The Japanese government is seeking to hack personal devices ahead of the 2020 Tokyo Olympics. In January 2019, a law amendment was passed to allow government workers to hack in to IoT (Internet of Things) devices. The government will check devices for easy-to-guess passwords and alert the authorities to any security risks, in a bid to prevent attacks such as Olympic Destroyer and VPNFilter.

Read more on ZDNet

Facebook has come under fire in Germany for failing to protect users’ data. Consumer group Vzbv took legal action against Facebook when it revealed that five of the app’s services kept privacy settings hidden, thereby potentially exposing users’ data. The group added that tech firms must be clear to consumers about how their data is being used.

Read more on BBC

A California governor has claimed that consumers should get a pay-out based on the amount of money tech companies earn from their data. The proposed “data dividend” has given users’ individual data, such as those used to power advertising campaigns, monetary value.

In 2013, the Financial Times created a “data calculator” to give value to each individual’s data, with certain factors, such as divorce, making data more valuable. Furthermore, specific details, such as PayPal details, were valued more highly than others. Research by Top10VPN shows that a person’s entire collection of data can be worth as little as £820. Emerging companies such as Ocean Protocol are now offering users the chance to sell their data for use with artificial intelligence research.

Read more on Moneywise

Data protection practices came into play long before the digital age. As early as World War II, the Enigma machine was invented, while Thomas Jefferson pioneered the cipher wheel, which involved lining up 1,000 letters perfectly. Prior to this, Ancient Egyptians would use cryptography such as hieroglyphics to communicate privately, while Greek tyrant Histiaeus would inscribe messages on his slaves’ heads.


Read more on Medium

Modern internet users now have upwards of 100 passwords to protect their data. Our new password security whitepaper outlines the password security landscape, and how you can better utilise passwords to protect yourself online.

Download the whitepaper now

A hacking technique which involves stealing users’ “online credentials” – their usernames and passwords – and using automated devices to log into their accounts, allowing hackers to commit identity theft.

Learn how to prevent credential stuffing with TechRepublic

Google has launched a “phishing quiz” to help users identify the common techniques used in phishing attacks.

“We created this quiz based on the security trainings we’ve held with nearly 10,000 journalists, activists, and political leaders around the world from Ukraine to Syria to Ecuador,” says Google lead product manager Justin Henck. The quiz highlights suspicious URLs, spelling errors and other techniques.

Try your phishing smarts by taking the test here.

Read more on Digital Trends

Companies who fail to protect their customers’ personal data should be “named and shamed by the UK Government”, say teams at King’s College London.

In a report named UK Active Cyber Defence: A public good for the private sector, staff from the Cyber Security Research Group argued that a public list of the worst offenders would incentivise other companies to invest more into security.

Further research from Ipsos MORI revealed that four in 10 businesses experienced a breach or attack in 2017/18.

Read more on Forbes

In January 2019, security researcher Troy Hunt uncovered the biggest leak of email addresses and passwords in history. Dubbed Collection #1, the breach comprises several individual data leaks from different sources, for example social media sites or email addresses.

Generally, attacks are from a single source, such as the 2018 Facebook breach which led to the leak of 14 million users’ names and contact details. For Collection #1, however, 87GB of data from different sources, including more than 770 million email addresses, has been compromised.

Hunt, who runs an online service which allows users to check if their email address has been leaked, advises using password management software. Mycena’s mix-and-match security system, for example, stores passwords locally and combines multiple identifiers such as fingerprint and voice passphrase.

Have you ever noticed an email in your inbox claiming to be from somebody important, such as your bank? If this email invites you to click on a link, it’s very likely an example of phishing.

Phishing scams involve hackers posing as legitimate organisations so that they can convince users to give away their personal data. For example, an email from your “bank” may ask you to click on a link, which will take you to a fake website in which you might enter your personal data. This may lead to identity theft, or worse still, financial losses if hackers obtain your bank details.

These attacks most commonly happen over email, but can also use text messaging or even phone calls. Remember, your bank will never ask you to give out personal information over email. If you’re unsure about a message, look out for:

• Emails asking you to download a file
• Misspelled email addresses or company names
• Suspicious links (hover over them – they will usually be very long and nonsensical)
• Lack of personalisation, i.e. the sender does not address you by your name

Read more tips on how to protect yourself from phishing emails from IT Governance.