It’s the next instalment of the ISMS.online series of cyber and information security news weekly roundups. Let’s take a look at what’s been going on…
3 minute read
Advertised on Facebook with Love
Russia has cropped up a couple of times in our cyber and infosec news roundups. A couple of weeks ago we saw Kaspersky get the brunt end of disagreements between Russia and the Department of Homeland Security. This week we’re looking at Facebook and paid ad data.
We all remember the accusations around Fake News and alleged Trump propaganda in the runup to the US presidential elections. Well now US investigators have requested to see documentation and data relating to all paid adverts that Facebook published around that time.
There are thought to be more than 3,000 Facebook adverts, pushed out to potential voters, included in this release that will not be made public.
Happy Birthday National Cyber Security Centre
This month marks the first anniversary of the National Cyber Security Centre (NCSC). The aim of this venture was to ‘make the UK the safest place to live and do business online’. This week the NCSC published their first annual review detailing the progress they have made in the past 12 months.
Equifax – It’s worse than we thought
Last month the US credit report giant reported that the data of both Canadian and British citizens had been compromised. At that point, the number of those affected was thought to be around 143 million Americans, 400,000 Britons and 100,000 Canadians.
But this week, just a day after the former boss of Equifax Richard Smith testified in court about the cyber attack, it seems things are much worse than first reported. It’s now thought that an additional 2.5 million of Equifax’s customers have had their personal data accessed by hackers.
A whole new meaning to the term ‘cruise control’
Modern cars are so full of gadgets these days. They can connect you to the internet, let you read and respond to messages on social media. Cars can contact the emergency services if it senses an accident has happened. They can even take over the job of driving, as well as parallel park for you!
All of this technology is remarkable, but it has raised some interesting questions. Like, could a hacker access and take ever your connected car?
Two years ago, the BBC reported that security researchers were able to demonstrate that a Fiat Chrysler Jeep could be hacked. This lead to 1.4 million cars being recalled in the USA.
Elon Musk, the boss of Tesla, said that he would be more worried about a cyber attack that could control an entire fleet of vehicles.
“In principle, if someone was able to… hack all the autonomous Teslas, they could say – I mean just as a prank – they could say ‘send them all to Rhode Island’ – across the United States.”
These autonomous and connected cars are referred to as over the air cars, or OTA, and they can complete important software updates by itself rather than visiting a dealership.
Manufat=curers are taking more steps to ensure the updates that they send do not get intercepted, or that certain elements of the car are not connected to more important functions. For example, the radio is on a completely different system to the steering wheel, as well as the powertrain having a different encryption to the brakes.
Encouraging to hear the processes of car manufacturers over software security. Would the potential of your cruise control being taken over by a hacker put you off using it at all?
See you next week…
Get your ISMS certified with ISO 27001
Want to learn more about our ISMS?
Use the ISMS.online software to satisfy the directive