Highlights from the past seven days in information security include insight into Remaiten, the Trident cybersecurity update and the value of backing up your data.
Welcome to this week’s security review, which includes insight into Remaiten, bolstering Trident’s cybersecurity, the value of backing up your data and why banks, according to some, should not compensate victims of online fraud.
Remaiten: The Linux bot that targets routers and other IoT devices
Researchers at ESET revealed that they were actively monitoring a new threat, which was found to be targeting routers, gateways and access points. Dubbed Remaiten, the malware was found to have a “unique” spreading mechanism and was described as bringing together the the capabilities of Tsunami and Gafgyt.
Trident nuclear system to be updated to protect against attacks
Independent security analyst Graham Cluley reported on news that the UK’s controversial nuclear deterrent system is to receive an important update, which will help defend it against cyberattacks. He added: “It is good that Trident nuclear missiles are standalone systems. It is good that they are air-gapped. It is good that they are not connected to the internet.”
Ransomware threat highlights why backing up data is essential
On World Backup Day, We Live Security published an informative article highlighting the threat posed by ransomware. This increasingly visible and damaging threat is capable of encrypting your data, meaning that if you fall victim to such an attack, you are unlikely to regain access to your assets (unless you pay a ransom). One way of getting around this is to regularly backup your information, so that you have up-to-date copies.
Banks ‘should not compensate’ victims of online fraud
The UK’s metropolitan police commissioner, Sir Bernard Hogan-Howe, advised banks not to offer compensation to victims of online fraud, suggesting that the current system is “not incentivising you to protect yourself”. The commissioner’s comments were highly contentious, as experts including Which?’s Richard Lloyd noted that criminals, not victims, are the ones who should be punished for cybercrime.
National Institute of Standards and Technology updates cryptographic guidelines
The National Institute of Standards and Technology (NIST) announced that it had released an update on cryptographic standards and guidelines. The paper, which has been two years in the making, includes a “global acceptability” principle, which it says “reflects the global nature of today’s commerce”. “While our primary stakeholder is the federal government, our work has global reach across the public and private sectors,” said Donna Dodson, chief cybersecurity advisor at NIST.