Insight on how cyber risk is being mitigated and managed across the globe.
By Cameron Abbott, Michelle Aggromito and Max Evans
The Commonwealth Government is proposing to introduce a controversial new mandatory code that intends to regulate digital platforms and their distribution of news content.
Read More
By Cameron Abbott, Keely O’Dowd and Rebecca Gill
In July this year, we blogged about the Australian Government’s plan to release Australia’s Cyber Security Strategy (Strategy). On 6 August 2020, the Strategy was released after consultation with the public and industry actors.
The Strategy will invest $1.67 billion over the next 10 years – the largest ever financial commitment to cyber security – to create a more secure online world for Australians, our businesses and the essential services which we depend upon. This will be achieved through the following:
Read More
By Cameron Abbott, Keely O’Dowd and Max Evans
The Office of the Australian Information Commissioner (OAIC) has released its report on notifications received under the Notifiable Data Breaches scheme for period January to June 2020.
The OAIC reported 518 breaches were notified to it in the relevant period. The OAIC noted a 3% decrease from the 532 breaches notified in the period July 2019 to December 2019. However, there was a 16% increase on the 447 notifications received during January to June 2019.
Read More
By Cameron Abbott and Max Evans
In these unprecedented times, where travel around the globe is primarily halted as nations get to grips with controlling the outbreak of COVID-19, many would think it couldn’t get any worse for travel companies. However, they would be wrong, as according to an article from ITNews, American travel management giant CWT has reportedly paid a whopping 414 bitcoin, equivalent to a value of 4.5 Million USD (approximately 6.3 Million AUD), to hackers who successfully exfiltrated over 2 terabytes of sensitive corporate files.
According to the Article, the successful hackers used a strain of ransomware referred to as “Ragnar Locker” which places computer files into a virtual prison through encryption and renders them unusable until the victim pays for the keys. Then in CWT had to negotiate in a public chat forum to pay for the release. It gives us a rare insight into the dialogue that followed. CWT negotiated the hackers down from their initial demand of 10 Million USD. According to the Report, whilst the hackers claimed to have stolen over 2 terabytes of files including financial reports, security documents and employees’ personal data, it was not clear whether any customer data was compromised.
Read More
By Cameron Abbott and Rebecca Gill
The ability of a government to force a technology provider to create a “back door” into their technology to allow security agencies to “listen in” to communications is a very controversial step, but it has not been the subject of much discussion as any recipient of such intervention is gagged.
It was interesting to see that the Independent National Security Legislation Monitor has released a report on its review of the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) (TOLA Act). The review considered, and provided recommendations on, the operation, effectiveness and implications of the TOLA Act and whether it is necessary, is proportionate to the threats it seeks to meet and treats human rights properly.
Read More
By Cameron Abbott and Keely O’Dowd
The Australian Government is currently developing its next Cyber Security Strategy, which is scheduled for release in the coming months.
The Australian Government 2020 Cyber Security Strategy Industry Advisory Panel has released a report consisting of 60 recommendations to inform the 2020 Cyber Security Strategy. The Panel’s 60 recommendations are structured around five key pillars:
Read More
By Cameron Abbott, Warwick Andersen, Rob Pulham and Keely O’Dowd
On 9 July 2020, the Office of the Australian Information Commissioner (OAIC) and the UK Information Commissioner’s Office (ICO) announced they have opened a joint investigation into the personal information handling practices of Clearview AI Inc.
The OAIC has stated the investigation will focus on ClearView AI’s use of “scraped” data and biometrics of individuals.
Read More
By Cameron Abbott, Warwick Andersen, Rob Pulham and Keely O’Dowd
Reports have surfaced that the Twitter accounts of prominent companies, politicians and celebrities were compromised on Wednesday, 15 July 2020. Hackers were able to gain large scale access to the Twitter accounts of several prominent and influential US personalities and companies to promote a cryptocurrency scam.
It is concerning that the accounts of prominent figures were targeted and compromised. Given the level of influence and prominence several of those individuals have on social media, the hackers had the potential to cause greater havoc. On this occasion, it appears the hackers were financially motivated to perform the cyber attack by seeking “donations” via Bitcoin. The hackers sent out tweets asking people to donate Bitcoin to an address and the Twitter account holder would double the donation.
Read MoreBy Cameron Abbott, Claude Etienne-Armingaud, Rob Pulham, Michelle Aggromito and Keely O’Dowd
On the morning of 16 July 2020, in a significant decision of the Court of Justice of the European Union (CJEU), the Privacy Shield was held to be invalid.
Read More
By Cameron Abbott and Keely O’Dowd
Intelligence experts KELA recently announced that almost 500,000 customer records of different car suppliers were being offered for sale on the dark web by hacking group “KelvinSecurity Team”.
According to reports, almost 400,000 UK based BMW customers’ data is being sold on the online black market. This data includes the initials and surnames of car owners, home addresses, email addresses, the names of dealerships and car-registration information. The data of Mercedes, SEAT, Honda and Hyundai car owners also form part of the compromised customer records.
Read MoreCopyright © 2024, K&L Gates LLP. All Rights Reserved.