19 July 2019

IRM Weekly Cybersecurity Roundup: FaceApp privacy concerns and more

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter. 

What you need to know about FaceApp

You’ve probably seen FaceApp all over your social media this week. Friends and family have been sharing selfies looking older (or younger). The app allows users to run photo-changing filters of themselves using a clever algorithm.

The app has been downloaded by more than 100 million people leading to a privacy concerns. Is it safe to use? Some are worried that the app can go through your phone’s photos without your permission.

FaceApp developers state that images are kept for 48 hours before being deleted and they only upload photos that users share themselves.

The Chief Executive of FaceApp said the photos are not used for facial recognition training. They are only used for editing pictures and the data is not shared for ad-targeting purposes.

If you are concerned about your data privacy, you can submit a request through FaceApp settings, “report a bug” and add “privacy” in the subject line.

You can read more here.

Election hacking now a federal crime

On Wednesday night, the Senate passed a bill known as the ‘Defending the Integrity of Voting Systems’. The legislation made it a federal crime to hack into any voting systems used in a federal election.

The bill was passed by unanimous consent, requiring the sign off from every senator. The Justice Department previously warned that the Computer Fraud and Abuse Act, as currently written, “does not prohibit the act of hacking a voting machine in many common situations.”

This is the second election-security legislation passed by the Senate this year, after clearing a bill denying visas to individuals who are suspected of trying to meddle in U.S. elections.

It is clear that with the 2020 elections coming up it is important to protect from any attempts of interference.

You can read more here.

Interestingly, connected to this story…

Microsoft has detected over 740 election-related infiltration attempts

Microsoft has detected more than 740 infiltration attempts in the past year, targeting U.S based political parties, campaigns and other democracy-focused organisations.

However Microsoft did not mention how many of these infiltration attempts were successful. They did note that these attacks also occurred during the early stages of the 2016 and 2018 elections.

You can read more here.

Quick-fire Updates

UK boards ignore £30bn cyber risk: The cost of a cybersecurity breach for UK mid-market businesses reached at least £30bn in the past 12 months. Firms are over-confident in their cyber capabilities and the boards are not prepared to manage the risk. You can read more here.

New South Wales (NSW) Cyber Security Innovation Node has been launched: The NSW Cyber Security Innovation Node has been launched with Austcyber. It will act as a hub for start-ups, corporations, universities, researchers and government agencies to share information and develop innovations. You can read more here.

Suspect arrested after the cyber-attack on Bulgaria: A 20 year-old man has been arrested for the cyber-attack that compromised almost the entire adult population of Bulgaria. You can read more here.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM. 

Are you looking to get into a career in cyber? Check out IRM’s job vacancies on our careers page or sign up to our careers newsletter for future roles.