Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

News in review: has PRISM made the cloud unsafe?

David Braue | July 8, 2013
Things have gotten so bad that the European Union approved stricter penalties for cyber-attacks and suspended data-sharing deals with the US in the wake of the PRISM revelations.

A survey found that data encryption practices amongst cloud providers vary widely, while a privacy advocate was suggesting that the recent revelations about the US government's PRISM data-filtering program should make businesses think twice about their use of cloud computing and a European Commission report suggested PRISM was harming the business of US cloud providers. Even as planned July 4 online protests against PRISM seemed to fall flat, caution was being advised regarding disaster recovery as a service (DRaaS) services, even more so because of the increasingly apparent number of ways that governments are spying on citizens online. Things have gotten so bad that the European Union approved stricter penalties for cyber-attacks and suspended data-sharing deals with the US in the wake of the PRISM revelations.

The Google Play app store is still serving up Android adware, one audit has found -- something that will come as no surprise to the more than half of consumers that say they've been the victim of bad apps. Games are the most common vector for attack, even as BYOD is increasingly fingered as leading to widespread security threats. With BYOD and other security issues continuing, one CSO was emphasising the importance ofbusiness-focused security metrics.

An Android lock-screen vulnerability highlighted the ongoing issues with that platform, as did researchers who found a way to turn an Android phone into a spy tool, while a vulnerability was found that allows malware authors to modify Android apps without breaking their digital signatures - which means a malware-laced mobile app can be posted but remain signed by its original author.

Even BlackBerry was reportedly causing security concerns after reports said it had been hacked. Ransomware called 'Darkleech' reared its ugly head, while a tenacious two-pronged malware attack was causing consternation for antivirus researchers, who are already declaring 2013 a particularly nasty year for cyber-security. That's saying a lot, given that the maiden data-breach report by the US state of California found that last year there were 131 separate data-breach incidents that threatened the data of 2.5 million of the state's citizens.

Even that is small beans in the context of the Pony botnet, which according to one analysis has stolen the Web credentials of 650,000 victims in the course of a few days. Recognising the growing prevalence of such attacks, Google's Transparency Report has been bolstered with a new section highlighting the number of malware and compromised Web sites detected by the firm. Microsoft was also strengthening its anti-malware efforts, declaring its new bug-bounty program a success before it had even paid out any rewards.

The US federal Trade Commission (FTC) was considering how to fight the data plundering, proposing a 'Reclaim Your Name' program that would let consumers control use of their information, then won a $US7.5 million judgment against a company that violated Do Not Call list requirements, while that country also saw revised rules about protecting children's online privacy.


1  2  Next Page 

Sign up for CIO Asia eNewsletters.