01 March 2019

IRM Weekly Cybersecurity Roundup: Thailand's cyber martial law and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Thailand announces controversial “cyber martial law”

Thailand’s military-appointed parliament has passed a cyber security law that gives sweeping powers to state cyber agencies.

The decision has arrived despite the concerns of activists and businesses who believe that the new “Cybersecurity Act” could lead to an abuse of power. They also believe it would sacrifice privacy and the rule of law, driving foreign businesses out of Thailand.

What are the consequences of the new law? If a cyber-attack reaches critical national level, the law allows the various government agencies to override all procedures, enter private property without court orders and summon individuals for questioning.

You can read more here.

Cybercriminals earn $3bn a year exploiting social media

Recent research shows that one in five organisations have been infected by malware via social media, leading to over $3.25bn a year in global revenue for criminals.

Cybercrime involving social media grew 30,000% between 2015 and 2017 in the United States, and has quadrupled between 2013 and 2018 in the UK.

The primary source of malware on social media is thought to be apps, adverts and malicious links, with the majority of software set up to mine monero and bitcoin.

With the increase of social media in the workplace, experts recommend that organisations should work towards protecting their assets against these sorts of attacks through application isolation and containment.

You can read more here.

Bronze Union cyber-attack group targets weapons technology

The cyber-attack group Bronze Union (also known as Emmissary Panda, LuckyMouse and APT27) has attempted to steal data on new weapons technology.

The group is believed to be located in China, focusing on political and military intelligence, according to researchers who have been tracking the group’s activities since 2013.

A common practice by the group is to use stolen credentials to access business accounts and search for individuals in significant roles, enabling them to target their attacks more accurately.

You can read more here.

BlackBerry finalises its acquisition of cyber security firm

The technology company has just completed its acquisition of Cylance for $1.4 billion, with the hope of becoming the “world’s largest and most trusted AI cyber security company”.

BlackBerry chose Cylance for its machine learning and artificial intelligence technology, which they hope will accelerate the development of “BlackBerry Spark”, the secure communications platform for IoT.

You can read more here.

Quick fire updates

Germany agree “no spy” deal with China – In a mission to avoid the development a 5G network by Huawei in Germany, Chancellor Angela Merkel has agreed a deal with China to not spy on each other. Read more here.

GCHQ director calls for wider discussion around ‘cyber power’ – Talking in Singapore, Jeremy Fleming, Director of GCHQ, stated that we need to agree on definitions, regulatory frameworks, industry standards and accepted ethical behaviour before determining which countries are “cyber powers”. Read more here.

Banking scams costs global companies nearly $19 million per year – But many scams go unnoticed, with small regular amounts being taken out of bank accounts. Read more about how banks are working smart to keep customers happy and support them in monitoring unusual activity on their accounts.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.