Thursday, 27 October 2016

Emerging Economy Cyber Alerts - October 27, 2016


Privacy, Surveillance and Censorship
government isn't always on your side

Ethiopian flag and map


Earlier this month, Ethiopia began a six-month shutdown of mobile internet to limit dialogue regarding anti-government protests. Now, the government has also banned the use of social media platforms such as Facebook and Twitter. “This is a typical textbook example of repression,” reported an Ethiopian Zone 9 blogger. 




Research and Initiatives
making your world a more cybersecure place

Mexican flag and map


Project Shield was officially presented earlier this month at the Inter American Press Association General Assembly in Mexico City. The project, developed with the support of Google technology, strives to protect news sites and freedom of expression organizations from distributed denial of service (DDoS) attacks. 



Indian flag and map 
Microsoft launched a Cybersecurity Engagement Centre (CSEC) in India on Friday. Reported Microsoft India Chairman Bhaskar Pramanik, “We believe security of critical information is imperative for our corporate customers, just as it is vital to ensure security and privacy of citizen data and transactions.” The company has also begun Microsoft Secure, a campaign to increase cybersecurity awareness across India. 



Brazilian flag and map 

Microsoft opened its first Latin American Transparency Center in Brazil. Reported Microsoft’s Cesar Cernuda, “Microsoft is committed to providing a trusted cloud and our unique threat intelligence innovations and trusted cloud ecosystem offers powerful protection against security threats. We also empower governments to investigate, disrupt and prosecute global cybercriminal networks.” 

Saudi flag and map 

Arbor Networks’ Worldwide Infrastructure Security Report acknowledged that cyberattacks in the Middle East are outpacing those elsewhere. In 2016 alone, the Kingdom of Saudi Arabia, Iraq and Kuwait have been the top targets for large distributed denial of service (DDoS) attacks in the region. 





Cyberattacks
the threats we all face

Russian flag and map 
Earlier this month, the United States government formally accused Russia of hacking in order to sway the results of upcoming national elections. More recently, Christopher Porter of FireEye reminded us that this is not an isolated incident: “Their only limit is what the [Russian] Government is willing to do. They are among the best in the world. This is not a new activity. It is new only in the US.” 



Emirati flag and map 
A distributed denial of service (DDoS) attack on Domain Name System provider Dyn led to the inaccessibility of services such as Netflix, Twitter and The New York Times on Friday, beginning in the United States and eventually including parts of Europe and Asia. Now, the United Arab Emirates is being warned that a similar attack could be headed its way. 

Chinese flag and map 



Chinese hackers recently used malware to gather military maneuvers and command system, control system and policy issue information from foreign government personnel who had boarded a United States aircraft carrier in the South China Sea. Whether the attack was successful remains unclear. 

Indian flag and map


ATM network malware has compromised more than 3.2 million debit cards in India. In response, users have been advised to change their security codes or replace their debit cards altogether; regardless, Indians now have yet another reason to continue to prefer cash to electronic payments. 
Chinese flag and map 




Chinese users excited to have government censor-bypassing access to Twitter should question their good fortune. Malware known as the “Dual Instance” Twitter app has been found guilty of stealing users’ Twitter credentials when logging them in. 






All images credit of BOLDG/Shutterstock.com.
Want more emerging economy cyber alerts? Read on!
 
Have valuable insight to share from your part of the world? Write for us!
 
SumRando Cybersecurity is a Mauritius-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!

Wednesday, 26 October 2016

SumTips: 10 Facts on Encryption and Human Rights from Amnesty International

Mobile chatting
Amnesty International recently released a report ranking 11 technology companies on encryption and human rights.

The results reinforce what we already know:
  • Encryption helps protect people’s human rights online.
  • Encryption stops cybercriminals from stealing our personal information, and helps prevent unlawful government surveillance of our communications.
  • There is virtual consensus among expert technologists and cryptographers that it is impossible to put in place a system of special access that could only be used by the intended state authorities. If a backdoor exists, others–criminals, malicious hackers, or other governments–will also be able to access it.

…and remind us that there is still work to be done:
  • Only three of the companies assessed–Apple, LINE, Viber Media–apply end-to-end encryption as a default to all of their IM services. Of these, none are fully transparent about the system of encryption they are using.
  • In five cases Amnesty International found a gap between policy and practice: for example, Microsoft has a clear stated commitment to human rights, but is not applying any form of end-to-end encryption on its Skype service. 
  • All of the companies, with the exception of Tencent, have stated publicly that they will not grant government requests to backdoor the encryption on their messaging services.
  • Apple is a powerful advocate for privacy and security and is applying a strong form of encryption to its services. However, Amnesty International found that the company could do more to tackle these issues from a human rights perspective and inform its users about the threats to their human rights and the way that the company is responding.
  • Facebook deploys end-to-end decryption by default on WhatsApp, but not on Facebook Messenger.
  • Telegram Messenger, Kakao Talk and Google Allo do not warn users when using weaker encryption.
  • Snapchat and BlackBerry Messenger offer no commitment to freedom of expression and make no policy recognition of online threats to human rights.

Know what your chat app can do for you, surf secure and stay Rando!


Image credit of Shutterstock.com.
Want more SumTips? Read on!

Want SumTips sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

SumRando Cybersecurity is a Mauritius-based VPNWeb Proxy and Secure Messenger provider. Surf secure and stay Rando!

Thursday, 20 October 2016

Digital Divide: Emerging Economy Cyber Alerts - October 20, 2016


Policy
their legislation today could be yours tomorrow

Qatari flag and map


Assistant Undersecretary of the Cyber Security Sector Eng. Khalid Al Hashmi recently announced Qatar’s draft Information Privacy Protection Law would be enacted before the end of 2016. The law purports to protect personal data rights as well as personal information collected electronically or otherwise.



Research and Initiatives
making your world a more cybersecure place

Philippine flag and map 

Allan Cabanlong, Executive Director of the Philippines’ Cybercrime Investigation and Coordination Center (CICC), recently announced that a four-prong cyber strategy will begin in December; it will strive to protect infrastructure, government, business and individuals.

American flag and map


United States-based international digital rights group the Electronic Frontier Foundation has updated its Surveillance Self-Defense guide to include further concerns about the security of WhatsApp. Vulnerabilities include unencrypted message backups, hidden key change notifications, utilization of a web interface rather than extensions and data sharing with Facebook.

Singaporean flag and map 


Last week’s inaugural Singapore International Cyber Week (SICW) included the ASEAN Ministerial Conference on Cybersecurity (AMCC). The conference was chaired by Dr. Yaacob Ibrahim, Singapore’s Minister for Communications and Information and Minister-in-Charge of Cybersecurity, and served as the launch of Singapore’s national cybersecurity strategy.

Kenyan flag and map 

Kenya now has a Cyber Coordination Centre. Explained Kenyan Communication Authority (CA) chairman Ngene Gituku, “[The] Cyber Coordination Centre is aimed at curbing increasing threats posed by cyber-criminals in the country and the region at large which require both institutions and individuals to take all necessary measures to safeguard themselves.” The Centre will promote collaboration at the local, national and international levels.

Indonesian flag and map 


Indonesian Chief Security Minister Wiranto recently announced his intention to create a National Cyber Agency. Wiranto also acknowledged, “Cybercrime is related to security and defense in e-commerce. We will soon have e-voting. If the e-voting system is hacked, the data would be destroyed, so we have to safeguard it.”




All images credit of BOLDG/Shutterstock.com.
Want more emerging economy cyber alerts? Read on!
 
Have valuable insight to share from your part of the world? Write for us!
 
SumRando Cybersecurity is a Mauritius-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!

Wednesday, 19 October 2016

SumTips: 8 Must-Have Tips from EFF’s Surveillance Self-Defense Guide

Man giving tipsThe Electronic Frontier Foundation (EFF) is an international digital rights group that supports user privacy, free expression and innovation. In addition to its impact litigation, policy analysis, grassroots activism and technology development, the nonprofit offers an online Surveillance Self-Defense Guide, with overviews of what digital surveillance is and how it can be countered; tutorials on installing and using protective software and tools; and briefings on relevant situations. Eight must-have tips include:

1.    How to Make a Super-Secure Password Using Dice (Animated): Think your complex password is secure? Think again. Computer programs allow hackers to guess millions of passwords in just one second. For greater security, try Arnold G. Reinhold’s Diceware technique.

2.    How to Delete Your Data Securely on Windows: Think a file moved to your computer’s trash folder is gone forever? Not exactly. Try BleachBit for secure file deletion for Windows (and check out EFF’s resources for deleting data from Linux and Mac OS X).

3.    How to Enable Two-factor Authentication: Not willing to rely on a single password to keep your accounts secure? Take the extra steps required to add an additional authentication method (usually your phone number). Facebook calls it ‘login approvals’; Twitter calls it ‘login verification’; Google calls it ‘2-step verification’; and we call it plain smart. A complete list of websites that offer 2FA can be found at https://twofactorauth.org/. 

4.    How to Use OTR for Windows: Looking for a secure chat application? Try OTR (Off-the-record) with instant messaging client Pidgin. OTR encrypts chats, identifies your chat buddy and prevents servers from logging conversations, but beware—it cannot control the actions of your chat buddy. Also, check out EFF’s resources for OTR for Linux and Mac).

5.    A Detailed Guide to Attending Protests (International): Interested in exercising your freedom of expression? EFF provides measures to take to protect your electronic devices, before and during a protest.

6.    A Detailed Guide to Protecting Yourself on Social Networks: Regarding Facebook, Twitter and Google+, have you asked any of the following questions lately: How can I interact with these sites while protecting myself? My basic privacy? My identity? My contacts and associations? What information do I want to keep private and who do I want to keep it private from? If so, EFF has answers.

7.    What Is Encryption? An Overview: You have questions; EFF has answers.

8.    A Detailed Guide to Choosing the VPN That’s Right for You: We may be biased, but we’d say that SumRando’s promise of no logging, secure server locations and acceptance of alternate payment options make it an excellent choice.

Know your resources, surf secure and stay Rando!



Image credit of Shutterstock.com.
Want more SumTips? Read on!

Want SumTips sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

SumRando Cybersecurity is a Mauritius-based VPNWeb Proxy and Secure Messenger provider. Surf secure and stay Rando!

Thursday, 13 October 2016

Digital Divide: Emerging Economy Cyber Alerts - October 13, 2016


Research and Initiatives
making your world a more cybersecure place

Indian flag and map 


Government and industry in India are working together to create a platform for indigenous cybersecurity products and solutions companies. Additionally, a fund for cybersecurity startups has been established.


Israeli flag and map 


Israel is prepared to support India in developing a comprehensive cybersecurity plan that will both prevent and counter cyberattacks. In the words of Israeli Prime Minister Benjamin Netanyahu, “If hackers are targeting your banks, your planes, your power grids and just about everything else, Israel can offer indispensable help.”

Singaporean flag and map


Microsoft now has a combined Transparency Center and Cybersecurity Center in Singapore. The Center will serve all of the Asia-Pacific region and aims to meet the security needs of the public and private sectors and to offer a secure computing environment.


Bangladeshi flag and map 



Bangladesh and Thailand have signed a Memorandum of Understanding on cybersecurity and ICT cooperation. The two nations have agreed to share best practices, best policy practices, technological innovations and training.


Indonesian flag and map 


Kaspersky Lab’s Cybersecurity Weekend for Asia Pacific took place in Bali, Indonesia. “Our objective for the event is to share our expertise in cybersecurity and to show the audience different perspectives of cybersecurity, focusing on the financial industry,” said Kaspersky’s Jesmond Chang.

Ghanaian flag and map


Ghana’s 2016 e-Commerce Exhibition and Conference will take place in Accra later this month. The event will explore ‘Transforming Ghana’s online Businesses through Technology, Innovation & Opportunity’ and expects more than 100 delegates.





Cyberattacks
the threats we all face

Russian flag and map 
The United States government has accused Russia of hacking American email systems in an attempt to sway the results of the upcoming presidential election. Said a press release from the Director of National Intelligence and the Department of Homeland Security, “We believe, based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized these activities.”




All images credit of BOLDG/Shutterstock.com.
Want more emerging economy cyber alerts? Read on!
 
Want emerging economy cyber alerts sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

Have valuable insight to share from your part of the world? Write for us!
 
SumRando Cybersecurity is a Mauritius-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!

Wednesday, 12 October 2016

SumTips: How Donald Trump Proves That Freedom of Speech Works

Donald Trump
[Source: Gage Skidmore]
We said it in May and we’ll say it again: Freedom of speech—especially following years of silence—can be messy, ugly and uncomfortable for all, but it is the dialogue that it brings that is absolutely necessary to achieve a lasting peace.

The weeks leading up to the American presidential election have become quite the free speech-fest, with a slew of colorful comments from Republican nominee Donald Trump sparking ongoing debate from politicians and Facebook friends alike.

On Friday, a recorded conversation from 2005 of Donald Trump and television personality Billy Bush was released. In it, Trump bragged about how his celebrity status enabled him to grope, kiss and have sex with women as he saw fit: “When you’re a star, they let you do it. You can do anything.”

The ensuing response, however, has overwhelmingly suggested that the Donald’s days of omnipotence are coming to an end:

By Saturday, 2008 Republican presidential hopeful Senator John McCain had withdrawn his support for Trump.

On Sunday, Democratic nominee Hillary Clinton and Trump broke precedent and did not shake hands at the start of their town hall debate.

During the debate, Trump diminished his 2005 commentary as mere “locker room talk,” in essence providing a more definitive answer to the debate’s opening question (“Do you feel you are modeling appropriate and positive behavior for today’s youth?”) than he was willing to give when the question was asked.

Clinton, in turn, used Trump’s “locker room talk” as an opportunity to remind voters that this was in no way an isolated incident: “So, yes, this is who Donald Trump is. But it’s not only women, and it’s not only this video that raises questions about his fitness to be our president, because he has also targeted immigrants, African-Americans, Latinos, people with disabilities, POWs, Muslims, and so many others.”

On Monday, Speaker of the House of Representatives Paul Ryan announced that he would neither defend nor campaign for Trump, and encouraged fellow Republicans to proceed as they saw fit. To date, the total number of Republican leaders not supporting Trump has reached 160.

On Tuesday, Donald Trump let us know what he really thinks about his dwindling Republican support: “It is so nice that the shackles have been taken off me and I can now fight for America the way I want to.”

In short, Donald Trump’s commentary has made us all a little uncomfortable, but now that it is out in the open, we can see him and America a little more clearly. Will the United States prove to be a country that prefers a woman or a misogynist as its commander-in-chief – and, accordingly, to what extent should the rest of the world follow its lead or walk away?

Know of other ways Trump’s freedom of expression has deepened our understanding of American politics? Let us know in the comments below.




Want more SumTips? Read on!

Want SumTips sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

SumRando Cybersecurity is a Mauritius-based VPNWeb Proxy and Secure Messenger provider. Surf secure and stay Rando!

Thursday, 6 October 2016

Digital Divide: Emerging Economy Cyber Alerts - October 6, 2016


Policy
their legislation today could be yours tomorrow

Indian flag and map


India has (once again) withdrawn its draft National Encryption Policy. At issue is a proposal to require all citizens to save their emails, chats and other digital communications for 90 days. Although the government insists that communications via web-based applications and social media sites like WhatsApp, Facebook and Twitter would not be affected, others maintain that the legislation would be better termed the “Gujarat Snooping Model.” 



Privacy, Surveillance and Censorship
government isn't always on your side

Kuwaiti flag and map 

Kuwaiti activist Sara al-Derees has been sentenced to jail for 21 days for “insulting the Emir” via Twitter. The Arabic Network for Human Rights Information (ANHRI) has asked for al-Derees to be released and also for an end to the prosecution of social media activists and human rights defenders in general. 




Research and Initiatives
making your world a more cybersecure place

Nigerian flag and map At the International Police (INTERPOL) Cybercrime Training for Practitioner Investigators from African Countries, Nigerian Inspector-General of Police Ibrahim Idris committed Nigeria to better supporting INTERPOL. In the words of Nigerian Commissioner of Police Olusshola Subair, “Cyber criminals have enjoyed a long start ahead of law enforcement and inflicted serious injuries on citizens we have sworn to protect. We must in turn develop new ways and methods to adapt to current challenges.” 

Malaysian flag and map
CyberSecurity Malaysia and the International Council of E-Commerce Consultants (EC-Council) will host the ASEAN Chief Information Security Officer (CISO) Summit and ASEAN CISO Workshop from October 17-20. Said EC-Council’s Danish Arshad, “EC-Council and CyberSecurity Malaysia have taken the initiative to gather the movers and shakers of cyber security in a single platform and challenge them to address the pressing issues of static cybersecurity policies and fairly exercised regulatory frameworks, as well as bridge the cybersecurity skill gap by enabling more security experts to obtain international security leadership training and build a proactive information-security maturity roadmap leading to greater information-security sustainability.” 

Emirati flag and map 
Digital Shadows recently released ‘Compromised Credentials,’ a research paper that revealed 97% of the 1,000 largest companies worldwide had leaked credentials. In the Middle East, the most leaked credentials came from the United Arab Emirates; Saudi Arabia, Kuwait and Qatar rounded out the list. 





Cyberattacks
the threats we all face

Israeli flag and map



Wintego, an Israeli hacking firm, now sells CatchApp, software designed to intercept WhatsApp communications. What remains unclear is whether CatchApp can hack into WhatsApp applications that utilize its now-available end-to-end encryption. 




Looking Back
a new glimpse at past alerts

Indian flag and map 

First Zimbabwe and now India: At CyFy 2016, the country's conference on cybersecurity and internet governance, Deputy National Security Advisor Arvind Gupta acknowledged the need to continually update India’s cyber doctrine in order to keep pace with ever-evolving cyber space. India is currently the second largest user of the internet in the world.




All images credit of BOLDG/Shutterstock.com.
Want more emerging economy cyber alerts? Read on!
 
Want emerging economy cyber alerts sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

Have valuable insight to share from your part of the world? Write for us!
 
SumRando Cybersecurity is a Mauritius-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!

Wednesday, 5 October 2016

SumTips: 9 Cyber Security Awareness Month Events Not to Miss

It's National Cyber Security Awareness Month.
It’s National Cyber Security Awareness Month, a United States-based event that increasingly attracts the attention of digital citizens worldwide. No matter where in the world you are this October, be sure to check out the following online NCSAM events:

October 6: #ChatSTC Twitter Chat: STOP. THINK. CONNECT.™ - The Basics of Online Safety
This #ChatSTC Twitter chat will discuss simple ways you can protect yourself, your family and your community online and explore how to engage young people in responsible technology use and pursue careers devoted to protecting the internet. Join via #ChatSTC at 3:00PM EDT.

October 11: EDUCAUSE Live! – Top Attack Techniques, Top Human Risks & How to Create a Cyberaware Culture
What are the scariest new attack techniques in 2016? What are the top human risks organizations are currently facing? Join the head of the Internet Storm Center and the director of SANS Securing The Human to discover how you can prepare for threats posed by technologies and people, and leverage that knowledge to create a more "cyberaware" culture on campus. Join via www.educause.edu at 1:00PM EDT.

October 13: Solving the “password1” Problem: Why Businesses Need 2FA
IDC analyst Robert Westervelt and ESET Senior Technical Strategist Ben Reed will be giving a free webinar on two-factor authentication (2FA). Topics to be discussed include the different types of multifactor authentication, why the right 2FA solution helps prevent breaches and how to implement 2FA quickly and easily. Join via www.brighttalk.com at 1:00PM EDT.

October 13: #ChatSTC Twitter Chat: Creating a Culture of Cybersecurity from the Break Room to the Boardroom
This #ChatSTC Twitter chat will discuss how leaders and employees in business, healthcare, academic, government and civil society can keep their organizations safer and more secure during National Cyber Security Awareness Month and year-round. Join via #ChatSTC at 3:00PM EDT.

October 20: Get Smart About Ransomware: Protect Yourself and Your Organization
Do you think you're doing enough to protect yourself against ransomware threats? It's time to start learning how to better protect yourself (and your organization) online. Support NCSAM by attending Security Innovation's free live webinar, which will discuss what ransomware is and how it affects you, real-world examples of ransomware attacks and what we've learned from them, what to do if you or your organization becomes a ransomware victim and how you can avoid ransomware threats to protect yourself and your organization. Join via web.securityinnovation.com at 1:00PM EDT.

October 20: #ChatSTC Twitter Chat: Recognizing and Combating Cybercrime
This #ChatSTC Twitter chat will discuss different kinds of cybercrime, how to better protect yourself against online threats and how you can play a role in the greater effort against cybercrime. Join via #ChatSTC at 3:00PM EDT. 

October 27: #ChatSTC Twitter Chat: Navigating Your Continuously Connected Life
This #ChatSTC Twitter chat will discuss how you can take security precautions and protect your personal information as the world of cutting-edge technologies continues to grow. Join via #ChatSTC at 3:00PM EDT. 

October 28: Digital Citizenship Summit
The Digital Citizenship Summit is a major global event for digital citizenship, featuring well-known and diverse, emerging voices discussing the safe, savvy and ethical use of social media and technology. Kicking off U.S. Media Literacy Week, the flagship Digital Citizenship Summit this year will focus on citizenship, literacy and advocacy. Join via www.digcitsummit.com at 9:00AM PDT.

November 3: #ChatSTC Twitter Chat: Building Cyber Resilience in Critical Infrastructure
As National Cyber Security Awareness Month (NCSAM) comes to a close, National Critical Infrastructure Security and Resilience (CISR) Month begins in November. In this #ChatSTC, we’ll discuss the connection between the cyber and physical worlds, the importance of protecting and securing our Nation’s critical infrastructure, and share simple cyber tips for individuals looking to do their part to protect our critical infrastructure from cyber threats. Join via #ChatSTC at 3:00PM EDT. 

Know your online resources, surf secure and stay Rando!


Image credit of Shutterstock.com. 
Want more SumTips? Read on!


Want SumTips sent to your inbox? Sign up for our weekly newsletter ("Security Tips and News" at bottom of page). 

SumRando Cybersecurity is a Mauritius-based VPNWeb Proxy and Secure Messenger provider. Surf secure and stay Rando!