Feb 202019
 

Danny Bradbury reports:

The average ransomware payment is growing as criminals become more sophisticated in their attacks, according to a report released by ransomware incident response company Coveware.

According to Coveware’s Q4 2018 Global Ransomware Marketplace Report, the average ransom increased by 13% to $6733 in Q4 2018 compared to Q3’s $5973.

It’s difficult to judge the statistical margin of error for these figures because the company, which bases the data on ransomware cases handled by its support team, doesn’t divulge the exact number of ransomware cases that it has dealt with. However, it says that the increase is probably down to the more targeted nature of recent attacks.

Read more on Infosecurity Magazine.

Feb 202019
 

Ertuğrul Can Canbolat LL.M., Baran Can Yildirim, LL.M. and S. İrem Akin of Actecon write:

Article 12 of the Turkish Data Protection Law No. 6698 (“TurkishData Protection Law“) entitled “Obligations Regarding Data Security” deals with the obligations of the data controller.

Article 12/1 of the Turkish Data Protection Law states the data controller shall take all necessary technical and organizational measures to provide a sufficient level of security. In addition, Article 12/5 of the Law obliges the data controller to notify the Board of Protection Personal Data (“Board“) as well as data subjects in case personal data is acquired through unlawful means by stating that “in case processed personal data are acquired by others through unlawful means, the data controller shall notify the data subject and the Board of such situation as soon as possible. The Board, if necessary, may declare such situation on its website or by other means which it deems appropriate.”

Read more on Mondaq.

h/t, @CampusCodi

Feb 192019
 

Jennie Russell reports:

Alberta’s privacy commissioner is investigating whether Alberta Health Services properly safeguards the public’s personal health information after CBC News revealed the electronic system housing it was vulnerable to outside security threats.

A 2018 assessment by an external security firm found several “significant risks” with the health authority’s administration of the Alberta Netcare Portal. The system gives health-care providers access to key information from a patient’s medical file, such as laboratory test results and hospital visits.

Read more on CBC.

Feb 172019
 

emptywheel writes:

JP Stadtmueller, the judge who will preside over MalwareTech (Marcus Hutchins’) case, last week denied his pretrial motions to get his post-arrest interview and all the charges of his indictment thrown out.

So right, that’s not great news for Marcus, or even good news. But to get a better understanding of how the case is shaping up, read emptywheel’s analysis and commentary on her blog.

Feb 172019
 

ENS Economic Bureau reports:

Amid rising instances of fraud using the Unified Payment Interface (UPI) platform, the Reserve Bank of India has cautioned all banks and payment system operators about a new modus operandi allegedly used by scammers to target customer phones.

In an alert dated February 14, the cyber security and IT examination cell of the central bank said that a mobile application called ‘AnyDesk’ was allegedly being used by fraudsters to access data on mobile devices. Once the app is installed on customer phones, it seeks permission to access controls of the phone, like all other applications.

Read more on New Indian Express.