. However, those days are coming to a close, due to increasing cyber security concerns.

The website Glassdoor, placed an interesting list of 6 things you should NEVER do on your work computer and suggested that weaving your personal and professional lives together via a work laptop is risky business — for both you and the company.

Their list included such advice as “DON’T: Allow friends or non-IT department colleagues to remotely access your work computer”, “DON’T: Store personal data”. Both of which I have seen many do, but of course that was in the days before cyber security concerns started to take a grip on IT Usage. The list is well worth reviewing and acting on.

What all these stories tell us is that cyber security changes everything, from animal protection to accessing personal data at work. We all have a duty to revisit what we believed was safe and normal and consider if even our most innocent actions could be lead us inadvertently to being the next cyber security headline.

For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInPin on PinterestEmail this to someone