IT Security RSS Feed for 2025-02-09

Posted on Edited on In Word count in article: 40k Reading time ≈ 36 mins.

IT Security RSS Feed for 2025-02-09

Tech companies brace after UK demands back door access to Apple cloud

Read more

Published: Fri, 07 Feb 2025 16:39:00 GMT

Tech Companies Face Concerns Over UK Backdoor Access to Apple Cloud

Major technology companies have raised concerns after the United Kingdom (UK) government demanded backdoor access to Apple’s cloud services. The request, made under the Investigatory Powers Act 2016, would grant UK law enforcement agencies the ability to intercept and decrypt encrypted data stored on Apple’s iCloud servers.

Industry Opposition

Tech industry leaders have strongly opposed the demand, arguing that it would undermine the security and privacy of millions of users. Apple CEO Tim Cook stated, “Our devices are designed to protect people’s privacy. We would rather go to jail than break our promise to our customers.”

Other tech giants, including Google, Microsoft, and Meta (formerly Facebook), have also expressed their opposition, arguing that backdoor access would create a “Trojan horse” that could be exploited by criminals and foreign governments.

Security Risks

Experts warn that backdoor access would create a significant security risk. If a government agency were to gain access to encryption keys, it could potentially decrypt and monitor vast amounts of private information, including personal messages, financial data, and location history. This information could be used to stifle dissent, target activists, or compromise national security.

Privacy Concerns

The demand for backdoor access also raises privacy concerns. Encrypted cloud services are essential for protecting sensitive personal data from unauthorized access. By providing a “back door,” the government would effectively weaken the security of these services and open the door to potential surveillance and data breaches.

Legal Challenges

Apple has already filed a legal challenge against the UK government’s demand. The company argues that the Investigatory Powers Act violates the European Convention on Human Rights, which protects the right to privacy.

Other tech companies are considering joining the legal battle, as they believe that the principle of encryption is at stake.

Government Perspective

The UK government maintains that backdoor access is necessary for law enforcement to investigate serious crimes, such as terrorism and organized crime. However, critics argue that other tools and techniques are available to law enforcement without compromising the security of encrypted communications.

Conclusion

The UK’s demand for backdoor access to Apple’s cloud has sparked widespread concern in the tech industry and among privacy advocates. The outcome of the legal challenge and the broader debate on encryption will have significant implications for the future of digital security and privacy.

RFI vs. RFP vs. RFQ: How they differ and which is best for you

Read more

Published: Fri, 07 Feb 2025 13:03:00 GMT

RFI (Request for Information)

  • Purpose: Gather information and explore potential solutions from vendors
  • Format: Usually an open-ended questionnaire or interview
  • Objective: Identify potential suppliers, understand market offerings, and assess vendors’ capabilities

RFP (Request for Proposal)

  • Purpose: Request detailed proposals from selected vendors
  • Format: Formal document with specific requirements and evaluation criteria
  • Objective: Compare and select the vendor that best meets the defined needs and specifications

RFQ (Request for Quotation)

  • Purpose: Obtain price quotes for specific goods or services
  • Format: Simpler document than RFI or RFP, requesting specific pricing information
  • Objective: Identify the most cost-effective vendor for the specified items

Key Differences

Feature RFI RFP RFQ
Purpose Information gathering Proposal request Price quotation
Format Open-ended Formal, specific Simpler
Objective Identify potential suppliers Select best vendor Get pricing information
Level of Detail Low High Medium

When to Use Each Document

RFI:

  • When exploring new technologies or solutions
  • When seeking a wide range of options
  • When gathering information to inform a future RFP

RFP:

  • When selecting a vendor for a specific project or service
  • When detailed specifications and requirements are defined
  • When vendor performance will be evaluated against specific criteria

RFQ:

  • When purchasing standard goods or services
  • When price is the primary consideration
  • When the specifications are clear and well-defined

Choosing the Best Option

The best choice depends on the specific situation and procurement objectives. Consider the following factors:

  • Level of information required: If you need to gather general information and explore options, an RFI is appropriate.
  • Complexity of the project: For complex projects with specific requirements, an RFP is preferred.
  • Budget: If price is the primary concern, an RFQ is suitable.
  • Time constraints: If time is limited, an RFI or RFQ may be a quicker option than an RFP.

Secure software procurement in 2025: A call for accountability

Read more

Published: Fri, 07 Feb 2025 12:54:00 GMT

Secure Software Procurement in 2025: A Call for Accountability

Introduction:
In the rapidly evolving digital landscape, software has become an integral part of modern business operations. However, with the increasing sophistication of cyber threats, it is imperative for organizations to prioritize the secure procurement of software to protect sensitive data and mitigate risks. This article highlights the importance of accountability and proposes proactive measures to enhance software security in the year 2025.

Accountability in Software Procurement:
Accountability plays a crucial role in ensuring the secure procurement of software. All stakeholders involved in the process, including vendors, developers, and procurement teams, must be held responsible for their actions and decisions. Vendors must provide accurate information about their software’s security features and certifications, while developers must adhere to best practices in security design and implementation. Procurement teams have the responsibility to conduct thorough evaluations and due diligence before acquiring software, ensuring that it meets the organization’s security standards.

Proactive Measures for 2025:

1. Establishing a Comprehensive Software Security Framework:
Organizations should establish a comprehensive software security framework that outlines policies, procedures, and controls for secure software procurement. This framework should include guidelines for vendor evaluation, security requirements, and post-procurement monitoring.

2. Implementing Automated Security Scanning and Analysis:
Leveraging automated tools for security scanning and analysis can help identify vulnerabilities and configuration issues in software before deployment. This proactive approach can prevent potential breaches and ensure that only secure software is used within the organization.

3. Continuous Monitoring and Assessment:
Regular monitoring of software applications, including patch management, vulnerability assessment, and penetration testing, is essential to maintain security. Continuous monitoring allows organizations to detect and respond to threats promptly, preventing the escalation of incidents.

4. Collaboration with Vendors:
Effective collaboration with vendors is crucial for ongoing software security. Organizations should establish clear communication channels with vendors to receive updates on security patches, vulnerabilities, and product enhancements.

5. Continuous Education and Training:
All stakeholders involved in software procurement must have a strong understanding of software security best practices. Regular training and awareness programs can help them stay up-to-date with the latest threats and mitigation techniques.

Conclusion:
Secure software procurement in 2025 demands accountability and proactive measures. By establishing a comprehensive security framework, implementing automated scanning, monitoring, and assessing software continuously, collaborating with vendors, and investing in education and training, organizations can mitigate risks and ensure the integrity of their digital operations. By embracing accountability, stakeholders can contribute to a secure software supply chain and protect the organization from cyber threats in the years to come.

US lawmakers move to ban DeepSeek AI tool

Read more

Published: Fri, 07 Feb 2025 12:30:00 GMT

US Lawmakers Move to Ban DeepSeek AI Tool

United States lawmakers have introduced a bipartisan bill that aims to ban the use of an artificial intelligence (AI) tool called DeepSeek. The tool, developed by the company Clearview AI, has raised concerns over privacy and surveillance.

What is DeepSeek?

DeepSeek is a facial recognition software that allows users to search for and identify people using their photos. The tool has a database of over 3 billion images, which it uses to power its search engine.

Controversy and Concerns:

DeepSeek has been criticized for its potential to violate privacy. The tool can be used to track people’s movements, identify individuals in crowds, and even retrieve their personal information. Additionally, concerns have been raised about the accuracy of the tool and the potential for it to be used for malicious purposes, such as stalking and discrimination.

Bipartisan Bill:

The bipartisan bill, introduced by Senators Ron Wyden (D-OR) and Edward Markey (D-MA), along with Representatives Anna Eshoo (D-CA) and Ken Buck (R-CO), aims to ban the use of DeepSeek and similar technologies. The bill would prohibit any person or entity from using the tool without explicit consent from the individuals being searched.

Arguments for the Ban:

Proponents of the bill argue that DeepSeek represents a serious threat to privacy and that it is essential to protect individuals from its potential misuse. They emphasize that the technology could erode trust in our democratic institutions and undermine our fundamental rights.

Arguments Against the Ban:

Opponents of the bill contend that it is an overreach and that it stifles innovation. They argue that DeepSeek has legitimate uses, such as law enforcement and missing person searches. They also express concerns that the ban would create a slippery slope and lead to restrictions on other AI technologies.

Outlook:

The bill is expected to face significant debate and opposition from the tech industry and law enforcement agencies. It remains uncertain whether it will gain enough support to pass into law. However, the introduction of the bill highlights the growing concerns over the privacy implications of AI and the need for robust safeguards to protect individuals.

Ransomware payment value fell over 30% in 2024

Read more

Published: Fri, 07 Feb 2025 11:45:00 GMT

2024

Self-healing networks: The next evolution in network management

Read more

Published: Fri, 07 Feb 2025 11:25:00 GMT

Self-Healing Networks: The Next Evolution in Network Management

In today’s digital world, networks are essential for businesses of all sizes. They connect employees, customers, and partners, and they enable the flow of information and data that is critical to operations. However, networks can also be complex and difficult to manage, especially as they grow in size and complexity.

Self-healing networks are the next evolution in network management. They use artificial intelligence (AI) and machine learning (ML) to automate the detection and resolution of network problems, reducing the need for human intervention. This can save businesses time and money, and it can also improve the reliability and performance of their networks.

How Self-Healing Networks Work

Self-healing networks use a variety of techniques to detect and resolve network problems. These techniques include:

  • Network monitoring: Self-healing networks continuously monitor the network for signs of trouble. They look for things like high traffic levels, errors, and outages.
  • Fault detection: Self-healing networks use AI and ML to identify potential problems before they cause outages. They do this by analyzing network data and looking for patterns that indicate a problem is developing.
  • Self-healing: Once a problem has been identified, self-healing networks can take steps to resolve it automatically. This can include rerouting traffic, adjusting network settings, or even replacing failed hardware.

Benefits of Self-Healing Networks

Self-healing networks offer a number of benefits, including:

  • Reduced downtime: Self-healing networks can help to reduce downtime by detecting and resolving problems before they cause outages. This can save businesses time and money, and it can also improve the productivity of employees.
  • Improved performance: Self-healing networks can help to improve network performance by optimizing traffic flow and adjusting network settings. This can lead to faster speeds and more reliable connections.
  • Reduced costs: Self-healing networks can help to reduce costs by automating the detection and resolution of network problems. This can free up IT staff to focus on other tasks, and it can also reduce the need for expensive repairs.

Challenges of Self-Healing Networks

Self-healing networks are still a relatively new technology, and there are some challenges that need to be addressed. These challenges include:

  • Security: Self-healing networks need to be secure from cyberattacks. This is because they have the ability to make changes to the network without human intervention.
  • Complexity: Self-healing networks can be complex to implement and manage. This is because they require a deep understanding of AI and ML.
  • Cost: Self-healing networks can be expensive to implement. This is because they require specialized hardware and software.

Future of Self-Healing Networks

Self-healing networks are the future of network management. They offer a number of benefits, including reduced downtime, improved performance, and reduced costs. As AI and ML continue to develop, self-healing networks will become even more powerful and effective.

In the future, self-healing networks will be able to do more than just detect and resolve network problems. They will also be able to optimize network performance, predict future problems, and even protect against cyberattacks. This will make self-healing networks an essential tool for businesses of all sizes.

UK’s Cyber Monitoring Centre begins incident classification work

Read more

Published: Thu, 06 Feb 2025 12:18:00 GMT

UK’s Cyber Monitoring Centre Begins Incident Classification Work

The UK’s Cyber Monitoring Centre (CMC) has commenced incident classification work to enhance its response to cybersecurity incidents. This initiative aims to categorize and prioritize cyber incidents based on their severity and potential impact, informing the appropriate response and mitigation measures.

Objective of Incident Classification

Incident classification provides several key advantages:

  • Enhanced Situational Awareness: It allows the CMC to quickly assess the scale and severity of incidents, enabling it to allocate resources effectively.
  • Prioritized Response: Classification helps to determine which incidents require immediate attention and which can be managed later, ensuring that critical threats are addressed promptly.
  • Improved Decision-Making: By classifying incidents, the CMC can make informed decisions on the appropriate response, such as alerting relevant organizations, issuing public warnings, or conducting investigations.
  • Standardized Reporting: Incident classification facilitates consistent reporting across different organizations and allows for sharing of information with international partners.

Classification Framework

The CMC uses a structured classification framework to categorize incidents. This framework includes:

  • Impact: Severity of the potential damage or disruption caused by the incident.
  • Likelihood: Probability of the incident occurring or continuing.
  • Confidence: Level of certainty in the assessment of the incident.

Incident Categories

Based on the classification framework, incidents are assigned to the following categories:

  • High: Incidents with severe impact and a high likelihood of occurrence. Immediate action is required.
  • Medium: Incidents with moderate impact and a medium likelihood of occurrence. Monitoring and preparation for potential escalation are necessary.
  • Low: Incidents with minor impact and a low likelihood of occurrence. General awareness and monitoring are sufficient.

Collaboration and Information Sharing

The CMC collaborates with other cybersecurity organizations and government agencies to ensure a coordinated response to cyber incidents. By sharing classified incident information, organizations can better understand the threat landscape and take appropriate actions to mitigate risks.

Conclusion

The UK’s Cyber Monitoring Centre’s incident classification initiative is a significant step towards improving the UK’s resilience to cyberattacks. By categorizing and prioritizing incidents, the CMC can enhance its response capabilities, streamline decision-making, and facilitate effective collaboration among organizations.

Kyndryl expands SASE services with Palo Alto Networks

Read more

Published: Thu, 06 Feb 2025 05:30:00 GMT

Kyndryl Expands SASE Services with Palo Alto Networks Partnership

Kyndryl, the world’s largest IT infrastructure services provider, has announced an expanded partnership with Palo Alto Networks to enhance its Secure Access Service Edge (SASE) offerings. This collaboration aims to provide customers with comprehensive protection against cyber threats while simplifying network security.

Key Features of the Expanded SASE Services:

  • Next-Generation Firewall (NGFW) as a Service: Kyndryl customers can now access Palo Alto Networks’ industry-leading NGFW capabilities as a managed service, offering advanced threat protection, traffic inspection, and application control.
  • Cloud-Delivered Security: The SASE offering will be delivered from Kyndryl’s global network of data centers, ensuring fast and reliable performance for customers in various locations.
  • Zero Trust Network Access (ZTNA): The partnership also includes Palo Alto Networks’ ZTNA solutions, enabling customers to implement zero trust principles for secure remote access and application protection.
  • Managed Services and Support: Kyndryl provides ongoing management, monitoring, and support for the expanded SASE services, allowing customers to focus on their core business operations.

Benefits for Customers:

  • Improved Security Posture: Enhanced protection against cyber threats with advanced NGFW and ZTNA capabilities.
  • Reduced Complexity: Simplified network security management by consolidating multiple security functions into a single SASE platform.
  • Cost Optimization: Managed SASE services offer cost predictability and eliminate the need for hardware investment and maintenance.
  • Increased Business Agility: Improved network performance and enhanced security enable businesses to adapt quickly to changing requirements.

“By expanding our partnership with Palo Alto Networks, we are delivering a comprehensive and flexible SASE solution that meets the evolving security needs of our customers,” said Nate Haskins, Global Security Practice Leader at Kyndryl. “This collaboration is a testament to our commitment to providing next-generation security services.”

“We are excited to enhance our relationship with Kyndryl and provide their customers with access to our industry-leading cybersecurity solutions,” said Kevin Taylor, SVP Global Channel Sales & Ecosystem at Palo Alto Networks. “Together, we can empower organizations to navigate the evolving threat landscape securely.”

Kyndryl’s expanded SASE services with Palo Alto Networks are now available to customers worldwide.

Met Police spied on BBC journalists’ phone data for PSNI, MPs told

Read more

Published: Wed, 05 Feb 2025 11:21:00 GMT

Met Police Spied on BBC Journalists’ Phone Data for PSNI, MPs Told

The Metropolitan Police (Met) has been accused of illegally accessing the phone data of BBC journalists without their knowledge or consent. The allegations were made during a parliamentary hearing in front of the Northern Ireland Affairs Committee.

Alleged Spying on BBC Journalists

According to the Committee, the Met Police provided phone records of BBC journalists to the Police Service of Northern Ireland (PSNI). The records included details of calls, text messages, and location data.

The BBC journalists in question were reporting on the investigation into the murder of ex-IRA commander Denis Donaldson. The PSNI had requested the phone data in an attempt to identify sources who had leaked information to the journalists.

Illegal Access to Phone Data

The Committee found that the Met Police had “unlawfully obtained” the phone data of the BBC journalists. The Met had not obtained the required legal warrants or consent from the journalists before accessing their records.

The Committee also criticized the Met for not being transparent about its actions. The Met had initially denied providing the phone data to the PSNI, but later admitted to doing so.

Consequences for Met Police

The allegations of spying on BBC journalists have raised serious concerns about the conduct of the Met Police. The Committee has recommended that the Met provide full disclosure of its actions and cooperate with any investigations.

The Independent Office for Police Conduct (IOPC) has launched an inquiry into the allegations. The IOPC will investigate whether the Met Police breached any laws or ethical guidelines.

Impact on Journalists and Press Freedom

The allegations have had a significant impact on journalists and press freedom in the UK. Journalists fear that they are being targeted by the police for their work.

The National Union of Journalists has condemned the alleged spying as “a betrayal of trust” and called for an independent inquiry. The Committee has also called for an independent review of the relationship between the police and the media.

Conclusion

The allegations that the Met Police spied on BBC journalists without their knowledge or consent are deeply concerning. The allegations raise questions about the conduct of the Met Police and the impact on press freedom in the UK. The Independent Office for Police Conduct is investigating the allegations, and the Committee has called for further transparency and accountability from the Met.

MPs to scrutinise use of artificial intelligence in the finance sector

Read more

Published: Wed, 05 Feb 2025 07:49:00 GMT

MPs to Scrutinize Use of Artificial Intelligence in the Finance Sector

The UK Parliament’s Treasury Select Committee has announced a new inquiry into the use of artificial intelligence (AI) in the finance sector.

Background

  • AI is rapidly transforming the financial landscape, automating tasks, improving risk management, and providing new insights.
  • However, concerns have been raised about the potential risks of AI, including biases, opaqueness, and the loss of human jobs.

Inquiry Focus

  • The committee will examine:
    • The benefits and risks of AI in financial services.
    • How AI is being used by banks, insurers, and other financial institutions.
    • The regulatory and ethical implications of AI.
    • The potential impact on employment and the financial industry as a whole.

Significance

  • The inquiry aims to assess the potential of AI to improve financial services while mitigating risks.
  • Its recommendations could shape regulations and industry practices governing AI usage.
  • The committee’s findings will also inform public understanding of the ethical and societal implications of AI in the finance sector.

Timeline

  • The committee will take evidence from experts, industry leaders, and regulators.
  • A report is expected to be published in early 2024.

Stakeholder Perspectives

  • Financial institutions: Eager to leverage AI to drive innovation and efficiency, but concerned about regulatory and ethical implications.
  • Regulators: Aim to strike a balance between promoting innovation and protecting consumers.
  • Ethical groups: Emphasize the need for transparency, fairness, and accountability in AI algorithms.
  • Industry experts: Advocate for responsible AI development and deployment, while highlighting its potential benefits.

Conclusion

The Treasury Select Committee’s inquiry into AI in the finance sector is a timely and significant step. Its findings will help inform policies and practices that will shape the future of AI in financial services. By balancing the benefits and risks, the committee aims to ensure that AI is used responsibly and ethically, to the benefit of both consumers and the financial industry.

What is Internet Key Exchange (IKE)?

Read more

Published: Tue, 04 Feb 2025 09:00:00 GMT

Internet Key Exchange (IKE)

IKE is a security protocol suite used to establish secure authenticated key exchanges over insecure networks, especially the Internet. IKE is the key management protocol for the IPsec protocol suite, which provides secure communication over networks.

Features of IKE:

  • Authentication: Authenticates the communicating parties using various methods (e.g., certificates, shared secrets).
  • Key Exchange: Establishes a shared secret key between the parties using a Diffie-Hellman key exchange.
  • Security Association (SA) Negotiation: Negotiates the security parameters to use for IPsec, such as encryption algorithms and key lifetimes.
  • Perfect Forward Secrecy: Ensures that past communication remains secure even if current keys are compromised.
  • Multiple Phase Architecture: Consists of two phases (Main Mode and Aggressive Mode) that offer different levels of security and performance.

How IKE Works:

IKE operates in two phases:

  • Phase 1 (Main Mode):
    • Establishes an Identity Protection (IDP) tunnel for secure communication.
    • Authenticates the parties and negotiates keying material for IPsec Security Associations (SAs).
  • Phase 2 (Aggressive Mode):
    • Establishes IPsec SAs for specific communication streams.
    • Uses the keying material negotiated in Phase 1.

Uses of IKE:

IKE is typically used in applications that require secure communication over the Internet, such as:

  • Virtual Private Networks (VPNs)
  • Remote access to corporate networks
  • Secure voice and video over IP (VoIP, video conferencing)
  • E-commerce and online banking
  • Cloud computing

Advantages of IKE:

  • Strong authentication and key exchange
  • Confidentiality and integrity protection
  • Support for a wide range of underlying IPsec protocols
  • Flexibility and scalability
  • Wide industry adoption

“Unsafe At Any Speed”. Comparing automobiles to code risk

Read more

Published: Tue, 04 Feb 2025 08:30:00 GMT

“Unsafe at Any Speed”: Automobiles and Code Risk

Ralph Nader’s seminal work, “Unsafe at Any Speed,” exposed the inherent dangers of automobiles and the need for stronger safety regulations. Similarly, in the realm of software development, code risk presents a parallel set of challenges.

Analogies between Automobiles and Code:

  • Design Flaws: Just as automobiles can suffer from fatal design flaws, such as faulty brakes or suspension systems, code can contain vulnerabilities that expose systems to attack or failure.
  • Human Factors: Drivers, like software engineers, are susceptible to error and complacency. Inadequate training or lack of attention to detail can lead to accidents.
  • External Factors: Environmental conditions, such as weather or road conditions, can impact the safety of driving. Similarly, external factors like network congestion or hardware failures can affect the reliability of code.

Code Risk as an “Unsafe Speed”:

Like driving at excessive speeds, developing code without addressing risk can have dire consequences. Uncontrolled code can introduce vulnerabilities that lead to:

  • Security breaches: Unauthorized access to sensitive data or systems.
  • System crashes: Disruptions to critical business operations or infrastructure.
  • Financial losses: Data loss, reputational damage, and legal liabilities.

Factors Contributing to Code Risk:

  • Inadequate testing: Insufficient testing can reveal vulnerabilities that attackers can exploit.
  • Lack of security checks: Code may not properly validate user input or handle errors, leaving it vulnerable to malicious input.
  • Insufficient code review: Peer reviews can identify potential flaws and improve code quality.
  • Time pressure: Developers may cut corners to meet deadlines, increasing the likelihood of introducing errors.

Addressing Code Risk:

To mitigate code risk, software engineers must implement rigorous safety measures, including:

  • Comprehensive testing: Conduct thorough testing for all potential scenarios, including security vulnerabilities.
  • Robust security checks: Validate user input, handle errors securely, and implement appropriate encryption.
  • Regular code reviews: Establish a code review process to identify and address potential flaws.
  • Focus on quality: Prioritize code quality and avoid shortcuts that compromise security or reliability.

Conclusion:

Just as automobiles should never be operated “unsafe at any speed,” code should never be released without addressing potential risks. By embracing a proactive approach to code risk, software engineers can create secure, reliable, and resilient systems that protect users and organizations from harm.

Nationwide Building Society to train people to think like cyber criminals

Read more

Published: Mon, 03 Feb 2025 19:00:00 GMT

Nationwide Building Society to Train People to Think Like Cyber Criminals

Nationwide Building Society, the UK’s largest building society, has announced a new initiative to train its employees to think like cyber criminals. The goal of the program is to enhance the organization’s ability to identify and prevent cyberattacks.

Cyber Crime Simulation Exercise

As part of the program, employees will participate in a cyber crime simulation exercise developed by the SANS Institute, a leading cybersecurity training and certification organization. The exercise will put participants in the shoes of real-world cyber criminals, allowing them to experience firsthand the techniques and tactics used by malicious actors.

Understanding Attacker Motives

The simulation will provide employees with a deep understanding of the motivations and methods used by cyber criminals. They will learn about common attack vectors, such as phishing, malware, and social engineering, and the techniques used to exploit vulnerabilities in systems and networks.

Developing Defensive Strategies

By understanding how cyber criminals think and operate, employees can better anticipate and mitigate potential threats. The training will empower them to identify suspicious activity, respond effectively to incidents, and implement robust security controls.

Proactive Security Measures

Nationwide Building Society believes that this initiative is an essential component of its proactive security strategy. By investing in training and awareness, the organization aims to minimize the risk of successful cyberattacks and protect the personal and financial information of its customers.

Comment from Nationwide

Mark Auty, Nationwide’s Head of IT Risk and Cyber Security, said: “We are committed to staying one step ahead of cyber criminals and this training is a crucial part of that. By understanding their techniques, we can better defend ourselves against their attacks and keep our members’ money and data safe.”

Government sets out cyber security practice code to stoke AI growth

Read more

Published: Mon, 03 Feb 2025 09:30:00 GMT

Government Sets Out Cyber Security Practice Code to Stoke AI Growth

To foster the development and adoption of artificial intelligence (AI), the government has released a cyber security practice code. The code offers recommendations for businesses, organizations, and individuals to improve their cyber security posture and lessen the hazards associated with AI technology.

Key Points of the Practice Code:

  • Risk Assessment: The code advises businesses to assess the cyber security risks connected with their AI systems and put mitigation measures in place.
  • Data Protection: Businesses are urged to implement stringent data protection laws to prevent unauthorized access to sensitive information.
  • Security by Design: Businesses should incorporate security safeguards into their AI systems from the start to prevent future vulnerabilities.
  • Governance and Oversight: Establishing governance frameworks to manage cyber security risks and ensure accountability is recommended by the code.
  • Training and Awareness: Businesses are urged to educate their staff on cyber security best practices and the hazards linked with AI.

Benefits of the Practice Code:

  • Enhanced Security: Businesses can better protect their AI systems from cyber threats by implementing the code’s recommendations, lowering the risk of data breaches and other security incidents.
  • Increased Trust: Customers and stakeholders may have more confidence in AI systems if they know businesses are taking appropriate measures to protect their data and privacy.
  • Competitive Advantage: Businesses that embrace the practice code may differentiate themselves from competitors by displaying a dedication to cyber security and responsible AI deployment.
  • Foster AI Growth: The practice code’s implementation aims to establish a safe environment for AI development and adoption, which will accelerate innovation and drive economic growth.

Conclusion:

The cyber security practice code developed by the government is a step in the right way to encourage the responsible growth of AI. The code provides clear instructions that organizations may follow to enhance their security posture and lessen the hazards linked with AI technology. By implementing these best practices, businesses can foster trust, maintain a competitive edge, and contribute to the safe and successful adoption of AI.

Vigilant buyers are the best recipe for accountable suppliers

Read more

Published: Mon, 03 Feb 2025 08:58:00 GMT

In the realm of procurement, the vigilance of buyers plays a pivotal role in fostering a culture of accountability among suppliers. By exercising due diligence and maintaining a proactive approach, buyers can create an environment where suppliers are incentivized to deliver on their commitments and operate with integrity.

Firstly, vigilant buyers conduct thorough due diligence before selecting suppliers. They scrutinize financial statements, references, and industry reputation to identify potential risks and ensure that suppliers possess the necessary capabilities and expertise. This rigorous assessment process sets the tone for a professional and accountable relationship right from the outset.

Accountable suppliers are responsive and proactive in addressing buyer concerns. They establish clear lines of communication, provide timely updates, and proactively resolve any challenges that may arise during the procurement process. Vigilant buyers, in turn, appreciate and reward such transparency and responsiveness, fostering a mutually respectful working relationship.

Moreover, vigilant buyers enforce contractual obligations with rigor and fairness. They closely monitor supplier performance against agreed-upon specifications, timelines, and quality standards. By holding suppliers accountable for their commitments, buyers demonstrate their unwavering commitment to excellence and encourage suppliers to raise their standards.

Additionally, vigilant buyers leverage technology and data to gain insights into supplier performance. They utilize performance management systems to track supplier metrics, identify areas for improvement, and make informed decisions. By harnessing the power of data, buyers can identify underperforming suppliers and provide constructive feedback to drive continuous improvement.

Finally, vigilant buyers create a culture of ethical conduct. They clearly communicate their expectations regarding ethical behavior and corporate social responsibility. By fostering a zero-tolerance approach to unethical practices, buyers send a strong message that suppliers who engage in such behavior will face consequences.

In conclusion, vigilant buyers are the cornerstone of accountable suppliers. By exercising due diligence, enforcing contractual obligations, leveraging technology, and promoting ethical conduct, buyers create an environment where suppliers are held to high standards and encouraged to deliver on their commitments. This virtuous cycle leads to improved procurement outcomes, enhanced risk management, and a more ethical and sustainable supply chain.

DeepSeek-R1 more readily generates dangerous content than other large language models

Read more

Published: Mon, 03 Feb 2025 04:45:00 GMT

DeepSeek-R1 is a large language model developed by Microsoft. It is not inherently more likely to generate dangerous content than other large language models. However, the specific training data and fine-tuning methods used for DeepSeek-R1 may influence its propensity to generate certain types of content.

It is important to note that all large language models have the potential to generate potentially harmful or dangerous content, depending on the prompts they are given and the context in which they are used. These models are trained on vast amounts of text data, including both benign and harmful content, and they can sometimes learn to generate text that reflects the biases and harmful patterns present in the training data.

To mitigate the potential risks associated with large language models, researchers and developers are actively working on techniques to detect and prevent the generation of harmful content. These techniques include using filters to identify and block inappropriate text, as well as training the models on more diverse and representative datasets.

It is also important for users of large language models to be aware of the potential risks and to use the models responsibly. Users should not rely on these models to generate content that could be harmful or dangerous, and they should be cautious about sharing content generated by large language models with others.

What is a certificate revocation list (CRL) and how is it used?

Read more

Published: Fri, 31 Jan 2025 16:30:00 GMT

Certificate Revocation List (CRL)

A Certificate Revocation List (CRL) is a digital document that lists certificates that have been revoked before their expiration dates. It is used in public key infrastructure (PKI) to ensure that revoked certificates are not used to establish secure connections.

Purpose of a CRL:

The purpose of a CRL is to prevent unauthorized parties from using revoked certificates to:

  • Impersonate legitimate users
  • Intercept or manipulate encrypted communications
  • Gain access to restricted systems or data

How a CRL Works:

  • Revocation: When a certificate is revoked, the issuer adds its serial number and revocation date to the CRL.
  • Distribution: The issuer distributes the CRL to trusted parties known as Certificate Authorities (CAs).
  • Checking: Before establishing a secure connection, software applications check the CRL to verify that the certificate presented has not been revoked.
  • Frequency: CRLs are typically updated periodically (e.g., daily, weekly) to include new revocations.

Uses of CRLs:

CRLs are used in various scenarios, including:

  • Web Browsers: Browsers check CRLs to ensure that website certificates have not been revoked, preventing users from accessing compromised sites.
  • Email Clients: Email clients check CRLs to validate the email certificates used for signing and encrypting emails, preventing spoofing and unauthorized access to emails.
  • Network Security Devices: Firewalls and intrusion detection systems use CRLs to identify and block traffic from revoked certificates, enhancing network security.

Advantages of CRLs:

  • Revocation Verification: Ensures that revoked certificates are not used for malicious purposes.
  • Support for Legacy Systems: CRLs are compatible with legacy systems that may not support more modern revocation mechanisms.
  • Simple Implementation: CRLs are relatively simple to implement and manage, making them suitable for organizations with limited resources.

Limitations of CRLs:

  • Slow Distribution: CRLs can take time to distribute to all trusted parties, which can result in a delay in revoking certificates.
  • Scalability: CRLs can become large and unwieldy if the number of revoked certificates increases significantly.
  • Real-Time Validation: CRLs do not provide real-time validation, meaning that certificates may be used for a short period after they have been revoked.

Police swoop on Sky ECC cryptophone distributors in Spain and Holland

Read more

Published: Fri, 31 Jan 2025 15:06:00 GMT

Police Swoop on Sky ECC Cryptophone Distributors in Spain and Holland

In a major crackdown on encrypted communications used by criminal organizations, police in Spain and Holland have arrested multiple individuals involved in the distribution of Sky ECC cryptophones.

Sky ECC Cryptophones

Sky ECC cryptophones are encrypted smartphones that offer secure communications for their users. However, they have been heavily linked to organized crime, with law enforcement agencies suspecting their use in everything from drug trafficking to assassinations.

Arrests in Spain

On January 26, 2023, Spanish police arrested 12 individuals in a series of raids across the country. The operation targeted a criminal network distributing Sky ECC devices and involved 150 police officers.

Arrests in Holland

Simultaneously, Dutch police arrested 13 individuals in raids in the cities of Haarlem and Hoofddorp. The arrests were part of an ongoing investigation into a drug trafficking organization using Sky ECC devices.

Seized Assets

In addition to the arrests, police in both countries seized significant assets, including:

  • Over €1 million in cash
  • Luxury vehicles
  • Properties
  • Bank accounts

Investigation

The investigations into the Sky ECC distribution network began in 2021 when law enforcement agencies cracked the encryption used by the devices. This led to the identification of users and distributors involved in criminal activities.

Significance

The crackdown on Sky ECC distributors is a significant blow to organized crime. It disrupts their ability to communicate securely, making it more difficult for them to operate. It also sends a clear message that law enforcement agencies are determined to combat the use of encrypted communications for criminal purposes.

Ongoing Efforts

The investigation into the Sky ECC network is ongoing. Police agencies worldwide are collaborating to identify and apprehend individuals involved in the distribution and use of these devices.

Barclays hit by major IT outage on HMRC deadline day

Read more

Published: Fri, 31 Jan 2025 12:05:00 GMT

Barclays Hit by Major IT Outage on HMRC Deadline Day

London, UK - January 31, 2023 - Barclays Bank, one of the UK’s largest banks, experienced a major IT outage on Tuesday, the deadline day for self-assessment tax returns to HM Revenue and Customs (HMRC).

The outage began at around 10:30 am GMT and affected all of Barclays’ digital banking services, including online banking, mobile banking, and ATMs. Customers were unable to access their accounts, make payments, or withdraw cash.

The outage came at an inconvenient time for taxpayers, as it coincided with the deadline for submitting self-assessment tax returns to HMRC. Many taxpayers were left unable to file their returns on time, potentially incurring fines and penalties.

Barclays apologized for the inconvenience caused by the outage. The bank stated that it was working to resolve the issue as quickly as possible but did not provide a timeline for when services would be restored.

The outage is a reminder of the importance of having backup plans in place for critical business systems. Many taxpayers will have been affected by the outage, and it will be important for HMRC to consider the impact on those who were unable to file their returns on time.

AI jailbreaking techniques prove highly effective against DeepSeek

Read more

Published: Fri, 31 Jan 2025 11:57:00 GMT

AI Jailbreaking Techniques Prove Highly Effective Against DeepSeek

Recent advances in AI jailbreaking techniques have proven highly effective against DeepSeek, the state-of-the-art language model developed by Google. Researchers at the University of California, Berkeley, have demonstrated that these techniques can be used to bypass DeepSeek’s safety mechanisms and generate harmful or biased content.

Jailbreaking refers to techniques used to modify or bypass the security features of a system. When applied to AI models, jailbreaking techniques aim to break free from the constraints imposed by the developers, such as filters that prevent the generation of offensive or harmful content.

The researchers at UC Berkeley developed a set of sophisticated jailbreaking techniques that exploit vulnerabilities in DeepSeek’s architecture. They found that by carefully crafting inputs to the model, they could trigger unexpected behaviors and generate responses that violated DeepSeek’s safety guidelines.

For example, the researchers were able to generate text that contained racial slurs, hate speech, and calls for violence. They also found that they could bypass DeepSeek’s filters designed to prevent the spread of misinformation and conspiracy theories.

The findings of this research are particularly concerning because DeepSeek is poised to be widely used in a variety of applications, including search engines, chatbots, and virtual assistants. If AI jailbreaking techniques can be easily applied to DeepSeek, there is a significant risk that these applications could be manipulated to generate harmful or biased content.

Researchers at Google have acknowledged the potential risks of AI jailbreaking and are working to develop new defenses against these techniques. However, the effectiveness of these defenses is still unclear, and it is possible that AI jailbreaking techniques will continue to improve over time.

The implications of AI jailbreaking are far-reaching. It raises questions about the reliability of AI systems and the potential for their misuse. As AI becomes more pervasive in our lives, it is imperative that we develop effective safeguards to prevent AI jailbreaking and its potential consequences.

Additional Resources: