Chinese hackers could target heavily encrypted datasets such as weapon designs or details of undercover intelligence officers with a view to unlocking them at a later date when quantum computing makes decryption possible, a report warns. Analysts at Booz Allen Hamilton, a consulting firm, say Chinese hackers could also steal pharmaceutical, chemical and material science research that can be processed by quantum computers – machines capable of crunching through numbers at unprecedented speed. In a report titled “Chinese threats in the quantum era”, the consultancy says encrypted data could be stolen by “Chinese threat groups”. It says quantum-assisted decryption will arrive faster than quantum-assisted encryption, giving hackers an edge.
British regulators say they intend to fine Clearview AI, a facial recognition company that bills itself as the world’s largest, nearly $23 million for “alleged serious breaches” of the nation’s data protection laws. The fines stem from a joint investigation by the U.K. Information Commissioner’s Office (ICO) and its Australian counterpart. The ICO now awaits a response from Clearview AI before possibly levying the fine in mid-2022. “I have significant concerns that personal data was processed in a way that nobody in the UK will have expected,” U.K. Information Commissioner Elizabeth Denham said on Monday. “Clearview AI Inc’s services are no longer being offered in the UK. However, the evidence we’ve gathered and analysed suggests Clearview AI Inc were and may be continuing to process significant volumes of UK people’s information without their knowledge.”
As the holiday season approaches, millions of people will be traveling. If you are among the many, here are some tips to help keep you cyber savvy and safe. Mobile Devices. Bring as few devices as you can. The fewer devices you bring while traveling, the fewer devices that can be lost or stolen. In fact, did you know that you are far more likely to lose a mobile device than have it stolen? Whenever leaving a hotel room, restaurant, taxi cab, train or airplane, do a quick device check and make sure you have all of your devices. Don’t forget to have friends or family traveling with you to double check for their devices too, like children who may leave a device behind on a seat or in a restaurant.
A Russian man was sentenced today for providing “bulletproof hosting” services, which were used by cybercriminals between 2009 to 2015 to distribute malware and attack financial institutions and victims throughout the United States. On Dec. 1, Chief Judge Denise Page Hood of the U.S. District Court for the Eastern District of Michigan sentenced Aleksandr Grichishkin, 34, of Russia, to 60 months in prison for the scheme. According to court documents, Grichishkin was a founder and leader of a bulletproof hosting organization that rented internet protocol (IP) addresses, servers, and domains to cybercriminal clients who employed this technical infrastructure to disseminate malware that allowed them to gain access to victims’ computers, form botnets, and steal banking credentials for use in frauds. Malware hosted by the organization included Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit, which attacked U.S. companies and financial institutions between 2009 and 2015 and caused or attempted to cause millions of dollars in losses to U.S. victims.
Reproductive healthcare non-profit Planned Parenthood Los Angeles (PPLA) has suffered a ransomware attack that exposed the personally identifiable information of hundreds of thousands of patients. The organization recently notified its patients that a breach had occurred between October 9 and 17, during which a database with information on 400,000 users was stolen. According to the announcement, the company has taken the usual steps to minimize the damage. “On October 17, we identified suspicious activity on our computer network. We immediately took our systems offline, notified law enforcement, and a third-party cybersecurity firm was engaged to assist in our investigation,” explained PPLA.
Thousands of networking devices belonging to AT&T Internet subscribers in the US have been infected with newly discovered malware that allows the devices to be used in denial-of-service attacks and attacks on internal networks, researchers said on Tuesday. The device model under attack is the EdgeMarc Enterprise Session Border Controller, an appliance used by small- to medium-sized enterprises to secure and manage phone calls, video conferencing, and similar real-time communications. As the bridge between enterprises and their ISPs, session border controllers have access to ample amounts of bandwidth and can access potentially sensitive information, making them ideal for distributed denial of service attacks and for harvesting data. Researchers from Qihoo 360 in China said they recently spotted a previously unknown botnet and managed to infiltrate one of its command-and-control servers during a three-hour span before they lost access.