Tag: Pandemic

1
Privacy Pandemic: Australians Losing Trust in Institutions’ Use of Their Data
2
From voluntary action and collaboration to legislation and classified capabilities: Australia’s Cyber Security Strategy 2020 released
3
“The best of its kind anywhere in the world today”: COVIDSafe among the safest tracing apps globally, study finds
4
Credential stuffing during COVID-19: Cybersecurity firm purchased over 500,000 Zoom account credentials on the dark web and hacker forums
5
easyJet hack: Nine million customer records stolen in “highly sophisticated” cyberattack
6
Click your “e-John Hancock” onto that: COVID-19 helps the Australian Government clear the way for electronic execution under section 127(1) of the Corporations Act
7
#WashYourCyberHands
8
Let’s Track This Through: Tracking Data at the Epicentre of Efforts to Stop COVID Outbreak as Federal Government Considers Implementing Opt-In Mobile Application
9
A phishing pandemic – Part II
10
A phishing pandemic – Part I

Privacy Pandemic: Australians Losing Trust in Institutions’ Use of Their Data

By Cameron Abbott, Rob Pulham, Max Evans and James Gray

In the age of QR code check-ins and vaccination certificates, as Australia edges towards a post-pandemic (or mid-pandemic, it increasingly seems) “normal”, new research from the Australian National University (ANU) has revealed that Australians have become less trusting of institutions with regards to data privacy.

The ANU researchers said that the decrease in public trust between May 2020 and August 2021 was small but “statistically significant”. A key reason for this decrease, according to the researchers, was concern around “how their private data from check-in apps might be used by major institutions” as lockdowns and the use of apps for contact tracing intensified.

The institutions which experienced the greatest loss of trust were social media companies (10.1% decline), telecommunications companies, and federal, state and territory governments. This echoes sentiment from the OAIC following its recent ‘community attitudes to privacy’ survey that Australians trust social media companies the least when it comes to handling personal information, followed by the government.

While it remains to be seen whether this loss of trust becomes a permanent trend, one way to make Australians more comfortable with an organisation’s data practices – as reinforced by the OAIC – is to ensure the purpose of the collection and use of personal information is clearly understood. The OAIC has found that Australians are increasingly questioning data practices where the purpose for collecting personal information is unclear.

With increased penalties for privacy non-compliance looming, there’s never been a better time to revisit your privacy policies and collection statements to make sure that these are clear, so your organisation can stand out against this trend and build consumer trust.

From voluntary action and collaboration to legislation and classified capabilities: Australia’s Cyber Security Strategy 2020 released

By Cameron Abbott, Keely O’Dowd and Rebecca Gill

In July this year, we blogged about the Australian Government’s plan to release Australia’s Cyber Security Strategy (Strategy). On 6 August 2020, the Strategy was released after consultation with the public and industry actors.

The Strategy will invest $1.67 billion over the next 10 years – the largest ever financial commitment to cyber security – to create a more secure online world for Australians, our businesses and the essential services which we depend upon. This will be achieved through the following:

Read More

“The best of its kind anywhere in the world today”: COVIDSafe among the safest tracing apps globally, study finds

By Cameron Abbott, Warwick Andersen, Rob Pulham and Rebecca Gill

In some positive news about the Federal Government’s COVIDSafe app, the University of Adelaide’s cybersecurity experts have assessed the Australian contact tracing app to be one of the best and safest among 34 apps used globally to track and trace COVID-19 cases.

A team from the University’s School of Computer Science made the judgment in a study which assessed Android versions of 34 of the world’s COVID-19 contact tracing apps for security and privacy vulnerabilities.

Read More

Credential stuffing during COVID-19: Cybersecurity firm purchased over 500,000 Zoom account credentials on the dark web and hacker forums

By Cameron Abbott, Michelle Aggromito and Rebecca Gill

In what could only be adding fuel to the fire that is the growing concern over Zoom’s privacy and data security risks, it has been reported that over 500,000 Zoom accounts were sold on the dark web and hacker forums earlier in April. The accounts were purchased by cybersecurity firm Cyble after it noticed free Zoom accounts were being posted on hacker forums.

Cyble was able to purchase approximately 530,000 Zoom credentials, which included a user’s email address, password, personal meeting URL, and their HostKey (a six-digit number used to host meetings on Zoom). Victims included well-known companies such as Chase, Citibank and educational institutions including the University of Colorado and the University of Florida. According to Cyble, credentials belonging to its clients in the bulk purchase were also confirmed to be correct.

Read More

easyJet hack: Nine million customer records stolen in “highly sophisticated” cyberattack

By Cameron Abbott, Warwick Andersen, Rob Pulham, Michelle Aggromito and Rebecca Gill

It has been reported that hackers have accessed and stolen details of about 9 million customers of British airline easyJet. Approximately 2,208 easyJet customers have also had their credit card details accessed and stolen.

easyJet reported that it became aware of this “highly sophisticated” cyberattack in late January this year. After an investigation, the airline recently disclosed that the details accessed and stolen by the hackers included email addresses, travel information, and credit card data including CVV numbers.

Read More

Click your “e-John Hancock” onto that: COVID-19 helps the Australian Government clear the way for electronic execution under section 127(1) of the Corporations Act

By Cameron Abbott, Rob Pulham and Warwick Andersen

Temporary amendments to the Australian Corporations Act 2001 (Cth) (Corporations Act) took effect on 6 May 2020, making it easier to facilitate company meetings using remote technology, and providing some certainty as to companies’ execution of documents electronically under section 127(1) of the Corporations Act.

The Corporations (Coronavirus Economic Response) Determination (No. 1) 2020 (Determination) allows company meetings such as AGMs to be held using technology rather than face-to-face meetings, and enables a quorum, votes, notices and the asking of questions to be facilitated electronically. For a more in-depth look at these changes, see “Operating a Business During COVID-19: The Implications for Public Companies” by our colleagues Harry Kingsley, Kaveh Zegrati, and Alex Garfinkel.

Read More

#WashYourCyberHands

By Cameron Abbott and Keely O’Dowd

There has never been a better time to #WashYourCyberHands.

The COVID-19 pandemic has provided the perfect breeding ground for cyber criminals to capitalise on, and exploit the outbreak of the virus to steal data, commit fraud and circulate online scams. Law enforcement agencies and the cybersecurity industry have seen an increase in the number of targeted cyberattacks by criminals since the outbreak began.

INTERPOL has announced it is launching a global campaign to raise awareness about the top coronavirus related cyber threats throughout the globe. The campaign will provide basic cyber hygiene advice to businesses and individuals on how to ‘wash your cyber hands’ and protect systems and data from cyber threats.

Read More

Let’s Track This Through: Tracking Data at the Epicentre of Efforts to Stop COVID Outbreak as Federal Government Considers Implementing Opt-In Mobile Application

By Cameron Abbott, Warwick Andersen, Rob Pulham and Max Evans

We previously blogged about the plethora of Asian countries who are using telecommunications networks, smart phone applications and messaging services to inform, track and monitor individuals who may have contracted COVID-19. It appears that Australia’s eyes are on similar technology opportunities, as according to an article from the SMH, the Federal Government will ask Australians “within weeks” to opt in and sign up for a mobile application that uses tracking data to alert individuals as to their risks of contracting COVID-19.

According to the article, the relevant application will monitor the movements of participants to inform individuals whether they have been close to someone already infected with COVID-19. The application also has the functionality to enable someone who has contracted the virus to notify health authorities and ensure that an alert is sent to anyone he or she has been in contact with over the previous 24 hours. Both of these processes are part of what is known as “contact tracing”.

Read More

A phishing pandemic – Part II

By Cameron Abbott, Rob Pulham, Michelle Aggromito and Rebecca Gill

In part 1 of this blog, we highlighted the increase in phishing scams in light of the global COVID-19 pandemic. In this part 2, we discuss some practical tips that organisations can implement to mitigate the heightened risks of falling prey to such scams.

So, where to begin? You may have seen a recently published alert on the K&L Gates Hub: Responding to COVID-19 series, which provides high level ideas and tips for organisations when implementing remote working procedures for their employees. In particular, organisations should consider implementing:

Read More

A phishing pandemic – Part I

By Cameron Abbott, Michelle Aggromito and Rebecca Gill

It’s upsetting to report, but should come as no surprise, that scammers are seeking to take advantage of organisations during the COVID-19 pandemic.

The Australian Competition and Consumer Commission’s Scamwatch website reports that phishing attacks are on the rise, with scammers impersonating the World Health Organisation and other agencies. Scams include anything from offering victims a vaccine for COVID-19 to investment opportunities created by the pandemic.

Read More

Copyright © 2022, K&L Gates LLP. All Rights Reserved.