now browsing by tag


#hacking | Scott Morrison says drought the Coalition’s ‘first call’ – but makes no mention of climate | Australia news

Source: National Cyber Security – Produced By Gregory Evans

Scott Morrison has indicated the federal government might be prepared to commit extra relief funding to drought-stricken communities, reaffirming the drought is the government’s top priority.

In a triumphal speech to the Liberal party’s federal council in Canberra on Saturday, Morrison again said the drought was “the most pressing and biggest call on our budget”.

“It is the first cab off the rank, the first thing we sit together and say, ‘Once we have done everything we can in this area, then we can consider other priorities’.

“It is the biggest call on the budget because it is the most pressing, the rock I’m going to put in the jar first. It is the first call because that is what is needed in our rural and regional communities. They know we cannot make it rain and they know we cannot make it like it was before the drought.”

The prime minister did not mention the climate crisis while detailing the government’s three-phase drought response package thus far: the farm household allowance for eligible farming families; the drought communities program dedicating $100m to councils affected by the drought; and long-term drought resilience plans, including money for new dams and the drought future fund.

“That is what we are doing on drought and we will keep responding,” Morrison said. “We will keep going and delivering. That is why you need resilient and strong budget. That is why we will not walk away.”

But the budget is coming under significant pressure, with a sharp downturn in the economic outlook. The IMF this week forecast a global “synchronised slowdown” of world economies, and a “precarious outlook” for recovery. Australia is forecast to grow more slowly than Greece, with 1.7% growth in 2019, a full percentage point below 2018’s 2.7%.

But the treasurer, Josh Frydenberg – currently at the G20 – has said additional drought support would not sacrifice the surplus, saying natural disasters had been taken into account when the Coalition made its pre-election pledge to return the budget to balance and then surplus next year. The midyear economic and fiscal outlook (MYEFO) will come out before Christmas. Any additional drought spending is likely to be detailed there.

The government has been criticised by Labor for moving too slowly on the drought. Accusing the government of “six years of inaction”, Labor’s Joel Fitzgibbon has called for a bipartisan drought war cabinet to be established.

“What began as crisis for our farmers fast moved to a crisis for our rural townships, which are literally running out of water,” he said. “And I fear that we now are fast approaching a threat to our food security … We need to sit the major parties down together and to start making some pretty significant decisions.”

The drought response has also been questioned by some councils, including Moyne shire in south-west Victoria, which was given $100m despite not being in drought and whose mayor said he wanted to refuse it.

“Our council has never applied for funding under this drought package or any other similar program of drought-assistance funding,” Moyne shire council mayor Mick Wolfe said.

Morrison’s speech to the party faithful in Canberra was a triumphal affair, given the occasion of the 75th anniversary of the party’s founding by Robert Menzies, the Coalition’s unexpected election win in May and his own rise to unchallenged authority within the party.

He condemned the Labor party for what he described as its “panic in a crisis” and “politics of envy”, in particular highlighting the party’s current corruption issues in NSW.

The Liberal party federal council will also debate a series of motions from various branches of the party.

The Young Liberals called on the party to “reaffirm its strong support for freedom of speech and the rule of law around the world and supports the right of the people of Hong Kong to protests peacefully in defence of those freedoms”.

The Morrison government’s rhetoric towards China has become increasingly bellicose in recent weeks: the home affairs minister, Peter Dutton, accused the Chinese Communist Party of political repression, intellectual property theft and cyber hacking; the foreign affairs minister, Marise Payne, has been forthright in her demands over detained Australian writer Yang Hengjun; while Morrison has taken an uncompromising position on China’s “developing nation” status at the WTO.

However, it’s unclear whether an overtly political motion such as the Young Liberals’ support for Hong Kong will win broader party support.

The ACT branch of the Liberal party has called on the government to “prioritise a free trade agreement with the UK over the European Union” and also wants the government to reject European demands for “geographic indicators” on food products in Australia, such as on feta, gruyere and gorgonzola cheeses.

The ACT Liberals also want investigation of “innovative financing options” for a high-speed rail linking Australia’s east-coast capitals.

And the West Australian branch want legislation mandating that public funding for both “yes” and “no” campaigns be equal at all future constitutional referenda, a legacy of the marriage equality campaign.

Source link

The post #hacking | Scott Morrison says drought the Coalition’s ‘first call’ – but makes no mention of climate | Australia news appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | The impact of Brexit on CISOs

Source: National Cyber Security – Produced By Gregory Evans

UK firms aren’t ready for a no-deal Brexit
Large numbers of small and medium-sized tech businesses haven’t made any preparations for the UK leaving the EU – and many believe the government isn’t listening to the concerns they have ahead of Brexit.

Today we see some signs of optimism from the EU and the UK about the potential to conclude a withdrawal agreement following private talks between the UK and Ireland yesterday. Since I last wrote a blog about this, we have seen a change of UK government, a brand-new UK negotiating position, a Conservative Party leadership contest, and an EU watching on the sidelines wondering what on earth is going on in the UK politically. 

We can’t predict whether Brexit will really happen on October 31 and whether a deal will be concluded or not. However, we do now know that we are likely to leave with a withdrawal agreement that affects security at the institutional level — not dissimilar to the broad outline of what Theresa May and the EU concluded in November 2018 — or that we will leave all current security and defense cooperation arrangements. For security leaders wondering how all of this may affect them, we advise CISOs to focus on three primary areas of concern: 

  • International data flows between the UK and the EU. We know that, one way or the other, the continued legal basis for data flow relies on the UK’s data protection regulatory regime being judged equivalent to the EU’s. The various parties would begin working on this key adequacy decision, as it is known, following the UK’s exit from the EU (deal or no deal). While there are a lot of similarities with the regimes as they currently stand, there is no way of guaranteeing that the decision will occur and in what time frame. In the event of a “no-deal Brexit,” the legal default will be that the regimes are not equivalent and the EU will treat the UK as a third country, invalidating the legal basis currently used to promote legal data transfer between the UK and the other EU member states. We recommend that CISOs and DPOs start looking into alternative means now for guaranteeing the legal basis for their international data flows between the UK and EU. This can either be through model clauses or a binding corporate rules program, for example, which are already widely used for transfers outside of the EU. 
  • Staffing. Thankfully, both sides have agreed that whether a deal is agreed or not, they will work hard to provide some certainty to EU and UK citizens working outside of their home countries. For CISOs, this means that your staff will need reassurance and support if they need help with application procedures or, in some cases, the costs of applying. The area that is going to be most problematic is in the realm of recruitment — a challenge that is already difficult enough with the security skills shortage. Brexit will require you to think more carefully about where you deploy your staff and security services. Restrictions on the numbers of EU citizens entering the UK and vice versa are generally expected, so review your operating model carefully to mitigate the impact that restrictions on freedom of movement could bring to your security organization structure and headcount deployment. In addition, consider the implications for business travel for any service providers and staff supporting you from outside of your main headquarters locations. 
  • Regulatory relationships and obligations for reporting cybersecurity breaches. Whatever your views on it, the EU has been one of the most active legislators of cybersecurity and privacy regulations, creating a myriad of regulatory relationships across the EU. Many of these, particularly NISD, PSD2, and GDPR, contain requirements to report certain types of security events and incidents to regulatory bodies. The relationships have been set up, and many organizations in the scope of this regulation will need to review and update regulatory reporting lines, as current regulatory relationships may change. Review and update incident response plans and supporting operational processes carefully to ensure that you capture these changes in regulatory relationships. 

While there are many other implications to Brexit for CISOs to consider, these are some of the most common that come up in our conversations with clients. We will continue to watch the politics unfold and hope to gain clarity as to what will happen next. 

This post was written by Senior Analyst Paul McKay and originally appeared here. 

Source link

The post #hacking | The impact of Brexit on CISOs appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Bharat Bhise HNA – Understanding Why Hackers Commit Cyberattacks.

Source: National Cyber Security – Produced By Gregory Evans




(ThyBlackMan.com) The world of cybersecurity is truly fascinating and scary in equal measure, and it is something which more of us need to be aware of, especially if you run a business. Bharat Bhise HNA gave a talk at a conference recently about the aims and desires of hackers and cybercriminals, which was a essentially a cautionary tale which everyone must pay attention to. Bharat has seen it all in the world of cybercrime and he still witnesses things which shock and surprise him. To understand the importance of this we must first understand why people hack in the first place, and what they are looking for when they do so, let’s take a look.

Ethical Hacking

Technically speaking the term ‘ethical hacking’ is used to refer to hackers who are recruited by a company to test out their cybersecurity for them. In this case however we are discussing hackers who are not hired by anyone, but who hack for their own ethical reasons. For example let’s say that a company decides to do business with a dubious company, some hacking groups may attack this company’s system to show their disdain and to cause them as many problems and public embarrassment as they can.

For Hire

A huge number of hackers actually do this and get paid by one oftener clients for the work that they have done. Few hackers get into the game because of the criminality, but once they have amassed those skills which allow them to hack, criminal organizations and nefarious individuals realize what they are able to do and then try to sub-contract them for various types of hacks. It is actually rather difficult to steal money from a hack, which is why many do it as a paid-for service.

Bragging Rights

Surprisingly a huge number of the hacks which we see really have nothing to do with crime per se, but are in fact done by hackers who are trying to show off how good they are. There is a real sense of brinksmanship in the hacking community and each level of cybersecurity is seen as a challenge more than a deterrent. Whilst this may be harmless in terms of criminality, a hack such as this can still cause a big headache to many companies who will then have to review their systems and its security.


There is of course individuals who will hack with criminal intent, they may look to cause damage to a business or government system, or they may be looking to steal whatever they find once they have breached the system. This could be personal information, trade secrets or straight up cash, there is a huge amount that they will be able to obtain once they have successfully hacked into a system. These are the minority but they do present a very real danger to many companies and individuals.

This is something that is on the rise and it is something which you need to educate yourself about sooner rather than later.

Staff Writer; Rick Carter

Source link

The post #hacking | Bharat Bhise HNA – Understanding Why Hackers Commit Cyberattacks. appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | There’s a ‘real awakening’ about the threat of 2020 election hacking

Source: National Cyber Security – Produced By Gregory Evans

At least governments are becoming cognizant of — and more willing to pre-emptively act on — the threat to the election process from cybercriminals.

“Post 2016 [election], I think there has been a real awakening as to the threat that is out there. So that’s the good news on this end that people are aware this has happened and want to protect against it happening,” CrowdStrike co-founder and CEO George Kurtz tells Yahoo Finance.

Obviously, many politicians in the U.S. were badly asleep at the technological switch during the 2016 presidential campaign. It’s something they hope to avoid — by spending on key cybersecurity tech from the likes of CrowdStrike — into the 2020 election.

In July, the Senate Intelligence Committee said in a report that election systems in all 50 states were targeted by Russia in the 2016 presidential election between Donald Trump and Hillary Clinton. And just earlier this month, the same committee said in a new report that bad online actors in Russia could target the 2020 presidential election.

President Trump has continuously denied Russia played any role in his winning of the presidency.

Recall that CrowdStrike was called on by the Democratic National Committee to investigate the 2016 hack of its email and chat systems. CrowdStrike and several other cybersecurity firms found that Russian intelligence agencies were responsible for the DNC hack.

Some of the Facebook and Instagram ads linked to a Russian effort to disrupt the American political process and stir up tensions around divisive social issues, released by members of the U.S. House Intelligence committee, are photographed in Washington. Russia’s interference in the 2016 U.S. election has generally been seen as two separate, unrelated tracks: hacking Democratic emails and sending provocative tweets. But a new study suggests the tactics were likely intertwined. On the eve of the release of hacked Clinton campaign emails, Russian-linked trolls retweeted messages from thousands of accounts on both extremes of the American ideological spectrum. (AP Photo/Jon Elswick, File)

The work CrowdStrike did for the DNC — coupled with its leadership position in the security cloud market — have it teed up to win new business from governments ahead of the 2020 election. CrowdStrike received the important FedRAMP certification last year, and is now able to pitch for new business from government agencies.

“Given the technology that we have and the ability to stop breaches, it has been very well received not only in the Fed market but also in state and local governments. And I think you’ve seen a lot of those stories specifically around ransomware. Given our AI and our machine learning, we’ve been able to prevent those ransomware attacks for our customers without any signature updates or any changes,” Kurtz told analysts on a Sept. 5 earnings call.

Kurtz added, “We think both Fed and state and local government are great opportunities for us, and we’re really excited about those as we get into the buying season, particularly in the Fed space.”

Brian Sozzi is an editor-at-large and co-anchor of The First Trade at Yahoo Finance. Follow him on Twitter @BrianSozzi

Read the latest financial and business news from Yahoo Finance

Follow Yahoo Finance on Twitter, Facebook, Instagram, Flipboard, SmartNews, LinkedIn, YouTube, and reddit.

Source link

The post #hacking | There’s a ‘real awakening’ about the threat of 2020 election hacking appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Protect IT: Maintaining Your Digital Profile

Source: National Cyber Security – Produced By Gregory Evans

Tips and recommendations for ways organizations can engage their people and help accomplish all of these goals are available in the NCSAM 2019 Tool Kit. Take advantage of the 2019 Tool Kit and the other resources NCSAM makes available. 

The bottom line is that the internet is a great place to learn, to connect, and to have fun through technology. At the same time, we are each responsible for our own safety, privacy, and security online. Cyber security is truly everyone’s business – let’s “Own IT. Secure IT. Protect IT” and become smart digital citizens together.


To learn more, Symantec invites you to join us and partners, The Identity Theft Resource Center and Infolock for a discussion on how to protect your systems and help keep data safe for others. Panelists include Kevin Haley, Senior Director, Symantec Security Technology & Response, Eva Velasquez, President and CEO, Identity Theft Resource Center, and Ryan Lawless, Senior Consultant, Infolock Advisory Services

Register for free here: https://www.brighttalk.com/webcast/13361/371826

For additional information on how you can better protect your personal information and safety online, we invite you to visit the NCSAM 2019 website: https://staysafeonline.org/ncsam/

Source to this story.

The post #hacking | Protect IT: Maintaining Your Digital Profile appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Whole-of-Government Approach to IT Security Sought

Source: National Cyber Security – Produced By Gregory Evans

Get it delivered right to your inbox!

Bipartisan leaders of two Senate committees have called for a whole-of-government approach to supply chain risk management for information and communications equipment through better coordination across all three branches of the government.

The letter from the chairmen and ranking minority members of the Intelligence and Homeland Security and Governmental Affairs committees said asked the Federal Acquisition Security Council to develop a strategic information sharing plan covering Congress and the judiciary as well as the executive branch. That council was created by a law enacted last year with the goal of reducing supply chain risks by facilitating information sharing among agencies.

A letter to OMB says that Congress and the judiciary lack the expertise and resources to replicate that effort, potentially leaving them vulnerable to introducing insecure technology putting national security at risk. “The threat is not hypothetical,” the letter says.

For the judiciary, it cites warnings in the National Cyber Strategy, annual reports from the court systems highlighting the need to counter threats posed by hacking, viruses and other malicious acts, and a Center for Strategic and International Studies report calling for immediate steps to counter threats to the courts.

“Adversaries abroad have similarly targeted Congress, most recently documented in a number of attempted hacks of Senate offices. This threat goes back over a decade, with one notable incident in 2008 involving a number of congressional computers. These adversaries are likely using every tool at their disposal to compromise” the systems used by congressional offices, it says.

More in: Federal Manager’s Daily Report

Source link

The post #hacking | Whole-of-Government Approach to IT Security Sought appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | Government hacking needs to b…

Source: National Cyber Security – Produced By Gregory Evans