Ransomware hackers extorted $1bn across 2023, according to data insights company and blockchain platform.

The company published a report showing the extent of malicious hacking and developing trends affecting entities across the last year.

Chainanalysis provides data, software, services, and research to government agencies and companies across seventy countries.

”Our data powers investigation, compliance, and market intelligence software that has been used to solve some of the world’s most high-profile criminal cases and grow consumer access to cryptocurrency safely,” says the company site.

The report details a staggering increase of $433 million in ransom taken from victims compared to 2022, growing to the highest-ever rate of $1bn in 2023.

Report shows biggest ransomware attack of 2023

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory (CSA) in June of last year highlighting the MOVEit vulnerability, carried out by the CL0P Ransomware Gang.

This would be one of the biggest reported ransomware attacks recorded and was the spike point of 2023’s issue with ‘Zero-Day’ exploits.

What is a Zero-Day?

The report details this as a ‘Zero-Day’ vulnerability that compromised multiple institutions simultaneously. The attack is given this name as it gives the developers zero days to respond to it as it exploits an existing crack in the defenses they were unaware of.

The MOVEit hack was like finding all the keys to multiple company lockboxes in one big digital bank vault.

The hack hit several established institutions and exploited a vulnerability in the file transfer system. The software owner would announce that the service had been compromised with sensitive data, including personal details, and in some cases, banking information was in the hands of hackers.

Sony, the BBC, and Flagstar Bank were a few of those affected. The Maine Attorney General documented that 837,390 users had their data violated, with the report stating, “Information Acquired — Name or other personal identifiers in combination with Social Security Number.”

The Japanese tech giant, Sony, would also send letters to those affected stating that the company wanted to “provide you with information about a cybersecurity event related to one of our IT vendors, Progress Software, that involved some of your personal information.”

“This event was limited to Progress Software’s MOVEit Transfer platform and did not impact any of our other systems.”

This would extort massive amounts of data and considerably damage Progress Software’s reputation.

U.S. Federal forces and companies across the globe will be hoping that the number of attacks and the amount extorted will fall across 2024.

The post U.S. insights company shows ransomware hackers drew in $1bn across 2023 appeared first on ReadWrite.

The fake LastPass password manager found on Apple’s App Store has now been pulled. It is currently unknown whether Apple or the bogus software developer uninstalled the phony program — which disguised itself as the LastPass password manager on the Apple App Store. Apple has not responded to inquiries about the removal, though Apple is quite vigilant about these types of issues and relentlessly guards its app store.

Christofer Hoff, Chief Secure Technology Officer for LastPass, in a statement to TechCrunch, said, “Upon seeing the fake ‘LassPass’ app in the Apple App store, LastPass immediately began a coordinated and multi-faceted approach across our threat intelligence, legal and engineering teams to get the fraudulent app removed.” Hoff continues, “Our threat intelligence team posted a blog yesterday to raise awareness and help inform the public and our customers of the situation. We are in direct contact with representatives from Apple, and they have confirmed receipt of our complaints, and we are working through the process to have the fraudulent app removed.”

To mislead consumers, the fraudster app mimicked LastPass’s branding and user interface

In an effort to mislead consumers, the fraudster app mimicked LastPass’s branding and user interface and was distributed under the identity of a single developer, Parvati Patel. The phony program included several typos, which should always give one pause and hints that something may be a fake. In addition to being released by a separate developer who was not LogMeIn — the company that owns LastPass.

It’s not really good for Apple Inc., which has been fighting against so many regulations recently — like the EU’s Digital Markets Act (DMA)- that such an apparently fraudulent app made it through Apple’s generally rigorous App Review process.

Appfigures, an app analytics company, reported that the phone app was released on January 21st, giving it a few weeks to get users’ attention. Appfigures saw that the users themselves appeared to have realized that the app was phony because every one of the Apple App Store reviews warned others about the bogus nature of this app. The fake app even leveraged keywords to rank in search.

The fake app may have succeeded in tricking some users, even though it probably didn’t fake-out too many. The worst for the LastPass Company is that it was forced to alert its real users in a public forum about the fraudulent app in the store — even though it should have never been released in the first place. The app wasn’t taken down from the App Store until the day after LastPass’s blog post was published.

Featured Image Credit: WeStartMoney; Pexels

The post A fake LastPass password manager was found on Apple’s App Store appeared first on ReadWrite.

Commerce Secretary Gina Raimondo announced the U.S. AI Safety Institute Consortium (AISIC). Raimondo said in a statement to Reuters, “The U.S. government has a significant role to play in setting the standards and developing the tools we need to mitigate the risks and harness the immense potential of artificial intelligence.”

The consortium members

Reuters published the list of consortium members, which includes BP (BP.L),  Cisco Systems (CSCO.O), IBM (IBM.N), Hewlett Packard (HPE.N), Northop Grumman (NOC.N), Mastercard (MA.N), Qualcomm (QCOM.O), Visa (V.N), and major academic institutions and government agencies, that will be housed under the U.S. AI Safety Institute (USAISI).

This group prioritizes the actions and guidelines listed in President Biden’s executive order:  “including developing guidelines for red-teaming (meaning identify new risks), capability evaluations, risk management, safety and security, and watermarking synthetic content.”

The executive order from U.S. President Joe Biden

Additionally, the Oct 30, 2023 executive order from U.S. President Joe Biden said that he “is seeking to reduce the risks that AI poses to consumers, workers, minority groups, and national security” with a new executive order. As per the Defense Production Act, creators of AI systems that endanger the national security, economics, health, or safety of the United States must notify the government of the United States of the findings of their safety texts before their public release.

In addition, agencies are instructed to establish guidelines for such testing and handle associated risks connected to cybersecurity, radiological, chemical, and biological hazards by the order Biden has signed at the White House. “To realize the promise of AI and avoid the risk, we need to govern this technology,” Biden said. “In the wrong hands, AI can make it easier for hackers to exploit software vulnerabilities that make our society run.”

The Commerce Department said in December 2023 that it was already taking the first steps toward “writing the key standards and guidance for the safe deployment and testing of AI.” The consortium also represents the biggest group of test and evaluation teams  who can now create a foundation for a “new measurement science in AI safety.”

Currently, generative AI has sparked both enthusiasm and concerns with its ability to produce text, images, and videos in response to open-ended cues, that it can eventually replace human labor in some occupations, disrupt elections, and have disastrous consequences.

The Biden administration is working to implement safeguards, but despite multiple high-level conferences, Congress has not passed laws addressing AI.

Featured Image Credit: Photo by Michelangelo Buonarroti; Pexels

The post Address risks: leading AI companies join safety consortium appeared first on ReadWrite.

Security researcher Stacksmashing showed how hackers may use a $4 Raspberry Pi Pico to retrieve the  BitLocker encryption key from Windows PCs in just 43 seconds, in a YouTube video. The researcher claims that specific attacks can get beyond BitLocker’s encryption by directly accessing the hardware and retrieving the encryption keys kept in the computer’s Trusted Platform Module (TPM) viz the LPC bus.

It has been shown that the encryption key requires physical access to the device and some extended know-how or expertise — so this is not an extended threat across the internet. Of course, BitLocker’s reliance on a TPM for security may be its own downfall in this particular experiment.

The dedicated Trusted Module, or TPM has a design flaw that the YouTuber took advantage of. In specific setups, Bitlocker depends on an external TPM to store vital data, including the Volume Master Key and Platform Configuration Registers (which are included in certain CPUs). When using an external TPM, the CPU and TPM communicate over an LPC bus to send the encryption keys needed to unlock the data on the disk. So the security hacker, Stacksmashing (YouTube), found the communication lanes (LPC bus) between the external TPM and the CPU are completely unencrypted on boot-up. This allowed the hacker to find critical data when it moved between the two units — and he was able to hack the encryption keys.

Keep in mind that the hacker used an old laptop that had BitLocker encryption — even though the same type of attack can be used on newer motherboards that use an external TPM. Also, the newer motherboards require more work and legwork to intercept the bus traffic. Security researcher Stacksmashing made it clear that the Windows BitLocker and external TPMs aren’t as foolproof as many individuals and companies think.

If your CPU has a built-in TPM, like the ones found in modern AMD and Intel CPUs, you should be safe from this security flaw since all TPM communication occurs within the CPU.

Featured Image Credit: Photo by George Becker; Pexels

The post Microsoft BitLocker encryption hacked by a cheap off-the-shelf Raspberry Pi Pico appeared first on ReadWrite.

A new threat to Roblox players comes in the form of a malicious impersonator of official Noblox.js and Noblox.js open-source downloads.

Noblox.js is an open-source Roblox API wrapper written in JavaScript that interacts with the game’s website.

Seeing 1,642 weekly downloads, this is one of Roblox’s most popular third-party node packet manager (NPM) downloads.

Alert to #Roblox developers: The Socket research team took a deep dive into a malicious npm package we flagged, which is masquerading as Noblox.js. It targets Roblox users for data theft. Read our full analysis on the blog: https://t.co/IDn60Nwv3r

— Socket (@SocketSecurity) February 6, 2024

How has this unsafe NPM tricked Roblox users?

NPN is the world’s largest software registry and the popular route for developers to share and install software relating to Java Script Object Notation (JSON), a lightweight format for storing and transporting data.

As reported by the Socket, the malicious NPM package is named noblox.js-proxy-server. Similar in name to the legitimate open-source Noblox.js.

According to the Socket Research Team, three techniques were used to make the malware seem legitimate: brandjacking, typosquatting, and starjacking.

Although these terms may seem overcomplicated, they are terminology used to identify how a malicious digital entity can present itself competently.

Brandjacking — A super simple term that impersonates a brand to gain legitimacy, hoping those not casting a keen eye will be duped.

Typosquatting — This is the space in between where a malicious entity benefits from that half-attempted search or typo, bringing the user into a place that looks legitimate enough but is, in fact a trap for unsuspecting users.

Starjacking — A slightly more elaborate way of linking an existing brand or models reviews and star-ratings without having anything to do with the product. Think about someone stealing all your positive eBay reviews or as a clone of a well-rated Instagram account.

The Socket Team uncovered that the evil NPM is designed to retrieve data, such as the Roblox username, and repeatedly scans files with specific extensions and adds them to a zip archive.

This zip file is then uploaded to a server on a specified URL. It sends a webhook to a Discord server with information on the uploaded file, prompting the same process to be repeated every 4,000 milliseconds.

Thanks to the Socket Team, awareness has been brought about this vindictive digital threat to the 70.2 million daily users and 216 million monthly active gamers on Roblox.

In related Roblox news, the game announced a development on the artificial intelligence (AI) front with a real-time text translation tool for users.

Image: photo by Sora Shimazaki; Pexels

The post Malicious NPM package disguises itself to steal Roblox data appeared first on ReadWrite.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Iranian officials linked to cyber activities against critical infrastructure in the United States and other countries.

The six individuals in question were part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), an Iranian government organization.

All individuals have been added to the Specially Designated Nationals And Blocked Persons List (SDN) and their properties and financial assets have been held by the OFAC as part of the counterterrorism authority Executive Order (E.O.).

According to the note published by the OFAC, Hamid Reza Lashgarian, head of the IRGC-CEC and a commander in the IRGC-Qods Force, has been a part of IRGC cyber and intelligence operations in the past.

The other six persons are all senior officials of the IRGC; Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian.

Treasury sanctioned six officials in the IRGC’s Cyber-Electronic Command. Today’s sanctions reinforce our commitment to protecting America’s critical infrastructure from foreign adversaries like Iran. https://t.co/SvxCPntSJW

— Treasury Department (@USTreasury) February 2, 2024

Sensitive targets

The accused are reported to have hacked portable logic controllers produced by Israeli company Unitronics.

The United States, with Private Sector companies and the countries impacted, worked to minimize the damage to critical water systems that had been compromised.

Under Secretary of the Treasury for Terrorism and Financial Intelligence, Brian E. Nelson said that “the deliberate targeting of critical infrastructure by Iranian cyber actors is an unconscionable and dangerous act.”

The public services that had been hacked received minimum impact, but it has left the United States concerned that these infrastructure services have been targeted.

“The United States will not tolerate such actions and will use the full range of our tools and authorities to hold the perpetrators to account,” Nelson concluded.

In other U.S. security news, the FBI has foiled an attempt by a Chinese hacker group known as Volt Typhoon. The hackers have targeted U.S. routers in homes and small businesses as part of a wider botnet.

Last week, Deputy Attorney General Lisa O. Monaco announced that “in wiping out the KV Botnet from hundreds of routers nationwide, the Department of Justice is using all its tools to disrupt national security threats – in real-time.”

Image credit: Pexels

The post Treasury’s Office of Foreign Assets Control sanctions six Iranian officials appeared first on ReadWrite.

That tape over your webcam might not be enough — the hackers are watching; it might be the right time to install another privacy shutter.

In a report just published in Science Advances, researchers at the Massachusetts Institute of Technology (MIT) emphasized the risks to imaging privacy that ambient light sensors can offer. Users of devices worried about security may find solace in software permissions that limit webcam use and hardware solutions like shutters. Nonetheless, studies have demonstrated that one of the typical ambient light sensors used in a variety of devices can be used to collect visual data. These tiny sensors are normally permission-free on a device level and aren’t closed or deactivated by users.

MIT researchers utilized the Samsung Galaxy View 2 in their investigations. The ambient light sensor on this relatively dated and huge (17.3-inch) consumer tablet is located close to the front-facing (selfie) camera — which is still a pretty popular arrangement.

Manufacturers of devices classify ambient light sensors as low-risk since software (or malware) may frequently access them directly without requiring any authorization or privileges. However, prior research has demonstrated that in roughly 80% of cases — even a basic sensor can yield sufficient information to deduce keystrokes from a keyboard and steal a device’s authorizations and passwords. The latest study demonstrates the potential of an ambient light sensor in conjunction with the device’s screen, which serves as an active light source.

Some devices are more susceptible to these ambient light sensor espionage techniques.

Some devices will be more susceptible to this ambient light sensor espionage technique than others because every device has a different light sensor speed and measurement bit depth, screen brightness, and light sensor precision (see image above). As you can see from the source article numbers, some of the tablet device’s image captures took several minutes. However, ambient light sensor imaging spy technology is verifiably accurate and has room for improvement.

The MIT researchers pointed out that the light sensors are “quite useful,” and we need and want them. The MIT researchers said to adjust the following to stop your peeping-cyber-toms.

• Rethink ambient light sensor device permissions.
• Reduce sensor speed.
• Reposition the sensor so it doesn’t face the user.

Hopefully, when manufacturers become better aware of the ambient light sensor issues, they will implement a few changes to prevent the “snooping tech” from finding more victims.

Featured Image Credit:  Jan from Pixabay

The post Covering your webcam won’t be sufficient to prevent hackers from watching you appeared first on ReadWrite.

Tens of thousands of Jenkins servers have been exposed to a high-severity bug after a patch update. This flaw enables malicious actors to execute harmful code remotely on affected systems. Around 45,000 Jenkins servers are said to be affected and open to critical remote code execution (RCE) attacks, called CVE-2024-23897.

Around 45K exposed Jenkins instances vulnerable to CVE-2024-23897 (Arbitrary file read vulnerability through the CLI can lead to RCE). If you run Jenkins & receive an alert from us make sure to read Jenkins advisory: https://t.co/aPPOHT1WXx

World map: https://t.co/GNVwKGM1R9 pic.twitter.com/Zb9Do5BOi8

— Shadowserver (@Shadowserver) January 29, 2024

In an advisory on the Jenkins website, it said that the severity of the situation has been marked as critical, as it “allows attackers to read arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process.”

The open source project recently issued two updates to rectify this security issue. They strongly advise users to implement these patches promptly to minimize potential risks. The automation server for the CI/CD system is used by developers as a testing stage to try different processes.

The Register reports that the majority of the affected servers are located in the US and China, with counts of 15,806 and 11,955 respectively. Following these are India with 3,572 servers, Germany with 3,487, the Republic of Korea with 2,204, France with 1,482, and the UK with 1,179 vulnerable servers.

Despite the vulnerability being discovered by Sonar’s Vulnerability Research Team on January 24th, it remains unfixed, leaving it susceptible to potential attacks.

How severe is the attack?

CVE-2024-23897 is ranked at a high severity score of 9.8, which is seen to be serious. This vulnerability exploits a feature in Jenkins’ inherent command line interface (CLI), which is activated by default in versions up to and including Jenkins 2.441.

This vulnerability in #Jenkins is serious CVE-2024-23897

POCs have been published https://t.co/nGtbf8fehdhttps://t.co/pzY0NSL5bA

report by @SonarSource https://t.co/VNAUg2PDN8 pic.twitter.com/vbiWGmj47M

— Florian Roth (@cyb3rops) January 26, 2024

According to BleedingComputer, there is potential for attackers to decrypt stored secrets, delete items from Jenkins servers, and download Java heap dumps. It also suggested that there had already been several possible “genuine attempts at exploitation.”

In 2023, Jenkins was considered one of the best developer tools of the year due to its extensibility and adaptability. However, cybersecurity firm Armis has reported that cyber attacks more than doubled in 2023. They warn that numerous businesses worldwide continue to underestimate the escalating threat to cybersecurity.

Featured image: Canva / The Jenkins Project

The post Around 45k Jenkins servers still vulnerable to attacks due to critical flaw appeared first on ReadWrite.

Cyber attacks more than doubled in 2023, according to analysis from cyber security firm Armis, as it is claimed many businesses around the world continue to fail to acknowledge the increasing threat to cyber security.

The Armis report that attack attempts were at their peak in July, with imaging, manufacturing and communications devices targeted the most. Attacks on utilities tripled and attacks on manufacturing increased by 165%.

But businesses continue to ignore the growing threat and aren’t taking cyber security seriously, it is believed, with the report suggesting that companies are regularly ignoring blind spots, which is causing a surge in cyber breaches.

Co-founder and CTO of Armis, Nadir Izrael, said: “Armis found that not only are attack attempts increasing, but cyber security blind spots and critical vulnerabilities are worsening, painting prime targets for malicious actors.

“It’s critical that security teams leverage similar intelligence defensively so that they know where to prioritize efforts and fill these gaps to mitigate risk.”

The report goes on to suggest legacy technology is most at risk, with pre-2012 Windows OS versions found to be 77% more likely to experience cyber attacks than newer versions. Moreover, older server versions are reaching end-of-support, leaving them even more vulnerable to attack. This is mostly an issue in the educational services sector, with 18% of organizations facing this very issue.

Businesses in the education industry are 41% more vulnerable compared to other industries, which have a general average of 10%. Other vulnerable industries, due to outdated OS servers are retail, healthcare, manufacturing and public administration.

The report says more than 65,000 common vulnerabilities and exposures (CVEs) were discovered, pointing to wearable devices as having the highest percentage (93%) of unpatched CVEs.

What is a cyber attack?

A cyber attack can be defined as a malicious attempt to gain access to a computer, operating system or network without authorization, with the sole purpose of causing damage and/or stealing confidential information.

These attacks look to disrupt, destroy or control said computer systems and may also intend to steal, block or manipulate the data stored on these systems.

How to prevent a cyber attack?

Typically, installing up-to-date antivirus software protects your computer and network against malware, while firewalls are there to filter traffic that might enter your device.

Other ways people and businesses can protect themselves from cyber security threats include multi-factor authentication, ensuring passwords are strong, password encryption and using robust Virtual Private Networks (VPN).

The most simple way of staying on top of your cyber security is ensuring all of your apps, devices, operating systems and devices are running the most up-to-date versions to ensure security patches are prepared for any new cyber attacks.

Featured Image: Dall-E

The post Cyber attacks doubled in 2023 but businesses remain slow to act appeared first on ReadWrite.

The UK’s National Cyber Security Centre (NCSC) has warned artificial intelligence (AI) will increase the threat of ransomware globally over the next two years.

In a report titled The near-term impact of AI on the cyber threat assessment, organizations and individuals have been encouraged to recognize the situation and take preventative measures.

NCSC – part of GCHQ (similar to America’s NSA), the United Kingdom’s intelligence, security, and cybersecurity agency – takes the position that AI will almost certainly contribute directly to the increase in quantity and impact of cyber attacks moving forward.

The study found cyber criminals and hackers, operating at a lower level of competence, can effectively piggyback on the advances of AI to penetrate further in terms of their operations. This includes improved targeting of victims, adding to the threat of ransomware which was pinpointed as the most acute threat to businesses and groups in the UK.

Crucially, AI is likely to make the discovery of vulnerable devices easier reflecting the gains to be made by threat actors.

James Babbage, Director General for Threats at UK’s National Crime Agency, highlighted the dangers of ransomware as a national security threat, which will be exacerbated by advancements in AI:

“AI services lower barriers to entry, increasing the number of cybercriminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.”

UK cyber threat response

In response to the threat, the British government has pumped £2.6 billion as part of its Cyber Security Strategy to increase its resilience to hostile acts, whilst NCSC and private industry are already returning the serve with AI, to enhance cyber security defenses via improved threat detection and security-by-design.

NCSC CEO Lindy Cameron commented on the risk and reward situation presented by AI:

“The emergent use of AI in cyber attacks is evolutionary, not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term. As the NCSC does all it can to ensure AI systems are secure by design, we urge organizations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defenses and boost their resilience to cyber attacks.”

Image: Dall-E

The post UK cyber attack: GCHQ warns of AI ransomware threat appeared first on ReadWrite.

HP CEO, Enrique Lores, has revealed the company has found that ink cartridges can be hacked with viruses and has used this as the reason the company has implemented its Dynamic Security system (DSS), as reported by Ars Technica.

The global IT company is facing another lawsuit over its DSS, which it insists on deploying to its printers. It prevents HP printers from functioning without ink cartridges that have an HP chip or HP electronic circuitry installed. It has installed firmware updates that block printers with non-HP cartridges from printing, which has led to the latest lawsuit.

The suit claims HP printer customers were not made aware that these firmware updates could lead to their printers no longer working if they used third-party cartridges and calls for an injunction preventing the company from issuing printer updates that block cartridges without an HP chip.

But Lores has moved to explain the reasons behind this move by confirming a rather frightening discovery. Speaking to CNBC Television, he said: We have seen that you can embed viruses in the cartridges.

“Through the cartridge, [the virus can] go to the print, [and then] from the printer, go to the network.”

A 2022 article from research company Actionable Intelligence revealed that a researcher in the program uncovered a way to hack a printer via a third-party ink cartridge, but was unable to replicate the same hack when using an HP cartridge. This has seemingly led to HP making moves to prevent such incidents, although it has acknowledged that there’s currently no evidence of such a hack happening in the real world, only claiming that it’s possible.

A stronger case for HP’s subscription model?

As the California-based firm uses potential ink cartridge hacks as an excuse to protect its printers, it’s also another step closer to HP strengthening its subscription model.

They aim to convince printing device owners to commit to HP ink, which subsequently recoups losses from the initial sale of a printer. Lores confirmed that the company loses money when it sells a printer and makes its money through supplies, such as cartridges.

Therefore, HP’s DSS moves to strengthen that decision-making process for the consumer and subsequently increase the company’s recurring revenues via its existing subscription program, Instant Ink, which the company’s CFO, Marie Myers, previously confirmed brought a “20 percent uplift” on the value of a single customer.

With the potential threat of printers and computers being hacked, HP printer owners now have an even larger incentive to subscribe.

Featured Image: World Economic Forum/Flickr/ CC 2.0 license

The post HP CEO reveals ink cartridge hack ahead of lawsuit appeared first on ReadWrite.

Google has updated its Chrome “incognito” disclaimer weeks after agreeing to settle a $5 billion lawsuit over allegations of tracking users’ activity even when using the browser in its discreet mode.

MSPowerUser noted the change on the latest Canary build of Google Chrome, version 122.0.6251.0. The updated disclaimer states: “Others who use this device won’t see your activity, so you can browse more privately. This won’t change how data is collected by websites you visit and the services they use, including Google. Downloads, bookmarks, and reading list items will be saved.”

The previous version said: “Now you can browse privately, and other people who use this device won’t see your activity. However, downloads, bookmarks and reading list items will be saved.”

In an email to The Verge, Google spokesperson José Castañeda said the “change provides “even more information to users about incognito Mode,” and that the company was “pleased to resolve this case which we’ve long disputed.”

The move is in response to a 2020 class action lawsuit in which Google faced claims it was collecting user data through its services in incognito mode. The Silicon Valley company denied the allegations, stating that they mention websites do collect data in incognito, even though this does not appear in the disclaimer itself.

The plaintiffs also contended that Google’s activities turned over an “unaccountable trove of information” about users who thought they were protecting their privacy.

A settlement was reached in December, however, it is still yet to be approved by a federal judge. The terms have not been reached, but lawyers said they have agreed to present a final agreement for court approval by February 24th.

Google fails to end privacy lawsuits

U.S. District Judge Yvonne Gonzalez Rogers had rejected Google’s bid to dismiss the claims in August last year, citing various statements from Google, including those in its privacy policy, that implied there were restrictions on the data it could gather.

According to Reuters, Rogers wrote, “Taken as a whole, a triable issue exists as to whether these writings created an enforceable promise that Google would not collect users’ data while they browsed privately.”

The tech company has faced several privacy lawsuits over the years, including reports that it violated federal wiretap laws. Google had mistakenly intercepted emails, user names, passwords and user data from Wi-Fi networks between 2008 and 2010 while they were creating the Street View application.

Featured Image: Canva

The post Google updates Chrome incognito warning after lawsuit appeared first on ReadWrite.

Chinese authorities have claimed they now have access to a tool that enables them to identify users of Apple’s AirDrop feature, commonly used for sending encrypted messages to bypass government censorship.

China’s Judicial Bureau reported that Beijing’s Wangshendongjian Forensic Appraisal Institute had created a device that allowed them to break through “the technical difficulties of anonymous traceability through AirDrop,” adding that the move had enhanced the efficiency and accuracy of case detection, and helped prevent the further spread of inappropriate remarks and “potential bad influence.”

In a statement, it said that a video had been circulated with “inappropriate remarks,” using the AirDrop function and that others had begun sharing the same. “Therefore, it was necessary to find the source and determine their identity as soon as possible to avoid any negative impact,” officials added.

The bureau also claimed that the project was also targeted at people with “malicious purposes,” who would use the function to send “illegal pictures, videos, audio and […] illegally delivering and spreading bad information to nearby people in crowded places such as subways, buses and shopping malls.”

It was also suggested that since AirDrop does not need an internet connection for delivery, “this behavior cannot be effectively monitored through conventional network monitoring methods,” which is why they say they appointed the lab to assist with their security apparatus.

Why does China want to restrict AirDrop?

Government officials had previously sought to restrict the use of mobile file-sharing services, in order to stop activists from mobilizing. File-sharing services such as Bluetooth and AirDrop have become essential instruments in the country, where the so-called Great Firewall has led to one of the most tightly controlled internet environments.

In recent years, AirDrop has become a popular tool among anti-government protesters for organizing and communicating their political demands. For example, in 2022, activists used AirDrop to distribute anti-Xi Jinping posters on the Shanghai subway, coinciding with the Chinese president’s anticipation of a historic third term as the country’s leader.

Apple has faced criticism for reportedly appeasing Beijing after it released a new version of the feature that limits users to a 10-minute window for receiving files from non-contacts. After this period, users can only receive files from contacts. There was also widespread backlash during the COVID-19 pandemic when workers at an Apple supplier factory in Zhengzhou were forced to work under poor conditions.

Featured Image: Canva 

The post China claims breakthrough in identifying Apple AirDrop users appeared first on ReadWrite.

It’s been in the pipeline for years and it’s now it’s here – Google has begun killing off third-party cookies in Chrome.

The search giant has taken its time. They are four years behind Mozilla’s Firefox browser and Apple’s Safari browser but now, with their alternative user tracking system, ‘Privacy Sandbox,‘ in place, it’s time to end tracking cookies in Chrome once and for all.

When will third-party cookies be phased out in Chrome?

For approximately 30 million Chrome users, right now. Towards the end of last year, the search giant outlined the changes in an update posted on their blog.

On Dec.14, Anthony Chavez the VP of Privacy Sandbox wrote: “On January 4, we’ll begin testing Tracking Protection, a new feature that limits cross-site tracking by restricting website access to third-party cookies by default.

“We’ll roll this out to 1% of Chrome users globally, a key milestone in our Privacy Sandbox initiative to phase out third-party cookies for everyone in the second half of 2024, subject to addressing any remaining competition concerns from the UK’s Competition and Markets Authority (CMA).”

What are third-party cookies used for and why is this a big deal?

Third-party cookies are small pieces of data stored on your web browser by websites other than the one you’re currently visiting. These cookies are created by third-party companies or domains that are not the primary website you’re interacting with. They are used for personalized advertising and website analytics by tracking user behavior across different websites.

Stopping them matters to online businesses because cookies help sites make money by enabling targeted advertising. Targeted ads mean better ad engagement which in turn means more revenue for advertisers, publishers, and online platforms.

Google’s plan to phase out third-party cookies in Chrome – the world’s most popular web browser – will not go unchallenged.  Several antitrust investigations from both the EU Commission and the CMA are ongoing.

Thousands of advertisers rely on cookies for their revenue and their job will become harder in the short term. Publishers have also been concerned. It becomes harder to monetize websites and ad yields fall. It might lead to a decline in the quality of the content we see online or, what is more likely, we will see more publishers switching to subscription models and a heavier push towards first-party data capture – most commonly done through registration with a website.

But what about the little guy, the casual internet browser? Well, for them the end of third-party cookies has a lot of positives. Firstly we become harder to track( ‘harder’ but not impossible). Secondly, it meets the growing demands of consumers to have better data privacy.

What is Google Chrome’s new ‘Tracking Protection’?

It’s essentially the function which will stop websites from using third-party cookies to track you as you move around the web.

Google emphasized we won’t all get it all at once. Participants will be chosen at random and get a notification when they open Chrome on desktop or Android.

Gradually it will be rolled out to more and more users.

Picture: Created by DALL-E

The post Goodbye third party cookies on Google Chrome – here’s what happens now appeared first on ReadWrite.

Cybersecurity is an industry of growing opportunities and one with plenty of job openings. There is a demand for qualified, skilled staff, a solid pipeline of work and top salaries to reward those who enter the sector.

As cyberattacks grow in frequency and seriousness, the need for diligent professionals is acute. From governments to big tech companies, the online world, our data and information need to be protected and that gets to the heart of what cybersecurity is.

Our important infrastructure like water, electricity, transport, and even healthcare rely on the IT systems to allow them to function. As part of this, the networks and data systems must be updated, protected, and supported.

What is cybersecurity?

Essentially, cybersecurity is keeping our online, connected world safe and secure. The “cyber” refers to the internet and “security” is self-explanatory.

Cybersecurity professionals ensure that hackers and others with malicious intent are unable to exploit or compromise your computers and to build a defence, to prevent attacks or to identify weaknesses in the system.

The highest salary cybersecurity roles in the US

In the USA, the average cyber security salary is $119,997 or $57.69 per hour.

According to talent.com, this rate of pay ranges from $155, 250 in West Virginia to $80, 000 in Louisiana.

The ten highest cybersecurity professional salaries, per state are as follows: 

West Virginia – $155, 250

Maryland – $145, 463

Wisconsin – $143, 325

Virginia – $142, 922

Massachusetts – $135, 150

Washington – $134, 941

California – $134, 762

Georgia – $132, 667

Hawaii – $132, 500

New Mexico –  $130, 450

Some of the best, highest-paying roles relating to cybersecurity include security engineer, network engineer, security analyst, systems analyst, systems, administrator, and programme analyst.

What are entry-level cybersecurity jobs?

Companies need to nurture new talent, train and retain staff as well as strive to meet the contemporary demand for cybersecurity professionals.

In terms of entry-level cybersecurity jobs, there are different ways to get into the industry depending on your age and current career status.

A formal degree offers a route into cybersecurity but this pipeline of workers is not enough to cover the entire industry meaning there are further opportunities to exploit. Some companies like ThreatX have collaborated with others to provide cybersecurity training, citing a workforce gap of 3.4 million people as part of its initiative.

Additionally, there are introductory courses for re-training or intense boot camp-type environments to get your foot in the door.

You can pursue basic online cybersecurity certificates as a foundation of knowledge and training but this should be backed up further by making contacts, networking, maybe finding a mentor or seeking a side hustle or project in addition to your current main role until a time when you are ready to make the step into a professional cybersecurity job.

Featured Image: Pexels

The post Cybersecurity jobs: The highest salary roles in the US appeared first on ReadWrite.

The United Kingdom’s (UK) Government Communications Headquarters (GCHQ) has released a cryptic Christmas puzzle for those aged between 11 and 18, testing their minds in a series of festive challenges.

More than 1,000 secondary schools signed up for the event this year as the third annual edition of the challenge gets underway. It was designed after a Christmas card sent by Anne Keast-Butler, the director of the UK intelligence agency.

GCHQ, similar to the USA’s National Security Agency (NSA), is a British intelligence agency that focuses on gathering and analyzing information from communications to help protect national security and counter threats.

Our Chief Puzzler, Colin, is back once again to guide you through your festive puzzle assignment.

Here’s everything you need to know to get started with the #GCHQChristmasChallenge

Download it now https://t.co/X77jVmAy8V pic.twitter.com/vCZE5ylxTr

— GCHQ (@GCHQ) December 14, 2023

Challenges enclosed in the card are designed to test valuable skills such as codebreaking, maths, and analysis. They get progressively harder as the challenges go on and each has a connection to Christmas in some shape or form.

There are seven questions in total, some focused on word problems and others on numerical challenges. Here’s a look at the first question.

This is the first question and therefore the easiest. It asks participants to place the nine green gift tags in three groups of three. Each group is defined by a single word that links all three of the tags. When combined, those three answers are linked by another word that can follow ‘Christmas’. We’ll leave you to work out the answer…

How to take part in the 2023 GCHQ Christmas puzzle

If you head to the GCHQ website, you can find the full PDF of all seven questions, as well as hints, a blank worksheet to hand out to classes, and a teaching pack for educators. Children are encouraged to work in groups, pooling their knowledge to succeed in the various different challenges.

All of the resources are free to download, as well as the challenge from 2022. The GCHQ encourages participants to share their results on social media and even ask for help from online communities as needed, with the GCHQ itself offering tips online.

Featured image: GCHQ

The post GCHQ Christmas puzzle: Can you solve puzzle from Britain’s top cybersecurity agency? appeared first on ReadWrite.

The United Kingdom’s (UK) government is at high risk of a “catastrophic ransomware attack” due to a lack of focus and funding, in a stark warning from a parliamentary report.

As reported by The Record, the government has been accused by the nation’s Joint Committee on the National Security Strategy (JCNSS) of not effectively planning to prevent a large-scale cyber attack that could “bring the country to a standstill.”

The news will add more pressure onto Prime Minister Rishi Sunak who is currently under heavy scrutiny on matters of illegal immigration. He breathed a sigh of relief on Tuesday after his key Rwanda bill passed its first Commons hurdle but further challenges will be presented in the new year.

The parliamentary report was highly critical of the former Home Secretary Suella Braverman for failing to address the ransomware threat:

“We found that the Home Office’s public output on cyber security and ransomware has been almost nonexistent, and has been dwarfed by its focus on small boats and illegal migration,” the JCNSS said.

UK failing to invest sufficiently in cyber security

Any potential attack is likely to be aimed at the UK’s critical national infrastructure (CNI) which consists of national assets that keep the country running, including energy supply, water supply, health, transport and telecommunications.

In recent times, the UK’s National Health Service (NHS) has been targeted which saw patient data fall into the hands of cyber attackers and a council in the North of England was crippled for more than two weeks, as outlined by the Guardian.

In the response, the JNCSS has recommended that the responsibility for ransomware should be taken away from the Home Office and put within the remit of the Cabinet Office, in conjunction with the National Cyber Security Centre and the National Crime Agency “to be overseen directly by the Deputy Prime Minister, as part of a holistic approach to cyber security and resilience.”

The government will be aware of the threat posed by these forms of cyber attacks and the damage that can be caused, but unless it acts appropriately, it will see the UK remain in a vulnerable position. This was reflected in the joint committee report with one of its findings damning the government which “knows that the possibility of a major ransomware attack is high, yet it is failing to invest sufficiently to prevent catastrophic costs later on.”

image credit, pixabay, pexels.com

The post UK government risking ‘catastrophic ransomware attack’ appeared first on ReadWrite.

The widespread spread of the Internet of Things (IoT) and cloud computing has become obvious in this continually developing tech world. Everyone is embracing the potential of these transformative technologies to improve daily life activities.

Let’s take a look at the advantages and difficulties that come with the prevalent adoption of IoT and cloud computing, revealing insights into the dynamics of modern digital connectivity.

The Rise of IoT

IoT has changed how the world interacts. It has smoothly integrated into almost every aspect of our daily lives, from smart homes and wearable devices to autonomous vehicles and industrial sensors. However, this has also paved the way for cyber threats. There has been a larger avenue for threat actors due to the magnitude of interconnected devices, making traditional measures incompetent.

Cybersecurity has started concentrating on data encryption, device-level security, and robust authentication mechanisms to address security challenges. Presently, manufacturers emphasize that security is incorporated into the plan of IoT devices from the onset. This includes executing secure boot processes, regular firmware updates, and traceability and accountability enhancement using unique devices.

Cloud Computing’s Universality

Business operations have changed from traditional on-premises infrastructure to scalable and flexible cloud-based solutions since the advent of cloud computing. According to Statista, the worldwide public cloud computing market was worth 478 billion dollars in 2022 and is estimated to reach 679 billion dollars in 2024. That’s a whopping 201 billion increase in the space of 2years.

Although Cloud computing brings evident benefits such as availability and cost savings, it also has cyber security challenges. Cloud services are centralized in nature; which implies that a breach could expose a tremendous amount of sensitive data. To tackle these threats, advanced cybersecurity measures focus on data encryption, multi-factor authentication, and strong access controls.

Cloud service providers now invest greatly in advanced security measures, like real-time monitoring, threat intelligence, and automated incident response systems. The shared responsibility model emphasizes the collaboration between cloud providers and their clients –  which has become a foundation of cybersecurity to ensure a comprehensive security posture.

Confluence of IoT and Cloud Computing

The merging of IoT and Cloud Computing has created a mutual relationship that increases both the risks and benefits. The cloud provides the necessary infrastructure for storing, processing, and analyzing the vast amount of data produced by IoT devices. Even so, this connection also presents a complex security landscape.

In the end, cybersecurity aims to create a consistent and secure data flow, so it has evolved to provide end-to-end protection that involves securing the communication channels between devices and the cloud.

For the benefit of the IoT and Cloud Computing ecosystem, cybersecurity solutions apply improved identity and access management and use AI for anomaly detection and to predict threat analysis.

Challenges in the Changing Landscape

Despite the developments in cybersecurity, there are difficulties in the changing landscape of IoT and Cloud Computing.

Different IoT devices each have its own specifications and security protocols, which is a major challenge. In security practices across the industry, standardization is vital for guaranteeing a uniform and robust security posture.

The ever-changing nature of cyber threats is another challenge. As technology changes, so do the techniques employed by cybercriminals; they keep finding new ways to breach security. Cybersecurity Ventures states that global cybercrime costs will grow by 15 percent annually over the next five years, from $3 trillion in 2015 to reaching $10.5 trillion year-over-year by 2025.

Cybersecurity measures need continuous monitoring, regular updates, and joint effort between cybersecurity experts, device manufacturers, and network security providers  – to remain dynamic and versatile in front of rising threats.

The Human Factor

The human factor is an essential component of cybersecurity. While the focus is on technological solutions, users must also be educated on the risks and best practices for maintaining a secure digital environment.

Ransomware attacks, insider threats, and phishing attacks are major concerns. Phishing email statistics show that 1.2 percent of all emails sent are malicious, which translates into 3.4 billion phishing emails daily.

Education and awareness programs are very important. People should be taught to recognize and report these threats, attend cybersecurity forums and events, and they should stay informed about safe online practices, including using strong passwords or password managers.

Also, organizations must hold regular training sessions and conduct strict cybersecurity policies to keep employees informed on the most recent cyber threats and precautions. According to Cybersecurity Ventures, in 2023, global spending on security awareness training for employees is up from around $5.6 billion and is predicted to exceed $10 billion by 2027 – a whole 15 percent yearly increase.

The Future of Cybersecurity

As the world relies on digital networks daily, there is a need to strengthen and improve cybersecurity. Marsh’s U.S. Cyber Purchasing Trends report states that during the first quarter of 2023, insurance for cyber security pricing increased by 11 percent in the U.S. compared to 28 percent in 2022, and the cost is still on the rise.

The future of cybersecurity will be shaped by technologies such as artificial intelligence (AI) – which has an important role to play in threat detection and solutions, quantum computing which might present new decryption challenges and solutions, and 5G networks.

Although the spread of 5G networks will result in faster speed and connectivity, it can also give way to cyber threats. Therefore, getting the right foundation of 5G networks on vital systems and services is necessary to get ahead of attacks.

Conclusion

The evolution of cybersecurity is a continuous ride and is constantly changing. With the emergence and merging of technologies like IoT and Cloud Computing, there has been an increase in the risks of cyber threats, and cybercriminals find new ways to breach security daily.

Managing these challenges requires teamwork and an extensive security strategy. This strategy should aim to improve the digital ecosystem’s connection and make the digital future secure. It should also involve education, regular monitoring, a combination of all the latest technologies, and the creation of cybersecurity awareness.

Featured Image Credit: Tima Miroshnichenko; Pexels

The post The Evolution of Cybersecurity in the Age of IoT and Cloud Computing appeared first on ReadWrite.

In the age of digital connectivity, cyber threats loom large, crossing borders with a non-uniform impact. This exploration delves into cyber threats, revealing their diverse effects on individuals, businesses, and institutions, and highlighting profound societal implications within our interconnected world. Welcome to “Cyber Threats: Impact and Implications.

Types of Cyber Threats

Malware, short for malicious software, is a broad category encompassing viruses, worms, Trojans, and spyware. It’s like a digital chameleon, adapting to its environment. Malware often targets individuals through deceptive downloads, email attachments, or compromised websites. For businesses, it can infiltrate networks through phishing emails, posing a significant risk to sensitive data.

Phishing is the art of deception. Cybercriminals impersonate trusted entities through emails, messages, or websites, luring users into revealing sensitive information like passwords or credit card details. Individuals are prime targets, but cybercriminals also set their sights on employees within organizations to gain access to corporate networks.

Ransomware locks users out of their own data until a ransom is paid. Individuals may find themselves locked out of personal files, while businesses often face a far-reaching disruption of operations. Cybercriminals prey on businesses, knowing they can demand more substantial ransoms for critical systems and sensitive data.

Not all threats come from outside. Insider threats involve individuals within an organization misusing their access privileges. This can range from accidental data leaks to intentional sabotage. While primarily a concern for businesses, insider threats can also affect government agencies and educational institutions.

DDoS attacks flood a target’s server or network with an overwhelming volume of traffic, causing services to crash. Typically, these attacks aim at disrupting business operations, rendering websites inaccessible, and are often financially motivated. Both businesses and government entities are frequent targets.

Zero-day exploits target unpatched vulnerabilities in software, hardware, or applications. These threats are highly sought after by cybercriminals and state-sponsored hackers. They may focus on anyone using vulnerable systems, from individuals to large corporations and government agencies.

 Who Is Most Affected by Cyber Threats?

Individuals find themselves on the front lines when it comes to cyber threats, facing dangers such as phishing emails, malware, and identity theft as part of their daily digital existence. Alarming statistics underscore the extent of the problem, with the first half of 2022 alone witnessing a staggering 236.1 million recorded ransomware attacks globally. The fallout from these attacks manifests as financial losses, breaches of privacy, and the nightmarish experience of identity theft.

Small and medium-sized businesses (SMBs), often the lifeblood of many economies, are enticing targets due to their valuable data assets and frequently limited cybersecurity resources. Research indicates that a substantial 43% of all cyberattacks are directed at small businesses. The consequences for these enterprises can be dire, spanning from financial hardships to reputational harm that proves arduous to mend.

Large corporations, given their expansive digital presence, grapple with cyber threats on an industrial scale. Unsurprisingly, these corporate behemoths invest heavily in cybersecurity measures. However, data breaches, even for these giants, exacted an average cost of $3.86 million per incident in 2020. Large corporations must shield themselves not only from financial losses but also from the potential long-term damage to their brand and erosion of customer trust.

Government agencies shoulder the responsibility of safeguarding critical data, including sensitive citizen information and national security secrets. Cyber threats targeting these entities present a substantial risk. According to findings from the cybersecurity firm Emsisoft, the year 2019 witnessed an extraordinary and relentless surge of ransomware attacks in the United States, affecting no fewer than 966 government agencies, educational institutions, and healthcare providers. The potential costs stemming from these attacks exceed a staggering $7.5 billion. The ramifications extend deep, encompassing national security concerns and the specter of data breaches with far-reaching consequences.

 Vulnerabilities and Challenges

Individuals: Tech reliance exposes many to risk. Unawareness, weak passwords, and risky clicks make them prime targets. Social engineering exploits trust, risking personal info and finances.

Small & Medium-Sized Businesses (SMBs): Limited resources hinder strong security. Tight budgets, inadequate training, and the perception of being less appealing targets leave them vulnerable. Handling sensitive data adds to the risk.

Corporations: Vast digital ecosystems bring unique threats. Supply chain attacks, espionage, and insider risks are constant concerns. Managing vast data demands stringent measures.

Governments: Handling massive sensitive data makes them prime cyber targets. Complex systems and transparency challenges hinder strong defenses.

In Cybersecurity:

Individuals: Educating about threats and good practices is tough. Weak passwords, neglecting updates, and falling prey to phishing persist. Balancing convenience and security is a struggle.

SMBs: Limited resources pose challenges. Finding affordable yet effective solutions is key. Underestimating threats can lead to complacency.

Corporations: Securing vast networks, diverse endpoints, and the cloud is intricate. Keeping up with evolving threats demands substantial investments.

Governments: Governments must address the dual challenge of safeguarding national interests and respecting citizens’ privacy. Striking the right balance between strong cybersecurity practices and transparency is an ongoing challenge. Additionally, governmental agencies often face budget constraints and bureaucratic hurdles when implementing security measures.

Implications of Cyber Threats

Cyber threats, often underestimated, have profound implications across the spectrum. Let’s dive into the consequences they unleash on individuals, small to medium-sized businesses (SMBs), corporations, and even government agencies.

Impact on Individuals

Financial Loss: Cyberattacks can result in significant financial losses for individuals. Ransomware attacks can lock away personal data until a hefty ransom is paid, leaving victims in financial turmoil.

Privacy Breaches: Personal information, once compromised, can lead to irreparable damage. Privacy breaches can expose intimate details, causing profound emotional distress.

Identity Theft: The nightmare of identity theft is a harsh reality in the digital age. Stolen identities can be misused in various criminal activities, leaving individuals with shattered lives.

Impact on SMBs

Economic Consequences: SMBs, the lifeblood of many economies, can crumble under the weight of cyberattacks. The cost of recovery, coupled with potential revenue losses, can be crippling.

Reputation Damage: Trust is hard to regain once lost. SMBs may find themselves struggling to rebuild their reputations after a security breach, leading to customer attrition.

Data Loss: The heart of many SMBs is their data. Losing critical data not only disrupts operations but also jeopardizes the viability of the business.

Impact on Corporations

Financial Losses: For corporations, the financial toll can run into millions or even billions of dollars. Cyberattacks can disrupt operations, result in legal penalties, and cause stock prices to plummet.

Reputational Damage: Corporations heavily rely on their image. A data breach can tarnish their reputation, eroding customer trust and shareholder confidence.

Legal Consequences: The legal aftermath of cyber threats can be complex and costly. Non-compliance with data protection regulations can lead to severe penalties.

Impact on Government Agencies

National Security Concerns: Government agencies hold sensitive information crucial to national security. Breaches can have severe implications, including espionage and the compromise of military or intelligence data.

Data Breaches with Far-reaching Consequences: Government data breaches can have far-reaching consequences, impacting not only national security but also the lives of citizens whose data is exposed.

Mitigation and Prevention

Individuals can bolster their cyber defenses by:

Fortify Passwords: Utilize intricate, one-of-a-kind passwords for online accounts.

Multi-Factor Authentication (MFA): Activate MFA whenever feasible for an extra layer of security.

Stay Updated: Ensure devices and software remain current to patch vulnerabilities.

Exercise Vigilance: Exercise caution regarding phishing emails and suspicious links.

Data Safeguarding: Routinely back up critical data to prevent loss during potential attacks.

SMBs can protect themselves by:

Firewall and Antivirus Protection: Deploy robust firewall and antivirus solutions.

Employee Training: Educate staff to identify and respond to potential threats.

Access Control: Restrict sensitive data access based on roles.

Data Encryption: Encrypt data during both transmission and storage.

Incident Response Plan: Develop a comprehensive strategy for addressing cyber incidents.

Corporations can safeguard their operations through:

Comprehensive Security Policies: Establish and rigorously enforce cybersecurity policies.

Continuous Employee Awareness: Keep employees informed about cybersecurity best practices.

Regular Security Audits: Conduct frequent security audits and assessments.

Invest in Threat Intelligence: Allocate resources to stay ahead of emerging threats.

Promote IT-Security Collaboration: Foster cooperation between IT and security teams.

Governments can secure critical infrastructure and data with:

National Cybersecurity Strategies: Formulate and implement national cybersecurity strategies.

Regulatory Oversight: Enforce regulations holding organizations accountable for security.

Global Cybersecurity Cooperation: Collaborate with other nations on cybersecurity initiatives.

Research Investment: Allocate funds for cutting-edge cybersecurity research.

Public Awareness Initiatives: Educate citizens about cyber threats and safety.

Across all sectors, continuous education and cybersecurity awareness are pivotal in combating cyber threats. This encompasses:

Phishing Awareness: Educating individuals and employees to identify phishing attempts.

Safe Online Practices: Informing users about responsible online behavior and data handling.

Cyber Hygiene: Cultivating good cyber hygiene habits, including regular updates and strong password management.

Crisis Response: Ensuring that everyone knows how to respond in the event of a breach, thus minimizing potential damage.

Conclusion

Cyber threats are indiscriminate, crossing boundaries to impact individuals, businesses, and governments. These threats have wide-ranging consequences, including financial losses, reputation damage, and national security risks.

Understanding the most affected parties is vital for effective prevention and mitigation. Whether you’re an individual protecting personal data, a small business securing your livelihood, a corporation defending your reputation, or a government safeguarding national interests, cybersecurity is a shared imperative.

In this digital era, combating cyber threats is a collective effort. It reminds us that we must unite, staying vigilant, informed, and proactive to safeguard our digital future.

Featured Image Credit: Provided by the Author; Pexels; Thank you!

The post Cyber Threats: Who Is Most Affected and Its Implications? appeared first on ReadWrite.

While businesses embark on a digital transformation journey, they no longer operate in isolation. Instead, they thrive on success by leveraging the true potential of partnerships, networks, and collaborations.

Regarding B2B success, enterprises can’t ignore the true potential of collaboration and growth since every partnership, whether for services or products, adds to the seamless integration of features and user experiences that aren’t everyone’s specialty.

In a nutshell, B2B collaboration for diverse aspects of security and user experience is swiftly becoming the need of the hour as more and more customers demand seamless yet secure experiences.

However, the success of these modern B2B collaborations undoubtedly hinges on two critical factors- secure partner access and effective partnership.

And here’s the crucial role of federated identity comes into play!

Let’s uncover the aspects of federated identity and learn how it’s shaping the future of effective B2B collaboration in the modern digital world.

The Changing Face of B2B Collaboration

B2B collaborations have come a long way from conventional partnerships to the hyper-connected digital world, often spanning geographical boundaries and encompassing diverse technologies.

Hence, this dynamic digital environment demands secure and efficient collaboration since greater connectivity increases the risk of cybersecurity threats and data breaches. Therefore, striking a perfect balance between openness and security must be a top priority for businesses engaged in B2B collaboration.

The Era of Interconnected Businesses

While every enterprise thinks about digitally transforming itself, it seeks multiple collaborations to develop integrated solutions that can address different challenges, offer seamless user experiences, and ensure robust security.

And for this hybridization to happen, business partners should be able to securely access sensitive information relevant to their domain without any hurdles.

Hence, the confidentiality and security of the data must be maintained through a robust access control mechanism. And to facilitate this, the crucial role of federated identity management solutions comes into play.

With federated identity management, enterprises can build a solid foundation of SAML standards that helps establish secure access between multiple platforms of different collaborated enterprises.

The Role of Federated Identity

With federated identity management, businesses can gain the potential to extend their identity and access management capabilities beyond their own boundaries.

This means they can securely share user identities and credentials across various partner organizations without requiring manual processes or duplicate storage.

Hence, this approach streamlines the onboarding and offboarding process of partners and eventually ensures that only authorized individuals gain access to sensitive data and information.

Let’s explore the unlimited business possibilities while leveraging the true potential of federated identity management.

#1. Robust Security

Security is the most important aspect of successful business collaboration in the ever-expanding modern digital world.

With a federated identity system in place, enterprises can implement a robust authentication mechanism, including multi-factor authentication, machine-to-machine authentication, etc., for all partner users.

This ensures multiple layers of authentication for safeguarding sensitive customer information and business data while collaborated parties are sharing it.

Apart from this, federated identity management allows centralized monitoring and auditing of various partner activities, which facilitates rapid threat detection and response.

#2. Effective Collaboration

Effective collaboration in the B2B landscape relies on seamless access to various shared resources, data, and applications. And federated identity management simplifies the entire process, providing partners with SSO capabilities.

This means that users authorized to access certain information or applications can access multiple systems and apps with a single set of credentials, thus reducing the friction of reentering passwords again and again for multiple platforms.

While most business collaborations fail due to poor access management, federated identity management is helping businesses deliver seamless and secure experiences across multiple platforms with streamlined access management.

This is undoubtedly why most enterprises are now inching toward adopting federated identity management to enhance productivity and user satisfaction among various partners.

#3. Role-Based Access Control

Federated identity can be fine-tuned to offer partners the right level of access based on their particular roles and responsibilities. This granular control assures that sensitive information is only accessible and available to those with the right to access it.

Organizations can maintain trust and build lasting relationships with their customers and partners by ensuring that resources and sensitive information can only be accessed by the ones who genuinely need it.

Enterprises can also enable access control within their organization to offer certain privileges to their employees in the higher hierarchy, thus enabling data privacy and confidentiality within their organization.

#4. Scalability and Efficiency

With federated identity, businesses can handle scalability in the B2B business landscape. As the business grows and forms new partnerships, the federated systems can easily accommodate new organizations and users without compromising on overall user experience and security.

This agility allows rapid expansion and scaling of collaborative efforts, offering a competitive edge in today’s dynamic business markets.

The modern cutting-edge solutions can handle multiple partners, and millions of users can leverage seamless authentication and data access without worrying about their overall security and privacy. Hence, most renowned brands have already been leveraging the true potential of federated identity systems for years.

#5. Streamlined Partner Onboarding

Apart from the security, privacy, and scalability capabilities, federated identity simplifies partner onboarding. This means partners can leverage their existing identity systems to onboard, reducing the time and effort required for setup.

When business partners collaborate, the only thing that matters is security coupled with robust security. However, the contemporary or legacy systems weren’t able to deliver a harmony of user experience and security.

In the case of federated identity management, enterprises can be assured that they can onboard as many partners and users as they wish. All this can be processed seamlessly without worrying about security, privacy, and overall user experience.

#6. Compliance and Auditing

While businesses put their best foot forward towards collaborating for overall growth, compliance with industry standards/regulations and data protection standards becomes non-negotiable.

Enterprises must understand that they must maintain compliance with all the global regulations, including the GDPR and CCPA if they’re serving customers across different countries and states.

And here’s where the essential role of federated identity management systems comes to the rescue. With federated identity, enterprises can adhere to various data privacy and security compliances. This ensures robust security as well as privacy for both customers and business partners since every aspect of data sharing is reinvented by precisely following the data security and privacy best practices.

Also, federated systems allow easy auditing for enterprises, enabling streamlined operations and processes.

#7. Cost Savings

Cost saving is undoubtedly a significant advantage of implementing federated identity management in B2B collaboration.

With federated identity management, organizations need to refrain from investing in managing multiple user identities or building their own single sign-on (SSO) solutions. This helps them in reducing their costs of development.

Apart from this, federated identity systems also allow collaborated partners to leverage their existing authentication infrastructure, saving time, resources, and costs, making federated identity a smart investment for collaborated businesses in the long run.

Future-Proofing B2B Collaboration

While every B2B business thinks about digital transformation through effective collaboration, federated identity is undoubtedly an overlooked yet essential aspect.

Whether it’s about managing a business’s security, privacy, or scalability, federated identity management covers all aspects of seamless yet secure access controls.

Hence, if a business is thinking of navigating its digital transformation journey, it can’t ignore the true potential of federated identity management to foster secure, effective, and future-proofed B2B collaboration.

The aforementioned aspects portray the endless possibilities and business advantages of leveraging federated identity management solution.

The post Strengthening B2B Collaboration — Essential Role of Federated Identity appeared first on ReadWrite.