European courts target Facebook and Google while the FBI issues a rare cybersecurity warning for industries including healthcare, which saw several hospitals shutdown due to ransomware this week.
"'A criminal is limiting our ability to use our computer systems in exchange for an as-yet unknown payment," said DCH Health System. DCH operates the three affected hospitals in Alabama. One cyber-security expert said the groups using ransomware were becoming increasingly well organised. Computers at the DCH Regional Medical Center in Tuscaloosa, Fayette Medical Center and Northport Medical Center were infected with ransomware. The incident was first reported on 1 October. 'We will continue to divert any new admissions, other than those that are critical, to other facilities,' DCH said in its statement. Local ambulances have been asked to take patients to other local hospitals instead, where possible. Outpatients with appointments at any of the three hospitals were advised to call before attending them. However, elective procedures and surgery already scheduled for 2 October were planned to go ahead. It is not yet known what group or individual launched the ransomware."
By: Paul Sandle "London’s Court of Appeal gave the go-ahead for action against Google over claims it collected data from more than 4 million iPhone users, overturning a ruling in 2018 that in effect blocked any route to legal redress. The claimants said Google, a unit of Alphabet Inc., had illegally accessed details of Apple iPhone users’ internet browsing data by bypassing privacy settings on the Safari browser between June 2011 and February 2012."
By: Chris Fox
"Platforms may also have to seek out similar examples of the illegal content and remove them, instead of waiting for each to be reported. One expert said it was a significant ruling with global implications. Facebook said the judgement raised 'critical questions around freedom of expression'. The case stemmed from an insulting comment posted on Facebook about Austrian politician Eva Glawischnig-Piesczek, which the country's courts said damaged her reputation. Under EU law, Facebook and other platforms are not held responsible for illegal content posted by users, until they have been made aware of it - at which point, they must remove it quickly."
New York Times: Barr Pushes Facebook for Access to WhatsApp Messages
"The Justice Department has renewed its fight for access to encrypted communications, arguing that it is a vital crime-fighting tool even as technology companies and advocates have countered that it will threaten individual privacy. Attorney General William P. Barr took aim at Facebook’s plan to make WhatsApp and its other messaging services more secure, pressing its chief executive, Mark Zuckerberg, to create a loophole to that goal of full encryption. The Justice Department said that investigators needed lawful access to encrypted communications to fight terrorism, organized crime and child pornography.
'Companies should not deliberately design their systems to preclude any form of access to content even for preventing or investigating the most serious crimes,' Mr. Barr, joined by his British and Australian counterparts, wrote in a letter to Mr. Zuckerberg that was reviewed by The New York Times and dated Friday. BuzzFeed News first reported on the letter."
By: Alex Johnson
"A former Yahoo software engineer pleaded guilty Monday to hacking into the accounts of thousands of Yahoo users while looking for sexual images and videos, according to federal prosecutors and court documents. Reyes Daniel Ruiz, 34, of Tracy, California, could face up to five years in prison and a fine of $250,000 on the single count of computer intrusion, prosecutors said. He was free on $200,000 bond pending a Feb. 3 sentencing hearing, prosecutors said."
By: Helene Fouquet
"France is poised to become the first European country to use facial recognition technology to give citizens a secure digital identity -- whether they want it or not.
Saying it wants to make the state more efficient, President Emmanuel Macron’s government is pushing through plans to roll out an ID program, dubbed Alicem, in November, earlier than an initial Christmas target. The country’s data regulator says the program breaches the European rule of consent and a privacy group is challenging it in France’s highest administrative court. It took a hacker just over an hour to break into a 'secure' government messaging app this year, raising concerns about the state’s security standards."
"Threatening to leave Facebook, or talking about how you should spend less time on it, is common. Actually leaving is less common. If you do leave, it might be good for you…and you also might miss it: A study of 1,769 U.S. undergrads found that those who got off Facebook for a week consumed less news, experienced greater wellbeing…and, uh, valued Facebook 20 percent more highly, in monetary terms, than they had before they took their break."
By: Davey Winder
"Be it the prohibition-era gangsters of the 1920s or the global war on terrorism, the Federal Bureau of Investigation (FBI) has been the primary U.S. investigative agency of the federal government with a responsibility to protect the nation. As part of what the FBI describes as being "a unique dual responsibility, to prevent harm to national security as the nation’s domestic intelligence agency and to enforce federal laws as the nation’s principal law enforcement agency," it has increasingly had to deal with the cyber threat. One "high impact" and ongoing cyber threat has become such a critical concern that on October 2, the FBI issued a warning to U.S businesses and organizations."
By: Lily Hay Newman
"In early August, the enterprise security firm Armis got a confusing call from a hospital that uses the company's security monitoring platform. One of its infusion pumps contained a type of networking vulnerability that the researchers had discovered in a few weeks prior. But that vulnerability had been found in an operating system called VxWorks—which the infusion pump didn't run. Hospital representatives wondered if it was just a false positive. But as Armis researchers investigated, they started to see troubling signs of a connection between VxWorks and the infusion pump's operating system. What they ultimately discovered has disturbing implications for the security of countless critical systems—patient monitors, routers, security cameras, and more—across dozens of manufacturers."
By: Kaya Yurieff
"Each time there's a major data breach, it's up to users to look out for an email from the compromised company or stay on top of the news to figure out how best to protect themselves if their personal information has been compromised. Google is trying to help users navigate that headache by rolling out new tools. On Wednesday, the company announced its new Password Checkup feature will automatically check all your saved passwords for security problems and alert you if passwords have been exposed in a third-party data breach."