The US government is finally admitting there’s no need – instead, to fend off cyber-attacks we need passwords that are long but memorable

Over the past decade or so, people have accumulated a vast array of logins for dozens of sites and apps, as more of our work and home lives moves on to the internet. That’s why it has never made sense that so many IT departments have belligerently insisted on maintaining a major hurdle to password management. Namely, the need to change passwords regularly.

It’s a familiar scenario. You arrive at the office and need to log on to your company laptop quickly, before your morning meeting. But speed is not going to be of the essence today, because an annoying prompt has appeared: you need to change your password.

Kate O’Flaherty is a freelance technology journalist

Continue reading…

from Data and computer security | The Guardian https://ift.tt/p1Ymy7q
via IFTTT

Nuclear waste dump in Cumbria pleaded guilty to leaving data that could threaten national security exposed for four years, says regulator

Sellafield will have to pay almost £400,000 after it pleaded guilty to criminal charges over years of cybersecurity failings at Britain’s most hazardous nuclear site.

The vast nuclear waste dump in Cumbria left information that could threaten national security exposed for four years, according to the industry regulator, which brought the charges. It was also found that 75% of its computer servers were vulnerable to cyber-attack.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/QmCwxp1
via IFTTT

By focusing on its strengths and pooling information, the west can disrupt Russia’s war machine – but there’s no time to lose

Russia is a “mafia state” trying to expand into a “mafia empire”, the foreign secretary, David Lammy, told the UN, nailing the dual nature of Vladimir Putin’s political model. On one hand Russia represents something very old – a world of bullying empires that invade smaller countries, grab their resources and indoctrinate their people into thinking they are inferior. But it is also something very new, weaponising corruption, criminal networks, assassinations and tech-driven psy-ops to subvert open societies. And if democracies don’t act to stop it, this malign model will be imitated across the globe.

Ukraine is resisting the older, zombie imperialism every day on the battlefield, and democracies will have to arm Ukraine and ourselves to constrain Russia properly. But how should we fight the more contemporary tools of political warfare that Russia pioneers? These are becoming ever more prevalent. Globalisation was meant to make us all so integrated that it would diminish the risk of wars. Instead, the free flow of information, money and people across borders also made subversion easier than ever. At the Labour party conference, Lammy indicated that democracies need to work together to stop Russia: “Exposing their agents, building joint capability and working with the global south to take on Putin’s lies.”

Do you have an opinion on the issues raised in this article? If you would like to submit a letter of up to 250 words to be considered for publication, email it to us at observer.letters@observer.co.uk

Continue reading…

from Data and computer security | The Guardian https://ift.tt/NjY7yhi
via IFTTT

Alternative relationships site says it has resolved concerns about data security that tech firm claims to have uncovered

• Business live – latest updates

Users of Feeld, a dating app aimed at alternative relationships, could have had sensitive data including messages, private photos and details of their sexuality accessed or even edited, it has emerged, after cybersecurity experts exposed a string of security “vulnerabilities”.

Feeld, registered in the UK, reported soaring revenues and profits this month, thanks to millions of downloads from non-monogamous, queer and kinky users across the world.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/8BdopUx
via IFTTT

Facilities to receive greater protection in attempt to reduce potential impact of adverse incidents or attacks

Datacentres in the UK are to be designated as critical national infrastructure in an effort to protect them from cyber-attacks and IT blackouts, the government has said.

The buildings store much of the data generated in the UK, including photos taken on smartphones, financial information and NHS records.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/9BSkoGX
via IFTTT

Watchdog says Advanced software firm failed to protect data of thousands affected by 2022 ransomware attack in England

A software provider faces being fined more than £6m over a 2022 ransomware attack that disrupted NHS and social care services in England, the data protection regulator has announced.

The Information Commissioner’s Office (ICO) said it had provisionally found that Advanced Computer Software Group had failed to implement measures to protect the personal information of 82,946 people who were affected by the attack, which included some sensitive information.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/frpTlOm
via IFTTT

Paul Givan says individuals concerned contacted after details of more than 400 people mistakenly sent out

The education minister in Northern Ireland has “unreservedly” apologised after the personal details of more than 400 people who had offered to contribute to a review of special education needs were breached.

The embarrassing data breach came to light on Thursday after the education department said it had mistakenly sent to 174 people a spreadsheet attachment that contained the names, email address and titles of 407 individuals who had expressed an interest in attending the end-to-end review of special education needs (SEN) events across Northern Ireland.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/kyuWcGU
via IFTTT

Officials seized documents from NSO Group to try to stop handover of information about notorious hacking tool, files suggest

The Israeli government took extraordinary measures to frustrate a high-stakes US lawsuit that threatened to reveal closely guarded secrets about one of the world’s most notorious hacking tools, leaked files suggest.

Israeli officials seized documents about Pegasus spyware from its manufacturer, NSO Group, in an effort to prevent the company from being able to comply with demands made by WhatsApp in a US court to hand over information about the invasive technology.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/BPOjzmC
via IFTTT

Prime minister says ‘very significant cyber event’ still under investigation by federal police and he is ‘not aware’ if he is among the 12.9m victims

• Follow our Australia news live blog for latest updates
• Get our morning and afternoon news emails, free app or daily news podcast

The 12.9 million Australians caught up in the hack on electronic prescriptions provider MediSecure may never be told their personal information has been compromised, with the prime minister saying on Friday he wasn’t aware if he was one of the victims.

On Thursday evening, the administrators for MediSecure – which went into administration after the hack – revealed 6.5TB of data had been compromised after a ransomware attack on a database server, which was discovered by the company in April.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading…

from Data and computer security | The Guardian https://ift.tt/oq8Wjm3
via IFTTT

Investigation launched after airline reported a suspicious network popped up during a domestic flight in April

• Follow our Australia news live blog for latest updates
• Get our morning and afternoon news emails, free app or daily news podcast

A man has been charged after he allegedly set up fake free wifi networks at Australian airports and on domestic flights to steal personal data from unsuspecting members of the public.

The 42-year-old Western Australian man is facing nine cybercrime charges and was due to appear in Perth magistrates court on Friday.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading…

from Data and computer security | The Guardian https://ift.tt/9hRPtpW
via IFTTT