Want to stay up to date with the latest news in cybersecurity and tech? Read the UKFast security round-up of the most important stories of the past week.
Last week’s NHS data breach affected 150,000 people. The individuals had specified that their sensitive data was not to be shared for anything but care purposes. While the coding error which leaked personal patient data did not result in any dip in patient care, the breach could slam the NHS with a hefty GDPR fine. This is, of course, not the only data breach suffered by the NHS with the second most recent leaking the records of 26 million patients. However they were not the only ones to have a data mishap last week.
Timehop, the social media startup which allows us to be updated with our photographic memories, suffered a security breach which resulted in 21 million users having their personal data leaked.
Timehop issued a statement, revealing they “have now taken steps that include multifactor authentication to secure our authorisation and access controls on all accounts.” This is the number one security tip from UKFast’s sister company Secarma who explain the advantages of multifactor authentication.
It seems like we’re just getting our heads around one attack when another one rears its ugly head. This week aLTEr attacks are hitting the news. But what is this new form of deadly attack and what does it mean for you?
Researchers from Ruhr-Universität Bochum & New York University Abu Dhabi have found that, using an LTE connection, hackers can now snoop on the websites you visit using an attack called aLTER. You might ask “if it’s just snooping, why is the attack dangerous?”
An aLTER attack can happen when people hack in to the data link layer of an LTE connection. This layer is usually designed to protect data with deep encryption – the layer is designed to organise how resources are accessed on the network and correct transmission errors.
However, an attack creates a malicious cell tower between the hacking victim and a legitimate cell tower, allowing the hacker to pose as the victim. Once this connection is made, DNS server requests can be modified and spoofed, allowing hackers to direct victims to malicious websites to swipe their usernames and passwords.
Thankfully, experts say the attack is mitigated by using an advanced, secure HTTPS protocol on your site.
As we all sit tight and wait for the latest Brexit update and new cabinet appointments to ping through to our phones, we might take a minute to reflect on what this means for the tech industry.
While May has revealed a united view on the proposed Brexit deal, tech officials are saying it is crucial for the technology sector to avoid a no-deal Brexit.
In a recent commentary, CEO of TechUK Julian David, said: “The UK tech sector does not see clear benefits of divergence with the EU. Indeed, there has been a strong consensus to maintain alignment on crucial issues such as data protection.”
Problems presented by Brexit include a divergence from EU services contracts, meaning greater difficulty for UK digital services businesses to be part of the European supply chains.
What will be next for the UK tech sector and Brexit?