Category Archives: Internet Security
Kaspersky: 37% of internet users in SEA think they won’t be targeted by cybercriminals – SoyaCincau.com
The latest research from Kaspersky reveals that 6 out of 10 internet users from Southeast Asia (SEA) are aware of their increased time online than before. However, 38% of users admitted that internet security was not a priority due to life being too busy during the COVID-19 lockdown.
The cybersecurity company surveyed 760 interviewees from around the region last May to find out how users create a digitally safe and secure comfort zone at home. Considering that SEA has many young and highly active internet users, it comes to no surprise that most users in the region spent between 5 to 10 hours online per day.
So what were people doing online with all their spare time during lockdown? It turns out that the five most common online activities include: shopping (64%), content streaming and online gaming (58%) socialising with family and friends (56%), conducting financial matters (47%) and attending online tutorials (39%).
While technology can be a useful tool to keep us all connected together, we need to secure our home networks against malicious threats online, said Kasperskys general manager for Southeast Asia Yeo Siang Tiong.
With all the additional time spent online, what are Southeast Asian internet users most concerned about? Apparently 69% of respondents were worried about conducting financial transactions online while another 62% felt uneasy holding virtual work meetings.
Interestingly, Kasperskys report shows that 42% of respondents were afraid of their financial details being compromised through their devices.
This was followed by another 37% of people concerned about their private documents being accessed by third parties. Aside from that, there were 35% who worry that someone would take control of their device remotely via an insecure internet connection.
Spyware was another worrying point for 3-in-10 online users while another 30% were concerned about organisations or websites tracking their location.
The concerns which weve unmasked in our research proved that there is a growing awareness of the cruel aftermath of cyberattacks. However, this same study showed us that there are still 37% of internet users in the region who think they are not at risk because someone else is more interesting for cybercriminals, said Yeo.
It is high time to think really carefully about the defences we are building around our digital lives and to place its security among our topmost priority, he added.
Kaspersky has several suggestions on how to enforce better security for your devices and home:
Kaspersky is offering a three-month free trial of its Kaspersky Safe Kids solution should you require a tool to help keep your children safe as they surf the web. You can also check out Kasperskys official store on Lazada and Shopee for other internet security solutions.
View original post here:
Kaspersky: 37% of internet users in SEA think they won't be targeted by cybercriminals - SoyaCincau.com
TikTok and WeChat may raise security concerns, but Trump’s knee-jerk reaction isn’t the way to deal with them – NewsChannel 3-12 – KEYT
For years, the Great Firewall of China has blocked some of the largest online services coming out of the United States, including Google, Facebook and Twitter.
This month, Washington indicated that it might be willing to build a wall of its own by threatening a ban on two of the most popular Chinese-owned apps in the world: TikTok and WeChat.
US President Donald Trump has given the apps 45 days to find American buyers, according to a pair of executive orders he issued last week. Trump claimed the apps pose risks to national security, citing concerns about data privacy and censorship.
ByteDances TikTok has already been courted by Microsoft, which would make it possible for the app to avert a total ban albeit at the cost of its Chinese ownership. Tencents WeChat, though, is far less popular in the US than it is at home, and its use stateside could be significantly curtailed. Because Trumps order is vague, some analysts also suspect a ban could have potentially severe knock-on effects for American people and businesses who use the app in China.
Trumps moves risk further fracturing the global internet, upending families and online communities, and disrupting the flow of tech investment and innovation in both countries, without necessarily putting in place a set of policies to ensure popular apps be they from China or the US guarantee the privacy and security of their users.
The solution cant be to undermine the free flow of information that underpins the internet, said Susan Ariel Aaronson, an expert on internet governance at George Washington University. What worries me is that the US is becoming China by trying to block off apps.
The two apps targeted by Trump also pose unique challenges, further muddying the issue.
Tencent has long faced accusations of censorship and surveillance, making WeChat a poster child for the privacy and free speech concerns often expressed about some Chinese apps. But cutting it off entirely from the US would come with its own costs for American and Chinese users.
With TikTok, the privacy issues are murkier, given the app does not appear to behave that differently from its US competitors. Its treatment also raises questions about whether Washington could ever trust a Chinese app of its scale.
But the Trump administration appears to be taking a one-size-fits-all approach to Chinese-owned apps, in a way that risks not only conflating the issues with each, but potentially undermining the administrations own case for the crackdowns in the first place.
WeChat and TikTok are both social media applications with millions of users around the world and owned by Chinese parent companies. But they have different histories and concerns.
TikTok is an app used by teenagers for sharing silly videos, so its inclusion in any conversation about national security may seem bizarre to some observers.
There is no information captured from TikTok that would be useful to Chinese intelligence, said James Lewis, an expert on technology policy at the Center for Strategic and International Studies.
But Trump has accused the app of capturing vast swaths of information from its users, such as location data and browsing and search histories, which threatens to allow the Chinese Communist Party access to Americans personal and proprietary information potentially allowing China to track the locations of Federal employees and contractors, build dossiers of personal information for blackmail, and conduct corporate espionage.
TikTok has denied that it would share data with Beijing, and says US user data isnt stored in China. The app has also broadly pushed back at other allegations, including recent claims published by the Wall Street Journal that it bypassed protections on Android to scrape user data.
On paper, at least, TikTok does not collect significantly more data than rivals such as Facebook and Google, which gather such information for targeting advertising. In fact, it may collect less, given that users are uploading less personal information to the app than they do on other social media platforms.
The extent to which WeChat collects information, meanwhile, has long raised security concerns as has Tencents close relationship to the Chinese Communist Party.
For example, cybersecurity experts in the Tibetan exile community in Dharamsala have pointed to the prevalence of WeChat as a potential reason for a drop in hacking attacks on members in recent years.
Because WeChat is so embedded in the community in some ways, I dont think they need to hack systems as much as they used to because that information is already being given to them, Lobsang Gyatso Sither, a Tibetan cybersecurity expert, has previously said.
WeChats owner Tencent has consistently denied spying on users. But in the past, Chinese prosecutors have also cited evidence retrieved from the app, including supposedly deleted messages, in cases against Muslims, dissidents and even Communist Party members. Chinese cybersecurity laws give the government broad powers to request data from companies like Tencent, which may also face political pressure to hand over information in sensitive cases.
Any type of message or content shared onWeChat is very likely underheavy surveillance [by] the Chinesegovernment, said Samm Sacks, a China and cybersecurity expert at New America, a Washington DC-based think tank.
China has been firing back at Washington for targeting the apps.
In a series of tweets Wednesday, Hua Chunying, a top diplomat with Chinas Ministry of Foreign Affairs, accused the US of creating a splinternet and of using gangster logic in trying to force TikTok to sell. She highlighted Washingtons own less-than-stellar record on government surveillance.
And while Beijings stance comes across as somewhat ironic, given its own relationship with many Western firms, Hua isnt alone in such criticisms. Last month, for example, the European Court of Justice ruled against a data-sharing plan between the US and the European Union over concerns that data shared by Europeans might not be adequately protected from US surveillance.
Accusations of hypocrisy do not mean Washington should be blind to the potential threats posed by Chinese apps or any apps when it comes to data security and free speech, but both could be protected without necessarily banning or blocking foreign services.
The question is, how do we make the app system more secure overall? said Sacks. We need to spend more time on legislation and standardswhere you have atrusted set of criteria for all platforms.Sowhetheryoure TikTok or some random weather app, inorder to operate youhave to be audited, approved under these more strict cybersecurity practices.
A similar approach could be taken on the issue of censorship, with standards set for how apps should be expected to protect their users free speech and avoid exposing them to misinformation.
Its time for the US to get its own vision for internet governance, Sacks said. How do you govern massive amounts of data thats collected on these platforms?
Read more here:
TikTok and WeChat may raise security concerns, but Trump's knee-jerk reaction isn't the way to deal with them - NewsChannel 3-12 - KEYT
Rapid7 NICER – starting a conversation on internet security | Company Report – FinTech Magazine – The FinTech & InsurTech Platform
There has never been a more opportune moment than now to discuss internet security: the COVID-19 pandemic has forced many companies and individuals to reconsider their basic operations, reimagine manual processes and also vindicated the effectiveness of remote working. A consequence of the modern worlds reliance on digital technology is the near-constant vigilance required to ensure its integrity; far from being a static issue which can be addressed satisfactorily with yesterdays tech, a spirit of innovation and honest critical evaluation is required to understand and remedy the underlying problems which threaten to disrupt us. To spur on a debate and engage developers, regulatory authorities and the wider community, security specialist Rapid7 has released NICER 2020 (National / Industry / Cloud Exposure Report), the most comprehensive census of the modern internet risk landscape ever completed.
Speaking to us on Zoom with a background representing a visualised map of the internet, Tod Beardsley, Director of Research at Rapid7, emphasises that NICER is an attempt to spur the world into affirmative action, We're hoping that this report helps people make informed decisions about what they should be putting on the internet, what they shouldn't and what their local neighbourhoods might look like. NICER is being released for free; Rapid7 wants everybody to pick this up and peruse it. A comprehensive document split into 16 sections and three appendices, NICER is the result of four years worth of research, although it starts with a relatively modern focus: the effect of the global pandemic on internet security, which, Beardsley states, was surprising. We were planning things out in January and February and then the world came crashing down. I thought, Hang on, let's redo all our scans; surely has fundamentally changed. However, we found no effect at all. In fact, the results showed a reduction in dangerous services, most notably Windows SMB (service message block) network protocols.
However, this unexpected good news shouldnt lull people into a false sense of security - the myth of the silver city, to quote the report - Beardsley is adamant that vigilance and proactivity are the keys to success. The problem [with the perception that progress is being made] is that we're not going in that direction fast enough, which is re-emphasised in NICER: ...the security of the internet still trails the desire to just get things working, and working quickly. This sentiment roughly encapsulates the challenge faced by those endeavouring to bolster internet security: to construct an efficient operating model which doesnt sacrifice integrity, with necessary updates and patches implemented in a timely and consistent manner. The report can help facilitate the achievement of this goal by providing hard data that developers can reference as they seek out solutions.
In terms of cyberattacks themselves, Beardsley states that they continue to include conventional phishing scams as well as more advanced methods, such as exploiting known vulnerabilities and old software that's on the edge. The report includes a summary of the most exposed countries by total attack surface, exposure to selected services, vulnerability rate and other metrics. While countries such as the US and China might bring no surprises for their high-risk factor, NICER also includes some surprises such as Canada (9) ranking higher than Iran (10), despite the former having a population density almost 50% lower than the latter. This is a perfect example of the reports ability to correct potentially damaging preconceptions. Iran is very technically savvy but it is more reliant on client-oriented internet (mobile phone networks, etc), whereas Canada has a lot more in the way of wired infrastructure and servers.
NICERs information about entire countries enables each to identify its own neighbourhood and measure its progress relative to others, but what about specific industries? The report also includes a graph measuring each sectors vulnerable assets, revealing that highly essential services - telecoms, financial services, retail and pharma - are amongst the most exposed, including some of the largest organisations on the FTSE 100, Fortune 500 and Nikkei Index. These companies have the resources to be great at security, but, ultimately, it's not their job, says Beardsley. And a lot of these companies are over 10 years old and havent gotten around to upgrading, particularly if everything still appears to be working fine. The blight of legacy network protocols is also problematic, with some like FTP (file transfer protocol) dating back to the 1970s and possessing no inherent cryptographic assurances. Maintaining patch and version management, therefore, is essential. With cloud also continuing to be adopted more widely, Beardsley states that the information on this topic explored in NICER will be developed further into a forthcoming report at the end of 2020.
Policymakers, too, have a crucial role to play - as stated in NICER: The pen Is mightier than the firewall. Rapid7s report aims to supply regulators and legislators of all kinds with the necessary information needed to focus their attentions. Legislators and even cyber insurers want to look at this stuff to understand what's acceptable and what's not. I think policymakers have a pretty critical role, both in terms of understanding risk management and understanding like how the internet itself works. Citing their ability to find effective solutions to problems which are still economically viable, Beardsley also believes that policymakers ability to bring pressing issues to the forefront of peoples attention makes them an invaluable ally. They can sound the national security alarm and people will listen, he adds.
Go here to read the rest:
Rapid7 NICER - starting a conversation on internet security | Company Report - FinTech Magazine - The FinTech & InsurTech Platform
Helping companies prioritize their cybersecurity investments – MIT News
One reason that cyberattacks have continued to grow in recent years is that we never actually learn all that much about how they happen. Companies fear that reporting attacks will tarnish their public image, and even those who do report them dont share many details because they worry that their competitors will gain insight into their security practices.
Its really a nice gift that weve given to cyber-criminals, says Taylor Reynolds, technology policy director at MIT's Internet Policy Research Initiative (IPRI). In an ideal world, these attacks wouldnt happen over and over again, because companies would be able to use data from attacks to develop quantitative measurements of the security risk so that we could prevent such incidents in the future.
In an economy where most industries are tightening their belts, many organizations dont know which types of attacks lead to the largest financial losses, and therefore how to best deploy scarce security resources.
But a new platform from MITs Computer Science and Artificial Intelligence Laboratory (CSAIL) aims to change that, quantifying companies security risk without requiring them to disclose sensitive data about their systems to the research team, much less their competitors.
Developed by Reynolds alongside economistAndrew Lo and cryptographer Vinod Vaikuntanathan, the platform helps companies do multiple things:
The team received internal data from seven large companies that averaged 50,000 employees and annual revenues of $24 billion. By securely aggregating 50 different security incidents that took place at the companies, the researchers were able to analyze which specific steps were not taken that could have prevented them. (Their analysis used a well-established set of nearly 200 security actions referred to as the Center for Internet Security Sub-Controls.)
We were able to paint a really thorough picture in terms of which security failures were costing companies the most money, says Reynolds, who co-authored a related paper with professors Lo andVaikuntanathan, MIT graduate student Leo de Castro, Principal Research Scientist Daniel J. Weitzner, PhD student Fransisca Susan, and graduate student Nicolas Zhang. If youre a chief information security officer at one of these organizations, it can be an overwhelming task to try to defend absolutely everything. They need to know where they should direct their attention.
The team calls their platform SCRAM, for Secure Cyber Risk Aggregation and Measurement. Among other findings, they determined that the three following security vulnerabilities had the largest total losses, each in excess of $1 million:
Failures in preventing malware attacks
Malware attacks, like the one last month that reportedly forced the wearables company Garmin to pay a $10 million ransom, are still a tried-and-true method of gaining control of valuable consumer data. Reynolds says that companies continue to struggle to prevent such attacks, relying on regularly backing up their data and reminding their employees not to click on suspicious emails.
Communication over unauthorized ports
Curiously, the team found that every firm in their study said they had, in fact, implemented the security measure of blocking access to unauthorized ports the digital equivalent of companies locking all their doors. Even still, attacks that involved gaining access to these ports accounted for a large number of high-cost losses.
Losses can arise even when there are defenses that are well-developed and understood, says Weitzner, who also serves as director of MIT IPRI. Its important to recognize that improving common existing defenses should not be neglected in favor of expanding into new areas of defense.
Failures in log management for security incidents
Every day companies amass detailed logs denoting activity within their systems. Senior security officers often turn to these logs after an attack to audit the incident and see what happened. Reynolds says that there are many ways that companies could be using machine learning and artificial intelligence more efficiently to help understand whats happening including, crucially, during or even before a security attack.
Two other key areas that warrant further analysis include taking inventory of hardware so that only authorized devices are given access, as well as boundary defenses like firewalls and proxies that aim to control the flow of traffic through network borders.
The team developed their data aggregation platform in conjunction with MIT cryptography experts, using an existing method called multi-party computation (MPC) that allows them to perform calculations on data without themselves being able to read or unlock it. After computing its anonymized findings, the SCRAM system then asks each contributing company to help it unlock only the answer using their own secret cryptographic key.
The power of this platform is that it allows firms to contribute locked data that would otherwise be too sensitive or risky to share with a third party, says Reynolds.
As a next step, the researchers plan to expand the pool of participating companies, with representation from a range of different sectors that include electricity, finance, and biotech. Reynolds says that if the team can gather data from upwards of 70 or 80 companies, theyll be able to do something unprecedented: put an actual dollar figure on the risk of particular defenses failing.
The project was a cross-campus effort involving affiliates at IPRI, CSAILs Theory of Computation group, and the MIT Sloan School of Management. It was funded by the Hewlett Foundation and CSAILs Financial Technology industry initiative (FinTech@CSAIL).
Here is the original post:
Helping companies prioritize their cybersecurity investments - MIT News
Kansans are getting letters saying they applied for unemployment. The problem? Some never did. – Pittsburg Morning Sun
When Joe Pilsi first got a letter from the Kansas Department of Labor, he figured it was routine.
"I was thinking it was going to be workplace stuff they do every so often, making sure you have your equal opportunity stuff up by the time clock what they always do," Pilsi said. "Thats what I was expecting it to be, which would be instant trash."
But instead, the letter was to confirm Pilsis unemployment benefits claim, something which has happened to scores of Kansans statewide as more residents find themselves out of work due to the COVID-19 pandemic.
The problem is Pilsi, who is the sole full-time employee at the chiropractic firm he runs in Marysville, didnt apply for any such benefits.
A day later, he got another letter addressed to him as an employer about what appeared to be a fraudulent benefits claim.
After repeated calls to KDOL in an effort to ascertain the status of the fake claims, Pilsi said he threw the letter in the trash bin.
"To get into them to ask about it would be virtually impossible and I dont have the time to do it," he said.
Pilsi mentioned it to his wife, who works at the local newspaper, the Marysville Advocate. It turns out the publication had received similarly fraudulent messages, something confirmed by the papers editor, Sarah Kessinger.
Like Pilsi, she flagged the claims for KDOL but has not heard back.
It isnt just in Marysville, however similar stories persist across the state and nation. An Olathe woman said she received more than 70 similar letters, a local television station reported.
In Topeka, family physician Richard Illif reported a similar series of correspondences as Pilsi, with one letter "asking whether I had fired myself or merely let myself go."
Pilsi said the letter was concerning because he had been a victim of identity theft in the past. The fraudulent claim left him to wonder if someone had stolen his personal information again.
"It becomes a royal pain in the butt," Pilsi said.
Most every state has reported similar instances of fraud or attempted fraud, according to Pam Dixon, executive director of the internet security group World Privacy Forum.
Other areas, such as Washington state, have reported an even more sinister type of fraud where third parties will attempt to convince unemployment applicants that they must pay for someone else to file a claim on their behalf.
Such fraud is not common, Dixon said, because it is "high risk and not very profitable."
But with a record surge of unemployment claims in April, a number that has remained high throughout the pandemic, unscrupulous individuals finally had the cover they need to attempt to scam the system.
"Youre able to hide in the numbers," Dixon said. "It is a very effective way of getting lost."
Acting Labor Secretary Ryan Wright echoed this sentiment, saying that fraud has been extremely limited among those seeking regular unemployment benefits but rampant in the Pandemic Unemployment Assistance program providing an extra $600-per-week to applicants.
Wright said that this is because states scrambled to build out the PUA on the fly during the pandemic, while applications simultaneously flooded in.
"This isnt a normal program, this is actually an entirely new unemployment system," Wright said. "Not since 1935 have states had to implement this. In addition to paying out claims, states are having to build out the infrastructure to support hat unemployment program, so that is why were seeing that spike nationally of fraud."
The endeavor was made easier by the July 2017 data breach at credit giant Equifax, something which exposed the names, Social Security numbers and other private information of thousands.
Those who have previously been victims of identity theft are even more likely to have their information used in the unemployment fraud scheme, Dixon said.
And the attempted fraud is continuing, even as the spike in residents applying for benefits starts to decline.
"It is concerning," Dixon said.
The letters have gotten the attention of state lawmakers, who pressed Wright on the matter during a State Finance Council meeting Thursday.
"There is massive concern from businesses in my community," said Senate President Susan Wagle, R-Wichita. "The mailings are highly unusual and there is information that is confidential in there that is going out."
It is especially of concern, legislators said, as the state appears set to embark on a whole new assistance program: the Lost Wages Assistance Program, created by President Donald Trump last month.
The state has indicated it will seek federal approval to participate in that effort, with eligible applicants getting an extra $300-per-week in benefits when it goes live later this fall.
The concern is some of these funds will wind up in the pockets of fraudsters.
"I do think a portion of that [money] is going to get scammed by those organized crime folks," said Senate Majority Leader Jim Denning, R-Overland Park.
Wright and KDOL officials maintain that they are being proactive in reaching out to businesses and that mitigation efforts have been put in place.
The letters do not mean that any of KDOLs data has been compromised, he told lawmakers.
"I can tell you with a high degree of confidence that no state database has been breached," Wright said.
The state is doing better at implementing measures to deter fraudsters, Dixon said.
She pointed to a complex CAPTCHA and other security measures that have been added to the benefits application since she last examined it earlier this summer.
Of equal importance were prominently featured instructions as to what to do in the case you receive what appears to be a fraudulent benefits application. That does not exist in every state, she noted.
In addition to reporting the fraud to KDOL, the agency recommends notifying one of the major credit agencies, as well as banks, credit card companies and the Internal Revenue Service.
As the problem becomes more widespread, many residents are starting to wise up. But Dixon said that for every business owner or worker like Pilsi, who routinely checks their mail and is attentive, there are more who have no idea their information could be compromised.
"A lot of folks are just trying to keep their feet under them and this is a very hard thing to tackle in the middle of a pandemic and in the middle of going back to school," Dixon said. "It is not like people need another thing to handle. Some people are really at the breaking point right now. The thing that really has bothered all of us is it is just such an unkind, ugly fraud. It really directly hurts people."
See the rest here:
Kansans are getting letters saying they applied for unemployment. The problem? Some never did. - Pittsburg Morning Sun
Embedded Security For Internet Of Things Market 2025 Opportunities, Applications, Drivers, Limitations, Companies, Countries, & Forecast – Express…
The global Embedded Security For Internet Of Things market report is a comprehensive research that focuses on the overall consumption structure, development trends, sales models and sales of top countries in the global Embedded Security For Internet Of Things market. The Embedded Security For Internet Of Things market report provides a complete study of this industry vertical, emphasizing on the crucial growth drivers, opportunities, and limitations projected to shape the market dynamics in the forthcoming years.
According to industry experts, the market is expected to expand considerably, recording a CAGR of XX% over the study period of 2020-2025.
Fluctuations in the demand and supply channels due to the strict lockdown measures enforced to address the COVID-19 pandemic has left several organizations in disarray. Speaking of the uncertainty of revenue in the near term, industries are expected to face challenges even once the economy arises from the pandemic. Given this, the document offers a comprehensive assessment of the numerous industry segments to help you understand the revenue prospects of the market amid COVID-19.
Request Sample Copy of this Report @ https://www.express-journal.com/request-sample/188563
Key inclusions of the Embedded Security For Internet Of Things market report:
Embedded Security For Internet Of Things Market segments covered in the report:
Regional analysis: North America, Europe, Asia-Pacific, South America and Middle East and Africa
Product spectrum: Software and Controller Chip
Projected market share of each segment with respect to the sales and revenue.
Applications arena: Retail, Aerospace and Defence, Healthcare, Gaming, Automotive and Others
Competitive terrain:
Key questions answered in the report:
What is the growth potential of the Embedded Security For Internet Of Things market?
Which product segment will grab a lions share?
Which regional market will emerge as a frontrunner in coming years?
Which application segment will grow at a robust rate?
What are the key challenges that the global Embedded Security For Internet Of Things market may face in future?
Which are the leading companies in the global Embedded Security For Internet Of Things market?
Which are the key trends positively impacting the market growth?
Which are the growth strategies considered by the players to sustain hold in the global Embedded Security For Internet Of Things market?
Request Customization on This Report @ https://www.express-journal.com/request-for-customization/188563
Follow this link:
Embedded Security For Internet Of Things Market 2025 Opportunities, Applications, Drivers, Limitations, Companies, Countries, & Forecast - Express...
‘No longer safe in their classroom:’ NHCS remote-learning session hacked, sexualized profanity used – Port City Daily
A parent claimed that at least two virtual-learning sessions have been hacked by abusive users. (Port City Daily photo / File)
WILMINGTON This week, a New Hanover County parent claimed at least two incidents of hacking where cyberbullies may have gained access to remote-learning sessions, harassing students and using abusive, sexualized profanity towards them.
Asked about these concerns, the New Hanover County School district did not address the specific incident but did state it was continuously monitoring and enhancing internet security to protect students, families, and staff. NHCS said that incidents rising to the level of threats, malicious intent, pornography, illegal, and or criminal activities would be investigated by school principals, and criminal violations would be reported to law enforcement.
In a different response, sent to parents, NHCS stated it had been made aware of students engaging in conduct using social media that may be considered cyber-bullying. NHCS encourages parents and students to review NHCS bullying, harassment, and discrimination policies.
However, the concerns expressed by the parent indicate it may not have been a student or, at least, not the student assigned to the remote-learning account that was doing the cyberbullying.
The two incidents both apparently involved unknown users gaining access to Zoom meetings in order to make inappropriate comments and harass students.
On Thursday, a parents message (which appears, in part, below), about the incidents, circulated on social media. The parent was highly complimentary of the district, citing very positive experiences at two elementary schools. The recent incidents, however, left the parent concerned.
The parent wrote that she no longer felt her children were safe in their virtual classroom after it was apparently hacked. The parents concerns seem to indicate that a male user was communicating with other students using an ID assigned to a female student.
My daughter, while attending her science Zoom class, was hacked and although it was her Google Classroom ID it was a male who was making inappropriate comments via the audio function of Zoom as well as the written chat section, she wrote.
The parent said the family was notified of the hacking by a teacher. Then the family had a difficult conversation with child, trying to answer questions about what hacking is, how much access a hacker could have to someones private life could they, for example, watch a student through a laptop camera outside of class time? and, perhaps most difficult to answer, why would someone do this?
The parents noted that for some of her worries we had answers but for some we didnt.
The parent also included evidence of another incident in the screenshot pictured below. Note, the parent redacted the student names, while Port City Daily has redacted the profanity.
NHCS issued the following statement in response to inquiries from Port City Daily:
NHCS is continuously monitoring and enhancing internet security to protect students, families, and staff against cyberbullying, internet hacking, and other online security threats. The school district prohibits student access to social media platforms through the district network and instructs teachers to use waiting rooms and additional identification measures to ensure only appropriate students are present in online classrooms.If the online actions reach the level of threats, malicious intent, pornography, illegal, and or criminal activities, an investigation of the Zoom/Google meet meeting is initiated by the school principal.Violations are being aggressively investigated and will be reported to law enforcement.
Guidance for participating in online classrooms, including password protection, link sharing, screensharing, supervision, what to do if inappropriate behavior occurs, and more, is available on the district website atwww.nhcs.net. Cyberbullying policies, reporting procedures, and support resources are being shared through the NHCS website, social media, and Connect 5 calls/emails to families. Student Support Services and school counselors are available to provide social emotional support and guidance.
NHCS also sent the following statement to parents:
This week, NHCS was made aware of students engaging in conduct using social media that may be considered cyber-bullying. NHCS strives to foster an environment that is welcoming to all students and prohibits all forms of bullying (including cyberbullying), harassment, and discrimination by its students.
NHCS has shared all of the reports, complaints, and evidence of cyberbullying with law enforcement in order to address the matter under North Carolina criminal law. NHCS will continue to share any additional information with law enforcement.
In addition to North Carolina criminal law, NHCS prohibits bullying (including cyberbullying), harassment, and discrimination by its students in NHCS policies. Bullying (including cyberbullying), harassment, and discrimination may include conduct such as: spreading secrets or rumors; sending threatening messages; sending sexual material of others without permission; making derogatory comments about others; etc.
NHCS encourages parents and students to review NHCS bullying, harassment, and discrimination policies. NHCS policies that prohibit bullying (including cyberbullying), harassment, and discrimination include:
Why should you use a VPN on your iPhone and Mac? – Cult of Mac
This VPN post is presented by Surfshark.
Humans use the internet for almost everything. Thats hardly a revolutionary statement, but its crucial to keep in mind. From theater tickets to bank accounts, if we can have it all on one handheld device, why not do it? Its convenient and easy.
But with that convenience comes risks. Typically, humans adapt to new technology but so do criminals, shady corporations and marketing agencies looking to profit off as many internet users as possible.
Thats why virtual private networks (VPNs) have become popular. While the internet security product was initially created for corporations to protect their assets, demand eventually grew for everyday internet users. The market is ever-growing, and theres a VPN for everyone, whether you want a free or a premium product. One of the top-rated and affordable options is Surfshark a humanized VPN for anyone and everyone.
A VPN is like a virtual, high-speed pipeline that connects your device to a server in a distant place, making your online browsing private and encrypting your data in the process. While free VPN options exist, experts recommend premium VPNs for their stouter security and a broader range of features.
For a price as low as $1.99 per month (for a limited time), Surfshark encrypts all the internet traffic sent to and from your device, hides your IP address to make sure nobody can see what you do online, and blocks ads, trackers, malware and phishing attempts. Users also get great benefits, like access to 15-plus different Netflix libraries.
Apple products lead the market in terms of privacy and security features. Its something that the brand puts in the forefront. But to protect yourself online, you need additional help because any device connected to the internet can be at risk. Thats where a VPN comes in.
A VPN encrypts all your data and sends it to a VPN server. The data is then decrypted and sent to the destination (e.g., a website like YouTube). The process happens in milliseconds, but all the information sent to and from the VPN server remains undecipherable to onlookers.
VPN encryption makes you far less vulnerable to hackers looking for unprotected devices, especially those surfing online via public Wi-Fi. A VPN also can help you evade phishing and malware, which could result in stolen credentials or personal information, and ultimately identity theft.
In addition to such threats as identity theft, a VPN helps you avoid various forms of tracking, from advertisers to your internet service provider (ISP). When your data is encrypted, and youre assigned a different IP address, it becomes much harder to track you down.
It also helps you dodge price-discrimination practices, because theyre mostly based on your location and website cookies. Price discrimination is most prevalent in the travel industry. Prices rise and fall based on the country youre from or how many times youve clicked on a particular deal.
Geo-blocking affects every country in one way or another. But with a VPN, country borders are not a limit. Once you connect to a VPN, your IP address is different, which means a website youre trying to reach sees you in a different location than you actually are.
If a streaming service wont give you the goods where you are, connect to a VPN server where they are. All you have to do is open the app and click Connect on any server location you need. Access everything, from your favorite sports broadcast to another countrys Netflix library. Surfshark opens 15-plus different Netflix libraries.
Without geo-blocking, there are also smaller-scale website blocks. For example, there are network restrictions that you come across at work, school or a library. These institutions often block social media sites or other websites that they deem distracting.
What do you get when you join Surfshark?
Price: Free trial and premium options with prices as low as $1.99 per month (for a limited time). Surfshark also offers a 30-day money-back guarantee so you can try it out for free.
Download from: Surfshark
Read more:
Why should you use a VPN on your iPhone and Mac? - Cult of Mac
How government is delivering better election security – GCN.com
How government is delivering better election security
While hostile nation-states, domestic misinformation campaigns and concerns about mail-in voting make it harder to ensure the security and integrity of the 2020 election, plenty of progress has been made on the cybersecurity front since 2016, experts say.
"While there are no guarantees in cybersecurity, I can assure you that the security defenses we have in place for 2020 are vastly improved over those in place a short four years ago," said John Gilligan, president and CEO of the non-profit Center for Internet Security (CIS) during an Aug. 28 House Homeland Security Committee hearing.
Much of that work has been done around improving vulnerabilities that were not only known but often exploited by Russian hackers in 2016, such as probing (and in some cases compromising) voter registration databases, phishing vendors who develop election management or voting software and running covert information operations on social media platforms that went largely undiscovered until after Election Day.
According to updated statistics from the Cybersecurity and Infrastructure Security Agency, tools and technologies have been put in place to respond to those weaknesses and monitor for cybersecurity threats.
In partnership with CIS, the agency has helped to deploy 276 Albert sensors across all 50 states, the District of Columbia and at least 222 local election networks. The sensors act as intrusion detection systems, monitoring network traffic on voter registration systems and other election software for signs of malicious probing or attacks by hackers.
CISA has conducted 131 remote penetration tests and 59 onsite risk and vulnerability assessments for local election infrastructure, and approximately 263 election officials around the country are receiving weekly vulnerability scan reports. The agency has also helped train thousands of election officials through online security courses, delivered "last mile" election information to more than 5,500 localities and provided trend analysis about risk and vulnerabilities and the latest threats to election infrastructure to the election community.
In addition to tools like Albert sensors, Gilligan pointed to endpoint detection and response programs that have been implemented by some election jurisdictions as well as domain blocking and reporting tools that prevent elections offices and computers from connecting to known malicious websites as examples of protections in place today that were virtually non-existent before 2016.
One thing election officials weren't counting on this year was a pandemic that threatens to deter millions of registered voters from safely casting their ballots in person. While many states have adjusted by moving to dramatically expand absentee (or mail) voting, they must contend with a surge of new voters who are unfamiliar with the proper procedure and disinformation from politicians and unscrupulous actors seeking to cast doubt on the reliability of mail-in ballots.
Amber McReynolds, CEO of the non-profit National Vote at Home Institute, echoed claims from other experts that voting-by-mail is no less safe or secure than other forms of voting. To the extent that there are unique risk considerations, such as those highlighted by a July vulnerabilityassessmentdone by CISA, they can be mitigated in part or in whole through voter education and awareness campaigns, as well as technologies like ballot tracking systems or analog procedures like risk-limiting audits for paper-based ballots that provide election officials with a trove of data to track and verify individual votes.
"No election system is perfect, and this is why it's critical to continually review and improve systems by enhancing security access transparency, particularly in this unprecedented time," McReynolds said.
A longer version of this article was first posted to FCW, a sibling site to GCN.
About the Author
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
See the original post:
How government is delivering better election security - GCN.com
How Romania is Solving Technology and Poverty Disparities – Borgen Project
SEATTLE, Washington In recent years, the technology industry in Romania has boomed. Technology giants like Google, IBM, Microsoft, Vodafone and others have set up shop in the countrys growing urban areas to take advantage of one of Romanias best resourcesits people. According to a 2017 study by information services company KeysFin, more than 106,000 information technology (IT) workers were employed in urban cities like Bucharest and Cluj, with about 7,000 new graduates added each year. Yet, the advances in technology have not been proportionate across Romania. Here is how Romania is looking to solve its technology and poverty disparities in 2020.
Romania has a strong background in computers and technology from its communist regime and has a STEM (science, technology, engineering and math) focused education system. Aside from English, Romanian is the next most used language in the Microsoft Suite,and Romania ranks third behind Russia and China in the International Mathematical Olympiad. Foreign companies are attracted to these skilled and intelligent workers, a majority of whom speak English and are willing to work for less than many other European countries due to the low living costs in Romania.
In addition to foreign companies flocking to Romania for high-quality IT services, foreign investment has aided a growing number of technology start-ups in Romanian cities. Humans is a technology start-up developing AI software to recreate people digitally. TypingDNA is another start-up that strengthens security by identifying a person with their keyboard typing tendencies. There are hundreds of new companies like these forming and growing that fuel the IT industry in Romania and its economy. In 2017, the economy was growing at 7.1%, compared to the EU average of 2.5%.
From its rising IT industry, it may seem as if Romania is being rebuilt as a nation in the cloud, years ahead of competitors. However, almost 40% of Romanias population has never used the internet, according to the 2016 World Development Report by the World Bank. The majority of impoverished Romanians living in rural areas either work in agricultural fields or have no steady source of income. The country has been evolving in two separate directions.
Those living in the major cities are being propelled into higher standards of living with high-speed internet and access to the global economy. At the same time, many impoverished Romanians living in rural communities are being left behind. There are a social discord and a wealth disparity between those living in urban and rural areas. As of 2017, the wealthiest Romanians, which make 20% of Romanias population, earned roughly seven times more than the bottom 20%, making Romania the highest income inequality ratio country in the EU.
With the rise of technology, Romanias urban and rural areas almost appear to be separate countries, with differing standards of living and income expectations. However, many Romanian and foreign agencies are intervening to bridge the disparities between the two areas. Initiatives are focusing on education and healthcare, but there are also initiatives striving to help the digitally attached Romanians by getting them online and connected. For instance, the 2020 National Strategy for Romanian Digital Agenda aims to get all Romanians connected to the internet by the end of 2020. The initiative also strives to get at least 80% of households to a 30 Mbps internet broadband and 45% to 100 Mbps broadband.
The initiatives goal is to make the internet more accessible to Romanians and to educate new internet users. About 80% of Romanians do not have a basic grasp on digital technology, and the digital agenda looks to reduce this number. Moreover, many Romanians do not trust internet security. Out of all EU countries, Romania ranks as the lowest in having internet users use online shopping and banking. About 17% of Romanians go shopping online, and less than 8% of them use online banking. The 2020 digital agenda looks to get more people engaged and trusting in similar online services through eGovernment. As a part of the eGovernment goal, the National Agency for Fiscal Administration has set out to make taxes payable through the internet. Additionally, the Romanian government is also establishing other services like digital profiles for citizens instead of paper documentation. Moreover, ePrescription is another digital service that strives to connect medical providers and pharmacists, aiming to integrate healthcare institutions across the country
Romania, along with the World Bank, is actively looking for ways to increase internet connectivity and internet access to citizens living in rural areas. Despite Romanias growing IT industry, there are technology and poverty disparities that the country needs to improve to have united progress toward higher standards of living and technological advancements. Though the booming technology industry has exacerbated many of the regional differences in Romania, the government and the 2020 digital agenda are using the internet to reunite Romanians.
-Brett MuniPhoto: Flickr
View post:
How Romania is Solving Technology and Poverty Disparities - Borgen Project