Zettaset to Provide Members with Key Insights and Best Practices Designed to Adequately Secure Personal Health Information

Zettaset, a leading provider of software-defined encryption solutions, announced it has joined the Healthcare Information and Management Systems Society (HIMSS) as a Corporate Member to offer data security expertise to the organizations 80,000 individuals, 480 provider organizations, 470 non-profit partners and 650 health services organizations. As a member, Zettaset will bring unparalleled education on the benefits of data encryption to entire the HIMSS network and help educate members on the importance of proper data security as the last line of defense for healthcare organizations of all sizes.

Researchshowsthat healthcare organizations continue to suffer the highest costs associated with data breaches $6.45 million on average more than any other cross-industry average. As health organizations struggle with protecting the personal information of patients, cybercriminals remain steadfast on identifying new attack vectors. And while many healthcare entities have reacted to this reality by investing in additional cybersecurity measures, most organizations still lack the proper technology that can adequately address protection needs.

Recommended AI News:Accedian And Tranquil Data Form Data Analytics Partnership To Solve Digital Transformation Challenges Facing CIOs

The healthcare industry will continue to increase their digital transformation investments with the goal of creating new and innovative ways to provide better and safer patient care. But as a result, these digital initiatives have expanded the threat surface, said Tim Reilly, CEO of Zettaset. Whether its protecting legacy infrastructure or deploring new DevOps initiatives, healthcare organizations have to take every precaution necessary when protecting patient data and encryption is essential. Were excited to partner with HIMSS in this first step towards global health education on why data encryption should no longer be viewed as a check-the-box compliance step, but rather a mandatory investment towards safeguarding patients.

Recommended AI News:Hiretual TalentFusion Expands Enterprise ATS Integrations For AI-Powered Talent Management

Zettaset and HIMSS will be co-hosting a webinar, Breach. Theft. Disaster: Protecting the Digital Transformation from Itself in Healthcare, on Monday, July 27, 2020. The webinar will offer an in-depth look into encryption for healthcare entities and how it provides the last line of defense in protecting an organizations data.

Recommended AI News:Reveal Group Becomes Only UiPath Partner To Achieve USN Certifications

Share and Enjoy !

Read the original:
HIMSS, Welcomes Zettaset as its Newest Member to Offer Education - AiThority

Opinion Conspiracy theories are nothing new, but the recent one that blamed the rollout of 5G networks for the spread of Covid-19 is one of the more bizarre examples in recent memory. Not only is it very obviously untrue to anyone that understands either the technology or virology, but there is also little real correlation. New Zealand which was one of the first countries to declare itself virus-free is accelerating its current 5G rollout while Brazil and the USA which have seen the highest death rates are not among the leaders in 5G adoption.

However, there are other parallels and lessons that could be learned here. Firstly, around following the science rather than political agendas and secondly around protection not only from radiation, but also from malware and snooping.

Many political leaders across the globe have claimed that their response to the pandemic has been led by the science. Unfortunately, there are many different ways of interpreting the science and also still many unknowns. Consequently, politicians have used the science to back their own agendas, at times arguing either in favour or against the use of face masks, lockdowns and testing depending on how well prepared they were or how much they were willing to admit to earlier mistakes. Populist leaders in particular have not fared well during the pandemic, being more prone to grandstanding than accepting the best scientific advice.

Similarly, with 5G, there are undeniable technological and economic advantages from having collaboration in the market to drive innovation and interoperability, as well as from having a level competitive playing field to ensure choice and value for money. Unfortunately, a populist agenda in the US to scapegoat certain Chinese players as part of a trade war has had a massively negative impact on the entire 5G rollout. The irony is that while nobody has yet found any backdoors in the Chinese equipment, the US Congress is currently seeking to pass a bill that would force companies to include backdoors in all encryption, showing that the US is actually doing what it want us to believe that the Chinese might be doing. The US arsonist is too busy shouting at the Chinese to stop playing with matches to spot the irony here.

The issue of PPE (masks, gowns, gloves) during the pandemic has shown us how important protection is. Firstly, it can be shown beyond doubt that in radiation terms 5G is far safer than previous generations of mobile communications, just as 4G was safer than 3G. Our ability to communicate more efficiently, increasing performance as we reducing power consumption, has been as effective for mobile communications as it has been for microprocessors (see Moores Law) and many other areas of technology.

Secondly, if encryption can be maintained then 5G is also more secure than previous generations of mobile technology. 5G uses encryption to provide anti-tracking and spoofing features that make it harder to track and manipulate individual device connections. 5G is also a much more software and cloud-based than previous wireless network technologies, which will allow for better monitoring to spot potential threats. It also allows operators to use network slicing to segment the system in numerous virtual networks, each of which can be managed and customized separately. This means that different slices can have different protections set up for specific types of devices.

At a time when the variety and sophistication of cyber threats is not only at an all-time high, but is also on the increase, we cannot afford either to drop our level of vigilance or to create any unnecessary vulnerabilities.

Patching vulnerabilities is a fulltime job for all technology vendors, the race to find and patch flaws is one that we need to win every time, while the cybercriminals only need to win occasionally. Independent scrutiny can be of benefit here. Many vendors offer bug bounties and Huawei has put its equipment forward for additional testing by labs based in the UK and elsewhere.

Almost all the 5G security is built on encryption. The problem about creating backdoors in this encryption is that you create additional associated vulnerabilities as well as governance issues. It is a bit like having a particularly virulent strain of smallpox held in a secure lab that if it escaped would instantly infect everyone. You would want to be sure that the lab was really secure and that those that held it were trustworthy.

Unfortunately, the proposed congressional bill would put the keys to the encryption backdoors in the hands of an administration that is unashamedly America First and does not feel obliged either to abide by international treaties or to cooperate with global institutions (such as the WHO) and an intelligence community that has already allowed its own hacking tools to be stolen and that has also already shown that it is neither open or honest about its use of encryption backdoors. Not only would governance issues be of concern to almost all other nations, but it would also be probably only a matter of time before criminals obtained access to the backdoors, thereby undermining everyones security.

The congressional encryption bill, while a well-intentioned initiative by politicians who do not understand the technological consequences, is a far greater threat to our collective security (over 5G and all other technologies) than the vendor that the US administration is currently seeking to scapegoat.

We need to be focusing on bug bounties and enhanced testing of equipment from all vendors, as well as global collaboration to patch vulnerabilities and counter the real threats, rather than creating back doors that would open up what could be calamitous new vulnerabilities.

After all, if you are not confident in the security of Huawei equipment then in a competitive market you have alternative vendors to choose from. However, if the back doors mandated by congress are universal then you may not have another choice and you certainly dont have any choice in terms governance keys to the backdoors are controlled by the US government and its intelligence services alone (not the UN or your own government), until that is they fall into the hands of cybercriminals.

Given the mess that the current US administration has made over coronavirus, are we confident that they can be trusted with the keys to encryption backdoors for all our data either to use them responsibly or to keep them safe?

I am not in favour of backdoors at all, as they create new vulnerabilities. If, however, they are a political necessity, then maybe every member of the UN should nominate a country CTO and this group should be collectively responsible not only for holding the encryption keys, but also for collaborating on an international basis to address the growing cyber threat (especially from rogue nations).

Editors note: Bill works with a number of global vendors and accepts paid commissions from them, including Huawei; however, he has requested for us to point out that he is paid for his time and not his opinions therefore the opinions expressed in this and other articles are entirely his own.

Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend theCyber Security & Cloud Expo World Serieswith upcoming events in Silicon Valley, London and Amsterdam to learn more.

Original post:
Thoughts on encryption legislation - and the real 'link' between 5G and coronavirus - Cloud Tech

Police scanners in Scott County are set to go silent under a radio replacement plan currently being rolled outcountywide.

Local law enforcement dispatch communications will be aired over anencrypted channel oncethe new radios are in use, local officials confirmed.

The switch to encryption, expected to take place in spring 2021, means the general public will no longer be able to hear police incidents unfold through handheld scanners, scanner applications and websites such as Broadcastify.

Scott County Sheriff Luke Hennen said the change is being made in the interest of publicsafety and victim privacy.

"Calls we go to and people's struggles don't need to be broadcast," Hennensaid.

Scott County Sheriff's Office Capt. Scott Haas said listening to police radio traffic is increasingly popular, and changes in technology have made it easy for anyone including individuals engaged in criminal activity to tune in.

"We have an obligation to protect people having a bad day, and to protect people's private information," Haas said.

Law enforcement agencies in Dakota County have also been purchasing radioswithencryptioncapabilities in recent years, but officials said they don't have a plan for how or if they'll use the encryption feature.

"There's arguments on both sides," said Dakota County Sheriff's Office Deputy Chief Joe Leko. "Officer safety and transparency."

Mark Anfinson, a Minnesota attorney specializing in information law and data practices, said both sides represent a strong, legitimate public policy issue. Anfinson represents the Minnesota Newspaper Association, which includes this newspaper.

"You dont want law enforcement operating in the dark anymore than you have to," he said. "And to some degree, secrecy of law enforcement is totally legitimate."

But to thinkencryptionalways falls on the side of protecting victims ofcrime ignores thevalue of publicaccountability, Afinson continued.

Thats what public accountability is all about helping the victims," he said.

Critics of encryption, which include many news organizations throughout the country, say the change weakens transparency and ends a longstanding, essential news-gathering practice of responding to an incident, such as a crash or shooting.

Last year, the Minnesota Chapter of the Society of Professional Journalists called on Hennepin County Sheriff Dave Hutchinson to reverse a decision to encrypt the police communications from all departments using the county's dispatch services.

"Particularly with incidents that involve a police response, this transparency helps hold authorities accountable if something should go wrong an essential part of building trust between law enforcement and the communities they serve," Chris Snowbeck, the journalist organization's president, wrote last year. "It also can help readers and viewers better understand the actions of law enforcement."

Under the current radio system, not all 911 communications are publicly available. State law protects the public from hearing 911 callers, and Scott County's current equipment keeps tactical operations off the air.

Officers involved with SWAT or drug task for operations already use encrypted radios, for example, but moving routine police calls to an encrypted channel is an "all or nothing" decision, Hennen said.

In recent years, each police department in Scott County has been replacingold radio equipment with equipment that offers encryptioncapability, but the switch to an encrypted channel won't occuruntil every officer is ready.

Hennen said that's expected to happen sometime next year.

After the switch, fire department calls throughout the county will remain accessible to the public on an open channel.

Hennen and Haas both said continuing to offer access to fire department communications provides a point of balance to residents wanting information about major public safety incidents.

"The fire channel captures that, yet itdoesn't downplay our safety," Hennen said.

Burnsville Police Capt. Don Stenger said Burnsville officers all have encryption technology on their radios these days, but the department doesn't yet use it.

Tom Folie, executive director of the Dakota County Communications Center where the county's emergency calls are dispatched, said he thinks encryption is desired in the long-term, but it's probably two to three years away.

Read the original:
Scanner shutdown: Local law enforcement to take dispatches off the air - SW News Media

A few weeks ago a group of U.S. Republican senators introduced the Lawful Access to Encrypted Data Act, a bill that would compel American tech companies to put backdoors in their products to give law enforcement access to customers data with a warrant.

If passed, the Act will put everyones data at risk, while reversing decades of work to make encryption stronger and personal data more secure.

Even for purposes of lawful access, no company wants government pressure to insert vulnerabilities in their products. Adding any sort of hidden backdoor access or decryption capability potentially jeopardizes a companys reputation and its business prospects.

Yet such pressure is reality in the tech industry. In 2016, for example, Apple famously refused an FBI request to unlock an iPhone linked to a shooting in California.

But its not just the U.S. government pushing companies to install backdoors. In 2018, a letter was issued by the Five Eyes intelligence-sharing alliance, consisting of the U.S., U.K., Canada, Australia and New Zealand. The letter warned that if private companies refused to help authorities de-code encrypted emails, text messages, and voice communications, the Five Eyes governments might pursue technological, enforcement, legislative or other measures to achieve lawful access solutions.

Tech companies have faced such pressure to compromise privacy for decades. In the 1990s, the FBI floated the concept of key escrow, whereby software developers would copy the keys to every algorithm and give them to authorities upon request. In 2017, thenU.S. Deputy Attorney General Rod Rosenstein claimed that encrypted apps were protecting criminals like terrorists and drug dealers. Rosenstein acknowledged that the approach taken in the recent past negotiating with technology companies and hoping that they eventually will assist law enforcement out of a sense of civic duty is unlikely to work.

Why would that be? Do technology companies lack a sense of civic duty? A more likely explanation is that they know vulnerabilities are inevitably discovered and exploited. This turns their products into the cyber-equivalent of a suitcase lock made for the Transportation Security Administration. TSA authorities have master keys that can open any TSA-approved lock, allowing the agency to open your luggage without breaking the lock and damaging your suitcase.

As many people predicted when the program was rolled out, this vulnerability was soon exploited by hackers, allowing anyone with a 3D printer copy of the master keys and sell them on the black market. The same thing could easily happen with data networks.

As the Internet of Things ushers in an era of cyber-physical systems, network security is becoming a matter of life and death: instead of just disclosing your credit card information, a system breach could highjack the car youre driving or stop the pacemaker that controls your heart.

Think about the legal liability, reputational damage, and potential loss of life. What company wants any part of that?

Its sponsors in Congress will argue that the Lawful Access to Encrypted Data Act will keep Americas networks safe. Sadly, the effect will be the exact opposite. And tech companies know it.

Just as no organization wants to get hacked, no company in the world wants to install backdoors in their technology. Its just bad for business, as products are compromised, customers angered, and corporate reputations tarnished or destroyed.

Building a backdoor access that may be exploited by #hackers is a risk that no technology company is willing to take. #cybersecurity #respectdata Click to Tweet

Any backdoor makes us all less secure. As cyber security expert Bruce Schneier points out, you cant build a backdoor that only works with proper legal authorization, or only for people with a particular citizenship or the proper morality. If a backdoor exists, it can be exploited. Thats a risk no company is willing to take.

Read more from the original source:
Bill That Mandates Cyber Backdoors Will Leave Front Doors Wide Open - CPO Magazine

What do you think of competition? What sets you apart? What do you have to say about competition from India, more specifically JioMeet?

We have been dealing with competition since 2011, when the company was founded. We have had to deal with very large incumbents in the marketplace from an early timeframe. We view competition as a good thing. It only spurs us to focus on what we can controlour innovation and our ability to deliver happiness to our customers.

It takes a lot for us to deliver Zoom in the way it is: a very easy to use, high quality, video collaboration service. And as I mentioned, the architecture is very important. The know-how around the globally distributed network that we have, even the user interface, the simplicity, the feature set, etc. These are all things that we agonise over and have agonised over in our development. And really take feedback from our customers to heartboth our free customers all the way to our paid customers.

I would say there is no one thing that makes Zoom special. I think it is a combination of all of that and an intensely focussed and driven employee base that really cares for its customer and its community. And I think that has helped us up to this point address competitive threats, and it will help us going forward.

About JioMeet, to be honest, I havent looked at the product. But I will say the factors that help us compete, you know, historically are going to be the factors that help us compete going forward, we are focussed on delivering a very secure, very reliable, and very easy to use product. And that we are going to focus on what we can control.

Having said that competition just makes you more hungry. There should be no difference to how that impacts Zoom today as it has impacted Zoom years before as well and all along.

There is speculation about Zoom being a Chinese company. Could you tell us something about its origins?

I will just say that Zoom is not a Chinese company. We are listed on the Nasdaq and our headquarters are here in San Jose. Our founder [Yuan] may be ethnically Chinese, but hes an American citizen. He's been in this country since 1997. His three kids go to the local schools. His life has largely been American by choice.

We were set up with the intention to provide workplace collaboration services, for businesses, and with the view that, if we can provide video conferencing or video collaboration services to enterprises. That would be sort of the holy grail for us. At the end of December, we had around 10 million daily meeting participants. And by the end of April we had 300 million daily meeting participants, and that has been the significant shift during the pandemic.

A lot of it are schools. Education has always had a big value for our company. Erics core passion in education, but it's also our employees core passion. We did a ground-up survey of our employees and education was one of the top three initiatives. So, it made sense when the pandemic hit, to offer countries across the world, the opportunity to have free service for schools.

I think I noticed the difference when we offered K through 12 services for free in the U.S. Suddenly everybody knew about Zoom. We started to get a lot of different use-cases that we had probably not anticipated, because largely we are focussed on enterprises. And the challenge we face going forward is how do we embrace and continue to allow to flourish these various use-cases.

Zoom was made for the enterprise, but individuals took to it in droves. Did problems such as Zoombombing and the like crop up because it wasnt being used the way it was envisaged to be?

Zoom was originally developed for enterprise use and has been confidently selected for complete deployment by a large number of institutions globally, following security reviews of our user, network, and datacentre layers. However, we saw more participation from standalone users, who have been using the platform to connect to their family, friends, and colleagues; increased usage by schools to continue the education processes, etc. A lot of such users are unaware of various security measures one should adopt while on a virtual platform, leading to issues like meeting bombing.

Zoom has recently launched the latest version, Zoom 5.0, that delivers one of our most advanced security enhancements to date with support for AES 256-bit GCM encryption, which provides added protection for meeting data and greater resistance to tampering. The version provides users with features like reporting a user, new encryption icon, and enhanced data centre information which allows more flexibility and security to users.

Let us talk about end-to-end encryption (E2EE) and endless speculation about whether it would be offered to free users. How do you end the speculation?

Well, let me end it right now. We are in the development process for end-to-end encryption. We have already announced that were going to have a limited beta. And then we are going to continue working on rolling out this product through the end of the year. It will be the first end-to-end encryption feature available on video collaboration. Its very hard to do and then it will be the first. What were trying to accomplish is to have in Zoom formats or Zoom scale I want to be very clear that it will be available for all customers across the platform, both paid and free. Were still working out the details, but we will probably deploy some sort of a one-time risk-based authentication for free users that use E2EE.

But at the end of the day, it is extremely important that we provide an opportunity for our customers to have communications that they believe are private and secure. I want to just make sure that youre aware that today even without E2EE, when our customers are using the application and are on the parts of the application that are controlled by Zoom, they have AES 256-bit GCM encryption, which is industry leading today.

All Zoom users will continue to use AES 256 GCM transport encryption as the default encryption, while E2EE will be an optional feature. This is because it limits some meeting functionality, such as the ability to include traditional PSTN phone lines or SIP/H.323 hardware conference room systems. Hosts will toggle E2EE on or off on a per-meeting basis. And account administrators can enable and disable E2EE at the account and group level.

Read the original:
Virtual and face-to-face connect to coexist: Zoom COO - Fortune India

(Naver Inc.-Yonhap)

Naver's D2 Startup Factory, also known as D2SF, said it has selected the two startups that have expertise in developing solutions that are essential in data processing.

"The amount of data processing is increasing 61 percent every year globally," said Yang Sang-whan, an official in charge of D2SF, adding that the two startups have potential to become frontrunners in the field.

A team of seven engineers at Cloa aims to pioneer the next generation of data infrastructure for cloud and edge computing.

"What Cloa aims to do is to provide a solution to support data processing pipelines in real time," CEO Morgan Lim said. "The core point is to process data rapidly in the midst of floods of data."

The entrepreneur said the company plans to enroll the solution by the end of this year for the cloud computing market and further make inroads into the edge computing market as even edge devices need real-time data processing.

Desilo Inc. is currently in the process of developing a homomorphically encrypted machine learning solution amid the rising concerns over privacy invasion.

Homomorphic encryption is a form of encryption that differs from typical encryption methods by allowing computation to be performed directly on encrypted data, minimizing possible data leakage and security breaches.

"Our vision is to create the data-centered world without sacrificing privacy," said CEO Lee Seung-myung, adding that the technology can be applied in many fields, such as genome analysis and remote monitoring systems.

Given the rise of machine learning applications using sensitive private data, implementing the algorithm will provide security to many companies in various industries, the entrepreneur said. (Yonhap)

Visit link:
Naver newly invests in 2 data-related startups - The Korea Herald

Encryption Management Solutions Market Forecast 2020-2026

The Global Encryption Management Solutions Market research report provides and in-depth analysis on industry- and economy-wide database for business management that could potentially offer development and profitability for players in this market. This is a latest report, covering the current COVID-19 impact on the market. The pandemic of Coronavirus (COVID-19) has affected every aspect of life globally. This has brought along several changes in market conditions. The rapidly changing market scenario and initial and future assessment of the impact is covered in the report. It offers critical information pertaining to the current and future growth of the market. It focuses on technologies, volume, and materials in, and in-depth analysis of the market. The study has a section dedicated for profiling key companies in the market along with the market shares they hold.

The report consists of trends that are anticipated to impact the growth of the Encryption Management Solutions Market during the forecast period between 2020 and 2026. Evaluation of these trends is included in the report, along with their product innovations.

Get a PDF Copy of the Sample Report for free @ https://dataintelo.com/request-sample/?reportId=92039

The Report Covers the Following Companies:Check Point Software TechnologiesCisco SystemsIBMMicrosoftOracleSymantec

By Types:Disk EncryptionFolder Encryption Communication EncryptionCloud Encryption

By Applications:BFSIHealthcareGovernmentRetailIT and telecom

Furthermore, the report includes growth rate of the global market, consumption tables, facts, figures, and statistics of key segments.

By Regions:

Grab Your Report at an Impressive Discount! Please visit https://dataintelo.com/ask-for-discount/?reportId=92039

Years Considered to Estimate the Market Size:History Year: 2015-2019Base Year: 2019Estimated Year: 2020Forecast Year: 2020-2026

Important Facts about Encryption Management Solutions Market Report:

What Our Report Offers:

Make an Inquiry of This Report @ https://dataintelo.com/enquiry-before-buying/?reportId=92039

About DataIntelo:DATAINTELO has set its benchmark in the market research industry by providing syndicated and customized research report to the clients. The database of the company is updated on a daily basis to prompt the clients with the latest trends and in-depth analysis of the industry. Our pool of database contains various industry verticals that include: IT & Telecom, Food Beverage, Automotive, Healthcare, Chemicals and Energy, Consumer foods, Food and beverages, and many more. Each and every report goes through the proper research methodology, validated from the professionals and analysts to ensure the eminent quality reports.

Contact Info:Name: Alex MathewsAddress: 500 East E Street, Ontario,CA 91764, United States.Phone No: USA: +1 909 545 6473 | IND: +91-7000061386Email: [emailprotected]Website: https://dataintelo.com

Read more from the original source:
Encryption Management Solutions Market 2020 Global Share, Growth, Size, Opportunities, Trends, Regional Overview, Leading Company Analysis And...

In the upcoming research study on the Hardware Encryption market by Future Market Insights (FMI) is a valuable source of information for market players vying to establish a strong foothold in the current Hardware Encryption market landscape. The detailed assessment of the Hardware Encryption market offers domestic as well as international market players a clear picture of the prospective growth opportunities in various geographies.

The novel Coronavirus (COVID-19) has caused a slowdown in business activities of the Hardware Encryption market. With the help of our upcoming report, market players can gain important insights on alternative strategies that can help in revenue generation. Learn which countries are flourishing amidst the Coronavirus era and how your product offerings can reach the right target consumer. The leading factors that are likely to impact the growth of the Hardware Encryption market over the assessment period are thoroughly analyzed in the report.

Why Choose Future Market Insights?

Request a Sample Report with Table of Contents and [emailprotected]https://www.futuremarketinsights.com/reports/sample/rep-gb-3189

Report available at concessionary prices for first-time buyers! Offer expires soon!

Various Segments of the Hardware Encryption Market Evaluated in the Report:

By product type

By hardware encryption

Competitive Analysis

The competitive analysis chapter of the report sheds light on the major developments of the prominent players operating in the Hardware Encryption market. The report provides information related to the recent mergers, acquisitions, partnerships, and other strategic alliances within the Hardware Encryption market. Further, the pricing, sales, promotional, and marketing strategies of each company are enclosed in the report.

Prominent players profiled in the report:

Seagate Technology LLC, Hitachi ID Systems, Inc., Western Digital Corporation, Samsung, Toshiba Corporation, Micron Technology and Kingston Technology Corporation

In-depth Analysis on How Businesses Can Bounce Back from COVID-19 Crisis https://www.entrepreneur.com/article/353033

Important queries addressed in the report:

Crucial data that can be drawn from the Hardware Encryption market report:

About Us:

Future Market Insights (FMI) is a leading market intelligence and consulting firm. We deliver syndicated research reports, custom research reports and consulting services which are personalized in nature. FMI delivers a complete packaged solution, which combines current market intelligence, statistical anecdotes, technology inputs, valuable growth insights and an aerial view of the competitive framework and future market trends.

Contact Us:

Mr. Abhishek Budholiya616 Corporate Way, Suite 2-9018,Valley Cottage, NY 10989,United StatesT: +1-347-918-3531F: +1-845-579-5705T (UK): + 44 (0) 20 7692 8790Sales: [emailprotected]Press Office: [emailprotected]Blog: Market Research BlogWebsite: https:www.futuremarketinsights.com

Go here to see the original:
A New FMI Report Forecasts the Impact of COVID-19 Pandemic on Hardware Encryption Market Growth Post 2020 - 3rd Watch News

from the not-great dept

Everyone is still sorting out exactly what happened last week with the big hack of Twitter in which a number of prominent accounts -- including those of Barack Obama, Elon Musk, Jeff Bezos, Apple, and Uber -- all tweeted out a Bitcoin scam, promising to double people's money if they sent Bitcoin to a specific wallet (which appeared to receive a little over $100k). However, from what has been reported so far, it appears we actually got fairly lucky and that it was mainly a bunch of SIM swapping social engineers who historically have focused on getting popular short usernames. If you're not familiar with all of this, the Reply All podcast had a fascinating episode about the scam last year.

Meanwhile, Vice has a post describing how the hackers involved convinced a Twitter employee, who had access to a Twitter control panel, to make changes for them. The guy who controls the (formerly Adrian Lamo's) Twitter account @6, provided some details on how the hack got around two factor authentication controls: within the control panel a new email address was added to the account, and then, from the control panel, the two factor authentication would be disabled. An alert would be emailed out about this -- but to the new email address. Brian Krebs provided some details about who he thought was behind all of this (and the connection to the SIM swapped hack of Jack Dorsey's account from last year). Finally, the NY Times scored an interview with the hackers themselves -- again, showing that it was just a crew of SIM swapping kids, mostly doing this for the lulz (and also suggesting that the person Krebs fingered was only peripherally involved, in that he'd made use of the same access to pick up Lamo's old @6 account, but didn't take part in the Bitcoin scheme).

The interviews indicate that the attack was not the work of a single country like Russia or a sophisticated group of hackers. Instead, it was done by a group of young people one of whom says he lives at home with his mother who got to know one another because of their obsession with owning early or unusual screen names, particularly one letter or number, like @y or @6.

The Times verified that the four people were connected to the hack by matching their social media and cryptocurrency accounts to accounts that were involved with the events on Wednesday. They also presented corroborating evidence of their involvement, like the logs from their conversations on Discord, a messaging platform popular with gamers and hackers, and Twitter.

What does become clear is that, from the details revealed so far, this wasn't some grand nefarious scheme. This was a bunch of kids having fun, who happened to get access to a control panel through some means or another.

At the very least, we should be thankful that's all this was. As multiple people I spoke to have said, we should be very, very, very glad that this was basically some kids having a laugh and hoping to make a little money, rather than a nation state wishing to start World War III. And while Twitter has not yet said if Direct Messages were accessed, from everything that's been revealed so far, it's pretty clear that whoever controlled these accounts easily had access to DMs.

And that should raise a bunch of questions.

While the hack was still going on, Senator Josh Hawley dashed off one of his infamous letters to Twitter CEO Jack Dorsey, asking a list of questions. Surprisingly, given Hawley's involvement and the usual inanity of his letters, this one was somewhat on point and asked a bunch of mostly reasonable questions:

However, much more important is the key question asked by Senator Ron Wyden: why hasn't Twitter introduced end-to-end encryption for DMs, which would have prevented the ability for hackers to have read DMs under the circumstances described above.

"In September of 2018, shortly before he testified before the Senate Intelligence Committee, I met privately with Twitter's CEO Jack Dorsey. During that conversation, Mr. Dorsey told me the company was working on end-to-end encrypted direct messages. It has been nearly two years since our meeting, and Twitter DMs are still not encrypted, leaving them vulnerable to employees who abuse their internal access to the company's systems, and hackers who gain unauthorized access," Wyden said in a statement.

Of course, given all that, we should note that despite Hawley asking good questions, he's a bit of a hypocrite here, as he has attacked encryption for years, and is a co-sponsor of the EARN IT Act, which will endanger encryption. If Hawley actually wanted Twitter to better protect user privacy in their data, he should be supporting Wyden's push to have the company encrypt more, not less.

Filed Under: dms, encryption, josh hawley, ron wyden, sim swapping, twitter hackCompanies: twitter

Read more:
Holy Hell Were We Lucky That Twitter's Big Breach Was Just A Bunch Of SIM Swapping Kids; Can We Please Encrypt DMs Now? - Techdirt

Let's admit it - part of the reason why messaging apps are seeing such a significant rise in usage is because we can say whether we want in a message thread, without fear of offending people or causing relationship rifts, upsetting relatives, etc.

That's why this is probably a good addition - as shared by social media expert Matt Navarra, Facebook is now rolling out Touch ID and Face ID lock options for Messenger on iOS.

That will stop people from additionally snooping on your Messenger chats.

Once enabled, you can choose how long it takes before your Messenger needs to be unlocked again with Face/Touch ID.

So for those overly paranoid about people checking their phone, they can lock it as soon as they've finished using the app.

Social media advisor Jeff Higgins also shared this video of the process in action on opening the app.

Facebook's been working on the option over the last few months, with Engadget sharing screenshots of the in-development tool early last month.

The addition is in line with Facebook's gradual shift towards improving messaging security, which includes its plan to eventually enable end-to-end encryption as the default setting for all messages. That plan has come under intense scrutiny by several government agencies, who believe that a move to full encryption will facilitate increased criminal activity in Facebook's apps. Already, various authorities have raised concerns about encryption in WhatsApp.

However, Facebook is determined to push ahead with its plan, and while locking your Messenger app is a smaller element in this broader process, it's another indicator of user demand for more privacy, and security, with their personal interactions. And worth noting, Messenger already has an optional 'Secret' chat modewhich is fully encrypted.

Now to see if it enables the same in WhatsApp and Instagram. Eventually, Facebook plans to merge the messaging functionality of the three apps, which also means that any functionality added to one is likely on its way for the others. It doesn't seem to make much sense that they would add additional security for Messenger if the other two are not protected, so it won't be any surprise to see Facebook launch the same for each app in due course.

Facebook told Engadget that it also plans to port the same option to Android in the near future.

Follow this link:
Facebook's Rolling Out Touch ID and Face ID Lock Options for Messenger - Social Media Today