<p id="">The military did not detect previous flights of Chinese spy balloons over the U.S. that took place during the Trump administration, a top general said Monday, due to a “gap” in the Defense Department’s ability to track certain airborne objects.</p><p id="">‍</p><p id="">Gen. Glen VanHerck, head of North American Aerospace Defense Command, cited the issue as the reason that at least three spy balloon flights were not briefed to senior Trump officials at the time.</p><p id="">‍</p><p id="">Gen. Glen VanHerck, head of North American Aerospace Defense Command, cited the issue as the reason that at least three spy balloon flights were not briefed to senior Trump officials at the time.</p><p id="">‍</p><p id="">“So those balloons, so every day as a NORAD commander it’s my responsibility to detect threats to North America,” he told reporters at the Pentagon. “I will tell you that we did not detect those threats. And that’s a domain awareness gap that we have to figure out. But I don’t want to go into further detail.”</p><p id="">‍</p><p id="">He added that the intelligence community later determined the flights had occurred using “additional means of collection.”</p><p id="">‍</p><p id="">The Defense Department first brought up the Trump-era flights on Saturday, not long after an F-22 fighter shot down a Chinese spy balloon off the coast of South Carolina. Republicans had for several days blamed the Biden administration for its handling of the incident, but a senior DoD official on Saturday noted that flights had also occurred during the previous administration.</p><p id="">‍</p>

<p id="">On the 3rd of February 2023 the office of the Australian formation commissioner, &nbsp; OAIC, provided submissions to the Commonwealth government,&nbsp; supporting changes to the current legislation written under the Privacy Act of 1988 and other legislations.</p><p id="">‍</p><p id="">Recommendations to address these aspects of the Privacy Act included extraterritorial operations, Changes to the notifiable data breach scheme and&nbsp; also increasing penalties to business under the competition and consumer ACT.</p><p id="">‍</p><p id="">The OAIC&nbsp; intention is to increase the penalties to encourage compliance which businesses will be enforcing and Improvement of their systems and responsible handling of personnel data . The commissioner stated , the “ increased penalties which will help to incentivise compliance and ensure that penalties for privacy breaches act as a deterrent and are not seen merely as the cost of doing business in Australia”</p>

<p id="">GitHub has reported that a malicious actor gained access to a set of repositories used in the planning and development of GitHub Desktop and text and source code editor Atom.</p><p id="">‍</p><p id="">The source code repository said that it became aware of the <a href="https://www.cshub.com/attacks/articles/the-biggest-data-breaches-and-leaks-of-2022" id="">data breach</a> after “unauthorized access” was detected on its servers on December 7, 2022. A set of encrypted code-signing certificates were stolen during a breach. GitHub reported that the certificates were password-protected and there was “no evidence of malicious use”.</p><p id="">‍</p><p id="">The hacker gained access to the <a href="https://www.cshub.com/attacks/news/iotw-passwords-secure-in-latest-lastpass-data-breach" id="">source-code repositories</a> on December 6, 2022, after using a compromised Personal Access Token (PAT) associated with a machine account to clone repositories from its Atom, desktop and “other deprecated GitHub-owned organizations”.</p><p id="">‍</p><p id="">As a preventative measure, GitHub has said that it will “revoke the exposed certificates used for the GitHub Desktop and Atom applications” meaning users must update their applications before February 2, 2023, to continue using them</p><p id="">‍</p>

<p id="">SpaceX has taken steps to prevent Ukraine's military from using the company's Starlink satellite internet service for controlling drones in the region during the country's war with Russia, SpaceX's president says. </p><p id="">‍</p><p id="">SpaceX's Starlink satellite internet service, which has provided Ukraine's military with broadband communications in its defense against Russia's military, was "never never meant to be weaponized," Gwynne Shotwell, SpaceX's president and chief operating officer, said during a conference in Washington. </p><p id="">‍</p><p id="">"However, Ukrainians have leveraged it in ways that were unintentional and not part of any agreement," she said.</p><p id="">‍</p><p id="">Elon Musk said on Friday his rocket company SpaceX cannot indefinitely fund its Starlink internet service in Ukraine, which has helped the country's civilians and military stay online during the war with Russia.</p><p id="">‍</p><p id="">Musk's comment on Twitter came after a media report that SpaceX had asked the Pentagon to pay for the donations of Starlink. The billionaire has been in online fights with Ukrainian officials over a peace plan he put forward which Ukraine says is too generous to Russia.</p><p id="">‍</p>

<p id="">"The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note about KillNet, a pro-Russian hacktivist group that is known to be a threat to the US healthcare sector. The group has been active since at least January 2022 and is known for executing distributed denial of service (DDoS) attacks against countries supporting Ukraine.</p><p id="">‍</p><p id="">“While KillNet’s DDoS attacks usually do not cause major damage, they can cause service outages lasting several hours or even days,” the analyst note stated.</p><p id="">‍</p><p id="">“Although KillNet’s ties to official Russian government organisations, such as the Russian Federal Security Service (FSB) or the Russian Foreign Intelligence Service (SVR), are unconfirmed, the group should be considered a threat to government and critical infrastructure organisations, including healthcare.”</p><p id="">‍</p><p id="">A senior member of KillNet threatened the US Congress “with the sale of the health and personal data of the American people because of the Ukraine policy of the U.S. Congress,” HC3 noted.</p><p id="">‍</p><p id="">The group has also threatened to target life-saving ventilators in British hospitals and the UK Ministry of Health in the past.</p><p id="">‍</p><p id="">However, HC3 emphasised that “it is worth taking any claims KillNet makes about its attacks or operations with a grain of salt.”</p><p id="">‍</p><p id="">“Given the group’s tendency to exaggerate, it is possible some of these announced operations and developments may only be to garner attention, both publicly and across the cybercrime underground,” the analyst note continued.</p><p id="">‍</p><p id="">Even so, organisations should take practical steps to mitigate the risk of a DDoS attack. Specifically, healthcare organisations may want to consider enabling web application firewalls to mitigate application-level attacks and implementing a multi-content delivery network (CDN) solution to balance web traffic across the network, the analyst note stated.</p><p id="">‍</p><p id="">Thankfully, in December 2022, the US Department of Justice (DOJ) announced that it had seized 48 internet domains associated with leading DDoS-for-hire services. In addition, the DOJ brought down criminal charges against six defendants who allegedly oversaw computer attack platforms.</p><p id="">‍</p><p id="">DDoS-for-hire services, also known as ""booter"" or ""stresser"" services, allow individuals or groups to launch DDoS attacks against a target of their choice for a fee. These services have been a popular tool for cyber criminals and hacktivists, and have been used in a wide range of cyber attacks over the years.</p><p id="">‍</p><p id="">The seizure of internet domains associated with DDoS-for-hire services by the DOJ is part of a larger effort to disrupt the operations of cyber criminals and protect businesses and individuals from cyber attacks. The DOJ and other law enforcement agencies have been working to take down DDoS-for-hire services and other cyber crime networks, and to prosecute those responsible for these activities."</p><p id="">‍</p>

<p id="">Diplomacy is shifting from tedious traditional diplomacy to proactive and online digital diplomacy. How are governments across the world making difference in digital diplomacy?</p><p id="">‍</p><p id="">India as the host of the G20 presidency has chalked out the widest scale of digital diplomacy. The Ministry of External Affairs (MEA) is gearing up to showcase the full spectrum of its digital diplomacy when the leaders of the G20 nations will gather in New Delhi in September.</p><p id="">‍</p><p id="">The population of the world is approximately 8 billion and as per Digital 2022 Global Overview Report 59% of the global population is active social media user with 5.1% active growth. The 12.5 trillion hours online spent by global citizens established remarkable growth and showcased the deep penetration of the Internet in a global society.</p><p id="">‍</p><p id="">In 2017, the Ministry of Foreign Affairs of Denmark appointed Casper Klynge as the Tech Ambassador. It was the first appointment of its kind worldwide. His appointment was for Silicon Valley.</p><p id="">‍</p><p id="">“The world is changing and rapidly moving from offline to online. Diplomacy must adapt,” said Danish Ambassador to India Freddy Svane as Denmark becomes the first such nation to appoint a tech ambassador.</p><p id="">‍</p><p id="">“And India has taken digitisation into its development agenda. Digital transformation needs diplomacy, Ambassador Freddy adds on the rapid adaptation of digital tools for Indian diplomacy.</p><p id="">‍</p><p id="">In a first step, India inaugurated the ISRO’s South Asia Satellite to address critical communications and services for South Asian countries. However, the MEA is looking at comprehensive digital diplomacy as the key strategy which can prove beneficial for India.</p><p id="">‍</p><p id="">Take a look at the worldwide shits in foreign policies where digital diplomacy is affecting geopolitics.</p><p id="">‍</p><p id="">‍</p><h2 id="">India’s digital outreach</h2><p id="">‍</p><p id="">In some way, the MEA has pioneered the use of digital technologies and social media platforms. In fact, the MEA India Facebook page, which was created in 2012, is the most liked and followed Foreign Ministry page in the world. The MEA took to Twitter as early as 2011 by launching&nbsp; Twitter handles –@MEA India and @IndianDiplomacy – which focus on creating a positive cultural narrative for Brand India.</p><p id="">‍</p><p id="">Way back, the Ministry launched #AsktheSpokesperson – the first of its kind initiative on Twitter wherein it invited questions on India’s foreign policy from the public on social media and the selected questions were responded to by the Official Spokesperson live on Twitter.</p><p id="">‍</p><p id="">The MEA creates a substantial mix of content comprising press statements, speeches, joint statements, appointments of new ambassadors, and soft stories on Indian arts and culture.&nbsp;&nbsp;</p><p id="">‍</p><p id="">‍</p><h2 id="">China’s shift towards Digital Geopolitics</h2><p id="">‍</p><p id="">The Chinese shift towards digital diplomacy is one of the key policy directions which is going to impact the traditional conducts and tools of diplomacy. Some might call it – disruption.&nbsp;</p><p id="">‍</p><p id="">In 2018 Chinese diplomats activated the 301 diplomatic Twitter accounts to advocate Beijing’s policies at the international level. Initially, the China-US trade dispute triggered such initiatives. &nbsp; China’s Digital Diplomacy efforts are galvanised to reach global citizens.</p><p id="">‍</p><p id="">In 2022, Carl Miller, Co-Founder of The Centre for the Analysis of Social Media (CASM) Technologies published his report after a deep analysis of 1,00,000 social media messages through bespoke algorithms posted by Chinese Diplomats. During the analysis, it was found that a multi-lingual approach was adopted by the Chinese diplomats to float 1,00,000 messages. The messages were circulated by Facebook and Twitter through 393 Confucius Institutes, Diplomats, Chinese Consular Officials, and the social media account of the Chinese Foreign Ministry. It had been observed during the period from the start of 2021 to the end of September of that particular year by using multi-lingual machine learning(ML) and sophisticated AI (Artificial Intelligence) models.</p><p id="">‍</p>

<p id="">Xi’s announcement regarding Wang Huning’s assignment is a strong indication that he is changing the rules of engagement. Wang will be tasked with creating “a theoretical unification strategy fit for the Xi era.” The author of the analysis suggests that a theoretical unification strategy will be the “yardstick with which to measure progress and to decide if a military operation is necessary.” In our opinion, however, if this “theoretical unification strategy” is successful, it will be much more than a yardstick. It will be the cover story that connects to a Chinese narrative that may have the power to take Taiwan without firing a shot.</p><p id="">‍</p><p id="">The specific threat, the target of Xi’s narrative, is that his “Great Chinese Rejuvenation” requires all Han territory to be part of his historical interpretation of China, “The Middle Kingdom.” This feeds directly into what the Pentagon has long focused on – that is, defeating a Chinese invasion of the island.</p><p id="">‍</p><p id="">The Chinese are not putting their tanks in a row and then deciding how to spin an invasion for the public. Rather, they are focusing first on public influence, the success or failure of which will determine whether or not an invasion is likely to be successful. They are engaged in Narrative Warfare. The kinetics are not out front but that does not diminish the severity of the threat.</p><p id="">‍</p><p id="">A source familiar with the inner workings of the Chinese Communist Party has pulled back the curtain on General Secretary Xi Jinping's leadership reshuffle last October.</p><p id="">‍</p><p id="">Why were some leaders retained to serve another term, while others were shown the door?</p><p id="">‍</p><p id="">‍On the Politburo Standing Committee, there were three members who were 67 years old, technically under the retirement age of 68. All three of them could have stayed, but only one did.</p><p id="">‍</p><p id="">The ones who stepped down were No. 2, Premier Li Keqiang and No. 4 Wang Yang. Only No. 5 Wang Huning stayed on and was promoted in the new lineup. The source noted that this top leadership change hints at Xi's political strategy as he aims for a fourth term. "Wang Huning's mission is to lay the groundwork for Taiwan unification."</p><p id="">‍</p><p id="">If Wang Huning was retained to handle the Taiwan file, this would be the result of the failure of the "one country, two systems" in Hong Kong.&nbsp;&nbsp;</p><p id="">‍</p><p id="">After massive pro-democracy demonstrations shook Hong Kong in 2019, Beijing quickly enacted a national security law for the special administrative region. It spelled the end of a free Hong Kong.</p><p id="">‍</p><p id="">Wang Yi also became director of the party's Office of the Central Foreign Affairs Commission, making him China's top-ranking diplomat.</p><p id="">‍</p><p id="">Needless to say, the top diplomat reports to Xi on foreign affairs and security matters. But for policies involving Taiwan unification and relations with the U.S., Wang Huning is also in Wang Yi's reporting line.&nbsp;</p><p id="">‍</p><p id="">This is because Wang Yi will become secretary general of the Central Leading Group for Taiwan Affairs, where Wang Huning will serve as deputy director. Wang Yi once served as the director of the Taiwan Affairs Office of the State Council, China's government.</p><p id="">‍</p><p id="">As a Politburo Standing Committee member, Wang Huning in one of China's top seven and has a much higher level of authority than Wang Yi, a Politburo member.&nbsp;</p><p id="">‍</p><p id="">Xi wants to chalk up an achievement in regard to Taiwan at any cost over the next five years, which would help his quest to seek a fourth term as head of the party in 2027.</p><p id="">‍</p><p id="">Xi wants to chalk up an achievement in regard to Taiwan at any cost over the next five years, which would help his quest to seek a fourth term as head of the party in 2027.</p><p id="">‍</p><p id="">China's policies related to Taiwan will be spearheaded by these two Wangs.</p><p id="">‍</p><p id="">Taiwan will hold an election next January to choose President Tsai Ing-wen's successor. Tsai will retire in May that year after serving two four-year terms. She cannot run for a third term.</p><p id="">‍</p><p id="">China hopes to see the independence-leaning DPP ousted from power in 2024. But as relations between China and Taiwan are extremely tense, it is difficult to decide upon the timing of working out a new Taiwan unification strategy.</p><p id="">‍</p><p id="">Xi has taken several steps to achieve his objective of reunifying Taiwan with the mainland. He has increased military spending and conducted military exercises in the Taiwan Strait to send a signal to Taiwan and the international community that China is prepared to use force to achieve reunification. He has also used economic and diplomatic pressure to isolate Taiwan and limit its international recognition.</p><p id="">‍</p><p id="">At the same time, Xi has sought to win the hearts and minds of the Taiwanese people by offering economic incentives and cultural exchanges. He has also sought to undermine support for Taiwanese independence by courting opposition parties and offering concessions on issues such as trade and investment.</p><p id="">‍</p><p id="">Overall, Xi's political strategy is focused on achieving China's "great rejuvenation" and solidifying the CCP's control over the country. The reunification of Taiwan with the mainland is a key part of this strategy, and Xi has shown a willingness to use a range of tactics to achieve this goal.</p><p id="">‍</p>

<p id="">In 2021, CISA and our partners across government and the private sector created a new kind of partnership organization — the <a href="https://www.cisa.gov/jcdc" id="">Joint Cyber Defense Collaborative</a> (JCDC). While our model is still evolving, we collectively <a href="https://www.cisa.gov/blog/2022/08/12/connecting-dots-drive-down-cyber-risk-together-superheroes-behind-nations-jcdc" id="">demonstrated</a> how persistent collaboration and frictionless engagement can yield benefits in addressing exigent risks like the Log4Shell vulnerability and potential cyber activity resulting from Russia’s full-scale invasion of Ukraine. However, collaborating around immediate risks is necessary but not sufficient. We must also look over the horizon to collaboratively plan against the most significant cyber risks that may manifest in the future. This proactive planning is foundational to JCDC, as first envisioned by the Cyberspace Solarium Commission and then codified by Congress.</p><p id="">‍</p><p id="">To advance this critical aspect of our work, CISA and our partners are proud to announce JCDC’s 2023 Planning Agenda. This Agenda is the first of its kind — a forward-looking effort that will bring together government and the private sector to develop and execute cyber defense plans that achieve specific risk reduction goals and enable more focused collaboration. We will continue to expand the breadth and depth of our partnership to maximize both the completeness and impact of these planning efforts.</p><p id="">‍</p><p id="">Through a rigorous process that included input from subject matter experts and our government and private sector partners, we have developed a Planning Agenda focused on three topic areas: systemic risk, collective cyber response, and high-risk communities.</p><p id="">‍</p><p id="">While all organizations are at risk of cyber intrusions, we know that certain elements of the ecosystem can be abused by malicious actors to achieve widespread impacts. To reduce these types of risk at scale, we will convene key partners across the following efforts:</p><p id="">‍</p><ul id=""><li id="">Understand and mitigate risks potentially posed by open source software (OSS) used in industrial control systems</li><li id="">Advance cybersecurity and reduce supply chain risk for small and medium critical infrastructure entities through collaboration with remote monitoring and management, managed service providers, and managed security service providers</li><li id="">Deepen operational collaboration and integration with the Energy Sector, in partnership with the Department of Energy</li><li id="">Identify approach to enhance security and resilience of edge devices for the water sector</li><li id="">Over the past several years, government and the private sector have significantly advanced our processes and approaches for incident response, but our plans and doctrine have not kept up. JCDC will lead an effort to update the National Cyber Incident Response Plan, in close coordination with the Federal Bureau of Investigation and other partners, which will include articulating specific roles for non-federal entities in organizing and executing national incident response activities.<br>&nbsp;</li></ul><p id="">Malicious cyber actors do not only target critical infrastructure or businesses; to the contrary, we know that high-risk communities, such as civil society organizations that support journalists, and cybersecurity researchers are routinely targeted by adversaries seeking to undermine American values and interests. JCDC will lead collaborative planning efforts with key non-government organizations, government, and industry stakeholders to develop a cyber defense plan for civil society organizations who are at high risk of being targeted by foreign state actors.</p>

<p id="">As the U.S. <a href="https://www.whitehouse.gov/briefing-room/statements-releases/2022/10/25/readout-of-cybersecurity-executive-forum-on-electric-vehicles-and-electric-vehicle-charging-infrastructure-hosted-by-the-office-of-the-national-cyber-director/" id="">looks to bolster electric vehicle (EV) adoption</a>, a new challenge is on the horizon: cybersecurity.</p><p id="">‍</p><p id="">Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting from Point A to Point B. They also offer a new path for network compromise that could put drivers, companies and infrastructure at risk.</p><p id="">‍</p><p id="">To help address this issue, the Office of the National Cyber Director (ONCD), <a href="https://www.axios.com/2022/11/01/cybersecurity-electric-vehicles-government" id="">recently hosted by National Cyber Director Chris Inglis and Principal Deputy National Cyber Director Kemba Walden&nbsp; set up the forum</a> with both government leaders and private companies to assess both current and emerging EV threats. While the discussion didn’t delve into creating cybersecurity standards for these vehicles, it highlights the growing need for EV roadmaps that help reduce cyber risk.</p><p id="">‍</p><p id="">All participants emphasized the need to accelerate construction and deployment of this critical infrastructure while ensuring that, as Americans increasingly rely on it, we are confident in its security and resilience. There was also discussion about how the Administration’s implementation of the Build America, Buy America Act could improve the supply chain security of components that all of the companies rely on.</p><p id="">‍</p><p id="">Participants agreed that the public and private sectors, including a diverse array of stakeholders in the EV ecosystem, will work together to:</p><p id="">‍</p><p id="">Assess the current state of cybersecurity standards across the EV and EVSE ecosystem and identify opportunities for harmonization;</p><p id="">‍</p><p id="">Identify key cybersecurity attributes needed for the emerging EV and EVSE ecosystem and outline a shared vision of the future state; and</p><p id="">‍</p><p id="">Assess the state of cybersecurity research and development for the EV and EVSE ecosystem and identify opportunities for further work.</p><p id="">‍</p><p id="">‍</p><h2 id="">Lighting Strikes? The State of Electric Adoption</h2><p id="">‍</p><p id="">EV sales in the United States are well ahead of expert predictions. Just five years ago, fully electric vehicles were considered niche. A great idea in theory, but lacking the functionality and reliability afforded by traditional combustion-based cars.</p><p id="">‍</p><p id="">In 2022, however, the tide is turning. According to <a href="https://insideevs.com/news/606721/ev-adoption-above-expectations/" id="">InsideEVs</a>, demand now outpaces the supply of electric vehicles across the United States. With a new set of tax credits available, this demand isn’t going anywhere but up, even as manufacturers struggle to improve the pace of production.</p><p id="">‍</p><p id="">Part of this growing interest stems from the technology itself. Battery life increases as charging times fall, and the EV market continues to diversify. While first-generation electric vehicle makers like Tesla continue to report strong sales, the offerings of more mainstream brands like Ford, Mazda and Nissan have helped spur consumer interest.</p><p id="">‍</p><p id="">The result? The United States has now passed a critical milestone in EV sales: <a href="https://www.bloomberg.com/news/articles/2022-07-09/us-electric-car-sales-reach-key-milestone?leadSource=uverify%20wall" id="">5% of new cars sold are entirely electric</a>. If the sales patterns stateside follow that of 18 other countries that have reached this mark, EVs could account for 25% of all cars sold in the country by 2025, years ahead of current forecasts.</p><p id="">‍</p><p id=""><br></p><h2 id="">Positive and Negative — Potential EV Issues</h2><p id="">‍</p><p id="">While EV adoption is good for vehicle manufacturers and can ease reliance on fossil fuels, cybersecurity remains a concern.</p><p id="">‍</p><p id="">Consider that in early 2022, 19-year-old security researcher David Colombo was able <a href="https://www.businessinsider.com/teen-security-researcher-describes-how-he-hacked-into-25-teslas-2022-1" id="">to hack into 25 Teslas around the world</a> using a third-party, open-source logging tool known as TeslaMate. According to Colombo, he was able to lock and unlock doors and windows, turn on the stereo, honk the horn and view the car’s location. While he didn’t believe it was possible to take over and drive the car remotely, the compromise nonetheless showed significant vulnerability at the point where OEM technology overlaps third-party offerings. Colombo didn’t share his data immediately; instead, he contacted TelsaMate and waited until the issue was addressed. Malicious actors, meanwhile, share no such moral code and could leverage this kind of weakness to extort EV owners.</p><p id="">‍</p><p id="">‍</p><h2 id="">Connected Vehicle Systems</h2><p id="">‍</p><p id="">EV systems such as navigation and optimal route planning rely on WiFi and cellular networks to provide real-time updates. If attackers can compromise these networks, however, they may be able to access key systems and put drivers at risk. For example, if malicious actors gain control of the vehicle’s primary operating system, they could potentially disable key safety features or lock drivers out of critical commands.</p><p id="">‍</p><p id="">‍</p><h2 id="">Charging stations</h2><p id="">‍</p><p id="">Along with providing power to electric vehicles, charging stations may also record information about vehicle charge rates, identification numbers and information tied to drivers’ EV application profiles. As a result, vulnerable charging stations offer a potential path to exfiltrated data that could compromise driver accounts.</p><p id="">‍</p><p id="">‍</p><h2 id="">Local power grids</h2><p id="">‍</p><p id="">With public charging stations using local power grids to deliver fast charging when drivers aren’t at home, attackers could take aim at lateral moves to infect car systems with advanced persistent threats (APTs) that lie in wait until cars are plugged in. Then, malicious code could travel back along power grid connections to compromise local utility providers.</p><p id="">‍</p><p id="">‍</p><h2 id="">Powering Up Protection</h2><p id="">‍</p><p id="">With mainstream EV adoption looming, it’s a matter of when, not if, a major cyberattack occurs. Efforts such as the ONCD forum are a great starting point for discussion about EV security standards. However, well-meaning efforts are no replacement for effective cybersecurity operations.</p><p id="">‍</p><p id="">In practice, potential protections could take several forms.</p><p id="">‍</p><p id="">First is the use of automated security solutions to manage user logins and access. By reducing the number of touchpoints for users, it’s possible to limit the overall attack surfaces that EV ecosystems create.</p><p id="">‍</p><p id="">Next is the use of security by design. As noted by a recent Forbes piece, new vehicles are effectively “20 computers on wheels,” many of which are embedded in hardware systems. The result is the perfect setup for firmware failures if OEMs don’t take the time to make basic security protocols — such as usernames and passwords that aren’t simply “admin” and “password”, and the use of encrypted data — part of each EV computer.</p><p id="">‍</p><p id="">Finally, there’s a need for transparency across all aspects of EV supply, design, development and construction. Given the sheer number of components in electric vehicles which represent a potential failure point, end-to-end visibility is critical for OEMs to ensure that top-level security measures are supported by all EV hardware and software components.</p><p id="">‍</p>

<p id="">Recently the feds suffered a big hack, not once, but twice.</p><p id="">‍</p><p id="">First, the FBI-run InfraGard program suffered a breach. InfraGard aims to strengthen partnerships with the private sector to share information about cyber and physical threats. That organization experienced a major breach in early December, according to a <a href="https://krebsonsecurity.com/2022/12/fbis-vetted-info-sharing-network-infragard-hacked/?v=1" id="">KrebsOnSecurity report</a>.</p><p id="">‍</p><p id="">Allegedly, the InfraGard database — containing contact information of over 80,000 members — appeared up for sale on a cyber crime forum. Also, the hackers have reportedly been communicating with InfraGard members through the program’s portal. The intruders created a new account under the guise of a financial industry CEO previously vetted by the FBI.</p><p id="">‍</p><p id="">If that wasn’t bad enough, a week later, the Russian hacker group known as <a href="https://www.hackread.com/russian-killnet-hackers-fbi-agents/?web_view=true" id="">Killnet</a> claimed responsibility for breaching the FBI’s database and stealing the personal information of over 10,000 U.S. federal agents.</p><p id="">‍</p><p id="">According to the FBI, InfraGard “provides education, networking and information-sharing on security threats and risks” to these critical infrastructure owners and operators. In response to reports about a potential false account on the InfraGard Portal, the FBI stated that the situation is ongoing but cannot provide further information at this time.</p><p id="">‍</p><p id="">KrebsOnSecurity was actually able to contact the seller of the InfraGard database, who goes by the handle “USDoD.” The hacker is also a member of an infamous cyber crime forum called “Breached.” The actor’s avatar is the seal of the U.S. Department of Defense.The threat group USDoD revealed that they gained access to the FBI’s InfraGard system by submitting a new account application using the personal information of a CEO at a company that was likely to be granted membership. Apparently, the FBI never contacted the CEO, currently the head of a major U.S. financial corporation, about an InfraGard application. The CEO’s company has a significant influence on the creditworthiness of many Americans.</p><p id="">‍</p><p id="">USDoD submitted the application in November using the CEO’s name and phone number but with a fake email address. Attackers bypassed the multi-factor authentication required by InfraGard by using the fake email account.</p><p id="">‍</p><p id="">The InfraGard website has an API built into several key components allowing members to communicate with each other. This made the user data easily accessible through the API. After the FBI approved their imposter InfraGard membership, USDoD commissioned a friend to write a Python script to retrieve all available user data from the API.</p>

<p id="">Nine months into government, Mr Husic is also yet to nominate a director for the quantum computing company that the Commonwealth has a $25 million equity stake in.<br></p><p id=""><br></p><p id="">Industry and Science minister Ed Husic has left dozens of government-appointed science and technology leadership positions vacant, including half the government’s innovation advisory board and three spots on the CSIRO board.</p><p id=""><br></p><p id="">Many of the positions were emptied by the Coalition government while it cycled several ministers through the Industry and Science portfolios.</p><p id=""><br></p><p id="">Documents tabled to the Senate this week show Mr Husic has not leapt at the chance to fill the roles. He reported increased vacancies for government appointed board roles at the CSIRO and Industry, Innovation and Science Australia (IISA), while the government’s board spot at Silicon Quantum Computing (SQC) is still empty.</p><p id=""><br></p><p id="">However the Minister insists processes are “well advanced” to fill the key innovation positions</p><p id=""><br></p><p id="">The IISA was established in 2016 as part of the National Innovation and Science Agenda to advise the government on innovation, science, and research matters.</p><p id=""><br></p><p id="">In recent times the attention has been advising on the previous government’s $1.5 billion Modern Manufacturing strategy and on the Albanese government’s $15 billion National Reconstruction Fund.</p><p id=""><br></p><p id="">The IISA board can have a maximum of 15 members, including the Chair, Deputy Chair and an ex-officio member, and requires only four for a quorum.</p><p id=""><br></p><p id="">It currently has seven board members, including long-time chair Andrew Stevens and Australia’s chief scientist Dr Cathy Foley, leaving eight spots for Mr Husic to fill.</p><p id=""><br></p><p id="">There are another seven vacancies on the IISA subcommittee and two empty spots on the government’s National Science and Technology Council.</p><p id=""><br></p><p id="">There are two each at the Australian Nuclear Science and Technology Organisation and Space Agency advisory board, while the Questacon science centre’s advisory council is missing a Chair, Deputy and three more members.</p><p id=""><br></p><p id="">For the Past two years organisations such as Telstra and the Commonwealth Bank have maintained representatives on the SQC board, and yet the government’s spot has been vacant since 2021.</p><p id="">‍</p>

<p id="">After a brief period of consultation late last year, the FCC has voted unanimously to launch proceedings to change the way customer data breaches are reported in the United States.</p><p id="">‍</p><p id="">Chief among the proposed changes is removing the mandatory seven-day waiting period before telcos are required to contact their customers.&nbsp;</p><p id="">‍</p><p id="">“The law requires carriers to protect sensitive consumer information but, given the increase in frequency, sophistication, and scale of data leaks, we must update our rules to protect consumers and strengthen reporting requirements,” said Jessica Rosenworcel, Federal Communications Commission (FCC) chairwoman, in an announcement.&nbsp;</p><p id="">‍</p><p id="">The FCC is proposing to make a raft of other changes to the reporting of what it calls customer proprietary network information, or CPNI. The <a href="https://www.fcc.gov/document/fcc-proposes-updated-data-breach-reporting-requirements" id="">Notice of Proposed Rulemaking</a> is looking at seven areas of reporting it wishes to update, including what exactly defines a breach, how customers are notified, and to whom breaches are reported to.</p><p id="">‍</p><p id="">Previously, the FCC only considered breaches that revolve around purposeful, unauthorised access to data. The new proposal now seeks to include “inadvertent access, use, or disclosures of customer information”.</p><p id="">‍</p><p id="">“We anticipate that requiring notification for accidental breaches will encourage telecommunications carriers to adopt stronger data security practices and will help us identify and confront systemic network vulnerabilities,” The Notice adds.</p><p id="">‍</p><p id="">The proposal also looks to define breaches by the harm they may cause to victims and what impact more specific reporting might have for consumers. The FCC also proposes making reporting to the FBI and US Secret Service a part of mandatory reporting.&nbsp;</p><p id="">‍</p><p id="">“This new proceeding will take a much-needed, fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches,” Rosenworcel said.</p><p id="">‍</p>

<p id="">Healthcare IT systems have adopted Cloud infrastructure as an essential part of daily workloads that continue integrating, internal and external regulatory and external third party&nbsp; supply chains management network supply worldwide.</p><p id="">‍</p><p id="">According to the latest <a href="https://www.netwrix.com/2022_cloud_data_security_report.html" id="">Cloud Security Report 2022</a>,&nbsp; by cybersecurity vendor Netwrix, healthcare cloud adoption has steadily increased with the current drive toward digital transformation. Following this increase, 73 percent of healthcare organizations who use cloud infrastructure store sensitive data there, which puts the infrastructure at risk for attacks.</p><p id="">‍</p><p id="">"The healthcare sector is a lucrative target for attackers because the chances of success are higher. The first two years of the pandemic exhausted the industry. With patient health being the main priority for these organizations, IT security resources are often too stretched and are focused on maintaining only the most necessary functions," comments Dirk Schrader, VP of Security Research at Netwrix</p><p id="">‍</p><p id="">Recently, the Cloud Security Alliance (CSA) <a href="https://cloudsecurityalliance.org/press-releases/2021/09/16/cloud-security-alliance-releases-new-guidance-for-healthcare-delivery-organizations-that-provides-measurable-approach-to-detecting-and-defending-against-ransomware-attacks/" id="">released guidance warning healthcare</a> organizations about the growing threat of ransomware in the healthcare cloud.</p><p id="">‍</p><p id="">Moving towards 2023 Healthcare systems growing reliance on cloud systems, will place greater emphasis on IT teams, to review and segment&nbsp; the level of automation controls. To avoid widespread Ransomware attacks, "Network segmentation will help prevent one compromised device from impacting the entire system", said Schrader.</p><p id="">‍</p><p id="">‍</p>

<p id="">Black Friday scams and Cyber Monday schemes are designed to trick unsuspecting Australians out of their money and/or financial information. Specifically, fraudsters will target consumers by attempting to steal their credit card numbers (and use them for a carding scam), bank account numbers,&nbsp; and much more.</p><p id="">‍</p><p id="">The news was substantiated by the latest report released in November by Imperva. Which outlines that In Australian retail, overall cyberattacks have almost tripled (285%) in the first half of this year&nbsp; compared to the corresponding period in 2021.&nbsp;</p><p id="">‍</p><p id="">Notable growth has come from automated threats, which makes up 69% of all security incidents in the past 12 months. Tony Mascarenhas, Area Vice President for ANZ. Says&nbsp; “The holiday shopping season is a critical period for the retail industry, and security incidents could disrupt business operations, damage consumer trust and undermine retailers’ bottom line."&nbsp;</p><p id="">‍</p><p id="">Phishing is one of the oldest tricks in the book, but modern day phishing attacks have become more sophisticated. In the fake order scam, con artists will send cryptic text messages or unsolicited emails to notify you of a "problem" with your online order. The scammer's objective is to acquire as much information from the victim gathering phone numbers, social media accounts and email addresses for one common purpose — to commit fraud.</p><p id="">‍</p><p id="">"Events in recent weeks have highlighted that cybercriminals are targeting the personal data of Australians and the companies that hold that information" says, Tony</p><p id="">‍</p><p id="">With a surge in the past 12 months, nearly 40% of traffic on retailers’ websites didn’t come from a human. Instead, it came from a bot, software applications controlled by operators that run automated tasks, is demonstrating that retailers and online customers must maintain cyber awareness.</p><p id="">‍</p><p id="">The Imperva report&nbsp; outlines the traffic on retailers’ websites, nearly one-quarter (23.7%) was attributed specifically to bad bots.</p><p id="">‍</p><p id="">In light of the risky environment The Imperva Regional boss Mr Mascarenhas highlights "The need for a unified approach, is one that focuses on the protection of data and is equipped to mitigate attacks quickly without disrupting shoppers.”</p><p id="">‍</p><p id="">It is almost certain that further&nbsp; online incidents from online shoppers will be in the news without appropriate digital precautions implemented.</p><p id="">‍</p>

<p id="">Unlike past years, cybercriminals didn’t take a break over the winter holidays.</p><p id="">‍</p><p id="">The number of victims posted on ransomware extortion sites rose more than 20% in December to 241 organizations — the highest monthly count since April, according to data collected by Recorded Future.</p><p id="">‍</p><p id="">By comparison, the number of victims posted on these sites in December 2021 was about 30% lower than the previous month. Cybersecurity experts have long said that hackers — like anyone else — often go on vacation towards the end of the year.</p><p id="">‍</p><p id="">“December was weird this year,” said Allan Liska, a Recorded Future ransomware expert who is involved in collecting data on these attacks from extortion sites, government agencies, news reports, hacking forums, and other sources. “We normally see a slowdown at the beginning of December but it picks up in the last couple of weeks as ransomware groups know everyone is heading out of town.”</p><p id="">‍</p><p id="">What was different this year was that there was no slowdown at the beginning of the month — “the entire month of December was busy,” Liska said.</p><p id="">‍</p><p id="">Although it’s unclear why hackers went full steam the entire month, one explanation is increased competition.</p><p id="">‍</p><p id="">“There are just a lot more active groups right now than there have been all year,” Liska said. “Lots of groups vying for victims and trying to cash in as soon as possible.”</p><p id="">‍</p><p id="">While the number of overall victims was up month-to-month, particularly vulnerable sectors seemed to have been spared: In December, there were fewer attacks on healthcare providers, state and local governments, and school districts than the previous month.</p><p id="">‍</p>

<p id="">Growing fears of&nbsp; “the growing national security threat” posed by Chinese-owned social media platform TikTok have finally prompted action. On Tuesday the 29th of November, South Dakota’s governor signed an executive order banning the use of the app on the devices of all state agencies, employees and contractors.</p><p id="">‍</p><p id="">“South Dakota will have no part in the intelligence gathering operations of nations who hate us,” Gov. Kristi Noem said in a press release. “The Chinese Communist Party uses information that it gathers on TikTok to manipulate the American people, and they gather data off the devices that access the platform.”</p><p id="">‍</p><p id="">The prohibition shows just how serious a threat some government bodies believe TikTok to be towards Cyber Security; however, the question remains as to how this will affect America's&nbsp; relationship with China.</p><p id="">‍</p>

<p id="">Leading pathology services provider Australian Clinical Labs has admitted sensitive customer information including medical records and credit card numbers were stolen in a cyberattack and shared on the dark web.</p><p id="">‍<br>The company revealed the breach in a lengthy ASX announcement on Thursday, saying the sensitive information of about 223,000 people has been affected.</p><p id="">‍<br>ACL said its breach, which impacts its subsidiary Medlab, largely affects staff and patients in Queensland and NSW.</p><p id="">‍<br>It said the most concerning data stolen includes:</p><p id="">‍</p><ul id=""><li id="">17,539 individual medical and health records associated with a pathology test.</li><li id="">28,286 credit card numbers and people’s names. Of these records, 15,724 have expired and 3375 have a CVV code attached.</li><li id="">128,608 Medicare numbers (not copies of cards) and people’s names.<br> </li></ul><p id="">The Australian Cyber Security Centre in June told ACL the personal information had been posted to the dark web. ACL took steps to permanently remove it.</p><p id="">‍<br>The company said it would begin contacting people impacted by the breach on Thursday and told Medlab customers to monitor their email and postal mail in coming weeks.</p>

<p id="">"Australia’s joint military police unit is investigating an allegation that a serving member of Australia’s special forces unlawfully accessed the data of the intelligence official and posted personal and sensitive data in an online location accessible to the public.</p><p id="">‍</p><p id="">It is also alleged offensive cybertools of a sophistication deployed by states were used to hack the private accounts of the Australian citizen, including remotely accessing a private computer.</p><p id="">‍</p><p id="">Defence sources have confirmed the investigation into an alleged breach of the ADF’s Personnel Management Key Solution, known as PMKeyS, and into the use of offensive cybertools.puter.</p><p id="">‍</p><p id="">The investigation was referred to the ADF’s joint military police unit and the Australian federal police. </p><p id="">‍</p><p id="">A complaint has also been registered with the Australian Cyber Security Centre, and the offices of the attorney general and home affairs minister have been made aware of the alleged breach</p><p id="">‍</p><p id="">PMKeyS is the authoritative management record for all defence personnel and holds personal and family data, contact details, health information and employment history details. Unlawful access of PMKeyS is a criminal offence.</p><p id="">‍</p><p id="">Defence says any PMKeyS users must “not disclose an individual’s personal information to any outside party”.</p><p id="">‍</p><p id="">“All access to these data must be maintained strictly on a ‘need to know’ basis.”</p><p id="">‍</p><p id="">The personal and sensitive service details of the Australian citizen – who now works for a military intelligence organisation for an allied foreign government – were allegedly stolen from PMKeyS in April and posted publicly online. As a consequence, streaming from this investigation the foreign government has been informed of the alleged breach.</p><p id="">‍</p><p id="">The defence spokesperson said access to PMKeyS “reflects contemporary cyber security advice and this is subject to twice yearly reviews through external audits”.</p><p id="">‍</p><p id="">In October 2022 , the department wrote to ADF members over fears the personal data of personnel may have been compromised in a ransomware attack on a communications platform.</p><p id="">‍</p><p id="">Hackers targeted the ForceNet service, run by an external IT provider, with defence force chiefs emailing staff: “We are taking this matter very seriously and working with the provider to determine the extent of the attack and if the data of current and former APS [Australian public service] staff and ADF personnel has been impacted.”</p><p id="">‍</p><p id="">In 2020, the defence force’s recruiting database was taken offline for 10 days and quarantined from other military networks after it was hacked.</p><p id="">‍</p><p id="">O’Neil’s office and the AFP declined to comment on the defence investigation."</p><p id="">‍</p>

<p id="">As lawmakers work on legislation to curb the recent surge in cyberattacks targeting Australian organizations, the Office of the Australian Information Commissioner (OAIC) last week released its notifiable data breaches report for January to June 2022. The report showed a 14% decrease in reported incidents overall, but saw a noted upswing towards the end of the period.&nbsp;</p><p id="">‍</p><p id="">Breaches recorded from the notifiable breach (NDB)scheme is the healthcare sector . Throughout the January to June period, the &nbsp;industry has again reported the most data breaches to the privacy regulator in the first half of 2022, continuing a trend since Australia's reporting scheme began in 2018.</p><p id="">‍</p><p id="">‍</p><h2 id="">Kinds of personal information involved in breaches</h2><p id="">‍</p><p id="">Contact information, identity information and financial details continue to be the most common types of personal information involved in data breaches.</p><p id=""><br></p><p id="">Most breaches (84%) involved contact information, such as an individual’s name, home address, phone number or email address.</p><p id=""><br></p><p id="">This is distinct from identity information, which was exposed in 55% of breaches and includes an individual’s date of birth, passport details and driver licence details. Financial details, such as bank account and credit card numbers, were involved in 37% of breaches.<br></p><p id=""><br></p><p id="">Technology Decisions <a href="https://www.technologydecisions.com.au/content/security/news/oaic-data-breach-report-shows-key-privacy-risks-454326426" id="">notes</a> that there was also an increase in larger-scale breaches and incidents impacting multiple entities. Overall, 41% of breaches resulted from cybersecurity incidents, and the top sources of these incidents were ransomware, phishing scams, and compromised or stolen credentials.&nbsp;</p><p id="">‍</p><p id="">Australian Information Commissioner and Privacy Commissioner Angelene Falk stated, “Recent data breaches have brought attention to the importance of organisations securing the personal information they are entrusted with and the high level of community concern about the protection of their information and whether it needs to be collected and retained in the first place.” She advised organizations to establish a breach response plan, and urged them to collect data that is completely necessary, deleting data when it is no longer needed. </p><p id="">‍</p><p id="">It’s worth noting that Australia’s Privacy Act 1988 requires entities conduct a data breach assessment and notify the OAIC within thirty days of learning of a suspected breach. In the reporting period, 71% of entities notified the OAIC within 30 days of becoming aware of an incident, down from 75% in the previous period. “As the risk of serious harm to individuals often increases with time, organisations that suspect they have experienced an eligible data breach should treat 30 days as a maximum time limit for an assessment and aim to complete the assessment and notify individuals in a much shorter timeframe,” Falk stated.&nbsp;</p><p id="">‍</p>

<p id="">Memphis, TN – A federal grand jury has indicted five former Methodist Hospital Employees for conspiring with Roderick Harvey, 40, to unlawfully disclose patient information in violation of the Health Insurance Portability and Accountability Act of 1996, commonly known as “<a href="https://www.justice.gov/usao-wdtn/pr/five-former-methodist-hospital-employees-charged-hipaa-violations" id="">HIPAA</a>.” </p><p id="">‍</p><p id="">United States&nbsp;Attorney Kevin G. Ritz announced the indictment on November 10th 2022.</p><p id="">‍</p><p id="">Once he received the information, the indictment explained, Harvey sold it to third parties such as personal injury attorneys and chiropractors.</p><p id="">‍</p><p id="">The press release outlined that&nbsp; HIPAA was enacted by Congress in 1996, with the purpose to make it a crime to disclose patient information, or to obtain patient information with the intent to sell, or use it for perianal gain.</p><p id="">‍</p><p id="">The Attorney Carroll L. André III, who is prosecuting the case, has been assisted by the Federal Bureau of Investigations.</p><p id="">‍</p>

<p id="">In the aftermath of 9.7 million customer files compromised by Criminals,&nbsp; The Australian Federal Police claims to have tracked the cybercriminals behind the Medibank ransomware attack.&nbsp;</p><p id="">‍</p><p id="">The Australian Federal Police has revealed that those responsible for the data breach of Australian private health insurer Medibank are in Russia.</p><p id="">‍</p><p id="">On 13 October, Medibank paused trading in the Australian Securities Exchange and announced there had been a “cyber incident”. At the time the company believed no data had been accessed and that the main issue was at its ahm and international student policy management units.</p><p id="">‍</p><p id="">AFP Commissioner Reece Kershaw said on Friday that the agency knows the identity of the individuals responsible for the attack on Australia’s largest private health insurer. He declined to name the individuals but said the AFP believes that those responsible for the breach are in Russia, though some affiliates may be in other countries.</p><p id="">‍</p><p id="">In a tweet, Australian Prime Minister Anthony Albanese, whose own Medibank data was stolen, said the AFP knows where the hackers are and are working to bring them to justice.</p><p id="">‍</p><p id="">“Our intelligence points to a group of loosely affiliated cyber criminals, who are likely responsible for past significant breaches in countries across the world,” AFP Commissioner Reece Kershaw <a href="https://www.afp.gov.au/news-media/media-releases/statement-afp-commissioner-reece-kershaw-medibank-private-data-breach" id="">said in a press conference</a>.</p><p id="">‍</p><p id="">The hackers behind the Medibank breach have previously been linked to the high-profile Russian cybercrime gang REvil, also known as Sodinokibi. REvil’s once-defunct dark web leak site now redirects traffic to a new site that hosts the stolen Medibank data, and the hackers behind the breach have also been observed using a variant of REvil’s file-encrypting malware.</p><p id="">‍</p><p id="">Medibank listed the annual general meeting on 16th of November along with the board Dr Tracey Batten and the Chief executive officer David Koczkar&nbsp; provided continuous reassurance that the company's focus was to <a href="https://www.medibank.com.au/livebetter/newsroom/post/medibank-annual-general-meeting-2022" id="">protect data privacy of all their members.</a></p><p id="">‍</p><p id="">“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program. This includes mental health and wellbeing support, identity protection and financial hardship measures,” Medibank CEO David Koczkar said.</p><p id="">‍</p><p id="">Shortly after the AFP announcement, the Australian federal government announced a joint operation between the AFP and the Australian Signals Directorate&nbsp; "to investigate, target and disrupt cyber criminal syndicates with a priority on ransomware threat groups".</p><p id="">‍</p><p id="">Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk. AFP Commissioner Reece Kershaw said in a closing statement on Friday 11th November 2022.</p>

<p id="">New Twitter owner Elon Musk tweeted Monday encouraging “independent-minded voters” to vote Republican, marking a major departure for leaders of social media companies, who typically steer clear of partisan political advocacy.</p><p id="">‍</p><p id="">“Shared power curbs the worst excesses of both parties, therefore I recommend voting for a Republican Congress, given that the Presidency is Democratic,” he tweeted.</p>

<p id="">Japan’s Ministry of Defence (JMOD) announced on Friday the 4th of November that it has formally joined NATO’s Cooperative Cyber Defense Centre of Excellence (CCDCOE).</p><p id="">‍</p><p id="">Japan is also<a href="https://asia.nikkei.com/Business/Electronics/Japan-to-spend-2.4bn-on-joint-chip-research-hub-with-U.S?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_03)" target="_blank" id=""> reportedly </a>cozying up to the US for a next-generation semiconductor research collaboration, and bringing $2.4 billion with it. The two countries will seek to develop 2-nanometer manufacturing processes.</p><p id="">‍</p><p id="">Participating companies in each country are not yet announced.</p>

<p id="">WASHINGTON — At the Aspen Security Forum this summer, a top Biden administration official said there are “any number of theories for what we saw and what, frankly, we didn’t see” regarding Russian employment of cyberattacks tied to its war against Ukraine.</p><p id="">‍</p><p id="">“Some argue for the deterrence the U.S. has put in place,” Anne Neuberger, the deputy national security adviser for cyber and emerging technology, said at the time, pointing to President Joe Biden’s meeting with Russian President Vladimir Putin following the Colonial Pipeline ransomware attack. “Some argue that it was the result of the extensive cybersecurity preparations Ukraine did, supported by allies and partners.”</p><p id="">‍</p><p id="">“And,” she added, “some argue that we don’t quite know.”</p><p id="">‍</p><p id="">Three months later, in late October, Gen. Paul Nakasone, the chief of both the National Security Agency and U.S. Cyber Command, proffered his own opinion, in harmony with Neuberger’s second point: Among the many moving parts and influences, overseas preparations made by the U.S. military helped blunt Russia’s effectiveness in the digital domain.</p><p id="">‍</p><p id="">“First lesson learned? Presence matters. We learned that again,” Nakasone said Oct. 12 at a Council on Foreign Relations event. “While I would certainly not say that’s the key reason, I think it’s a contributing factor.”</p>

<p id="">Ukrainian hacktivists claim to have breached the Central Bank of Russia, stealing thousands of internal documents.</p><p id="">‍</p><p id="">A 2.6 GB<a href="https://anonfiles.com/t6Pe5eF8y4/CEntrBank1_rar" target="_blank" id=""> folder </a>released publicly on Thursday contains 27,000 allegedly stolen files detailing the bank’s operations, its security policies, and the personal data of some of its current and former employees.</p><p id="">‍</p><p id="">The departure from Russia of global technology and cybersecurity companies like Cisco, IBM, Oracle, Imperva, Fortinet, Norton, and Avast has also made Russian businesses more vulnerable to cyberattacks.</p><p id="">‍</p><p id="">‍<a href="https://www.vedomosti.ru/finance/articles/2022/03/17/914066-bankah-spros-kiberatak" target="_blank" id="">According</a> to Russian media, demand in the Russian banking sector for services that help defend against cyberattacks and data leaks has increased sharply since the start of the war.</p><p id="">‍</p><p id="">The budget bill detailing the earmarked collaboration money also includes $3 billion for chip production and $2.5 billion for chip materials.</p>

<p id="">The Atacama Large Millimeter Array (ALMA) astronomical observatory in Chile became an unlikely target for a cyberattack this week when unknown assailants knocked its systems offline.</p><p id="">‍</p><p id="">It's maintained in international partnership between Canada, Chile, the EU, Japan, South Korea, Taiwan, and the United States, and,<a href="https://www.eso.org/public/news/eso1312/?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_03)" target="_blank" id=""> built at the cost of $1.4 billion</a>, is the most expensive terrestrial-based telescope in existence.</p><p id="">‍</p><p id="">The attack, which happened last weekend, has forced "the suspension of astronomical observations and the public website," the observatory said in <a href="https://almascience.nrao.edu/news/alma-services-affected-by-cyberattack?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_03)" target="_blank" id="">a statement </a>on Wednesday.</p>

<p id="">Jeppesen, a wholly-owned Boeing subsidiary that provides navigation and flight planning tools, confirmed on the Thursday 3rd of November that it is dealing with a cybersecurity incident that has caused some flight disruptions.</p><p id="">‍</p><p id="">A spokesperson for Boeing told The Record that the issue was a cybersecurity incident, and the company is still working to restore services.</p><p id="">‍</p><p id="">“Our subsidiary, Jeppesen, experienced a cyber incident affecting certain flight planning products and services. </p><p id="">‍</p><p id="">There has been some flight planning disruption, but at this time we have no reason to believe that this incident poses a threat to aircraft or flight safety,” the spokesperson said.</p><p id="">‍</p><p id="">In recent months, the Transportation Security Administration (TSA) has <a href="https://therecord.media/experts-push-back-on-tsas-24-hour-cybersecurity-incident-reporting-rule-for-aviation-industry/?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_03)" target="_blank" id="">sought to mandate</a> that all cybersecurity incidents experienced by aviation firms are reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours.</p>

<p id="">Hackers have targeted the ForceNet service, which is run by an external information and communications technology (ICT) provider, with the company initially telling Defence no data of current or former personnel appeared to have been compromised.</p><p id="">‍</p><p id="">Defence confirmed on Monday that a dataset from ForceNet, a communications platform, may have been compromised after an attack on an external ICT service provider.</p><p id="">‍</p><p id="">The dataset was from 2018, and, according to the minister for veterans’ affairs and defence personnel, Matt Keogh, it contained 30,000 to 40,000 records.</p><p id="">‍</p><p id="">Minister for veterans’ affairs and defence personnel Matt Keogh, said defence was confident no personal data had been accessed in the cyber-attack.</p><p id="">‍</p><p id="">According to its website, ForceNet “facilitates auditable communication and information sharing, one to one and one to many, including targeted communications and support in emergency situations and to specific persons”.</p><p id="">‍</p><p id="">It can be used by defence members, sponsored family members and other approved users, and was developed for defence and approved by defence’s chief information officer group.</p><p id="">‍</p><p id="">However, a source with knowledge of the investigation said Defence believed some private details such as dates of birth and dates of enlisting may have been stolen, despite early indications to the contrary from the external provider.</p><p id="">‍</p><p id="">The issue regarding cyber incidents and IT security protocols in disarray in the ADF continues to compound a month later in November 2022,&nbsp; It was uncovered, An Australian serving within a military intelligence organisation of a Five Eyes ally has allegedly had his personal data stolen from within the Australian Defence Force’s secure personnel system and posted online.</p><p id="">‍</p><p id="">Australia’s joint military police unit is investigating an allegation that a serving member of Australia’s special forces unlawfully accessed the data of the intelligence official and posted personal and sensitive data in an online location accessible to the public.</p><p id="">‍</p><p id="">It is also alleged offensive cybertools of a sophistication deployed by states were used to hack the private accounts of the Australian citizen, including remotely accessing a private computer.</p><p id="">‍</p><p id="">In a message to all staff, the defence secretary and defence chief said the matter was being taken "very seriously".</p><p id="">‍</p>

<p id="">Elon Musk is tightening Twitter’s policies in an attempt to prevent people who impersonate others, and has even gone as far as to ban celebrities who have posed as him such as&nbsp; Sarah Slverman and Kathy Griffin.</p><p id=""><a href="https://zirilio.us11.list-manage.com/track/click?u=057035d0dd7b3e81638813a96&id=bc3e87cf2f&e=d8acc9e43d" target="_blank">‍</a></p><p id="">Several other celebrities have been banned for impersonating others, whether malicious or otherwise, with Mr. Musk stating there will be “no warning” before a ban is applied.</p><p id=""><a href="https://zirilio.us11.list-manage.com/track/click?u=057035d0dd7b3e81638813a96&id=bc3e87cf2f&e=d8acc9e43d" target="_blank" id="">‍</a></p><p id="">The Twitter CEO claims this is part of his commitment for free-speech and that suspending accounts will help his new platform become “the most accurate source of information about the world”</p>

<p id="">Twitter has been hit by a coordinated trolling campaign in the wake of Elon Musk’s takeover, with more than 50,000 tweets from 300 accounts bombarding the platform with hateful content.</p><p id="">‍</p><p id="">The social media platform said it has been targeted with an attempt to make users think Twitter has dropped or weakened its content policies after the world’s richest man <a href="https://www.theguardian.com/technology/2022/oct/28/elon-musk-twitter-hate-speech-concerns-stock-exchange-deal" target="_blank" id="">bought the company for $44bn (£38bn) last week</a>.</p><p id="">‍</p><p id="">Roth said most of those accounts were “inauthentic” and the users involved had been banned.</p><p id="">‍</p><p id="">“We’ve taken action to ban the users involved in this trolling campaign – and are going to continue working to address this in the days to come to make Twitter safe and welcoming for everyone,” he wrote.</p><p id="">‍</p>

<p id="">Thomson Reuters said it has notified a “small subset of customers” of a misconfigured server after researchers discovered 3 TB of data in an exposed cloud database.</p><p id="">‍<br><br>Thomson Reuters confirmed that it was alerted to the misconfigured servers by Cybernews, a cybersecurity research organization, which found they had been left accessible since October 21.</p><p id="">‍<br><br>The company published a report saying their researchers found three databases accessible to anyone, one of which had “a trove of sensitive, up-to-date information from across the company’s platforms.”</p><p id="">‍<br><br>Cybernews said evidence from the server showed that the open instance “was used as a logging server to collect vast amounts of data gathered through user-client interaction,” with some data samples logged as recently as October 26. </p><p id="">‍<br><br>“In other words, the company collected and exposed thousands of gigabytes of data that Cybernews researchers believe would be worth millions of dollars on underground criminal forums because of the potential access it could give to other systems,” the researchers said. Among the cache were “credentials to third-party servers.”</p><p id="">‍<br><br>The Thomson Reuters spokesperson said an investigation was launched as soon as Cybernews notified them of the issue.</p><p id="">‍</p>

<p id="">Musk <a href="https://mobile.twitter.com/elonmusk/status/1585619322239561728" target="_blank" id="">attempted to reassure</a> advertisers yesterday that "Twitter obviously cannot become a free-for-all hellscape, where anything can be said with no consequences," the acquisition raises practical questions about what the social network's nearly 240 million active users <a href="https://www.wired.com/story/elon-musk-twitter-deal-chaos/" target="_blank" id="">can expect from the platform</a> in the future.</p><p id="">‍</p><p id="">Chief among these concerns are questions about how Twitter's stances on user security and privacy may change in the Musk era. A number of top Twitter executives were fired last night, including CEO Parag Agrawal, the company's general counsel Sean Edgett, and Vijaya Gadde, the company's head of legal policy, trust, and safety who was known for working to protect user data from law enforcement requests and court orders.</p><p>‍</p><p id="">As a result, a lack of security investment in the Musk era could pose a real danger to users over time. And <a href="https://www.wired.com/story/inside-twitter-hack-election-plan/" target="_blank" id="">Twitter has been plagued</a> by both criminal and state-backed attacks over the years.</p>

<p id="">Ukraine and its NATO allies are girding for potential Russian government-backed hacks of electric grids and other critical infrastructure as winter closes in.</p><p id="">‍</p><p id="">It’s a threat that government officials and cybersecurity experts alike are growing increasingly worried about as the Russian ground invasion grinds on and Russian President VLADIMIR PUTIN grows more desperate to gain and hold territory.</p><p id="">‍</p><p id="">Russia has a long history of going after Ukraine’s critical infrastructure in the winter months <a href="https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/" target="_blank">(even temporarily turning off the lights for millions in Ukraine in attacks in 2015 and 2016).</a></p><p id="">‍</p><p id=""><a href="https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/" target="_blank" id="">‍</a>Ukrainian officials have stressed in recent months that they are expecting a ramp-up in attacks from Russia as the war continues, including a focus on attacking the Ukrainian energy and financial sectors during the winter through kinetic and cyber means.</p>

<p id="">Following the <a href="https://www.abc.net.au/news/2022-09-30/optus-data-breach-raises-questions-about-identity-protection/101487440" id="">Optus breach</a>, both the government and digital rights advocates pointed to the inadequacy of current penalties in Australia for privacy breaches.</p><p id=""><br></p><p id="">The maximum fine for serious or repeated breaches of privacy is just $2.2 million.</p><p id="">‍</p><p id="">Under the proposed bill, penalties would skyrocket to:</p><p id="">‍</p><ul id=""><li id=""><strong id="">$50 million, or;</strong></li><li id=""><strong id="">Three times the value of any benefit obtained through the misuse of the information, or;</strong></li><li id=""><strong id="">30 per cent of a company's domestic turnover in the relevant period if the court can't quantify that value</strong></li></ul><p id=""><br></p><p id="">The bill would also extend the reach of Australian privacy law so that it better covers overseas businesses that may interact with local data.</p><p id=""><br></p><p id="">It proposes that a company that “carries on a business” in Australia, but doesn't collect or hold Australians’ information from a direct source in the country, must still comply with local rules.</p><p id="">‍</p><p id="">Privacy critics are encouraged by the proposed changes, but say privacy reform must go much further to protect Australians and change corporate attitudes about data collection and management.</p><p id="">‍</p><p id="">The increased penalties are likely to have some deterrent effect, according to Katharine Kemp, a data privacy expert at UNSW's Faculty of Law &amp; Justice, but she says the Privacy Act must also be amended to make it clearer when companies must dispose of customer data, among other changes.</p><p id="">‍</p><p id="">She also questioned the Office of the Australian Information Commissioner's (OAIC) ability to fully apply the harsher penalties or its new investigative powers at its current level of funding and staffing.</p><p id="">‍</p><p id="">"In the absence of changes to the privacy principles themselves, and a properly resourced privacy regulator, you may be getting a bigger stick with no-one to swing it and not a great deal to swing it at," Dr Kemp said, referring to the 13 standards that govern the treatment of personal information under the Privacy Act.</p><p id="">‍</p><p id="">"Things may be waiting in a queue for a long time until that power is used."</p><p id="">‍</p><p id="">A highly anticipated review of Australian privacy law by the attorney-general is in its final stages, ahead of reforms flagged for 2023.</p><p id="">‍</p><p id="">Privacy advocates hope the upcoming reforms will do more to address the sheer amount of data companies are able to ask for and store about Australians — and in some cases, the laws that require them to do so.</p><p id="">‍</p><p id="">For example, Medibank has confirmed its data breach affected past and present customers and claimed that it was required by state health record laws to keep information for seven years.</p><p id="">‍</p><p id="">"This can't be the finish line, but should be just the beginning of better privacy protections for Australians," Chandni Gupta, digital policy director at the Consumer Policy Research Center, said of the new bill.</p><p id="">‍</p>

<p id="">With just a few more days left to complete his acquisition of Twitter and stave off a new court date, billionaire Elon Musk walked into the company’s San Francisco office on Wednesday with what appeared to be a porcelain bathroom sink in his hands.</p><p id="">‍</p><p id="">“Entering Twitter HQ – let that sink in!” the Tesla and SpaceX CEO tweeted with a video of his entrance.</p><p id="">‍</p><p id="">A person at the company confirmed to CNBC that Elon was visiting today, and noted that there is some internal concern about what will happen to people on foreign-worker visas. </p><p id="">‍</p><p id="">This person, who declined to be named discussing internal matters, said that employees are trying to keep working despite all the attention being paid to the deal, and despite reports that Musk could gut the place with massive layoffs. </p><p id="">‍</p><p id="">Some employees say they feel like if he buys it, he can “burn it all down if he wants to.”</p><p id="">‍</p><p id="">Staff in the office got a brief heads up about the visit, according to an email shared by reporters from CNN and Bloomberg.</p><p id="">‍</p><p id="">The sender, whom Bloomberg identified as Twitter Chief Marketing Officer Leslie Berland, wrote that Musk would be in the office this week “meeting with folks, walking the halls, and continuing to dive in on the important work you all do. If you’re in SF and see him around, say hi!”</p><p id="">‍</p><p id="">The email also said employees would hear directly from Musk on Friday. A Twitter spokesperson declined to comment on the report or on Musk’s tweet.</p><p id="">‍</p><p id="">Earlier, Musk changed his description on the social media service, where he has more than 110 million followers, to “Chief Twit.”</p><p id="">‍</p><p id="">Musk has until 5 p.m. Eastern Time on Friday to complete his deal to buy Twitter or again face the proposition of going to trial. </p><p id="">‍</p><p id="">Twitter sued Musk when he tried to get out of their $44 billion merger agreement by claiming Twitter had not been forthcoming about spam and bots on its platform, which he claimed would amount to a material adverse effect. </p><p id="">‍</p><p id="">Twitter has denied this.</p><p id="">‍</p><p id="">A Delaware Chancery Court judge set the Friday deadline after Musk said he would be willing to buy Twitter after all. </p><p id="">‍</p><p id="">Twitter, not taking Musk on his word, wanted the court to remain involved. </p><p id="">‍</p><p id="">The judge ended up postponing the original trial set for last week and gave the parties until the end of this week to close to deal, or else she would set new trial dates for November.</p><p id="">‍</p>

<p id="">Shares in the nation’s largest private health insurer tumbled 18 per cent on Wednesday, the first day of trading in almost a week, erasing about $1.7 billion from its market value. The decline came after the company confirmed that hackers accessed personal information on all 4 million of its customers and an unknown number of former members, in another escalation of the incident.</p><p id="">‍<br><br>Only two weeks earlier, Medibank Private chief executive David Koczkar had told customers there was no evidence that their data had been accessed. “We’ve shared what we could when we can share it, and that does involve incomplete information. Things are moving very fast,” he said in an interview. “As soon as things become clear to me, we will share it.”<br>‍</p><p id="">‍<br>Dozens of Medibank customers have contacted this masthead to express their fury with the way Medibank has handled the incident. Lawyers are also watching closely, with a spokesman for Maurice Blackburn, which has already launched a class action-style claim against Optus, saying it was “monitoring” the situation.</p><p id="">‍</p><p id="">Shareholder advisory group ISS said Medibank’s management and board will be under pressure at its annual meeting next month.</p><p id="">‍</p>

<p id="">The government has invoked a Covid-era response mechanism, bringing together federal, state and territory agencies to coordinate on the worsening Medibank data breach.</p><p id="">‍</p><p id="">Minister for cyber security Clare O'Neil said the national coordination mechanism (NCM) was activated on Saturday.The activation came as Medibank announced that the attackers who breached its ahm and international student systems had provided a file which demonstrated compromise of customer records under its main brand as well.</p><p id="">‍</p><p id="">“What we can see is that Medibank is just as complex and urgent as some of what was dealt with [during the pandemic],” O’Neil said on Tuesday. “When it comes to the personal health information of Australians, the damage here is potentially irreparable”.</p><p id="">‍</p><p id="">The stolen data is from current and former customers and includes names, addresses, birthdates, Medicare numbers, contact information and claims data from the private health insurer. The list of Medibank customers affected potentially includes high-profile Australians.</p><p id="">‍</p><p id="">“Australians who are struggling with mental health conditions, drug and alcohol addiction, with diseases that carry some shame or embarrassment – they are entitled to keep that information private and confidential,” O’Neil said in parliament.</p><p id="">‍</p><p id="">Senator James Paterson, the shadow minister for cybersecurity, criticised the government for a slow response to the attacks and said that despite the company’s initial denials customers’ worst fears have now been realised.</p><p id="">‍</p><p id="">“After a slow and confused response to the Optus cyberattack, it is concerning that it took Cybersecurity Minister Clare O’Neil a week to publicly respond to the Medibank hack,” he said.</p><p id="">‍</p>

<p id="">If you are a customer of Medibank or its subsidiary ahm, or are an international student with Medibank, or you have been a customer within the last seven years, it’s likely your data has been exposed in the breach.</p><p id="">‍<br><br>Medibank has determined the hacker was able to obtain the following information for all customers, including Medibank, ahm and international student customers:</p><p id="">‍</p><ul id=""><li id="">Name</li><li id="">Address</li><li id="">Date of birth</li><li id="">Gender</li><li id="">Email address</li><li id="">Medicare card number (in some cases)</li><li id="">Health claims made with Medibank</li></ul><p id="">‍</p><p id="">Of these, the date of birth, address, Medicare card numbers and health claims would be of most concern for potential identity theft or extortion attempts if the data was eventually posted online or sold to someone else.</p><p id="">‍<br><br>Medibank has also said former customers have been included in the records received so far, as the company is required to keep customer information for seven years under state and territory laws.</p><p id="">‍<br><br>Experts suggest not rushing out and changing everything. People should always seek to use strong passwords and multifactor authentication on their online accounts – not just with Medibank.</p><p id="">‍<br><br>They can also advise their bank and other financial institutions to put in place additional security checks for their accounts (particularly for over-the-phone transactions).</p><p id="">‍</p>

<p id="">Medibank has confirmed the personal data and significant amounts of health claims data of all of its customers have been accessed by cyber criminals.</p><p id="">‍</p><p id="">The private health insurer said on Tuesday more than four million of its customers had been caught up in the cyber attack.</p><p id="">‍</p><p id="">Speaking to Virginia Trioli on <em id="">Mornings</em>, tech reporter at the Guardian Josh Taylor said there were questions Medibank needed to address.</p><p id="">‍</p><p id="">"Why wasn't there additional layers of security in terms of making sure a person's account had two factor authentication?</p><p id="">‍</p><p id="">"We need to find out more about how this was allowed to occur and what sort of protections they're putting in place."</p><p id="">‍</p>

<p id="">US prosecutors charged two Chinese nationals with trying to obstruct the prosecution of China's Huawei Technologies, and four others with trying to spy for Beijing, in what they called a broad crackdown on unlawful influence efforts.</p><p id="">‍</p><p id="">Prosecutors also unveiled charges against four Chinese nationals in what they called a long-running intelligence campaign.The complaint against He and Wang alleges they tried to obtain confidential information concerning witnesses, trial evidence and any potential new charges the company could face.</p>

<p id="">An Australian energy company has admitted it is the latest to be hit by a “cyber incident” just days after one of Australia’s largest health insurers revealed customer’s personal details had been stolen.“The incident resulted in the exposure of data for 323 residential and small business customers,” the company said.</p><p id="">‍</p><p id="">“My Account includes the customer’s name, address, email address, electricity and gas bills, phone number and the first six and last three digits of credit cards.</p><p id="">‍</p><p id="">EnergyAustralia said there was no evidence the personal information had been transferred outside of the company’s systems.</p><p id="">‍</p><p id="">Identification documents, including driver’s licences, passports and banking information, are not stored on the platform and remain secure. No other EnergyAustralia systems were affected.</p><p id="">‍</p><p id="">EnergyAustralia chief customer officer Mark Brownfield on Friday apologised to the customers and the concern it may have caused.</p><p id="">‍</p><p id="">“While this incident was limited in terms of customers affected, we take the security of customer information seriously and have been working hard to put in place additional layers of security to ensure the protection of all customer information,” a statement read.</p><p id="">‍</p><p id="">“This now includes the implementation of 12-character passwords. We recognise the transition to more secure passwords won’t be easy for all our customers, however, this incident and other recent cyber incidents have highlighted this is where we need to go with password complexity.”</p><p id="">‍</p><p id="">EnergyAustralia is the latest company to fall victim to a cyber attack after Optus and Medicare were both victims of major data breaches.</p><p id="">‍</p>

<p id="">Woolworths customers have been urged to check their Everyday Rewards accounts after a customer spoke out about his concerning experience.</p><p id="">‍</p><p id="">Sharing on Facebook, the shopper revealed how he recently had $440 stolen from his Everyday Rewards account.</p><p id="">‍</p><p id="">The customer claims a hacker accessed his account and “wiped out” the Everyday Rewards points he’d accrued to make the large unauthorised purchase at a store three hours from his home.</p>

<p id="">The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022. Since then, Daixin Team cybercrime actors have caused ransomware incidents at multiple HPH Sector organizations where they have:</p><p id="">‍<br></p><ul id=""><li id="">Deployed ransomware to encrypt servers responsible for healthcare services—including electronic health records services, diagnostics services, imaging services, and intranet services, and/or</li><li id="">Exfiltrated personal identifiable information (PII) and patient health information (PHI) and threatened to release the information if a ransom is not paid.</li></ul><p id=""><br>FBI, CISA, and Department of Health and Human Services are <a href="https://www.cisa.gov/uscert/ncas/alerts/aa22-294a" target="_blank" id="">releasing this joint advisory</a> to provide information on the Daixin Team, a cybercrime group that is actively targeting U.S. businesses, predominantly in the Healthcare and Public Health Sector.</p><p id="">‍<br><br><a href="https://www.stopransomware.gov/" target="_blank" id="">Stopransomware.gov</a> is a whole-of-government approach that gives one central location for ransomware resources and alerts.</p><p id="">‍<br><br>Resource to mitigate a ransomware attack: CISA-Multi-State Information Sharing and Analysis Center (MS-ISAC) <a href="https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C_.pdf" target="_blank" id="">Joint Ransomware Guide.</a></p><p id=""><a href="https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware%20Guide_S508C_.pdf" target="_blank" id="">‍</a><br><br><strong id="">Contributing podcast - CISA Cyber Security Alerts<br><br></strong></p><figure id="" class="w-richtext-figure-type-image w-richtext-align-floatleft" style="max-width:150px" data-rt-type="image" data-rt-align="floatleft" data-rt-max-width="150px"><a href="https://open.spotify.com/episode/01wUyxGFEa1TUuxrmgnPdW?si=8d7ca982675c432d" target="_blank" id=""><div id=""><img src="https://cdn.prod.website-files.com/647533a76457864c2920901f/647533a76457864c29209026_546aec1a-38e4-558d-6f0b-98d7d93a43d6.png" alt="Link to contributing podcast on Spotify" id="" width="auto" height="auto" loading="auto"></div></a></figure><p id="">‍</p>

<p id="">On Friday 21 October 2022, After a week of one of the largest HealthCare breaches the Medibank CEO David Koczkar, provided a public comment with updates. " I'm very sorry, this has happened. I feel devastated. I feel disappointed, and I feel for all of our customers who will feel anxious”, Medibank CEO David Koczkar told 9News.</p><p id="">‍</p><p id="">Koczkar said after the hack last week Medibank did not "see any evidence that any customer data had been removed from our systems". However since then, the hackers have shown proof they have the personal data of at least 100 customers with names, addresses, dates of birth, email addresses and most concerningly private and potentially sensitive medical information that the private health insurer has close to four million customers.</p>

<p id="">Medibank Private has confirmed it has received messages from a group wishing to negotiate with the company regarding their alleged removal of customer data.</p><p id="">‍<br><br>The update comes less than a week after the company was hit by a <a href="https://www.abc.net.au/news/2022-10-13/health-insurer-medibank-hit-by-cyber-attack/101531392?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_01)" target="_blank" id="">cyber attack.</a></p><p id=""><a href="https://www.abc.net.au/news/2022-10-13/health-insurer-medibank-hit-by-cyber-attack/101531392?ct=t(EMAIL_CAMPAIGN_7_25_2022_12_54_COPY_01)" target="_blank" id="">‍</a><br><br>Medibank says it is working urgently to establish if the claim is true, but is treating the matter seriously. As a result of this, the health insurer has halted trading on the share market until further notice.</p><p id="">‍<br><br>Medibank first reported "unusual activity" had been detected on its network on October 12.</p><p id="">‍</p><p id="">However, the company said there was no evidence sensitive data, including customer information, had been accessed. The nature of the business means Medibank holds a range of personal information regarding its customers. </p><p id="">‍</p><p id="">In a statement, the company said its systems had not been encrypted by ransomware, which meant usual activities for customers could continue.</p><p id="">‍</p><p id="">"Our ongoing response to safeguard our networks and systems may cause necessary temporary disruptions to our services," the statement said.</p><p id="">‍</p><p id="">"Investigations are ongoing and Medibank will continue to provide regular updates."</p><p id="">‍</p><p id="">Medibank Private is working with specialised cybersecurity firms and has advised the Australian Cyber Security Centre.</p><h2 id="">‍</h2>

<p id="">China-based team at TikTok’s parent company, ByteDance, planned to use the TikTok app to monitor the personal location of some specific American citizens.</p><p id="">‍<br><br>The team primarily conducts investigations into potential misconduct by current and former ByteDance employees. But in at least two cases, the Internal Audit team also planned to collect TikTok data about the location of a U.S. citizen who had never had an employment relationship with the company, the materials show. It is unclear from the materials whether data about these Americans was actually collected; however, the plan was for a Beijing-based ByteDance team to obtain location data from U.S. users’ devices.</p><p id="">‍<br><br>TikTok spokesperson Maureen Shanahan said that TikTok collects approximate location information based on users’ IP addresses to “among other things, help show relevant content and ads to users, comply with applicable laws, and detect and prevent fraud and inauthentic behavior."</p><p id="">‍<br><br>The Internal Audit and Risk Control team runs regular audits and investigations of TikTok and ByteDance employees, for infractions like conflicts of interest and misuse of company resources, and also for leaks of confidential information. Internal materials show that senior executives, including TikTok CEO Shou Zi Chew, have ordered the team to investigate individual employees, and that it has investigated employees even after they left the company.</p>

<p id="">On September 24, the cyber threat intelligence company SOCRadar notified <a href="https://hothardware.com/news/microsoft-cloud-services-vulnerable-cozy-bear-mfa-hacking-campaign" id=""><strong id="">Microsoft</strong></a> that one of its Azure Blob Storage servers was <a href="https://hothardware.com/news/hacker-behind-australias-largest-data-breach-retract-leak" id=""><strong id="">misconfigured and leaking</strong></a> customer information. Now, almost a month later, both Microsoft and SOCRadar have released blog posts warning businesses that some of their transaction data and communications with Microsoft and authorized Microsoft partners may may been exposed in this leak.</p><p id="">‍</p><p id="">The company secured the server after being notified of the leak on September 24, 2022 by security researchers at threat intelligence firm SOCRadar.<br>‍</p><p id="">‍<br>Microsoft said on the 19th of October that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.</p><p id="">‍<br><br><a href="https://msrc-blog.microsoft.com/2022/10/19/investigation-regarding-misconfigured-microsoft-storage-location-2/" target="_blank" id=""><strong id="">From Microsoft: </strong></a>The business transaction data included names, email addresses, email content, company name, and phone numbers, and may have included attached files relating to business between a customer and Microsoft or an authorized Microsoft partner. The issue was caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability</p><p id="">‍</p><p id="">‍</p>

<p id="">WASHINGTON — The U.S. Army will roll out a contract worth as much as $1 billion this fiscal year to spur the service’s migration to cloud-based computing. </p><p id="">‍</p><p id="">The U.S. Army requested $16.6 billion in cyber and information technology funding for fiscal 2023, or more than 9% of the service’s $178 billion budget blueprint.</p><p id="">‍</p><p id="">“Right now, what’s happening is even when we have commands that <a href="https://www.c4isrnet.com/smr/cloud/2021/04/29/cloud-computing-speeds-up-new-military-software/" id="">want to move to the cloud</a>, today there is not one contract that they can go to,” he said. “So they are doing a lot of shopping. They’ve got to go to multiple contracting centers to go find the right vehicle, and then when they go there, it takes them nine months before they actually get on contract.”</p><p id="">‍</p><p id="">That timeline is too long and that process too clunky, Lyer said. Under EAMM, the intent is to slash the time it takes to award task orders to four weeks.</p><p id="">‍</p><p id="">Lyer’s office will spearhead the effort alongside the Army’s<a href="https://www.army.mil/ecma" id=""> Enterprise Cloud Management Agency</a>, which provides oversight for all of the service’s cloud processes and activities. Operating under the Headquarters Department of the Army, Chief Information Office, ECMA ensures a full unity of effort, in identification of seven strategic imperatives, such as &nbsp;Expand cloud, Implement Zero Trust architecture, Enable secure, rapid software development Accelerate data-driven decisions &nbsp;etc. The agency is led by Paul Puckett.</p><p id="">‍</p><p id="">“It’s no longer just telling the commands, ‘Hey, you got to go figure it out,’” Lyer said. “We’re really kind of holding their hand to help them migrate their applications in the cloud, all the way from architecting it, working through migrating the data, the contract vehicle, and so on.”</p><p id="">‍</p><p id="">The Army considers cloud migration and widespread, secure use foundational to the grander modernization of its networks, computers and collaboration. The Army’s updated cloud plan was unveiled this month, weeks after the service’s top uniformed information technology official, <a href="https://www.c4isrnet.com/battlefield-tech/it-networks/2022/08/18/pentagons-command-and-control-concept-needs-work-army-official-says/" id="">Lt. Gen. John Morrison</a>, described the coming year as one of “action and acceleration” and “much more rapid movement to the cloud.”</p><p id="">‍</p><p id="">The Army requested $16.6 billion in cyber and IT funding for fiscal 2023, which started Oct. 1, or more than 9% of the service’s $178 billion budget blueprint. Hundreds of millions, officials said, would be invested in cloud.</p>

<p id="">With Russia continuing to face setbacks in its war against Ukraine, experts warn Russian President <a href="https://thehill.com/people/vladimir-putin/" target="_blank" id="">Vladimir Putin </a>may escalate his cyber operations in the November midterms as retaliation for U.S. involvement in the conflict.</p><p id="">‍</p><p id="">Recent cyberattacks against <a href="https://thehill.com/policy/technology/3676449-russian-speaking-hackers-claim-responsibility-for-knocking-us-states-websites-offline/" target="_blank" id="">U.S. state government </a>and <a href="https://thehill.com/policy/cybersecurity/3681346-us-airport-websites-knocked-offline-by-russian-speaking-hackers/" target="_blank" id="">airport websites</a> that Moscow-backed hackers have claimed responsibility for may have been testing grounds for such Russian efforts to interfere in the upcoming election, posits James Turgal, vice president of cyber consultancy Optiv.</p>

<p id="">The Biden-Harris Administration White&nbsp; House announcement has brought a relentless focus to improving the United States’ cyber defenses, building the comprehensive approach “lock our digital doors”, and taking aggressive action to strengthen and safeguard the national cybersecurity infrastructure.</p><p id="">‍</p><p id="">The announcement focused on the improvement of the cybersecurity of Federal critical infrastructure.&nbsp;</p><p id="">‍</p><p id="">Part of this was issuing&nbsp; a strategy for multi factor authentication Federal, zero trust architecture implementation, as well as budget guidance to ensure that Federal agencies align resources to the Federal Government cybersecurity goals. This included harnessing the purchasing power of the Federal Government to improve the cybersecurity of products for the first time, by requiring security features in all software purchased by the Federal Government, which improves security for all Americans.</p><p id="">‍</p><p id="">Amongst the keynote speech was the outline of protection policy regarding critical technological initiatives,&nbsp; which will aim to provide greater certainty for the private sector investment in research and development.</p><p id="">‍</p><p id="">The White House declared its commitment in developing an American technological edge through the National Quantum Initiative and issuance of National Security Memorandum-10 (NSM-10) on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems.</p><p id="">‍</p><p id=""> The speech outlined that the current&nbsp; initiative has more than doubled the United States Government’s research and development (R&amp;D) investment in quantum technology, creating new research centers and workforce development programs across the country. NSM-10 prioritizes U.S. leadership in quantum technologies by advancing R&amp;D efforts, forging critical partnerships, expanding the workforce, and investing in critical infrastructure.&nbsp;</p><p id="">‍</p><p id="">This speech concluded with the focus of shifting&nbsp; America's program towards quantum-resistant cryptography; and greater protection in investments, companies, and intellectual property as this technology develops. This ensures the United States and their allies can benefit from this new field’s advances without being harmed by those who would use it against us.</p><p id="">‍</p>