Each week we provide you with the latest news and updates from around the world of cybersecurity. This includes everything from the latest data breaches, to industry trends, threats to watch out for, and more. Additionally, we will be sure to include Token company updates so you can keep up with all of the latest features and app updates.
Man of the People
This latest piece of data breach news takes us to Singapore where the government health database was breached, exposing personal information of approximately 1.5 million citizens. Included in this database was none other than Singapore’s Prime Minister Lee Hsien Loong. In the official government press release, it was called “the most serious breach of personal data” that the country had experienced. Naturally, this has led to a government response saying that they are going to focus on upgrading cyber defenses. It is not yet known who might be behind the attacks, but the Cyber Security Agency of Singapore (CSA) and the Integrated Health Information System (IHiS) note that it was a highly sophisticated and planned attack. You can read more on the hack over at Reuters.
Build Your Own Toyota
Shockingly a Canadian company, Level One Robotics and Controls left a backup server without password protection, meaning anyone who physically had it, could access sensitive data. Included in the documents were “recipes” for building cars and car parts from companies such as Toyota, Tesla, and Ford, in addition to almost 100 other companies. After the documents were found online they were quickly removed and it was deemed “extremely unlikely” anyone besides the individual who discovered the leak had accessed their files. While no consumer data was lost in the breach, this is a scary situation for businesses working with Level One, as the leak put their intellectual property out in the open for anyone to find. Digital Trends has you covered with the full scoop if you want to learn more.
Security Keys Keep Google Phishing Free
In 2017 Google began implementing security keys to operate as Two-Factor-Authentication devices. Here’s how the keys work: a Google employee enters his password on a website, next they must insert their key into the USB port on the computer and click a button, then finally they will gain access to their website. The reason this has been so effective is that now if a hacker were to break into a Googler’s account, they would need to possess the original password in addition to the physical key. Since Google has made these keys common practice, none of their 85,000+ employees have fallen victim to phishing schemes. If you’re looking to pick a key up for yourself, the most popular consumer model is made by Yubico and only costs $20.
Editor’s Note: Thank you to reader Frank Spence for submitting this story. If you would like to submit a story for our newsletter you can email sam@jointoken.com.
Implement a Zero-Trust-Network
This week on the Token blog we discussed Zero-Trust-Networks. The guiding principle behind a ZTN is: never trust — always verify. The IT infrastructure segments groups or individuals, you only have access to files in your segments and must be granted permission each time you wish to access a file from another segment. The theory behind the network is that it will eliminate internal malware and virus threats since infected files will not be able to reach other members of the organization. The Zero-Trust-Network also exemplifies great consumer cybersecurity habits that should be taken on a day-to-day basis. To read the full post and learn more about ZTNs head on over to the Token Blog.
Thanks for reading this week’s Cybersecurity Review! Be sure to come back next week for all of the latest stories and news from the world of cybersecurity.
