Samuel Cornell, UNSW Sydney and T.J. Thomson, RMIT UniversityWhen news broke last week that US political influencer Charlie Kirk had been shot at an event at Utah Valley University, millions of people around the world were first alerted to it by social media before journalists had written a word. Rather than first seeing the news on a mainstream news website, footage of the bloody and public assassination was pushed directly onto audiences’ social media feeds. There weren’t any editors deciding whether the raw footage was too distressing, nor warnings before clips auto-played. Australia’s eSafety commissioner called on platforms to shield children from the footage, noting “all platforms have a responsibility to protect their users by quickly removing or restricting illegal harmful material”. This is the norm in today’s media environment: extreme violence often bypasses traditional media gatekeepers and can reach millions of people, including children, instantly. This has wide-ranging impacts on young people – and on society at large. A wide range of violenceYoung people are more likely than older adults to come across violent and disturbing content online. This is partly because they are more frequent users of platforms such as TikTok, Instagram and X. Research from 2024 from the United Kingdom suggests a majority of teenagers have seen violent videos in their feeds. The violence young people see on social media ranges from schoolyard fights and knife attacks to war footage and terrorist attacks. The footage is often visceral, raw and unexpected. A wide range of harmsSeeing this kind of violent footage on social media can make some children not want to leave the house. Research also shows engaging with distressing media can cause symptoms similar to trauma, especially if the violence feels close to our own lives. Research shows social media is not simply a mirror of youth violence but also a vector for it, with bullying, gang violence, dating aggression, and even self-directed violence playing out online. Exposure to these harms can have a negative effect on young people’s mental health, behaviour and academic performance. For others, violent content on social media risks “desensitisation”, where people become so used to suffering and violence they become less empathetic. Communication scholars also point to cultivation theory – the idea in this case that people who consume more violent content begin to see the world as potentially more dangerous than it really is. This potentially skewed perception can influence everyday behaviour even among those who do not directly experience violence. A long history of violenceViolence distributed by media is as old as media itself. The ancient Greeks painted their pottery with scenes of battles and slaying. The Romans wrote about their gladiators. Some of the first photographs ever taken were of the Crimean War. And in the second world war, people went to the cinema to watch newsreels for updates on the war. The Vietnam war was the first “television war” – images of violence and destruction were beamed into people’s homes for the first time. Yet television still involved editorial judgement. Footage of violence was cut, edited, narrated and contextualised. Seeing violence as if you were there has been transformed by social media. Now, footage of war, recorded in real time on phones or drones, is uploaded to TikTok or YouTube and shared with unprecedented immediacy. It often appears without any additional context – and often isn’t packaged any differently to a video of, say, somebody walking down the street or hanging out with friends. War influencers have emerged – people who post updates from conflict zones, often with no editorial training, unlike war journalists. This blurs the line between reporting and spectacle. And this content spreads rapidly, reaching audiences who have often not sought it. Israel’s military even uses war influencers to “thirst trap” social media users for propaganda purposes. A thirst trap is a deliberately eye-catching, often seductive, social media post designed to attract attention and engage users. How to opt out of violenceThere are some practical steps that can be taken to reduce your chances of encountering unwanted violent content:
These actions aren’t foolproof. And the reality is that users of social media have very limited control over what they see. Algorithms still nudge users’ attention toward the sensational. The viral videos of Kirk’s assassination highlight the failures of platforms to protect their users. Despite formal rules banning violent content, shocking videos slip through and reach users, including children. In turn, this highlights why more stringent regulation of social media companies is urgently needed. Samuel Cornell, PhD Candidate in Public Health & Community Medicine, School of Population Health, UNSW Sydney and T.J. Thomson, Senior Lecturer in Visual Communication & Digital Media, RMIT University This article is republished from The Conversation under a Creative Commons license. Read the original article. |
Viral violent videos on social media are skewing young people’s sense of the world (2025-09-17T11:56:00+05:30)
Australian govt to restrict access to abusive technologies (2025-09-05T11:28:00+05:30)
 IANS PhotoCanberra, September 5 2025 (IANS): The Australian government announced on Tuesday that it will move to restrict access to abusive technologies, including artificial intelligence (AI) tools capable of generating sexually explicit images. Anika Wells, the minister for communications, said on Tuesday that the government will work closely with the technology industry to restrict access to undetectable online stalking tools and AI apps that can generate sexually explicit deepfake content, Xinhua News Agency reported. "There is a place for AI and legitimate tracking technology in Australia, but there is no place for apps and technologies that are used solely to abuse, humiliate and harm people, especially our children," Wells said in a statement. "This is too important for us not to act. Abusive technologies are widely and easily accessible and are causing real and irreparable damage now." She said that the crackdown would complement existing laws that prohibit stalking and the non-consensual distribution of sexually explicit materials. Like Australia's ban on children younger than 16 accessing social media platforms, which will come into effect in December, the new laws will place the onus on restricting access to the abusive tools on technology companies. The federal government's eSafety Commissioner, Julie Inman Grant, said in June that there had been twice as many reported incidents of digitally altered intimate images of under-18s in the past 18 months than in the preceding seven years combined. Earlier in July, Australian Prime Minister Anthony Albanese announced that Australia will include YouTube in its world-first social media ban for children younger than 16 after initially granting the platform an exemption. Albanese and Anika Wells, the minister for communications, said at a press conference in Canberra that the federal government has accepted a recommendation from its online safety regulator, the eSafety Commissioner, to include YouTube in the social media ban. YouTube was initially granted an exemption from the ban, which will come into effect from December 10, due to its education and health content, but eSafety Commissioner Julie Inman Grant said in formal advice to the government in June that the platform exposes children to harmful content. Albanese said that the government is prepared to "take action" against social media platforms that cause social harm. "We know this is not the only solution and there's more to do. But it will make a difference," he said.Wells said that the decision to include YouTube in the ban was about “prioritizing parents ahead of platforms.” Australian govt to restrict access to abusive technologies | MorungExpress | morungexpress.com |
India To Deploy Cyber Commandos To Counter Cyber Attacks (2025-07-08T11:53:00+05:30)
 By National Correspondent(Smiriti Ramana) Meet India’s Cyber Commandos, the digital defenders against rising cyber threats. The Indian govt will deploy them in every district across the country. India is creating a special team of ‘cyber commandos’ to protect against cyber threats. The team will comprise police officers from different states and territories, as well as central police organizations. The Ministry of Home Affairs (MHA) has asked all police forces to identify 10 suitable candidates for the team. The idea for the cyber commando wing was suggested by Prime Minister Narendra Modi earlier this year. The new team will focus on countering cyber threats, defending information technology networks, and conducting investigations in cyberspace. They will also be responsible for the nation’s cyber infrastructure. The commandos will receive training and be equipped with the necessary tools to deal with cyber threats. The Ministry of Home Affairs and other top institutions will conduct the training. The commandos will continue to work for their parent organizations and will only be called upon for national duties in urgent cases. The Ministry of Home Affairs has requested that police forces identify at least 10 candidates with basic knowledge of computer networks and operating systems. The world has witnessed several international cyber attacks in the past few years including the Microsoft Exchange hack, where Chinese hackers exploited a vulnerability in Microsoft Exchange email servers to access thousands of organizations’ networks. There was also the SolarWinds hack, where a Russian group compromised a software company called SolarWinds and gained access to many government and private organizations’ networks. Thus, Cyber commandos are very important because they help protect India from cyber attacks. These attacks can be costly and disruptive, and they can harm a country’s reputation. India is emerging as a superpower on the international stage, thus India is getting several allies as well as foes. Consequently, India faces millions of cyber attacks each year. In 2022, India was ranked as the third most attacked country globally, with over 1.3 billion attacks detected. The hackers behind these attacks mostly come from China, Pakistan, and Bangladesh. Recently, the chairman of ISRO S. Somnath revealed that ISRO faces around 100 cyber attacks every day. International hackers have been trying to steal rocket technology. ISRO’s rocket technology consists of ultra-modern software and chip-based hardware. We, common citizens, also face many cybercrimes in our daily lives. You might have been receiving calls, messages, or emails from scammers or hackers almost every day. It’s possible that you’ve become their target as well and lose your money or data. Thus, it is extremely important to have Cyber commandos in every region across the country. These commandos are like the special forces of the internet. They are highly trained and equipped to deal with sophisticated cyber threats. Cyber commandos will play a crucial role in protecting India’s critical infrastructure, such as power grids and financial systems. They also investigate and prosecute cyber criminals. India is establishing a dedicated wing of cyber commandos to counter cybersecurity threats, defend the IT network, and conduct investigations in cyberspace.These commandos will be selected from the police forces of states and Union Territories, as well as central police organizations. Their main goal is to safeguard India’s digital space and ensure the country’s cybersecurity. India To Deploy Cyber Commandos To Counter Cyber Attacks |
Dr Reddy’s isolates data center services after cyberattack (2025-06-14T12:25:00+05:30)
 A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration BENGALURU (Reuters) – Indian drugmaker Dr Reddy’s Laboratories Ltd <REDY.NS> said on Thursday, Oct. 22, 2020, it had isolated all its data center services as a preventive measure following a cyberattack. Shares of the company, which has a partnership to run clinical trials of Russia’s Sputnik-V COVID-19 vaccine in India, fell as much as 4.3% after local television channel ET Now first reported the news. “We are anticipating all services to be up within 24 hours and we do not foresee any major impact on our operations due to this incident,” Dr Reddy’s Chief Information Officer Mukesh Rathi said in a statement. Dr Reddy’s, India’s No.2 drugmaker by market value, had shut its key plants globally due to the breach at its servers, ET Now had reported, citing sources. Its plants in the United States, United Kingdom, Brazil, India and Russia were impacted, the report added. Hyderabad-based Dr Reddy’s also has tie-ups with global firms to sell coronavirus treatments remdesivir and favipiravir in India besides its partnership for the Sputnik-V vaccine.Dr Reddy’s did not respond to a Reuters email seeking more details. Dr Reddy’s isolates data center services after cyberattack
|
Centre blocks 17,000 WhatsApp accounts of hackers from South-East Asia (2025-06-14T12:24:00+05:30)
 New Delhi, (IANS): The Indian Cybercrime Coordination Centre (I4C) and Department of Telecommunication (DoT) have blocked at least 17,000 WhatsApp accounts used by cyber criminals from South East Asia, it was announced on Thursday. In a post on X social media platform, CyberDost, a cyber-safety handle maintained by the Ministry of Home Affairs, informed that it aims to disrupt offshore criminal networks and strengthen India's digital security. “I4C, in collaboration with DoT, has successfully blocked 17,000 WhatsApp accounts used by cyber criminals from South East Asia. The initiative aims to disrupt offshore criminal networks and strengthen India's #DigitalSecurity,” CyberDost posted. In May this year, the Ministry of Home Affairs set up an inter-ministerial committee in reaction to a big rise in transnational organised cybercrime coming from Southeast Asian countries like Cambodia, Myanmar, and Laos-Philippines. About 45 per cent of cyber-financial frauds in India come from places in Southeast Asia. These crimes have become more complicated and bigger, which costs the victims a lot of money. The I4C has taken many steps to damage the infrastructure that hackers use. Its investigation showed that cybercriminals trick people into giving them money by offering investment chances, games, dating apps, and fake trading platforms. Notably, Indian teens and young adults have been tricked into going to Cambodia to find work, only to be forced to commit cybercrimes there. Indian citizens who were protesting in a Cambodian city were arrested, and steps were taken to send them back home and keep them safe. I4C focuses on tackling all the issues related to cybercrime for the citizens, which includes improving coordination between various Law Enforcement Agencies and the stakeholders, driving change in India's overall capability to tackle Cybercrime and to improve citizen satisfaction levels. The Indian Cybercrime Coordination Centre scheme was approved on October 5, 2018.Since its roll out, it has worked towards enhancing the nation’s collective capability to tackle cybercrimes and develop effective coordination among the law enforcement agencies. Centre blocks 17,000 WhatsApp accounts of hackers from South-East Asia | MorungExpress | morungexpress.com
|
Social media doing harm to youngsters, calling time on it: Australian PM Albanese (2025-06-14T12:24:00+05:30)
 Canberra, (IANS) Australia's National Cabinet on Friday agreed to the government's proposed social media legislation - the first of its kind in the world - that sets a minimum age of 16 to access social media in the country. "Social media is doing social harm to our young Australians and I am calling time on it. The safety and mental health of our young people has to be a priority and my government will do all that we can to protect our young Australians, but also to provide support for parents and teachers who are dealing with these issues. I want Australian parents to know that we have your back," Australian Prime Minister Anthony Albanese told reporters after the virtual cabinet meeting. The move builds on Albanese government's work at its 1 May and 6 September 2024 meetings where an investment of $6.5 million was agreed to trial an age assurance pilot to protect children from harmful online content. "This legislation follows extensive consultation with states and territories over a considerable period of time, with parents and teachers, with young people. The work that went into the social media summits that were called in Sydney and Adelaide in recent weeks. Academics, child development experts, industry and civil organisations, First Nations organisations have all been consulted over a period of time because this is a difficult issue and we want to get it right," said Albanese. The Australian government believes that setting the minimum age at 16 will protect youngsters from the harms that come with social media, and will support mums, dads and carers to keep their kids safe besides also assisting in accelerating action to end gender-based violence in a generation. "One of the discussions that we had with Premiers and Chief Ministers today was an analogy drawn between the banning of phones in classrooms and the feedback from that, controversial to some when it was introduced, is just overwhelmingly positive in the impact in making sure that students are concentrating on what's going on in their class and making sure as well that social interaction is improving. Kids are playing with each other at lunchtime instead of playing on their phones - that's a good thing," the Australian PM remarked. The Albanese Government will introduce legislation in the next Parliamentary sitting fortnight with it coming into force no earlier than 12 months after Royal Assent. It puts the onus on social media platforms, not parents or young people, to take reasonable steps to ensure fundamental protections are in place. "We want to say upfront that this won't solve all of the problems, but what this will do is send a social message about what society thinks is appropriate going forward and that will provide that assistance and support for this to be delivered. We will introduce legislation into the Parliament in the next sitting week, which is in just a fortnight's time, and we are hopeful of getting support for that legislation across the House of Representatives and the Senate," stated the Australian PM. Interestingly, Albanese revealed that Tasmania "would have preferred the age of 14", but they didn't want to stand in the way of national uniformity and regarded getting a uniform national decision and process was most important. "We were examining an age range of between 14 and 16. And I guess one of the starting points is where 13 is a notional entry point for a lot of these platforms, how much would 14 lift the dial? How much would 15 actually change the dial when it comes to those harms? There was a body of evidence presented from the UK about particular children's mental development around that time. So all this actually helped to inform the position that we arrived on and I'm pleased that National Cabinet sees the same," Australia's Communications Minister Michelle Rowland detailed.--IANS Social media doing harm to youngsters, calling time on it: Australian PM Albanese | MorungExpress | morungexpress.com
|
Vehicle connectivity is crucial as half of consumers worry about car hacking (2025-06-14T11:04:00+05:30)
 Press Release
Dublin, Ireland, 29 April 2025 – Research from Cubic³, a global leader in software-defined vehicle (SDV) solutions, emphasises the opportunities and challenges facing automotive OEMs as they persuade drivers to buy and subscribe to in-vehicle digital services, such as predictive maintenance, safety features and autonomous driving. Boston Consulting Group forecasts the software-defined vehicle (SDV) market will create over $650 billion value potential by 2030. The survey of 8,000 consumers (equally split between the US, UK, Germany and Japan) and 60 global OEM executives finds that the challenge for OEMs is how to persuade and prove to drivers the benefits of paying for digital services, which constitute an integral part of SDVs and thereby turning this forecast into reality. Perceptions of Paying for Digital Services The research shows current consumer willingness to pay for in-car digital subscriptions is likely to increase. 1 in 4 (Global: 25%. UK: 20%) consumers have paid for digital services for their vehicles, almost doubling (Global: 44%) for those in the 18-24 age range. Only 1 in 5 consumers globally said they wouldn’t be willing to pay anything in monthly subscriptions. Automakers estimate drivers are willing to pay £8 a month for digital services, while drivers say it’s £5.82 – a 27% difference. However, in countries where car usage is higher such as the US, the willingness to pay increases. UK respondents report they are willing to pay the least at £4.89 a month. The survey grouped digital services into three categories to reveal consumer willingness to pay for each group. Nearly half (Global: 51%. UK: 48%) of consumers are willing to pay for ‘vehicle-based services’, such as autonomous driving. Globally 40% (UK: 42%) of consumers are willing to pay for ‘connected services,’ such as video and music streaming, and 39% (UK: 40%) are willing to pay for ‘data services,’ such as predictive maintenance. OEMs need to both monetise digital services and turn them into recurring revenue streams. Automakers think predictive maintenance, enhanced safety features, and autonomous driving are most likely to contribute the most to recurring revenue. “Until recently, most consumers viewed buying a car as a ‘one-and-done’ affair. Although the concept of paying for in-car digital services is relatively new, we are already seeing significant adoption from consumers,” says David Kelly, Chief Corporate Officer, Cubic³. “It will take time for OEMs to persuade the public of the value of digital services, but it is encouraging to see younger drivers – so called digital natives – happy to pay for these services.” OEMs (Mostly) Share Driver Concerns Over Cybersecurity and Data Privacy Consumers are concerned about industry practices around data, with half (Global: 48%. UK: 46%) reporting they worry their car could be hacked. Fortunately, OEMs hold automotive cybersecurity in high regard. 86% report that cybersecurity of their digital services is important and the same amount say that connectivity is important for protecting vehicles throughout the vehicle’s whole lifecycle. OEMs are closely monitoring potential targets by hackers, such as interfaces and APIs, digital sims, infotainment systems and telematics. 49% of UK consumers do not think OEMs should be able to sell driver data to third parties as an additional revenue stream, compared to 44% globally. This is compared to 26% of Brits (Global: 26%) who think it’s fine and 20% (Global: 24%) who are ambivalent about it. However, fewer than one in five (18%) OEMs are currently selling data on. Japanese consumers are the least likely to disapprove of selling data on with 26% saying so. Americans are the most likely to disapprove, with 50% saying it should not be allowed. Safety Features and Speed Limiting Technology OEMs must navigate nuanced consumer sentiment on issues of safety regulation, but consumers broadly support safety features that ensure vehicle longevity and affordability. 52% of UK respondents would seek repair services within a week of noticing a warning light, compared to 49% globally. The mean response was 1.5 weeks, with 20% of Brits saying they’d seek service within 2-4 weeks, compared to 19% globally. In fact, 69% of UK respondents (Global: 67%) report they take their car in for necessary repairs as soon as possible when receiving a recall notice. Ultimately, this highlights the industry opportunity for over-the-air (“OTA”) updates, to revolutionise consumer satisfaction, safety, and convenience by allowing automakers to address select performance needs without requiring physical vehicle inspections. A third (33%) of OEMs indicated that they plan to implement speed limiting and anti-distraction technology in the next 3 years, including in countries, like the United States, where legislation does not yet require it. Although half (56%) of UK drivers favour safety features like these being introduced as standard in new vehicles, a significant minority are against. In fact, if speed-limiting technology were introduced, 28% of Brits say they will buy a different car. This shows that the topic is divisive, and OEMs may face backlash from the public should they implement it. Looking AheadThe report showcases a nuanced, yet optimistic future for OEMs navigating a rapidly changing automotive landscape. The willingness to pay for digital services is increasing, particularly given the new generation of drivers that are digital natives and accustomed to connectivity. Vehicle connectivity is crucial as half of consumers worry about car hacking | Total Telecom |
Some cybersecurity apps could be worse for privacy than nothing at all (2025-06-09T13:06:00+05:30)
|
It’s been a busy few weeks for cybersecurity researchers and reporters. There was the Facebook hack, the Google plus data breach, and allegations that the Chinese government implanted spying chips in hardware components. In the midst of all this, some other important news was overlooked. In early September, Apple removed several Trend Micro anti-malware tools from the Mac app store after they were found to be collecting unnecessary personal information from users, such as browser history. Trend Micro has now removed this function from the apps. It’s a good reminder that not all security apps will make your online movements more secure – and, in some cases, they could be worse than doing nothing at all. It’s wise to do your due diligence before you download that ad-blocker or VPN – read on for some tips. Security appsThere are range of tools people use to protect themselves from cyber threats:
Know the risksThere are multiple dangers in using these kinds of security software, especially without the proper background knowledge. The risks include: Accessing unnecessary dataMany security tools request access to your personal information. In many cases, they need to do this to protect your device. For example, antivirus software requires information such as browser history, personal files, and unique identifiers to function. But in some cases, tools request more access than they need for functionality. This was the case with the Trend Micro apps. Creating a false sense of securityIt makes sense that if you download a security app, you believe your online data is more secure. But sometimes mobile security tools don’t provide security at the expected levels, or don’t provide the claimed services at all. If you think you can install a state-of-the-art mobile malware detection tool and then take risks online, you are mistaken. For example, a 2017 study showed it was not hard to create malware that can bypass 95% of commercial Android antivirus tools. Another study showed that 18% of mobile VPN apps did not encrypt user traffic at all. And if you are using Tor, there are many mistakes you can make that will compromise your anonymity and privacy – especially if you are not familiar with the Tor setup and try to modify its configurations. Lately, there have been reports of fake antivirus software, which open backdoors for spyware, ransomware and adware, occupying the top spots on the app charts. Earlier this year it was reported that 20 million Google Chrome users had downloaded fake ad-blocker extensions. Software going rogueNumerous free – or paid – security software is available in app stores created by enthusiastic individual developers or small companies. While this software can provide handy features, they can be poorly maintained. More importantly, they can be hijacked or bought by attackers, and then used to harvest personal information or propagate malware. This mainly happens in the case of browser extensions. Know what you’re giving awayThe table below shows what sort of personal data are being requested by the top-10 antivirus, app-locker and ad-blocking apps in the Android app store. As you can see, antivirus tools have access to almost all the data stored in the mobile phone. That doesn’t necessarily mean any of these apps are doing anything bad, but it’s worth noting just how much personal information we are entrusting to these apps without knowing much about them. How to be saferFollow these pointers to do a better job of keeping your smart devices secure: Consider whether you need a security appIf you stick to the official apps stores, install few apps, and browse only a routine set of websites, you probably don’t need extra security software. Instead, simply stick to the security guidelines provided by the manufacturer, be diligent about updating your operating system, and don’t click links from untrusted sources. If you do, use antivirus softwareBut before you select one, read product descriptions and online reviews. Stick to solutions from well-known vendors. Find out what it does, and most importantly what it doesn’t do. Then read the permissions it requests and see whether they make sense. Once installed, update the software as required. Be careful with other security toolsOnly install other security tools, such as ad-blockers, app-lockers and VPN clients, if it is absolutely necessary and you trust the developer. The returns from such software can be minimal when compared with the associated risks. Suranga Seneviratne, Lecturer - Security, University of Sydney This article is republished from The Conversation under a Creative Commons license. Read the original article. |
Protecting our digital heritage in the age of cyber threats (2025-02-05T12:48:00+05:30)
|
One of the key functions of the government is to collect and archive national records. This includes everything from property records and registers of births, deaths and taxes, to Parliamentary proceedings, and even the ABC’s digital library of Australian news and entertainment. A new report released today from the Australian Strategic Policy Institute (ASPI) considers the important role these records play as the collective digital identity of our nation. The report’s author, Anne Lyons, explains how an attack on these records could disrupt the day-to-day functioning of society, and why we need to do more to protect them. Why are these records important?Given that we live in the digital era, our digital identity records have been transformed into electronic data and are stored virtually in cloud servers. These servers act as the memory centre of the nation, preserving Australia’s unaltered history. We can trust these records are accurate, confidential and not interfered with. All this digital information may be referred to as “digital identity assets”. These assets are worth protecting, because they are important for the functioning of government, and are a legacy for future generations. Collectively, they embody who and what Australia is as a nation, its journey, and its time and place in history. What could happen if they were hacked?The impact of any theft, manipulation, destruction or deletion of digital identity assets could be catastrophic. The courts would not be able to function without the relevant digital records. Manipulated property title deeds could create legal challenges. Passports and visas may not be able to be verified and issued. And historic records could be tampered with or forged. In the worst-case scenario, such an attack could interfere with the proper functioning of government, and shatter public trust and confidence in government institutions. Lyons paints a picture of what it would look like if property records were hacked:
What are we doing to prevent attacks?Three pieces of legislation have been passed since 2017 to protect the nation against crimes committed over the internet targeting telecommunications, water, electricity and gas equipment. These are the Security of Critical Infrastructure Act, the National Security Legislation Amendment (Espionage and Foreign Interference) Act and the Telecommunications and Other Legislation Amendment Act. But cyber attacks are not only targeted at our nation’s critical infrastructure. Servers that host digital identity assets are also at risk. Nation states and individual hackers could gain access to databases using our email communications to gain access. Despite this risk, our lawmakers have failed to exert the same vigour in crafting laws that protect digital identity assets as they have exerted in efforts to decrypt the WhatsApp messages of criminal targets. There is no clear and specific cybersecurity governance framework in the law books geared towards detecting and preventing attacks against these assets. How to protect our digital heritage1. Assess cyber vulnerabilities alongside social onesGovernments need to improve their holistic situational awareness to counter threats. That means assessing cyber vulnerabilities in conjunction with societal ones. Online disinformation campaigns and malicious cyber activities are all referred to as hybrid threats. Hybrid threats – which could make use of digital identity assets – are challenging to detect and to make sense of due to their dynamic nature. Understanding the complex nature of a hybrid threat is referred to as cyber situational awareness. Outside of the cyber environment, situational awareness may refer to an awareness of cultural, ethnic and religious tensions in society that could be vulnerable to online exploitation. For example, in the 1980s the Soviet government used the HIV epidemic to sow social division in the United States. Under operation INFEKTION, Russia spread stories that the American government created the virus and spread it among its population. In cases like this, it’s feasible that digital health records could be hacked and altered to serve as fake evidence. In this way, societal vulnerabilities can become one part of a mixed bag of threats. Our ability to effectively resist and recover from malicious hybrid activities depends on our capacity to detect, analyse and understand the nature of the threat, in near real time. Metadata can be used for this purpose to show who accessed a server and from what location. To improve cyber situational awareness, access logs should be retained and the computer emergency response team must collect metadata from government departments themselves, and analyse the data in near real time. This is a growing trend in the cybersecurity sector and public bodies must gear up. 2. Store copies of historical records offlineWe also need to simulate how digital identity assets can be used against us and be prepared to counter the propaganda. Schools and universities can store multiple offline historic records, which can be used to verify accuracy when conflicting stories arise. Using National Archives as a central repository for digital identity assets is a single point of failure. Redundancy work-arounds must be created. 3. Engage the private sectorThis is a job too big and too important to be left to government alone. Historical societies and charitable organisations may need to store hard and soft copies of the same records all over the country. Relevant laws must mandate, cybersecurity situational awareness for telecommunications companies, ISPs, computer emergency response teams, law enforcement and security agencies, but in clear and responsible fashion. We must take a proactive approach that mandates the roll out of appropriate advance counter measures. A legal mandate that is largely based on past incidents may not be an effective strategy to prevent dynamic hybrid threats. This is how we will tell hackers to back off our national heritage. Stanley Shanapinda, Research Fellow, La Trobe University This article is republished from The Conversation under a Creative Commons license. Read the original article. |
Deterring China isn’t all about submarines. Australia’s ‘cyber offence’ might be its most potent weapon (2025-02-03T13:45:00+05:30)
Greg Austin, University of Technology SydneyAustralia doesn’t need to wait ten or 20 years for its new submarines, or for long-range missiles, to project effective military power against China. It has the ability to use its cyber forces to strike strategic targets inside China now, or for the sake of deterrence, to hold out that threat. Cyber attacks are aimed at breaking into enemy military networks to disrupt or disable their systems. They can be used against a variety of weapons and communications systems. Cyber forces are now an integral part of a country’s strike capability in wartime. The United States is even now planning wartime cyber attacks against China, should they be needed. According to 2018 figures, the Americans have a force of around 240,000 defence personnel and contractors in place to contribute to cyber defence and cyber attack, with up to one-third likely available to support the latter. In the event of war, these US cyber attacks could be sustained across the full range of Chinese war capacity. The aim would be to gain what’s called “decision dominance”. This is the “disintegration” of China’s systems and decision-making, “thereby defeating their offensive capabilities” – if we can interpret remarks of the former commander of US Indo-Pacific Command, Admiral Philip Davidson, to be a reference to China. Australia has been much more guarded in discussing cyber offence than the US, but the two allies are in step. Canberra is in the process of tripling the size of its offensive cyber forces under Project Redspice, announced last year. It could attack military command and control assets anywhere in China in the event of war. Softer targets might include critical national infrastructure, such as the energy grid supporting the war effort. Australia’s cyber force will remain small compared with the US. But it can also call on private domestic or foreign corporations to design attack packages against China, as the US does. Australia is aiming for world-class offensive options in cyberspace. The AUKUS allies coordinate closely together on cyber operations, and this area of activity is a prime focus for the new grouping. In 2020, the United Kingdom set up a new organisation, its National Cyber Force, dedicated to offensive strike operations. As part of this “cyber three” alliance with the US and UK, Australia’s cyber force will likely remain the country’s most powerful strike capability against China for decades to come. China’s cyber security weaknessOf course, success isn’t assured with cyber attacks. But causing disruption on a significant scale can be achieved with a highly focused effort across all phases of offensive cyber operations, especially in coordination with our allies. The most important phase is the first one: ensuring up-to-date intelligence on the other side’s systems. The effort put into cyber intelligence against China’s armed forces is actually the foundation of cyber offensive teams, even if the intelligence people aren’t counted as having an “offensive” role. China is adept at cyber offence. But contrary to popular belief, cyber security isn’t a strong point for China, and this makes it particularly vulnerable to attack in wartime. The International Institute for Strategic Studies has assessed that China has certain fundamental weaknesses that will take many years to overcome, including in its cyber security industry, education and policy. Chinese leaders believe they’re well behind the US and allies in terms of military cyber capability. This will likely constrain their choices about starting any war over Taiwan. Political sensitivities?There’s no need for Australia to be shy about this offensive capability against China on political grounds, because China is planning to do the same against us in the event of war. China is already conducting cyber espionage on Australia and other countries in preparation for a major crisis. It’s almost certainly developing capabilities to disable enemy military systems and infrastructure if needed. Defence Minister Richard Marles recently restated the long-held view that the more offensive capabilities we have, for example through submarines, the more the country can contribute to allied deterrence of potential aggressors. Australian political leaders must prioritise the military’s ability to attack targets in China at scale, in the unlikely event of war. And leaders need to ensure cyber forces have more highly trained people dedicated to this task and a more powerful domestic cyber industry. For military and political leaders to go down this path more robustly, the Australian Defence Force will also need to reassess the military balance of power in the Asia-Pacific to take account of the US and its allies’ cyber superiority over China. This might also allow Australians to feel more secure about possible Chinese military threats. The choices Chinese leaders might make in provoking a crisis will be shaped by their view that their armed forces aren’t as competitive in this dimension of US and allied military power. Greg Austin, Adjunct Professor, Australia-China Relations Institute, University of Technology Sydney This article is republished from The Conversation under a Creative Commons license. Read the original article. |
Should cyber officials be required to tell victims of cyber crimes they’ve been hacked? (2025-01-22T13:43:00+05:30)
|
New cyber centre opens in UK (2024-12-02T13:37:00+05:30)
 (Image: NDA)The UK's Nuclear Decommissioning Authority group has launched a specialised cyber facility in Cumbria to accelerate collaboration across nuclear operators and the supply chain, on the adoption of innovative technologies such as AI and robotics and enhancing their collective ability to successfully defend against cyber threats. It said the Group Cyberspace Collaboration Centre (GCCC) provides a space for experts in cyber, digital and engineering to come together and share knowledge and learning on how best to adopt new technologies and defend against evolving threats. Representatives from government, the nuclear sector, regulators and the supply chain attended the official opening which showcased the capability of the centre. The Nuclear Decommissioning Authority (NDA) said the GCCC was a multi-functional space for partners to explore how new technologies can support mission delivery and facilitate security operations, cyber exercising and training. "The GCCC is further enhancing our collective ability to keep us safe, secure, resilient and sustainable in cyberspace," said NDA Group CEO David Peattie. "Enabling us to work together more closely means we can defend as one, benefitting the collective security of the individual organisations we serve. "When it comes to security, we are never complacent, and we continually invest in our expertise and our technology to further strengthen our capability."  (Image: NDA) The NDA group - which includes Sellafield, Nuclear Restoration Services, Nuclear Waste Services and Nuclear Transport Solutions - has invested in group-wide cyber services and capabilities to ensure systems are better protected and more resilient and delivering a strong, consistent approach to common cyber security threats. The GCCC is part of the group's growing portfolio of digital and cyber capability including a joint Cyber Security Operations facility, which opened in Warrington in August. It is part of a constellation of related leading cyber and digital capabilities, including the Cyber Lab classroom at Energus, the Sellafield Engineering Centre of Excellence, and the Robotics and AI Collaboration centre (RAICo1).Warren Cain, Superintending Inspector at the Office for Nuclear Regulation, said: "All nuclear sites must have strong cyber security systems in place to protect important information and assets from cyber threats. Cyber security is a key regulatory priority for the Office for Nuclear Regulation, and we welcome the NDA's commitment to strengthen their cyber defences with this new specialist facility." New cyber centre opens in UK
|