Cyber wrap
2 Aug 2017|

It’s been a big week in cybersecurity. The twin giants of #infosec conferences, Black Hat and DEF CON, has just wrapped up in Las Vegas, and a DefCon Beijing beta event has been announced. The show-stealer was the open challenge, in which five different types of voting booths were left in a room for DEF CON attendees as a challenge. The first booth was hacked after 90 minutes, and the exercise demonstrated a number of poor security procedures, such as the default administrator passwords for the booths being unchanged and available online. They were not able to change votes, however. For a great write-up of the other keynote events and lectures, see here. In equally momentous news, yesterday marked the fourth anniversary of the launch of ASPI’s International Cyber Policy Center. Happy birthday, @ASPI_ICPC!

Russia has taken steps to pass a law that will ban the use of virtual private networks (VPNs) and other anonymisation technologies in the country. It will enter into force on 1 November 2017. Other legislation is set to come in early next year that will force messaging app companies to identify users by phone numbers by 1 January 2018. Edward Snowden, ex-NSA ‘whistleblower’ (and current Moscow resident), has publicly criticised the ban on VPNs, and noted it’s the second of such bans this week, with Apple reportedly removing VPN apps from its App Store in the Chinese market. While the exact cause of the removal was initially unclear, Apple has since released a relatively short statement taking responsibility for the removals, saying that the VPNs were not licensed under Chinese law. More than 60 VPNs have been affected so far.

Singapore’s privacy commission has proposed changes to the country’s personal data protection laws to provide mandatory data breach notification. Data breaches have remained topical elsewhere in the world, as Sweden’s nationwide motor registry data breach crisis has claimed the jobs of two Swedish ministers, Interior Minister Andres Ygeman and Infrastructure Minister Anna Johansson, and has saddled the prime minister with the possibility of facing a vote of no confidence. Data breaches have affected television as well. HBO’s internal databases were breached (again) and 1.5 terabytes of data exfiltrated. It’s not clear whether the data includes yet-unreleased episodes from season 7 of the hit TV show Game of Thrones, but written material from next week’s fourth episode has been released online.

Elon Musk and Mark Zuckerberg have had a public disagreement about whether we should welcome or fear our new artificial intelligence (AI) ‘overlords’. While Zuckerberg has described Musk’s concerns of an AI-led apocalypse as ‘irresponsible’, Musk has fired back that Zuckerberg’s understanding of the subject is ‘limited’. Commentators have suggested that it’s more about a difference of time scales, or a difference of branding, than a difference of opinion. In what might be a point for Musk, Facebook has gone back to the drawing board on one of its AI projects after two chatbots in the projects began communicating in their own language consisting of shorthand English strung together nonsensically, to humans at least.

A New York Times piece has outlined how China is aiming to become a leader in AI technology research and development by 2030, and how its spending billions of dollars to foster innovation. By contrast, the US has yet to create a national strategy for continued innovation in AI. There are programs and projects no doubt, like this week’s announcement that the US Air Force is looking at using AI to monitor Twitter and social media networks, but there’s an increasing risk that the US might find itself on the wrong side of the innovation offset.

Innovation remains high on the agenda for the Australian government. The Digital Transformation Agency and the Australian Public Service Commission are currently looking to find and place 250 cadets and apprentices in Australian government agencies to start off their brilliant careers in IT. On the senior side of the career spectrum, the Department of Defence’s chief information officer, Peter Lawrence, has come to the end of his five-year term after steering the department through a number of major programs and reforms. The Australian Communications and Media Authority will be conducting a review of the NBN and its 21 contractors and subcontractors by compelling all of the companies involved to provide data about why the NBN has been underperforming. And the South Australian government is allegedly introducing laws that would compel child exploitation website operators to provide their passwords so that law enforcement can access personal data held in their computers or personal clouds. The news has ignited some concern, though details remain scarce.

Adobe is killing off its Flash media player by 2020. Most have speculated that the reason for the closure is security, as Flash has been an infamous (and growing) source of many critical vulnerabilities. The move has been long predicted, as the functions that Flash provided have largely been replaced by the more secure and well-developed standards. Several major tech companies, including Microsoft, Facebook, Apple, Google and Mozilla have laid out roadmaps for how they’ll be moving on from Flash, and it looks like the change won’t be a big deal.

It’s been a good week for any ‘mooches’ looking for some free but good anti-virus software. Cybersecurity company ESET is offering a free 12-month subscription to its internet security service in partnership with PC Tech Authority Australia; it’s available here. Similarly, Kaspersky has begun offering a free version of its anti-virus software. In addition to improving the baseline security of users, one of the reasons the company is offering the software for free is that free installs of the software that encounter malware will provide more data points to improve Kaspersky’s threat-intelligence machine-learning systems.