This week has seen Scotland turning its attention to the IoT, Facebook in the spotlight for yet more privacy breaches and the revelation of cyberattacks on the Indian space agency. If you have been busy admiring the fireworks and missed all that, our trusty roundup will bring you right up to date.
Scotland leading the way on IoT
This week saw the launch of an Internet of Things (IoT) accelerator programme in Scotland, aiming to develop new cybersecurity products. Led by CENSIS – the centre of excellence for sensing and imaging systems and IoT technologies – in partnership with the Scottish Government, the programme will help businesses and developers enhance the resilience of IoT networks and devices, through new products and approaches to cybersecurity.
Five companies will be selected for the six-month programme, which will include support from CENSIS and Scottish Enterprise to turn ideas into products and services. Workshops will be held for businesses from a range of sectors to find out more and begin to address challenges and identify opportunities within IoT.
As part of the programme, CENSIS has also partnered with Abertay University to deliver an IoT vulnerability study that will expose risks or flaws in the design of IoT devices, and outcomes will be used to develop or refine best-practice guidelines.
Facebook privacy flaw leaves groups exposed
Facebook has discovered a new privacy flaw that lets some app developers access data in Groups that they shouldn’t have. Following the Cambridge Analytica scandal the social network restricted how much information app developers could gather from Groups. However, it has now discovered that around 100 developers still have access to Group data, including people’s names and photos.
Like other social networks, Facebook has an API that lets app developers connect their own creations to Facebook. However, in 2018, Cambridge Analytica was found guilty of harvesting personal data from millions of people by creating a personality quiz on Facebook – it then used the data to target political advertising. Back in October, Facebook agreed to pay £500,000 for its role in the scandal.
Following this, Facebook restricted access to many of its APIs, including the one that let app developers connect to Groups on the social network. This meant that app developers could only access a group’s name, the number of members and the content of posts. They would only be able to access member names and photos if people explicitly opted in.
Earlier this week, Facebook revealed that around 100 "partners" retained access following the change. It went on to say that "at least" 11 developers had accessed the restricted information in the last 60 days. "Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained, and we will conduct audits to confirm that it has been deleted," Facebook said in a statement. Read more.
Indian space agency targeted in cyberattacks
The Indian space agency (ISOR) has revealed that it was subject to a cyberattack during its failed moon mission in September. It is thought the attack was part of a broader assault by North Korea, in which critical infrastructure was targeted.
According to a Mumbai based cybersecurity company, the ISOR was one of at least five government agencies, including India’s Atomic Energy Regulatory Board, to have been attacked in recent months. The Kudankulam nuclear plant in the southern state of Tamil Nadu was also targeted.
Indian authorities have claimed that rather than being a state-of-the-art attack, members of organisations were sent phishing emails which infected systems when recipients opened them and clicked on links.
What the attacks do show is that North Korea has potentially moved on to attacking infrastructure with the aim of either overcoming its own energy crisis or selling information to other countries such as Iran. However, security experts cautioned that while “unlikely”, a party posing as North Korea could be behind the attacks. The ISOR has said that the attack it faced during its moon mission had no impact on the eventual failure of the expedition.
Those were some of this week’s top stories but if you want more content, follow us across our four social media channels: