IT Security RSS Feed for 2024-12-28

Posted on 2024-12-28 Edited on 2025-04-03 In IT Security Word count in article: 41k Reading time ≈ 38 mins.

IT Security RSS Feed for 2024-12-28

What is a public key and how does it work?

Published: Mon, 23 Dec 2024 09:00:00 GMT

What is a Public Key?

A public key is a cryptographic key that is used in public-key cryptography, also known as asymmetric encryption. It is one of a pair of mathematically related keys, the other being a private key.

How a Public Key Works:

Public-key cryptography is based on mathematical algorithms that involve complex mathematical functions and number theory. The public key works in conjunction with the private key to secure communications and data in the following way:

Key Generation:
- A pair of keys (public and private) are generated using a cryptographic algorithm. The keys are mathematically linked, but the private key cannot be derived from the public key.
Encryption:
- The public key is made publicly available.
- The message or data to be secured is encrypted using the recipient’s public key.
- The encrypted message can only be decrypted using the corresponding private key.
Decryption:
- The recipient uses their private key to decrypt the encrypted message.
- The decryption operation reverses the encryption process, revealing the original plaintext message.
Authentication:
- Public keys can also be used for authentication.
- A message or signature is digitally signed using the private key.
- The recipient can verify the authenticity of the message by using the corresponding public key to validate the signature.

Key Features of Public Key Cryptography:

Data Privacy: Only the intended recipient (with the private key) can decrypt the encrypted data.
Authentication: Public keys can verify the authenticity of messages and signatures.
Non-Repudiation: The recipient cannot deny that they received the message, as it has been authenticated using their public key.
Key Distribution: Public keys can be shared openly without compromising the security of the private key.

Applications of Public Keys:

Public keys are widely used in various applications, including:

Secure email (e.g., PGP, S/MIME)
Encrypted web browsing (HTTPS)
Digital signatures
Authentication mechanisms
Blockchains and cryptocurrencies

What is a proxy firewall?

Published: Mon, 23 Dec 2024 09:00:00 GMT

A proxy firewall is a type of firewall that acts as an intermediary between a client and a server. It intercepts all traffic between the client and the server and checks it for malicious content. If any malicious content is detected, the proxy firewall will block it and prevent it from reaching the client. Proxy firewalls can be either hardware-based or software-based, and they can be deployed in a variety of different environments.

Here are some of the benefits of using a proxy firewall:

Increased security: Proxy firewalls can help to protect your network from a variety of security threats, including viruses, malware, and phishing attacks.
Improved performance: Proxy firewalls can help to improve the performance of your network by caching frequently accessed content and optimizing traffic flow.
Enhanced control: Proxy firewalls give you more control over the traffic that enters and leaves your network. This can be useful for enforcing security policies and managing bandwidth usage.

If you are looking for a way to improve the security of your network, a proxy firewall is a great option. Proxy firewalls are relatively easy to deploy and manage, and they can provide a significant boost to your network’s security.

6 must-read blockchain books for 2025

Published: Mon, 23 Dec 2024 00:00:00 GMT

Blockchain Revolution 2.0: The Future of Technology, Business, and Society by Don Tapscott
The Blockchain Economy: Unleashing the Power of Distributed Ledgers by Brett King
Mastering Blockchain: Building and Deploying DApps on Ethereum by Andreas M. Antonopoulos
Blockchain for Business: A Practical Guide for CIOs and Business Leaders by David Treat
The Digital Asset Revolution: How Blockchain and Tokenization Are Redefining Our Economic Future by William Mougayar
The Cryptoasset Handbook: The Essential Guide to Cryptoassets and Smart Contracts by Preston Byrne

LockBit ransomware gang teases February 2025 return

Published: Thu, 19 Dec 2024 12:56:00 GMT

LockBit Ransomware Gang Teases February 2025 Return

The notorious LockBit ransomware gang has sent shockwaves through the cybersecurity community by teasing their return in February 2025. This announcement has raised concerns among security experts and organizations worldwide.

LockBit’s History

LockBit, first identified in 2019, has become one of the most prolific ransomware operations. They have targeted organizations across industries, including healthcare, education, and government. LockBit’s tactics involve encrypting victims’ files and demanding large ransoms in exchange for decryption keys.

Suspension of Operations

In June 2022, LockBit abruptly suspended its operations, citing internal conflicts and a desire to improve their “product.” The gang claimed that they would return “in a completely new form” in the future.

2025 Return Announcement

Now, in an unexpected move, LockBit has teased their return in February 2025. The announcement was made on a hidden Tor website used by the gang. The message stated, “We are coming back. We are preparing something new that will shake the world.”

Concerns and Implications

Security experts are alarmed by the announcement, as it suggests that LockBit is planning a major comeback. They fear that the gang has spent the past two years developing new techniques and capabilities that could make them even more dangerous than before.

The 2025 return date is also significant, as it marks the third anniversary of the first LockBit attack. This could be a symbolic date chosen by the gang to commemorate their return.

Preventive Measures

Organizations are urged to take proactive measures to protect themselves against potential LockBit attacks. These include:

Regularly backing up critical data
Implementing strong cybersecurity measures
Raising employee awareness about ransomware threats
Having a comprehensive incident response plan in place

Conclusion

The LockBit ransomware gang’s announcement of their February 2025 return has sent a shiver down the spines of security experts and organizations worldwide. While the exact nature of their “new form” is unknown, it is clear that LockBit remains a significant threat to cybersecurity. Organizations must remain vigilant and take necessary precautions to protect themselves from potential attacks.

Latest attempt to override UK’s outdated hacking law stalls

Published: Thu, 19 Dec 2024 11:10:00 GMT

Latest attempt to override UK’s outdated hacking law stalls

The UK government’s latest attempt to override its outdated hacking law has stalled, leaving campaigners disappointed.

The Law Commission, an independent body that advises the government on legal reform, has published a report on the Computer Misuse Act 1990 (CMA). The report recommends a number of changes to the law, including:

Clarifying the definition of “unauthorized access” to computer systems
Creating a new offense of “reckless hacking”
Increasing the maximum penalty for hacking offenses

The government had been expected to introduce a bill to implement the Law Commission’s recommendations by the end of the year. However, it is now unclear when or if the bill will be introduced.

A spokesperson for the Ministry of Justice said: “We are considering the Law Commission’s report and will respond in due course.”

Campaigners have expressed disappointment at the delay. Jim Killock, executive director of Open Rights Group, said: “The government has been promising to update the CMA for years. It is now clear that they have no intention of doing so.”

“The CMA is outdated and does not reflect the way that computers are used today. It is essential that the government takes action to update the law and protect people from hacking.”

The CMA was introduced in 1990, before the internet became widely used. The law has been criticized for being too vague and for failing to keep pace with technological developments.

In recent years, there have been a number of high-profile hacking cases that have highlighted the need for a new law. In 2014, hackers stole the personal data of millions of customers from TalkTalk. In 2017, the NHS was hit by a ransomware attack that caused widespread disruption.

The Law Commission’s report is a welcome step towards updating the CMA. However, it is now up to the government to decide whether or not to implement the recommendations.

The Data Bill: It’s time to cyber up

Published: Thu, 19 Dec 2024 09:42:00 GMT

The Data Bill: It’s Time to Cyber Up

Introduction

In an era defined by the exponential growth of data, it is imperative to establish a comprehensive and robust framework to govern its collection, use, and disclosure. The Data Bill is a crucial step towards creating a digital environment that is both secure and equitable.

Key Provisions

The Bill introduces several key provisions that aim to enhance cybersecurity, protect personal data, and foster innovation. These include:

Mandatory Data Breach Notification: Organizations will be required to notify individuals promptly in the event of a data breach that poses a significant risk of harm.
Strengthened Cybersecurity Standards: Minimum cybersecurity standards will be established to protect critical infrastructure and sensitive data from cyberattacks.
Data Protection Rights: Individuals will have enhanced rights over their personal data, including the right to access, portability, rectification, and erasure.
Data Interoperability: The Bill promotes data interoperability by requiring businesses to provide access to their data in a standardized and machine-readable format.
Innovation Sandbox: A regulatory sandbox will be created to allow for the testing of innovative data-driven technologies while mitigating potential risks.

Benefits

The Data Bill offers numerous benefits, including:

Enhanced Cybersecurity: By strengthening cybersecurity standards and requiring prompt breach notifications, the Bill reduces the likelihood and impact of cyberattacks.
Increased Data Protection: Individuals gain greater control over their personal data, fostering trust and privacy in the digital economy.
Promoted Innovation: The interoperability provisions and regulatory sandbox encourage businesses to develop and deploy data-driven solutions that drive economic growth.
Improved Data Governance: A clear and consistent legal framework provides businesses with certainty and reduces regulatory uncertainty.

Challenges and Considerations

While the Data Bill is a positive step forward, there are challenges and considerations to address:

Harmonization with Existing Regulations: It is important to ensure that the Data Bill complements existing data protection regulations, such as the GDPR in the EU.
Potential Compliance Costs: Businesses may face additional compliance costs, which could impact smaller organizations.
Balancing Innovation and Security: The Bill must strike a balance between fostering innovation and protecting against potential security risks.

Conclusion

The Data Bill is a timely and essential measure to strengthen cybersecurity, protect personal data, and promote innovation in the digital age. By embracing a balanced approach that both safeguards individuals and encourages technological advancement, we can create a secure and dynamic digital environment that benefits all stakeholders. It is now time to “cyber up” and embrace the opportunities and challenges that lie ahead.

Innovation, insight and influence: the CISO playbook for 2025 and beyond

Published: Thu, 19 Dec 2024 09:10:00 GMT

Innovation

Embrace emerging technologies: Explore cutting-edge technologies like artificial intelligence (AI), machine learning (ML), and blockchain to enhance security capabilities.
Foster a culture of innovation: Encourage experimentation, collaboration, and idea sharing within the security team.
Partner with academia and tech vendors: Seek out collaborations with universities and technology companies to gain access to research, new technologies, and industry insights.

Insight

Develop a comprehensive threat intelligence program: Gather, analyze, and share threat information to provide early warning and proactive threat detection.
Leverage data analytics and visualization tools: Use data to identify trends, assess risk, and make informed decisions.
Establish performance indicators and metrics: Measure and track security performance to identify areas for improvement and demonstrate value to stakeholders.

Influence

Build strong relationships with business leaders: Align security initiatives with organizational goals and gain support for investments.
Communicate security risks effectively: Use compelling stories, visualizations, and data to convey the impact of security threats and justify the need for security measures.
Develop thought leadership and participate in industry forums: Share insights and shape industry best practices to establish the CISO as a trusted advisor and thought leader.

Additional Considerations for 2025 and Beyond

Increased focus on cyber resilience: Develop strategies to minimize disruption and recover quickly from cyberattacks.
Growing importance of cloud security: Implement robust security measures for cloud environments, including data encryption, access control, and incident response plans.
Rise of privacy regulations: Stay abreast of emerging privacy regulations and develop strategies to comply with them.
Collaboration and partnerships: Forge partnerships with internal and external stakeholders to enhance security effectiveness.
Continuous learning and development: Embrace ongoing education and training to stay ahead of emerging threats and technologies.

By embracing innovation, developing insightful analysis, and leveraging influence effectively, CISOs can lead their organizations towards a secure and resilient future.

What is a public key certificate?

Published: Thu, 19 Dec 2024 09:00:00 GMT

A public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to bind a public key to the identity of the entity that owns the corresponding private key. It serves as a way to verify the authenticity of the public key and to ensure that it belongs to the legitimate owner.

Public key certificates are typically issued by a certificate authority (CA), which is a trusted third party that verifies the identity of the entity requesting the certificate. The CA uses its own private key to digitally sign the certificate, which proves that the CA has verified the entity’s identity.

Public key certificates contain various information, including:

The subject’s name: The name of the entity that owns the private key.
The subject’s public key: The public key that is associated with the private key.
The issuer’s name: The name of the certificate authority that issued the certificate.
The issuer’s digital signature: The digital signature that proves the CA’s verification of the entity’s identity.
The validity period: The period during which the certificate is valid.

Public key certificates play an essential role in various security applications, such as:

Secure communication: Public key certificates are used in Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols to establish secure communication channels over the internet.
Digital signatures: Public key certificates are used to verify the authenticity of digital signatures, ensuring that a message or document has not been tampered with.
Authentication: Public key certificates can be used for user authentication, allowing users to prove their identity without sharing their private key.

Public key certificates help to establish trust in digital environments by providing a way to verify the authenticity of public keys and to ensure that they belong to the legitimate owners. They are widely used in various applications where secure communication and authentication are required.

French court refuses to expedite trial of Sky ECC cryptophone distributor Thomas Herdman

Published: Thu, 19 Dec 2024 06:53:00 GMT

French court refuses to expedite trial of Sky ECC cryptophone distributor Thomas Herdman

A French court has refused to expedite the trial of Thomas Herdman, a key figure in the distribution of Sky ECC encrypted phones.

Herdman, a Canadian national, was arrested in January 2021 and is accused of being a central figure in the distribution of Sky ECC devices, which were used by organized crime groups around the world to communicate securely.

Prosecutors had asked the court to expedite the trial in order to take advantage of the fact that key witnesses are currently in custody. However, the court ruled that there was no justification for expediting the trial and that it would proceed at a normal pace.

The trial is now scheduled to begin in January 2024.

Background

Sky ECC was a secure messaging service that was used by organized crime groups around the world. The service was encrypted and offered a number of features that made it difficult for law enforcement to intercept communications.

In March 2021, law enforcement agencies in several countries, including France, Belgium, and the Netherlands, launched a joint operation that targeted Sky ECC. The operation resulted in the arrest of dozens of suspects and the seizure of hundreds of devices.

Herdman is accused of being a central figure in the distribution of Sky ECC devices. He is believed to have sold thousands of devices to organized crime groups around the world.

Implications

The refusal of the French court to expedite the trial of Herdman is a setback for prosecutors. The delay will give Herdman more time to prepare his defense and could make it more difficult to convict him.

However, the trial is still scheduled to proceed, and Herdman will face serious charges. If convicted, he could face a lengthy prison sentence.

The case is a reminder of the challenges that law enforcement faces in combating organized crime. Encrypted messaging services make it difficult for law enforcement to intercept communications, and this can make it difficult to investigate and prosecute crime.

Additional information

Sky ECC was founded in 2010 by Jean-François Eap.
The service was encrypted using a proprietary algorithm.
Sky ECC offered a number of features that made it attractive to organized crime groups, including the ability to send self-destructing messages and to communicate with other users anonymously.
The joint operation that targeted Sky ECC was codenamed Operation Trojan Shield.
The operation resulted in the arrest of dozens of suspects and the seizure of hundreds of devices.
Herdman is accused of being a central figure in the distribution of Sky ECC devices.
He is believed to have sold thousands of devices to organized crime groups around the world.
The trial of Herdman is scheduled to begin in January 2024.

The Security Interviews: Martin Lee, Cisco Talos

Published: Wed, 18 Dec 2024 07:14:00 GMT

The Security Interviews: Martin Lee, Cisco Talos

Martin Lee is a Senior Security Researcher at Cisco Talos, where he focuses on analyzing malware and developing defense mechanisms against advanced threats. He has over a decade of experience in the security industry and has been recognized for his contributions to the field. In this interview, Martin shares his insights on the current security landscape, the evolving tactics of attackers, and the importance of collaboration in the fight against cyber threats.

1. What are some of the key trends you’re observing in the security landscape today?

One of the key trends we’re seeing is the increasing sophistication of attacks. Attackers are using more advanced techniques to bypass traditional security controls and target high-value assets. They are also leveraging artificial intelligence and machine learning to automate their attacks and make them more effective.

Another trend we’re seeing is the growing number of ransomware attacks. Ransomware is a type of malware that encrypts a victim’s files and demands a ransom payment in exchange for decrypting them. Ransomware attacks can be very disruptive and costly, and they are becoming increasingly common.

2. How are attackers evolving their tactics to stay ahead of security defenses?

Attackers are constantly evolving their tactics to stay ahead of security defenses. They are using new techniques to bypass traditional security controls, such as sandboxing and intrusion detection systems. They are also leveraging new technologies, such as artificial intelligence and machine learning, to make their attacks more effective.

In addition, attackers are becoming more targeted in their attacks. They are researching their targets and identifying vulnerabilities that they can exploit. This makes it more difficult for organizations to defend against attacks.

3. What are some of the most effective strategies for defending against today’s threats?

There are a number of effective strategies for defending against today’s threats. These include:

Implementing a layered security approach. This involves using a combination of security controls to protect your organization from attacks. These controls should include firewalls, intrusion detection systems, antivirus software, and patch management.
Educating your employees about security risks. Your employees are your first line of defense against attacks. It is important to educate them about the latest security threats and how to protect themselves.
Collaborating with other organizations. No organization can defend against cyber threats alone. It is important to collaborate with other organizations to share information about threats and develop joint defense strategies.

4. How important is collaboration in the fight against cyber threats?

Collaboration is essential in the fight against cyber threats. No organization can defend against threats alone. It is important to share information about threats and develop joint defense strategies.

There are a number of organizations that are working to promote collaboration in the fight against cyber threats. These organizations include the National Cybersecurity and Communications Integration Center (NCCIC), the Cybersecurity and Infrastructure Security Agency (CISA), and the World Economic Forum.

5. What advice would you give to organizations that are looking to improve their security posture?

I would advise organizations to take the following steps to improve their security posture:

Assess your security risks. This will help you to identify the vulnerabilities that attackers are most likely to exploit.
Implement a layered security approach. This will help you to protect your organization from a variety of attacks.
Educate your employees about security risks. This will help them to protect themselves and the organization from attacks.
Collaborate with other organizations. This will help you to share information about threats and develop joint defense strategies.

By following these steps, organizations can improve their security posture and reduce their risk of being compromised by a cyber attack.

Look to the future: How the threat landscape may evolve next

Published: Wed, 18 Dec 2024 06:48:00 GMT

Increased Sophistication and Automation of Cyberattacks:

Attackers will leverage artificial intelligence (AI) and machine learning (ML) to enhance their reconnaissance, exploitation, and post-compromise capabilities.
Automated attack tools and scripts will make it easier for less skilled adversaries to execute sophisticated attacks.

Evolving Ransomware Threats:

Ransomware will continue to be a lucrative tactic for attackers, with new variants employing advanced encryption techniques and targeting critical infrastructure and essential services.
Double extortion and triple extortion schemes will become more prevalent, increasing the pressure on victims.

Supply Chain Attacks:

Attackers will exploit vulnerabilities in software supply chains to target multiple organizations through a single compromise.
Software dependencies and open-source components will present new attack vectors for adversaries.

Internet of Things (IoT) Exploitation:

The proliferation of IoT devices will create a vast attack surface for cybercriminals.
Unsecured IoT devices and networks will be used as entry points for botnets and other malicious activities.

Cyber-Physical Attacks:

Attacks targeting critical infrastructure and industrial control systems will become more sophisticated, potentially leading to physical damage and disruption.
Attackers will leverage OT/ICS vulnerabilities to gain access and manipulate physical systems.

Targeted Attacks on Cloud and Mobile Platforms:

Cloud computing and mobile devices will continue to be attractive targets for attackers.
Cloud misconfigurations and mobile application vulnerabilities will create opportunities for data breaches and account takeovers.

Increased Use of Cryptocurrencies and Darknet Markets:

Cryptocurrencies will provide anonymity and facilitate illegal activities, making it easier for attackers to monetize their exploits.
Darknet markets will continue to be a hub for cybercrime tools and services.

Security Challenges for Remote Workforce:

The prevalence of remote work will introduce new security risks, including potential vulnerabilities in home networks and devices.
Attackers will target virtual private networks (VPNs) and other technologies used for remote access.

Cyberattacks Exploiting Social Engineering:

Social engineering attacks will remain a common vector for attackers, leveraging human vulnerabilities to gain access to sensitive information or systems.
Phishing campaigns and targeted misinformation will be used to trick victims into compromising their security.

Cybersecurity Industry Response:

Cybersecurity vendors will continue to develop innovative solutions to address evolving threats, including threat intelligence, intrusion detection systems, and incident response services.
Governments and law enforcement agencies will play a crucial role in regulating and enforcing cybersecurity measures.

2025-30: Geopolitical influence on cyber and the convergence of threat

Published: Tue, 17 Dec 2024 16:53:00 GMT

Geopolitical Influence on Cyber in 2025-30

Intensified cyber rivalry: Continued geopolitical tensions will escalate cyber conflicts, with major powers using cyber capabilities to gain advantage and undermine adversaries.
Expansion of state-sponsored cyber operations: Governments will invest heavily in offensive and defensive cyber capabilities, using them for intelligence gathering, sabotage, and disruption.
Growing use of cyber for geopolitical extortion: States may leverage cyber attacks to extort concessions or influence policy decisions.
Emergence of “cyber militias”: Non-state actors, including hacktivist groups and criminal organizations, will increasingly align with geopolitical objectives.

Convergence of Threat

Blurring of lines between cyber and physical attacks: Cyber attacks will become increasingly intertwined with physical infrastructure, potentially causing widespread disruption and damage.
Integration of AI and machine learning in cyber operations: Advanced technologies will enhance the capabilities of both attackers and defenders, leading to more sophisticated and automated attacks.
Rise of ransomware and extortion campaigns: Ransomware attacks will continue to target critical infrastructure, businesses, and individuals, with increasingly high financial demands.
Espionage and intellectual property theft: Cyber espionage will remain a major concern, with nations seeking to steal sensitive information and gain economic advantage.

Implications and Mitigation Strategies

Increased need for international cooperation: The interconnected nature of cyberspace requires global collaboration to address threats and establish norms of responsible behavior.
Investment in defensive capabilities: Governments and businesses must prioritize strengthening their cyber defenses to protect critical infrastructure and sensitive data.
Adoption of zero-trust principles: Implementing stringent security measures and assuming breaches will occur can help reduce the impact of cyber attacks.
Education and awareness campaigns: Raising public awareness about cyber threats and best practices can help prevent individuals and organizations from falling victim to attacks.
Enforcement of cybercrime laws: Strengthening international cooperation and harmonizing cybercrime laws will deter malicious actors and facilitate prosecution.
Development of ethical guidelines: It is crucial to establish clear ethical guidelines for the use of cyber weapons and to prevent their misuse or escalation into physical conflict.

Using AI to build stronger client relationships in 2025

Published: Tue, 17 Dec 2024 16:45:00 GMT

Harnessing AI for Enhanced Client Relationships in 2025

1. Personalized Interactions:

AI-powered chatbots provide instant, tailored responses to client inquiries.
Predictive analytics identify unique client needs, enabling businesses to offer personalized recommendations.

2. Proactive Support:

AI monitors client behavior and identifies potential issues before they escalate.
Automated notifications alert clients to account updates, upcoming deadlines, or potential problems.

3. Seamless Communication:

AI-driven communication platforms seamlessly integrate multiple channels (e.g., email, chat, voice).
Natural language processing (NLP) enables clients to communicate with businesses in a natural way.

4. Enhanced Engagement:

AI analyzes client interactions to identify key engagement drivers.
Businesses leverage this data to create targeted marketing campaigns, improve product offerings, and foster stronger relationships.

5. Predictive Analytics:

AI models analyze client data to predict churn risk, identify growth opportunities, and segment clients based on their preferences.
Businesses use this information to tailor retention strategies, upselling tactics, and marketing efforts.

6. Sentiment Analysis:

AI tools monitor social media, customer feedback, and other sources to gauge client sentiment.
This data provides valuable insights into client satisfaction and areas for improvement.

7. Virtual Assistants (VAs):

AI-powered VAs offer 24/7 support, handling routine tasks such as appointment scheduling, order processing, and account queries.
This frees up human resources to focus on high-value interactions.

8. Data-Driven Insights:

AI helps businesses collect, analyze, and interpret client data to gain a comprehensive understanding of their needs and preferences.
These insights inform strategic decision-making and drive personalized experiences.

9. Relationship Management Systems:

AI-integrated relationship management systems (RMS) provide a centralized repository for client information, interaction history, and predictive analytics.
This enables businesses to track client relationships and make informed decisions.

10. Voice of the Customer (VOC):

AI tools analyze customer feedback (e.g., surveys, social media posts) to extract key insights and identify areas for improvement.
Businesses use this data to continuously refine their products, services, and client experiences.

By effectively utilizing AI, businesses can foster stronger client relationships in 2025, resulting in increased loyalty, improved engagement, and increased revenue generation.

Conservative MP adds to calls for public inquiry over PSNI police spying

Published: Tue, 17 Dec 2024 11:45:00 GMT

Conservative MP adds to calls for public inquiry over PSNI police spying

A Conservative MP has added to calls for a public inquiry into allegations that the Police Service of Northern Ireland (PSNI) spied on journalists and politicians.

Sir Bernard Jenkin, the chairman of the House of Commons Public Administration and Constitutional Affairs Committee, said in a letter to Home Secretary Priti Patel that the allegations were “extremely serious” and that a public inquiry was needed to “get to the truth of the matter.”

The allegations have been made by former PSNI officers and journalists. They claim that the PSNI used covert surveillance techniques to gather information on journalists and politicians, including their private lives and political activity.

The PSNI has denied the allegations, but Sir Bernard said that the public needed to be “reassured that the police are not abusing their powers.”

He said: “The allegations that the PSNI has been spying on journalists and politicians are extremely serious. They go to the heart of our democracy and the rule of law.

“The public needs to be reassured that the police are not abusing their powers and that they are accountable to the public for their actions.

“A public inquiry is the best way to get to the truth of the matter. It would be independent, impartial and would allow all the evidence to be heard.

“I urge the Home Secretary to consider my request and to agree to a public inquiry.”

The call for a public inquiry has also been backed by the National Union of Journalists (NUJ).

The NUJ’s general secretary, Michelle Stanistreet, said: “The allegations that the PSNI has been spying on journalists are deeply troubling.

“Journalists play a vital role in a democratic society and they must be able to work without fear of being targeted by the police.

“We support the calls for a public inquiry into these allegations. It is essential that the truth is established and that those responsible are held to account.”

What is passwordless authentication?

Published: Tue, 17 Dec 2024 09:00:00 GMT

Passwordless authentication is a method of verifying user identity without using a traditional password. Instead, it relies on other factors, such as a one-time code sent to a mobile device, a fingerprint scan, or facial recognition.

Benefits of passwordless authentication:

Increased security: Passwords can be easily stolen or hacked, but passwordless authentication methods are more difficult to compromise.
Improved user experience: Passwordless authentication is more convenient and easier to use than traditional passwords. Users don’t have to remember complex passwords or worry about forgetting them.
Reduced risk of fraud: Passwordless authentication can help to reduce the risk of fraud by making it more difficult for unauthorized users to access accounts.

How passwordless authentication works:

There are a number of different passwordless authentication methods, but they all share some common features. Typically, passwordless authentication involves:

Registering your device or account: You will need to register your device or account with the service you want to use. This may involve providing a phone number, email address, or other identifying information.
Verifying your identity: When you log in to the service, you will be asked to verify your identity. This may involve entering a one-time code sent to your mobile device, scanning your fingerprint, or using facial recognition.
Granting access: Once your identity has been verified, you will be granted access to the service.

Examples of passwordless authentication methods:

One-time passwords (OTPs): OTPs are short, one-time codes that are sent to your mobile device. You can use an OTP to log in to your account, even if you don’t have your password.
Fingerprint scanning: Fingerprint scanning is a biometric authentication method that uses the unique patterns on your fingerprints to identify you.
Facial recognition: Facial recognition is a biometric authentication method that uses the unique features of your face to identify you.

Passwordless authentication is still a relatively new technology, but it is quickly gaining popularidad because of its security benefits, improved user experience, and reduced risk of fraud.

What is PKI (public key infrastructure)?

Published: Tue, 17 Dec 2024 09:00:00 GMT

PKI (Public Key Infrastructure)

PKI is a framework for securely managing and distributing public keys, which are used in asymmetric cryptography to establish secure communication channels.

Components of PKI:

Certification Authority (CA): A trusted third-party that issues and validates digital certificates.
Digital Certificates: Electronic documents that bind a public key to the identity of an entity (e.g., a website, email address, or user).
Registration Authority (RA): Optional component that verifies and approves entities for certificate issuance.
Public Key Repository: Database that stores and distributes public keys and certificates.

How PKI Works:

Key Generation: Entities generate a pair of public and private keys.
Certificate Request: Entities submit a certificate request to a CA, including their public key.
Certificate Issuance: The CA verifies the entity’s identity and issues a digital certificate containing the public key linked to the entity’s identity.
Validation: Entities trust the CA to have conducted thorough identity verification, and rely on the certificate to authenticate the entity holding the corresponding private key.
Secure Communication: Communication is established using asymmetric cryptography. Public keys are used to encrypt messages, while private keys are used to decrypt them.

Benefits of PKI:

Strong Authentication: Verifies the identity of communicating parties.
Data Integrity: Ensures that data has not been tampered with.
Confidentiality: Protects data from unauthorized access.
Non-repudiation: Provides proof that a message was sent or received by a specific entity.

Applications of PKI:

Secure websites (HTTPS)
Email encryption (S/MIME)
Electronic signatures
Code signing
Virtual Private Networks (VPNs)

Tribunal criticises PSNI and Met Police for spying operation to identify journalists’ sources

Published: Tue, 17 Dec 2024 05:45:00 GMT

Tribunal Criticizes PSNI and Met Police for Spying Operation to Identify Journalists’ Sources

A tribunal has strongly criticized the Police Service of Northern Ireland (PSNI) and the Metropolitan Police (Met) for conducting a covert spying operation aimed at identifying journalists’ sources.

Background

In 2013, the PSNI and Met launched an operation codenamed “Kenova” to investigate leaks of classified information. They suspected that journalists were receiving leaks from within the security services.

Operation Kenova

The operation involved intercepting the communications of journalists and their sources, including phone calls, emails, and text messages. The police also used other methods, such as surveillance and undercover officers, to gather information.

Tribunal Findings

A public inquiry into Operation Kenova concluded that the police had “acted inappropriately” and “had failed to meet the standards required of a democratic society.” The tribunal found that:

The police had intercepted the communications of journalists without reasonable suspicion.
The operation had been conducted in secret, without the knowledge of the journalists involved.
The police had not properly considered the impact on freedom of the press and the protection of sources.

Criticism

The tribunal’s findings have sparked widespread criticism of the PSNI and Met. Critics argue that the operation was an attack on the right of journalists to protect their sources and that it has damaged public trust in the police.

Response from the Police

Both the PSNI and Met have issued apologies for the operation. However, they have also defended their actions, arguing that they were necessary to prevent leaks of sensitive information.

Implications

The tribunal’s findings are significant because they:

Reinforce the importance of freedom of the press.
Highlight the need for the police to respect the confidentiality of journalists’ sources.
Raise concerns about the use of covert surveillance by the police.

Future Action

The government has announced that it will review the findings of the tribunal and consider what action to take. This could include changes to the law or guidance on the use of surveillance by the police.

Private vs public AI: Which should your business use in 2025?

Published: Mon, 16 Dec 2024 15:21:00 GMT

2025 AI Landscape: Private vs Public AI Considerations

Private AI:

Proprietary data and algorithms: Exclusive use of your own data and custom-developed AI models.
Higher customization and flexibility: Tailored solutions that meet specific business needs.
Potential for competitive advantage: Differentiation and exclusivity in AI capabilities.
Higher cost: Requires significant investment in data gathering, model development, and infrastructure.
Data privacy and security concerns: Responsibility for protecting sensitive business data.

Public AI:

Pre-trained models and compute resources: Access to ready-made AI models and cloud-based infrastructure.
Lower cost and faster time-to-market: Reduced need for data gathering and model development.
Community support and collaboration: Access to shared knowledge, research, and best practices.
Limited customization: May not fully address business-specific requirements.
Data sharing and privacy considerations: Potential sharing of data with other users of the public AI platform.

Decision Factors for 2025:

To determine which type of AI is best for your business in 2025, consider the following factors:

Business objectives: The specific AI applications and outcomes you aim to achieve.
Data availability and quality: The quantity, relevance, and accuracy of data you have access to.
Technical capabilities: The level of AI expertise and resources within your organization.
Budget and cost expectations: The financial implications of private vs public AI solutions.
Competitive landscape: The availability and maturity of AI solutions in your industry.
Data privacy and security regulations: The legal and compliance requirements related to data handling.

Recommended Approach:

Hybrid approach: Utilize a combination of private and public AI to address different aspects of your AI needs.
Phased adoption: Start with public AI to explore possibilities and build expertise, then transition to private AI for more specialized applications.
Seek expert guidance: Consult with AI experts to assess your business needs and recommend the most suitable AI strategy.

Conclusion:

The choice between private and public AI depends on the specific requirements and circumstances of your business. By carefully evaluating the aforementioned factors and adopting a strategic approach, you can harness the transformative power of AI to drive innovation and competitive advantage in 2025 and beyond.

IT Security RSS Feed for 2024-12-28

IT Security RSS Feed for 2024-12-28

What is a public key and how does it work?

What is a proxy firewall?

6 must-read blockchain books for 2025

LockBit ransomware gang teases February 2025 return

Latest attempt to override UK’s outdated hacking law stalls

The Data Bill: It’s time to cyber up

Innovation, insight and influence: the CISO playbook for 2025 and beyond

What is a public key certificate?

French court refuses to expedite trial of Sky ECC cryptophone distributor Thomas Herdman

The Security Interviews: Martin Lee, Cisco Talos

Top 10 cyber security stories of 2024

Look to the future: How the threat landscape may evolve next

Top 10 cyber crime stories of 2024

2025-30: Geopolitical influence on cyber and the convergence of threat

Using AI to build stronger client relationships in 2025

Conservative MP adds to calls for public inquiry over PSNI police spying

What is passwordless authentication?

What is PKI (public key infrastructure)?

Tribunal criticises PSNI and Met Police for spying operation to identify journalists’ sources

Private vs public AI: Which should your business use in 2025?