Blog

CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

Ready, aim … don’t shoot!

TrackingPoint makes a smart rifle that lets novices hit targets a half-mile away. Shooters digitally “tag” a target, then lock the trigger until the gun is positioned to nail it. It can connect to smartphones or tablets so someone can see what the shooter sees. But security researchers have found software flaws that would let anyone near enough for a Wi-Fi connection to remotely tinker with controls. In the worst case, a hacker could force a police sniper to miss while shooting at a criminal. Or a hacker could lock the rifle’s controls, rendering it useless. A hacker can’t make the rifle shoot on its own, and the barrel can’t be forced to move. But the bullet can. Source: CNN

Despite privacy laws, drones still draw interest …

A drone privacy law in Florida could have unintended consequences for insurers looking to use or insure unmanned aircraft systems technology. The Freedom from Unwarranted Surveillance Act prohibits a person, state agency or political unit from using a drone to capture an image of privately owned property or those on the property with the intent to conduct surveillance. The law requires that those using drone technology to surveil must have written consent from the people on the property if a reasonable expectation of privacy exists. Individuals who feel their privacy has been violated may sue for damages and injunctive relief and be awarded attorneys’ fees if they are successful. Despite such laws, insurance companies are still interested in using drone technology. Major insurers including State Farm, AIG, Liberty Mutual and USAA have gotten approval from the Federal Aviation Administration to test drones for their businesses. Source: Insurance Journal

sh_shooting drone_200

… and sometimes, they draw fire

A Kentucky man arrested for blasting a drone says he was protecting his property and the privacy of his daughters. When William Meredith’s two daughters complained of a drone flying over the house, he fetched a shotgun and shot it down. When the drone’s owners confronted him about the harm to the $1,800 drone, Meredith warned them to stand down or there would be another shooting. He’s in jail on charges of first-degree criminal mischief and wanton endangerment. But Meredith believes he had a right to do what he did. “He didn’t just fly over. If he had been moving and just kept moving, that would have been one thing—but when he come directly over our heads, and just hovered there, I felt like I had the right. You know, when you’re on your own property, within a six-foot privacy fence, you have the expectation of privacy,” he said. “To me, it was the same as trespassing.” Source: Fortune

Identity theft coming up fast

Buying a car and buying a house are the most complained-about transactions in an annual consumer survey, but identity theft is the fastest-growing issue people worry about. The survey was released by the Consumer Federation of America and North American Consumer Protection Investigators of state and local consumer protection officials. Referring to the “epidemic of data breaches” in recent months, Susan Grant, director of consumer protection and privacy at CFA, noted the “particularly fast-growing and troublesome” rash of stolen tax refunds. Providing identity theft insurance after the fact is not enough, Grant said. “What’s needed is to require better security for consumers’ personal information to keep it from being stolen and used in the first place.” Source: ABC News

sh_facial recognition_400

Tag, you’re it

When you are identified in a picture on Facebook, biometric software remembers your face so it can be “tagged” in other photographs. Facebook says this enhances the user experience. But privacy advocates say the technology—which was shut off in Europe and Canada after concerns were raised—should only be used with explicit permission. The U.S. government is participating in a working group to develop rules for companies using facial recognition—even if those are voluntary. “Face recognition data can be collected without a person’s knowledge,” said Jennifer Lynch, an attorney for the Electronic Frontier Foundation, a privacy rights group. “Tag suggestions make it easy for friends to tag each other in photos,” Facebook said in an emailed statement. “And when someone is alerted they’ve been tagged in a photo, it’s easier to take action, whether it’s commenting, contacting the person who shared it, or reporting it to Facebook.” Users can opt-out at any time, Facebook said, if they change their settings. Source: The Detroit News

Rolling out the defense, frustrated on offense

Businesses are accepting that they cannot repel every cyber attack on their systems but face challenges as they shift IT security budgets to respond to threats, says cyber-risk expert Ian Birdsey of Pinsent Masons, the law firm behind Out-Law.com. He said there are legal constraints on businesses wishing to “hack back” at cyber attackers, but questioned whether prosecutors in the United Kingdom would want to prosecute hackers. “Cyber risk was, until recently, seen by most businesses as a problem for the information security teams … where the focus was on preventing hackers from gaining access to systems and obtaining confidential business and customer data,” Birdsey said. “There is now widespread acceptance within the business community that it is impossible to defend their entire IT estate 100 percent of the time, and that security breaches will happen.” Source: Out-Law.com

sh_computer keyboard_400

Key to your identity

Security researchers have created a site that can profile users based on their keystroke patterns. After a training session that typically takes less than 10 minutes, the website can then determine when the same individual is conducting subsequent online sessions. Keystroke biometrics betray your identity because of the tiny pauses and hesitations unique to each individual that come between each keystroke. During World War II, British intelligence agents listening to German Morse code operators made profiles of the transmitters. The use of technology to create keystroke biometrics raises privacy concerns. “The risk may seem small when you consider one single website collecting this type of information,” said Runa Sandvik, an independent security researcher. “The real concern with behavioral profiling is when it is being done by multiple big websites owned by the same company or organization. The risk to anonymity and privacy is that you can profile me and log what I am doing on one page and then compare that to the profile you have built on another page. Suddenly, the IP address I’m using to connect to these two sites matters much less.” Source: Ars Technica

Cyber selection, not naturally

Sen. John McCain, R-Ariz., chairman of the Senate Armed Services Committee, is considering setting up a select committee on cyber issues due to what he called a growing threat from cyber attacks, such as the one that struck the Office of Personnel Management. “We actually have done almost nothing in the area of cyber in the Pentagon,” McCain said. “I intend to really focus a lot of the attention of the committee on the issue of cyber, and have been playing around with the idea of maybe we need a select committee.” Select committees are formed to focus on specific issues in greater detail than otherwise may be possible. Source: Defense News

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started