By Cameron Abbott and Sarah Goegan
This week, the US Department of Homeland Security (DHS) released its Cybersecurity Strategy. The five “pillar” strategy will be executed by the DHS over the next five years, and aims to improve national cybersecurity risk management.
By Cameron Abbott and Keely O’Dowd
The Kensington and Chelsea London Borough Council (Council) was recently fined £120,000 (approximately AUD$217,920) by the UK Information Commissioner’s Office (ICO) for the unauthorised processing of personal data belonging to 943 people who owned vacant properties in the Borough.
By Cameron Abbott and Sarah Goegan
Mark Zuckerberg testified before the US Congress in two marathon sessions this week. He was quizzed on topics including Cambridge Analytica and data sharing, privacy law and social media regulation, and Facebook’s policies.
By Warwick Andersen, Rob Pulham, Allison Wallace and Sarah Goegan
Facebook indicated in a blog post yesterday that information of up to 87 million people – 37 million more than originally revealed – may have been improperly shared with Cambridge Analytica.
Facebook also reported that this may have included data of more than 300,000 Australians. The company’s chief technology officer, Mike Schroepfer, said the company would make major changes to the way third-parties can access data on the platform. He also said users would be informed if their information could have been improperly shared with Cambridge Analytica.
By Cameron Abbott and Harry Crawford
The NSW Government’s vulnerability to hacking has been exposed in a report by state’s auditor-general, in which it was revealed that one government agency took 49 days to shut down a hack.
This hack started with an email account of the unnamed agency being compromised and used to send out “phishing” emails to get the credentials of finance staff members. By day 20, 300 staff had clicked on the bogus link in the phishing email. 200 email accounts ended up being under the control of the hackers.
By Cameron Abbott and Harry Crawford
A significant case for digital privacy is currently before the US Supreme Court, with the US Justice Department fighting it out against Microsoft in a bid to gain access to emails held on Microsoft’s servers in Dublin. The US Justice Department is seeking to use a search warrant to access the emails in Ireland in a drug trafficking case. If a precedent is set which allows the US government to access data stored on foreign soil, that could have a significant impact on privacy rights on a global scale.
By Cameron Abbott and Harry Crawford
I’m sure I saw this in Die Hard 4 but “life imitates art”. A new type of malware has been discovered in a very rare field of operation for hackers: attacking industrial control systems. Cybersecurity firm FireEye has been tight-lipped in detailing the attack, but has indicated that it was against “a critical infrastructure organization” which inadvertently caused operations to shut down. The attack is also reminiscent of the infamous “Stuxnet” virus that was used against Iranian nuclear power plants in 2010. Read More
By Cameron Abbott, Keely O’Dowd and Olivia Coburn
The Federal Parliament’s Joint Committee of Public Accounts and Audit, tasked with inquiring into the cyber resilience of certain Commonwealth entities has recommended that all such entities adopt a cyber security mitigation strategy called the Essential Eight. The Committee made this recommendation in its Report 467: Cybersecurity Compliance Inquiry based on Auditor-General’s report 42 (2016-17) (Report). Tarantino’s Hateful Eight is perhaps a little more convoluted than these simple touchstones of good practice. The Essential Eight are good reading for all enterprises, not just government agencies.
By Cameron Abbott, Allison Wallace and Olivia Coburn
The personal details of almost 50,000 Australians have been published online by a third party government contractor, who is yet to be identified. And I guess you would feel a little shy about owning up to this one!
By Cameron Abbott and Olivia Coburn
A hacker has breached the computer system of an unnamed defence contractor and stolen 30 gigabytes of data, including information on Australia’s $17 billion Joint Strike Fighter program.
The data breach, which the Australian Government publicly disclosed last week, also includes information about Australia’s $4 billion P-8 surveillance plane project, Collins Class submarines and the warships HMAS Canberra and HMAS Adelaide. The Government has emphasised that the stolen data is commercially sensitive but not classified.
The announcement coincides with the release of the Australian Cyber Security Centre’s 2017 Threat Report, available here, which reveals that the hack is among 734 cyber incidents affecting private sector systems of national interest and critical infrastructure providers.
Copyright © 2024, K&L Gates LLP. All Rights Reserved.