GDPR

Apple and Google To Ban Location Tracking In Contact Tracing App

Posted on May 8, 2020 by Andy Miller

Apple Inc and Alphabet Inc (Google) have both announced that they will not use GPS location tracking as part of the COVID-19 contact tracing app that they both jointly developing.

Apps

With contact-tracing and testing believed to be vital components in an effective strategy for stopping the spread of the highly infectious COVID-19 virus, both Apple and Google have said they would work together to make a COVID-19 contact tracing app for public health authorities to use that can notify people who have been near others who have tested positive for the virus.

No To GPS Data

Whilst the preferred, official (government) method for the operation of other such apps is to use both the Bluetooth signals from phones to detect encounters coupled with GPS location data, both Apple and Google have opted not to use GPS data in order to prevent governments from using such a system to compile data on citizens.

Workarounds

The decision by Apple and Google will mean that contact tracing systems will require public health authorities that want to access GPS location to find less stable and potentially battery-draining, Bluetooth-sensor workarounds.

The UK App

The new contact tracing app for the UK, which looks likely to be launched in the next couple of weeks will use Bluetooth but won’t, for the time being, use GPS signals, although it is thought that a system of monitoring location data may be used later as a voluntary opt-in.

Mobility Data

Even though GPS data will not be used in the Google/Apple app, Apple has announced that it is releasing a mobility data trends tool that may provide insights to local governments and health authorities by showing the change in volume of people driving, walking or taking public transit in their communities. Maps does not associate mobility data with a user’s Apple ID, and Apple says that it does not keep a history of where a user has been.

Versions This Week

It is thought that early versions of the Apple/Google collaboration contact tracing app will be released this week and in the coming months, both Google and Apple will make a broader Bluetooth-based contact tracing platform.

What Does This Mean For Your Business?

News of how well testing and contact tracing have worked in places like South Korea (with the use of an app) and in Vietnam (with local contact tracing staff – who have effectively shut down the virus), have reinforced the decisions by European governments to use contact-tracing apps. There have been objections to a centralised approach in France, and concerns generally in different countries that these apps, especially with location data, could infringe upon civil liberties and privacy. It is, of course, good to see that Google and Apple (as you would expect) want to (and want to be seen to) protect privacy, and that they are prepared to collaborate and pool resources for the common good. The success of contact tracing apps does, however, depend upon levels of testing in the population, to which the UK has come late to the game, and on the number of people who download and use the app. In other countries, for example, app user numbers have been lower than expected.

In the UK, the Isle of Wight is currently the testing ground for the new contact-tracing app. In reality, an app is likely to be an optional one of many tools that could be used to reduce any further spread of the current strain of the virus and in doing so, allow people to get back to work, thereby improving the situation for UK businesses.

Featured Article – Facial Recognition and Super Computers Help in COVID-19 Fight

Posted on April 30, 2020 by Andy Miller

Technology is playing an important role in fighting the COVID-19 pandemic with adapted facial recognition cameras and super-computers now joining the battle to help beat the virus.

Adapted Facial Recognition

Facial recognition camera systems have been trialled and deployed in many different locations in the UK which famously include the 2016 and 2017 Notting Hill Carnivals, the Champions League final day June 2017 in Cardiff, the Kings Cross Estate in 2019 and in a deliberately “overt” trial of live facial recognition technology by the Metropolitan Police in the centre of Romford, London, in January 2019. Although it would be hard to deny that facial recognition technology (FRT) could prove to be a very valuable tool in the fight against crime, issues around its accuracy, bias and privacy have led to criticism in the UK from the Information Commissioner about some of the ways it has been used, while (in January) the European Commission was considering a ban on the use of facial recognition in public spaces for up to five years while new regulations for its use were put in place.

However, one way that some facial recognition systems have been adapted to help in the fight against COVID-19 include the incorporation of temperature screening.

Thermographic Temperature-Screening

In the early news reports of the initial spread of COVID-19 in China, news reports focused on how thermographic, temperature-screening cameras backed up by AI could be used to pick out people from crowds who displayed a key symptom, notably a raised temperature.

These systems are also likely to play a role in our post-lockdown, pre-vaccine world as one of many tools, systems, and procedures to improve safety as countries try to re-start their economies on the long road back.

In the UK – Facial Recognition Combined With ‘Fever Detection System’

In the UK, an AI-powered facial recognition system at Bristol Airport is reported to have been adapted to incorporate a ‘fever detection system’, developed by British technology company SCC. This means that the existing FRT system has been augmented with thermographic cameras that can quickly spot people, even in large moving groups (as would normally happen in airports) who have the kind of raised temperatures associated with COVID-19.

In Russia – Facial Recognition Combined With Digital Passes on Phones

It has also been reported that, as far back as March, officials in Moscow have been using the city’s network of tens of thousands of security cameras, which can offer instant, real-time facial recognition of citizens in combination with digital passes on mobile phones. It has been reported that the sheer number of cameras in Moscow, which can also be used to measure social distancing and detect crowds, coupled with the sophisticated FRT at the back-end is enough to ensure that those who are supposed to be in isolation can be detected even if they come outside their front door for a few seconds. Moscow’s facial recognition system is also reported to be able to identify a person correctly, even if they are wearing a face mask.

Supercomputers

One of the great advantages of supercomputers is that they can carry out staggering numbers of calculations per second, thereby being able to solve complicated problems in a mere fraction of the time that it would take other computers to do the same thing. Supercomputers are, therefore, now being used in the fight against coronavirus. For example:

– Scientists at the University of Texas at Austin’s Texas Advanced Computing Centre (TACC) in the U.S. are using a Frontera supercomputer and a huge computer model of the coronavirus to help researchers design new drugs and vaccines.

– University College London (UCL) researchers, as part of a consortium of over a hundred researchers from across the US and Europe, are using some of the world’s most powerful supercomputers (including the biggest one in Europe and the most powerful one in the world) to study the COVID-19 virus and thereby help develop effective treatments and, hopefully, a vaccine. The researchers have been using the Summit at Oak Ridge National Lab, USA (1st) and SuperMUC-NG at GCS@LRZ, Germany (9th) supercomputers to quickly search through existing libraries of compounds that could be used to attach themselves to the surface of the novel coronavirus.

– In the U.S. the COVID-19 High-Performance Computing (HPC) Consortium, a combined effort by private-public organisations, the White House Office of Science and Technology Policy, U.S. government departments and IBM are bringing together federal government, industry, and academics who are offering free computing time and resources on their supercomputers to help to understand and beat the coronavirus.

Looking Ahead

Facial recognition cameras used by police and government agencies have been the focus of some bad press and questions over a variety of issues, but the arrival of the pandemic has turned many things on their heads. The fact is that there are existing facial recognition camera systems which, when combined with other technologies, could help to stop the spread of a potentially deadly disease.

With vaccines normally taking years to develop, and with the pandemic being a serious, shared global threat, it makes sense that the world’s most powerful computing resources should be (and are being) deployed to speed up the process of understanding the virus and of quickly sorting through existing data and knowledge that could help.

Google Blocks 18 Million Coronavirus Scam Emails Per Day

Posted on April 23, 2020 by Andy Miller

Google is reported to have been blocking 100 million phishing emails per day and 18 million email scams relating specifically to coronavirus.

Millions of Scams and Spam Messages Daily

On its Cloud blog on 16th April, Google reported that Gmail blocks more than 100 million phishing emails each day and over the previous week, it had blocked 8 million daily malware and phishing emails related to COVID-19. Google reports that this was in addition to more than 240 million COVID-related daily spam messages.

Types of Scams

Google reports that the types of scam and phishing emails that it had seen and blocked have been using fear and financial incentives to create urgency in order to prompt users to respond. Examples include:

– Impersonating authoritative government organisations e.g. the World Health Organization (WHO) in order to solicit fraudulent donations or distribute malware. In order to achieve this, scammers were reported to be using downloadable files that can install backdoors.

– Phishing attempts targeted at employees operating in a work-from-home setting asking them to complete a form needed for payroll.

– Phishing attempts, imitating government institutions and targeted at small businesses asking them to click on links related to receiving government stimulus packages.

Proactive Monitoring

Google reports that it has put proactive monitoring in place for COVID-19-related malware and phishing across its systems and workflows and that when threats are identified, they are added to its Safe Browsing API to protect users in Chrome, Gmail, and other integrated Google products.

Not New

As Google acknowledges, many of the current threats are not new but are existing malware campaigns that have just been updated to exploit the heightened attention on COVID-19. Last month, for example, reports of phishing emails included:

– An email purporting (as reported by Proofpoint) to be from a doctor offering details of a vaccine cure that’s been kept secret by the Chinese and UK governments. Clicking on the link promises access to the vaccine cure details.

– Workplace policy emails that target employees in a specific company/organisation and encourage them to click on a link that will take them to their company’s Disease Management Policy. Clicking on the link will, in fact, download malicious software that can provide a way into the company network.

– As reported by Mimecast, using the promise of a tax refund for coronavirus, directing the target to click on a link to input all their financial and tax information and with the lure of gaining access to (bogus) funds.

– Asking for donations for a fake campaign to fund the fast development of a COVID-19 vaccine. In this scam, the victim is directed to a bitcoin payment page.

– An email purporting (again, as reported by Proofpoint) to be from the World Health Organization (WHO) that offers a fake document with information about preventing the spread of coronavirus, where clicking on the link actually leads to the downloading of keylogging software (criminals can track your keystrokes to uncover passwords).

– Emails that exploit feelings of panic, such as an email that claims that COVID-19 has become airborne and asks the target to click on a link to a fake Microsoft login page.

Protecting Yourself Against Phishing Attacks

You can protect yourself and your business from phishing emails and others scams by doing the following:

– Keeping your anti-virus software up to date as well as your patching and other software updates e.g. your OS updates.

– Making sure that all staff and employees are given training and/or are made aware of phishing email threats and that they know the procedure for dealing with emails that appear to be suspicious and/or relate to releasing funds/payments, even if they appear to be from someone in the same company.

– Being on the lookout for online requests for personal and financial information e.g. from government agencies, are very unlikely to be sent by email from legitimate sources.

– Looking out for emails with generic greetings, mistakes in spelling and grammar, and/or heavy emotional appeals that urge you to act immediately, as these are all signs of scam and phishing emails.

– Checking the email address by hovering your mouse (without clicking) over the link in the email. This can quickly reveal if the email is genuine.

Google also recommends that its users could benefit from completing a Google ‘Security Check-up’, and that is G Suite Enterprise and G Suite Enterprise for Education users choose to enable Google’s security sandbox.

What Does This Mean For Your Business?

Since the beginning of the COVID-19 outbreak and the subsequent need for businesses and organisations to have their employees work from home, cybercriminals have seen the whole situation as a big opportunity to exploit the uncertainty, heightened emotions, and physical division of workforces.

Now more than ever, therefore, we should all exercise caution when we receive emails from unknown or unusual sources and remember that government agencies and financial institutions don’t send out emails asking for personal and financial information and that any requests for funds or other even slightly unusual requests that appear to come from within the company need to be checked for authenticity.

Companies need to alert employees, many of whom may soon be working from home (if not already) and may have a reduced ability to quickly ask the boss or manager about certain emails, to the threat of phishing emails with a COVID-19 theme and to the threat of social engineering attacks that could take advantage of a physically divided and reduced workforce.

Featured Article – Maintaining Security During The COVID-19 Health Crisis

Posted on March 19, 2020 by Andy Miller

The current global health crisis may bring many different IT security challenges to businesses and organisations and this article highlights some of the ways that you can prepare to keep IT security covered as best you can at this difficult time.

Larger and Smaller Businesses – Some Different Challenges

Larger organisations may be at an advantage as they may already have policies, procedures, equipment and security arrangements in place for remote working, although they may find themselves more stretched as many more staff work from home than usual.

Smaller businesses and organisations, however, may be less well used to and equipped for suddenly having to send staff home to work. This means that they may have a lot more work to do now in order to prepare, and their IT personnel will find themselves needing to prioritise and be prepared to provide more on-demand support over the coming weeks.

Guide

Even though larger and smaller companies may have different challenges on a different scale, here is brief guide incorporating a list of suggestions that could help many businesses and organisations to stay secure while employees, contractors and other stakeholders are working remotely:

– Alert all staff to the possibility of email-borne threats and other social engineering attacks. For example, over the last few weeks, cybercriminals have been sending COVID-19 related phishing emails e.g. bogus workplace policy emails, emails purporting to be from a doctor offering details of a vaccine/cure, emails with a promise of a tax refund and more. The message to employees should be to not open unfamiliar emails and certainly don’t click on any attachments or links to external pages from any suspect emails.

– Make sure that any software and software-based protection used by employees working from home is secure and up to date. For example, this could include making sure their devices have up to date operating systems and browsers, firewall software and anti-virus software is installed and up to date, and make sure that employees install any new updates as soon as possible.

– Ensure that any devices used by employees are managed, secure (have downloaded trusted security apps), have appropriate protection e.g. data loss protection, updated anti-malware, and a capacity to be centrally monitored if possible. Ensure that all devices, including employee mobiles (which can carry confidential information), are password-protected, and can encrypt data to prevent theft.

– Monitor the supply chain arrangements where possible. If a supplier is geographically remote, for example, and if the Covid-19 crisis has left a supplier short of qualified IT and/or security staff, or if contract staff/cover staff, or unfamiliar staff members have been brought in to replace staff members e.g. particularly in accounts, this could present a security risk. Taking the time to conduct at least basic checks on who you dealing with could prevent social engineering, phishing and other security threats, and exercising caution and offering your own known secure channel suggestions where suppliers may be short of IT-security staff could help to maintain your company’s security posture.

– Although employees are likely to stay at home in the current situation, you will still need to make sure that they are made aware of your policy about accessing information on public or unsecured networks e.g. using a VPN on mobile devices to encrypt data.

– Make sure you have a 24-hour reporting procedure for any stolen or lost equipment/devices.

– Pay attention to user identity management. For example, have a user account for each employee, and give appropriate access to each employee. This should help to prevent unauthorised access by other persons. Also, control which programs and data each employee has access to, and which level of user rights they have on certain platforms.

– Make employees aware that they must use only strong, unique passwords to sign-in to your network, and that these details should be changed regularly e.g. every 3 months. Also, make sure that multi-factor authentication is used by employees.

– Stay on top of managing the workforce and general daily operations. For example, make sure that key IT staff are available at all times, communication channels and procedures are clear and functioning, handover procedures are covered, any sickness (which looks likely) can have cover planned, and that productivity targets can be met despite remote working.

– Remind employees that they still need to comply with GDPR while working remotely and ensure that help and advice are available for this where needed.

– Use this experience to keep the company’s disaster recovery and business continuity plans up to date.

– Schedule regular, virtual/online meetings with staff and ensure that all employees have the contact details of other relevant employees.

– If you’re not already using a collaborative working platform e.g. Teams or Slack, consider the possibility of introducing this kind of working to help deal with future, similar threats.

Looking Forward

At this point, the country, businesses, and many individuals are thinking more about survival strategies, but taking time to ensure that IT security is maintained is important in making companies less vulnerable at a time when operations don’t follow normal patterns and when many cybercriminals are looking to capitalise on any weaknesses caused by the COVID-19 health emergency.

Cybercriminals Take Advantage of Covid-19 Outbreak With Phishing Emails

Posted on March 19, 2020 by Andy Miller

Some cybercriminals have already taken advantage of the fear surrounding the Covid-19 outbreak by sending out phishing emails that promise cures, seek donations, or heighten panic in order to extract personal data and money.

Phishing For Fear

Cybercriminals rely on exploiting human error that’s often driven by emotional responses. The coronavirus outbreak has, therefore, provided scammers with a near-perfect opportunity to exploit the heightened the level of fear and to offer things that will take that fear and panic away as a motivation for a person to click on a link. Clicking on a link in a phishing email, however, means having malicious software loaded onto your device that can allow cybercriminals to take control of your computer, log keystrokes, gain access to your personal information and financial data (for theft and identity theft), or simply direct you to a payment page.

Examples

Examples of the kinds of corona-virus related phishing emails which have been spotted over the last couple of weeks, and could be coming to an inbox near you, include:

– As reported by Proofpoint, an email purporting to be from a doctor offering details of a vaccine cure that’s been kept secret by the Chinese and UK governments. Clicking on the link promises access to the vaccine cure details.

– Asking for donations for a fake campaign to fund the fast development of a Covid-19 vaccine. In this scam, the victim is directed to a bitcoin payment page.

– As reported by Proofpoint, an email purporting to be from the World Health Organization (WHO) that offers a fake document with information about preventing the spread of coronavirus, where clicking on the link actually leads to the downloading of keylogging software (criminals can track your keystrokes to uncover passwords).

– Emails that exploit feelings of panic, such as an email that claims that Covid-19 has become airborne and asks the target to click on a link to a fake Microsoft login page.

Spotting Phishing Emails

Many phishing emails have giveaways that you can spot if you know what you’re looking for. Examples of ways in which you can identify a phishing email include:

– Online requests for personal and financial information e.g. from government agencies are very unlikely to be sent by email from legitimate sources.

– Beware of generic greetings. Scammers are less likely to use your name to personalise the email greeting and title.

– Mistakes in spelling and grammar can be signs of scam emails.

– Check the email address by hovering your mouse (without clicking!) over the link in the email. This can quickly reveal if the email is genuine.

– Beware of heavy emotional appeals that urge you to act immediately. These are signs of scam emails that hope to bypass your reasoning and tap into an emotional response.

What Does This Mean For Your Business?

Scammers often use phishing emails when there is/has been a recent crisis, when there’s been fraud/cybercrime that’s affected lots of people, or on other such events to take advantage of those who are looking for help and answers. Scammers know that where emotions are strong and where they can tap into that by offering relief from negative feelings and by saying what people want to hear, they are more likely to achieve their aims.

In the case of coronavirus, although companies and organisations are issuing statements related to it, the best advice is to simply check the information that is given out through trusted, official sites such as the NHS https://www.nhs.uk/conditions/coronavirus-covid-19/, the World Health Organisation https://www.who.int/health-topics/coronavirus, and via trusted TV and radio stations.

Crisis or not, always exercise caution when you receive emails from unknown or unusual sources and remember that government agencies and financial institutions don’t send out emails asking for personal and financial information.

Companies also need to alert employees, many of whom may soon be working from home and may have a reduced ability to quickly ask the boss or manager about certain emails, to the threat of phishing emails with a Covid-19 theme and to the threat of social engineering attacks that could take advantage of a physically divided and reduced workforce.

Facebook Sued Down-Under For £266bn Over Cambridge Analytica Data Sharing Scandal

Posted on March 13, 2020 by Andy Miller

Six years after the personal data of 87 million users was harvested and later shared without user consent with Cambridge Analytica, Australia’s privacy watchdog is suing Facebook for an incredible £266bn over the harvested data of its citizens.

What Happened?

From March 2014 to 2015 the ‘This Is Your Digital Life’ app, created by British academic, Aleksander Kogan and downloaded by 270,000 people which then provided access to their own and their friends’ personal data too, was able to harvest data from Facebook.

The harvested data was then shared with (sold to) data analytics company Cambridge Analytica, in order to build a software program that could predict and use personalised political adverts (political profiling) to influence choices at the ballot box in the last U.S. election, and for the Leave campaign in the UK Brexit referendum.

Australia

The lawsuit, brought by the Australian Information Commissioner against Facebook Inc alleges that, through the app, the personal and sensitive information of 311,127 Australian Facebook Users (Affected Australian Individuals) was disclosed and their privacy was interfered with. Also, the lawsuit alleges that Facebook did not adequately inform those Australians of the manner in which their personal information would be disclosed, or that it could be disclosed to an app installed by a friend, but not installed by that individual. Furthermore, the lawsuit alleges that Facebook failed to take reasonable steps to protect those individuals’ personal information from unauthorised disclosure.

In the lawsuit, the Australian Information Commissioner, therefore, alleges that the Australian Privacy Principle (APP) 6 has been breached (disclosing personal information for a purpose other than that for which it was collected), as has APP 11 (failing to take reasonable steps to protect the personal information from unauthorised disclosure). Also, the Australian Information Commissioner alleges that these breaches are in contravention of section 13G of the Privacy Act 1988.

£266 Billion!

The massive potential fine of £266 billion has been arrived at by multiplying the maximum of $1,700,000 (£870,000) for each contravention of the Privacy Act by the 311,127 Australian Facebook Users (Affected Australian Individuals).

What Does This Mean For Your Business?

Back in July 2018, 16 months after the UK Information Commissioners Office (ICO) began its investigation into the Facebook’s sharing the personal details of users with political consulting firm Cambridge Analytica, the UK’s ICO announced that Facebook would be fined £500,000 for data breaches. This Australian lawsuit, should it not go Facebook’s way, represents another in a series of such lawsuits over the same scandal, but the £266 billion figure would be a massive hit and would, for example, totally dwarf the biggest settlement to date against Facebook of $5 billion to the US Federal Trade Commission over privacy matters. To put it in even greater perspective, an eye-watering potential fine of £266 billion would make the biggest GDPR fine to date of £183 million to British Airways look insignificant.

Clearly, this is another very serious case for Facebook to focus its attention on, but the whole matter highlights just how important data security and privacy matters are now taken and how they have been included in different national laws with very serious penalties for non-compliance attached. Facebook has tried hard since the scandal to introduce and publicise many new features and aspects of its service that could help to regain the trust of users in both its platform’s safeguarding of their details and in the area of stopping fake news from being distributed via its platform. This announcement by the Australian Information Commissioner is, therefore, likely to be an extremely painful reminder of a regrettable and period in the tech giant’s history, not to mention it being a potential threat to Facebook.

For those whose data may have been disclosed, shared and used in a way that contravened Australia’s laws, they may be pleased that their country is taking such a strong stance in protecting their interests and this may send a very powerful message to other companies that store and manage the data of Australian citizens.

Google Indexing Makes WhatsApp Group Links Visible

Posted on February 28, 2020 by Andy Miller

A journalist has reported on Twitter that WhatsApp groups may not be as secure as users think because the “Invite to Group via Link” feature allows groups to be indexed by Google, thereby making them available across the Internet.

Links Visible

Chats conducted on the end-to-end encrypted WhatsApp can be joined by people who are given an invite URL link but until now it has not been thought that invite links could be indexed by Google (and other search engines) and found in simple searches. However, it appears that group links that have been shared outside of the secure, private messaging app could be found (and joined).

Exposed

The consequences of these 45,000+ invite links being found in searches is that they can be joined and details like the names and phone numbers of the participants can be accessed. Targeted searches can reveal links to groups based around a number of sensitive subjects.

Links

Even though WhatsApp group admins can invalidate existing links, WhatsApp generates a new link meaning that the original link isn’t totally disabled.

Only Share Links With Trusted Contacts

Users of WhatsApp are warned to share the link only with trusted contacts, and the links that were shown in Google searches appeared because the URLs were publicly listed i.e. shared outside of the app.

Changed

Although Google already offers tools for sites to block content from being listed in search results, since the discovery (and subsequently publicity) of the WhatsApp Invite links being indexed, some commentators have reported that this no longer happens in Google. It has also been reported, however, that publicly posted WhatsApp Invite links can still be found using other popular search engines.

Recent Security Incident

One other high profile incident reported recently, which may cause some users to question the level of security of WhatsApp was the story about Amazon CEO Jeff Bezo’s phone allegedly being hacked by unknown parties thought to be acting for Saudi Arabia after a mysterious video was sent to Mr Bezo’s phone.

Also, last May there were reports of an attack on WhatsApp which was thought to be a ‘zero-day’ exploit that was used to load spyware onto the victim’s phone. Once the victim’s WhatsApp had been hijacked and the spyware loaded onto the phone, for example, access may have been given to encrypted chats, photos, contacts and other information. That kind of attack may also have allowed eavesdropping on calls and turning on the microphone and camera, as well as enabling attackers to alter the call logs and hide the method of infection. At the time, it was reported that the attack may have originated from a private Israeli company, The NSO Group.

What Does This Mean For Your Business?

In this case, although it’s alarming that the details of many group members may have been exposed, it is likely to be because links for those groups were posted publicly and not shared privately with trusted members as the app recommends. That said, it’s of little comfort for those who believed that their WhatsApp group membership and personal details are always totally private. It’s good news, therefore, that Google appears to have taken some action to prevent it from happening in future. Hopefully, other search engines will now do the same.

WhatsApp has end-to-end encryption, which should mean that it is secure, and considering that it has at least 1.5 billion users worldwide, surprisingly few stories have emerged that have brought the general security of the app into question.

Worries About Huawei Persist

Posted on February 28, 2020 by Andy Miller

Security fears about Huawei products being used in the new 5G networks are still being expressed by the Trump administration, while Google has clarified its position on the matter.

What’s So Bad About Huawei?

Back in July 2018, espionage chiefs from Australia, Canada, New Zealand, the U.K. and the U.S. (the so-called ‘Five-Eyes’), agreed at a meeting in July this year to try to contain the global growth of Chinese telecoms company Huawei (the world’s biggest producer of telecoms equipment) because of the threat that it could be using its phone network equipment to spy for China. This led to the US, Australia and New Zealand barring Huawei Technologies Ltd. (with Japan more or less joining the ban) as a supplier for fifth-generation networks.

At the time, the Trump administration drew attention to the matter when Meng Wanzhou, the chief financial officer of Huawei, was detained in Vancouver at the request of U.S. authorities for violating US sanctions on Iran.

Since then, other countries have joined the ban and other allegations have been made against Huawei e.g. the US Department of Justice (DOJ) charged Huawei with bank fraud and stealing trade secrets back in January 2019.

What About The UK

As for the UK government, it will allow Huawei equipment to be used in the country’s 5G network, but not in core network functions or critical national infrastructure, and not in nuclear and military sites. This has led to White House chief of staff Mick Mulvaney visiting just last week to help dissuade the UK from using Huawei’s products in phone networks.

Latest Warning From the US

The latest warning about Huawei products from the US has been voiced by Robert Strayer, who is the US deputy assistant secretary for cyber and communications. Mr Strayer, who is on a tour of Europe this week, warned that allowing Huawei to provide key aspects of the 5G network infrastructure could allow China to undermine it and to have access to “sensitive data”. Mr Strayer piled on the pressure by warning that if the UK adopts Huawei as a 5G technology vendor it could threaten aspects of intelligence sharing between the US and UK.

Google Clarifies

As a US company, tech giant Google has been banned by the Trump administration since May 2019 from working with Huawei which last year led to Google confirming (via blog post) that it wouldn’t be working with Huawei on new device models or providing any Google apps (Gmail, Maps, YouTube, Play Store) for preload or download on Huawei devices.

In the light of more recent allegations and warnings about Huawei, Google has chosen to clarify its position in an article on its support pages (find it here https://support.google.com/android/thread/29434011?hl=en). The article states that “To protect user data privacy, security, and safeguard the overall experience, the Google Play Store, Google Play Protect, and Google’s core apps (including Gmail, YouTube, Maps, and others) are only available on Play Protect certified devices”.

Google says in the article that sideloaded Google apps will not work reliably on Huawei devices. Sideloaded apps are those which haven’t been through a certification process to appear in the Store and to run on a Windows device. The fear is that sideloading apps could mean that apps could be installed which appear to be genuine and normal, but which may have been altered or tampered with in ways that could compromise user security.

What Does This Mean For Your Business?

The Trump administration in the US is keeping the pressure on as regards discouraging countries with which it has security and defence connections, and leverage as an ally or friend with to avoid installing Huawei products in networks, particularly in critical parts. Clearly, a Republican administration (and in this case, and apparently inward-looking one championing US companies) in a country which has traditionally seen communist China as a threat is likely to be at least suspicious of Huawei products. It is of course, unknown exactly what evidence exists to support the idea, and it should also be remembered that it is not long since President Trump launched a trade war with China, and may also be additionally conscious of spying issues from foreign powers after the allegations of Russian influence possibly influencing his own election as president.

For US, European, and other trusted tech network product companies from elsewhere, less for Huawei could mean more for them, and the rub-off bad publicity for Huawei also seems to have negatively affected Huawei’s sales of phone handsets, which has meant that US, Japanese and other phone suppliers have picked up more phone business.

In the run-up to next US presidential election, and with UK looking for trade deals outside the EU, it is likely that the US will continue to try and bring the UK and other countries round to its way of thinking about Huawei.

Growth in Threats To Apple Compared To Windows Machines

Posted on February 13, 2020 by Andy Miller

In a trend that appears contrary to popular perceptions, the latest Malwarebytes (annual) State of malware report has revealed that the growth in attacks on Apple endpoints is outpacing the threats targeting Windows machines.

11 Threats Per Mac Endpoint

The report shows Mac threats were up (2019) four-fold year on year with 11 threats per Mac endpoint on average for Apple compared with only 5.8 threats per Windows endpoint. An ‘endpoint’ refers to an Internet-capable computer hardware device on a TCP/IP network e.g. desktop computers, laptops, smartphones, tablets, printers etc.

Why?

It is likely that the growth in the average number of threats to Apple machines isn’t just down to the fact that there are now more Apple users, but also because Apple may not be taking enough measures that are tough enough to tackle adware and pups (potentially unwanted programmes) compared to efforts made to tackle more traditional malware.

Kaspersky Figures

Figures from Kaspersky this month also show increasing dangers for Mac users as it reports that two years on from its detection, Shlayer Trojan malware attacks one in ten macOS users, and it accounts for almost 30% of all detections for the macOS.

Criminals More Creative and Persistent

As well as the increasing danger for Mac users, in the report, Malwarebytes CEO Marcin Kleczynski highlights how adware, pre-installed malware and multi-vector attacks all show how cybercriminals appear to be heading in a direction where they are “more creative and increasingly persistent with their campaigns”.

Even though threats to Apple endpoints are growing at a faster rate, it is still Windows and Android devices that face the most threats from annoying and hard to uninstall adware and malware (including ransomware).

Business-Focused

The report highlighted the 13 per cent rise in global business threats last year, and how Trojan-turned-botnets Emotet and TrickBot have been targeting businesses and organisations with ransomware new families, like Ryuk, Sodinokibi and Phobos. Also, businesses are facing new risks from hack tools and registry key disablers.

What Does This Mean For Your Business?

As pointed out in the report, those in the online security industry are having to work hard to protect users and businesses from programs that violate user privacy, infect devices, or turn their own infrastructure against them. Businesses and organisations, whether they use Apple or Microsoft Operating Systems need to be acutely aware of (and make sure they are protected against) the threats outlined in the report (malware, ransomware, adware, credit card skimmers and skimmer scripts), as well as phishing and the increasing use of social engineering in attacks.

Mac users may want to check the advice on Apple’s website about features (found in System Preferences) that help protect Macs and the personal information of users from malicious software/malware e.g. protection from malware embedded in harmless-looking apps. See: https://support.apple.com/en-gb/guide/mac-help/mh40596/mac

Also, Apple advises that MacOS users should exercise caution when accessing scripts, web archives and Java archives, which all pose potential threats.