Security

More data lost or stolen in first half of 2017 than the whole of last year

That's 1.9 BEEELLION records – and just you wait till GDPR


More data records were leaked or stolen by miscreants during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion).

Digital security company Gemalto's Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are exposed or swiped every day.

During the first half of 2017 there were 918 reported data breaches worldwide, compared with 815 in the last six months of 2016, an increase of 13 per cent. A total 22 breaches in Q1 2017 included the compromise, theft or loss of more than a million records.

Gemalto estimates less than 1 per cent of the stolen, lost or compromised data used encryption to render the information useless.

Malicious outsiders (cybercriminals) made up the largest single source of data breaches (74 per cent) but accounted for only 13 per cent of all stolen, compromised or lost records. While malicious insider attacks only made up 8 per cent of all breaches, the amount of records compromised was 20 million, up from 500,000 in the previous six months.

North America still makes up the majority of all breaches and the number of compromised records, both above 86 per cent. The number of breaches in North America increased by 23 per cent with the number of records compromised increasing threefold (up 201 per cent).

Traditionally, North America has always had the largest number of publicly disclosed breaches and associated record numbers, although this may change somewhat next year when global data privacy regulations like the European General Data Protection Regulation (GDPR) and Australia's Privacy Amendment (Notifiable Data Breaches) Act come into play.

Europe only had 49 reported data breaches (5 per cent of all breaches), a 35 per cent decline from the six months before.

The UK had the second highest number of reported incidents after the US, with 40 (down from 43). A total of 28,331,861 data records were compromised in the UK in H1 2017 (up 130 per cent from H2 2016).

Half of data incidents in the UK involved a malicious outsider (50 per cent), with 38 per cent attributed to accidental loss. Two-thirds of the breaches in the UK are classified as identity theft (65 per cent).

Government was the single biggest source of security incidents with 12 in H1 2017, ahead of technology firms (seven) and healthcare (six).

The Breach Level Index, which has been running since 2013, benchmarks publicly disclosed data breaches.

As new regulations such as the UK's Data Protection Bill and GDPR come into effect, the numbers of disclosed breaches could skyrocket. ®

Send us news
15 Comments

How many Android containers can you fit on your VM?

The Register speaks to Canonical about running the OS in the cloud

Interview Developers targeting Android are spoiled for choice with their platforms.

There are a variety of options available for running Android application development environments these days. Even Microsoft has promised that its upcoming Windows 11 will eventually be able to run the apps on the desktop and has long since supported the mobile OS via its Your Phone app, even while smothering its ailing Windows Phone with a cuddly Android pillow.

For Canonical, however, Anbox remains a cloud product, according to Simon Fels, engineering manager and is therefore unlikely to feature in any desktop version of the company's Ubuntu distribution any time soon, although with September's announcement it will now cheerfully scale from the heights of the cloud down to a single Virtual Machine via the Appliance version.

Continue reading

Infosys admits it still hasn't fully fixed Indian tax portal

Deadline came and went, but over 750 'resources' are still hard at work

Infosys has admitted it has missed the Indian government's deadline to fix the tax portal it built, but which has been a glitchy mess since its June 2021 launch.

The portal was introduced to make filing taxes more efficient. It delivered the opposite – India's government was forced to extend filing deadlines amid user complaints that they found the portal impossible to use. The portal was even placed into "emergency maintenance" mode at one point, during which it was completely unavailable.

Infosys was shamed by ministers and on August 22nd was given a September 15th deadline to fix the portal.

Continue reading

Here's an idea: Verification for computer networks as well as chips and code

What tools are available? What are the benefits? Let's find out

Systems Approach In 1984, artificial intelligence was having a moment. There was enough optimism around it to inspire me to explore the role of AI in chip design for my undergraduate thesis, but there were also early signs that the optimism was unjustified.

The term “AI winter” was coined the same year and came to pass a few years later. But it was my interest in AI that led me to Edinburgh University for my PhD, where my thesis advisor (who worked in the computer science department and took a dim view of the completely separate department of artificial intelligence) encouraged me to focus on the chip design side of my research rather than AI. That turned out to be good advice at least to the extent that I missed the bursting of the AI bubble of the 1980s.

The outcome of all this was that I studied formal methods for hardware verification at a point in time where hardware description languages (HDLs) were just getting off the ground. These days, HDLs are a central part of chip design and formal verification of chip correctness has been used for about 20 years. I’m pretty sure my PhD had no impact on the industry – these changes were coming anyway.

Continue reading

Imagine a fiber optic cable that can sense it's about to be dug up and send a warning

Forget wiring cities with IoT devices – this could be how wide-scale sensing gets done

Imagine an optic fiber that can sense the presence of a nearby jackhammer and warn its owner that it is in danger of being dug up, just in time to tell diggers not to sink another shaft. Next, imagine that an entire city's installed base of fiber could be turned into sensors that will make planners think twice before installing IoT devices.

Next, stop imagining: the tech is real, already working, and was yesterday used to demonstrate the impact of an earthquake.

As explained to The Register by Mark Englund, CEO of FiberSense, the company uses techniques derived from sonar to sense vibrations in fiber cables. FiberSense shoots lasers down the cables and observes the backscatter as the long strands of glass react to their environment.

Continue reading

Unable to test every tourist and unable to turn them away, Greece used ML to pick visitors for COVID-19 checks

Inside the software built to figure out groups of potentially infected, asymptomatic passengers

Faced with limited resources in a pandemic, Greece turned to machine-learning software to decide which sorts of travelers to test for COVID-19 as they arrived in the country.

The system in question used reinforcement learning, specifically multi-armed bandit algorithms, to identify which potentially infected, asymptomatic passengers were worth testing and putting into quarantine if necessary. It also was able to produce up-to-date statistics on infections for officials to analyze, such as early signs of the emergence of COVID-19 hot spots abroad, we're told.

Nicknamed Eva, the software was put to use at all 40 of Greece's entry points from August 6 to November 1 last year. Incoming travelers were asked to fill out a questionnaire detailing the country and region they were coming from as well as their age and gender. Based on these characteristics, Eva selected whether they should be tested for COVID-19 upon arrival. At its peak, Eva was apparently processing between roughly 30,000 and 55,000 forms a day, each form representing a household, and about 10 to 20 per cent of households were tested.

Continue reading

Angry birds ground some Google Wing drones in Australia

Between COVID and corvids, locked-down Aussies can't catch a break - or a coffee lowered from the treetops

Some of Google parent company Alphabet's Wing delivery drones have been grounded by angry Australian birds.

As reported by the Australian Broadcasting Corporation, and filmed by residents of Canberra, ravens have attacked at least one of Wing's drones during a delivery run.

Canberra, Australia's capital city, is currently in COVID-caused lockdown. It's also coming into spring – a time when local birds become a menace in the leafy city. Magpies are a particular hazard because they swoop passers-by who they deem to be threateningly close to their nests and the eggs they contain. Being swooped is very little fun – magpies dive in, often from a blind spot, snapping their sharp beaks, and can return two or three times on a single run. Swooping is intimidating for walkers, and downright dangerous for cyclists.

Continue reading

Memory prices to dive in late 2022, says Gartner

Firm says 40 per cent of a server's bill of material costs are tied to memory

Prices for DRAM and NAND flash are set to fall, sharply, in the second half of 2022 according to analyst firm Gartner.

In a memo published last week and obtained by The Register, the firm predicts “oversupply” of memory chips will develop as demand eases and supply increases. A “significant price reduction” is therefore likely, the firm states, without offering a more precise estimate of how far prices will fall.

The memo appears to be is directed at hardware manufacturers and advises them to start designing products that use more memory or keep memory and price the same but add other components – better CPUs, batteries or screens are suggested - to keep overall bill of material costs the same while also making devices more attractive.

Continue reading

AWS announces new region in the Land of the Long White Cloud – New Zealand

Hopes three availability zones will be hobbit-forming for local businesses and government agencies

Amazon Web Services has announced it will build a Region in New Zealand and light it up by the year 2024.

The forthcoming Asia Pacific (Auckland) Region will feature three availability zones - a configuration AWS rarely exceeds.

The cloud colossus has said it will spend US$5.3 billion in New Zealand over the next 15 years, some of which will be capital expenditure on its new bit barns.

Continue reading

Microsoft wants you to know it hasn't forgotten about Surface

Laptops added or refreshed, and another go at making dual-screen phones a thing

Microsoft has introduced the Surface Laptop Studio, and if you mistook it for a tablet with a trackpad stand, you'd be forgiven.

The device was the last to be announced during a launch that was live-streamed on Wednesday. The event hyped up Windows 11 Surface PCs that are set to ship from October 5.

At first, the Surface Studio Laptop looks like a normal notebook, though the touchscreen can be pulled out to form a tent that covers the keyboard and leaves just the trackpad visible. The display can then be flattened over the keyboard and trackpad to put it into full tablet mode.

Continue reading

Square-shaped hole in workers' wallets after payment system fails at peak tip time

Unexplained service issue blamed after customers unable to leave gratuities electronically

Square's payment system malfunctioned over the weekend for several hours, a glitch that cost workers at affected businesses a meaningful portion of their earnings during the most lucrative day of the week.

The company's status page at IsSquareUp.com tells the clinical part of the story. There were multiple service issues on Saturday, September 18 that were resolved after a few hours. No technical details are provided.

The messier version played out in small businesses around the US as workers at coffee shops, nail salons, and other service-oriented ventures found their payment screens unable to accept tips – which amount to more than half of the earnings of waitstaff and bartenders, according to the National Employment Law project.

Continue reading

Zoom's $15bn merger with Five9 probed by Uncle Sam for national security risks

Vid-chat giant's ties to China under the microscope by AG-led panel

Zoom’s ties to China are at the center of a US government investigation into the video-conferencing giant's $15bn plan to take over Five9, a California call-center-in-the-cloud.

The snappily titled Committee for the Assessment of Foreign Participation in the United States Telecommunications Service Sector – known as Team Telecom under a previous president – is right now probing the planned acquisition. This interagency panel is chaired by Attorney General Merrick Garland, and has reps from the Pentagon and Homeland Security.

The FCC was reviewing an application [PDF] by Zoom and Five9 as part of the takeover bid until the regulator was asked by Justice Department official David Plotinsky to hold off until the committee had finished scrutinizing the overall deal.

Continue reading