Published on July 16th, 2019 | by Bibhuranjan0
A half-year of cybersecurity or A half-year mark of security threats
It’s the middle of 2019, and I am sure you have already witnessed some interesting happenings of the cybersecurity world. Some have devastated the big names while others have disturbed the smaller ventures; either the case, end consumers, lose their information.
Don’t worry! This write up will not get you bored with all the same easiest yet old-school practices to stay safe online; rather you’ll find the latest yet most-disastrous happenings in real terms.
I would like to highlight a few of the most phenomenal security threats – these are somehow shocking but also disturbing – I am sure there are others too that you might rank high on your personal list.
Security threats of 2019
A security-breaching story as we move into 2019, is the EternalBlue cyberattack, exploiting a software vulnerability in Windows; this NSA-minded has been around for a couple of years.
Talking about its recipients – the code was stolen and abused in the NotPetya and WannaCry ransomware attacks. Again in May, EternalBlue resurfaced, this time exposing a ransomware attack on Baltimore’s city government.
The problem is that many computers still using outdated Windows operating systems – almost 1 million – and hackers are making money out of it.
Why Baltimore’s ransomware is a high-profile case?
Because the city business all but halted and officials refused to pay the ransom; thanks to all organizations for not updating their OS or applied patches that were made available.
Bans on Facial recognition
Biometrics are considered to be highly secure by adding an extra layer of security, but we have started witnessing some pushback about privacy concerns surrounding biometrics.
Larger cities – San Francisco, Oakland – as well as smaller ones – Somerville, Massachusetts – have banned the facial recognition software for police and local government agencies.
On Capitol Hill, a bill introduced to ban the commercial use of facial recognition that used to allow businesses to track customers without being informed.
Those who support the ban are more privacy-conscious and are against racial profiling, concerning that the technology is new and lacks ethical guidelines. Opponents of the ban worrying that it possibly hamper investigations.
Biometrics become more ubiquitous in our lives; the tension between each side is highly expected. In theory, Facial recognition is safer, but of course, it’s going to breach our privacy.
How and when our privacy-protection will ever be balanced?
Google’s data privacy issues
If you think kicking off Huawei devices is the only problem present on the table for Google and its Android mobile OS, then you are wrong, I think you’re ignoring the struggle the tech giant is lately making to ensure underlying security and data privacy protections.
Yes, the struggle continues; another couple of problems began at the end of 2018 when Google informed about a bug in the Google+ API, that exposed around 50 million accounts, resultantly, Google shut down the application.
In May, it was revealed that the passwords of those millions of G Suites were stored in plaintext; can one think of a company as tech-savvy as Google would ever be that bad at security.
I understand, it was likely an accident, of course, but it reflects that the security-driven maintenance is hard for even the most tech-savvy; it means users are to be well-alert or paired with some privacy and security tools to be proactive.
The 5G race has started, and China is at an ominous advantage
5G is going to be the next best hit that every company and person in the next year or two, would be using. But currently, raising users’ anxiety -as discussed in a Beltway conference. Only China is at an advantage; you will find Chinese manufacturers using a full stack of 5G solutions – from chips and handsets to core infrastructure.
Now, this is a troubling situation, there are many security concerns around Chinese providers, like; tech heavyweight Huawei (world’s largest telecom and second largest phone supplier), has long been suspected for compromising customer security and privacy.
These issues are then impacting the adoption of 5G in the U.S. and the rest of the world, creating a new set of vulnerabilities that could affect our corporate and national security.
To protect U.S. interests, a ban has been put that prevents the U.S. 5G network providers and local agencies from buying products from Chinese producers, and vise-versa; now, Huawei users can’t access Google.
If the world wants 5G quickly and cost-effectively, there will be a dependency on China; this could mean getting compromised devices and infrastructure that already have backdoors for eavesdropping.
Singapore data theft
Sadly, it’s another China’s security story that wasn’t as news-worthy as Huawei but involves data theft.
This time, Chinese hackers broke into Singapore’s government health database, and stole around one million records; this is a year-old story that has surfaced this year, uncovered the hacking group.
This is not enough, according to The New York Times, a second hack occurred that leaked the medical records for thousands of HIV positive Singapore residents, which were disclosed.
I’m not certain what the motivation of an attack was, but it does demonstrate the ease of breaking into supposedly-secured medical data. And think of the consequences if the goal had been to cause physical harm or even death – by changing the records instead of disclosing them.
These security concerns focus on specific situations and incidents but represent the broader security landscape in general. Hackers would continue to use modified yet sophisticated or old means of attacks to take advantage of organizations’ sloppy security habits, and we continue to struggle to balance new technologies and privacy.
We’ll see at the end of this year how these particular issues and the overall trends play out in the second-half of 2019.