Connect with us
BitStarz

News

Ecuador Data Breach: Records of Over 20 Million Users Exposed

Published

on

Ecuador Data Breach: Records of Over 20 Million Users Exposed

Following the outbreak of a number of cybersecurity mishaps in recent times. Ecuador as at Monday, 16th September, experienced a major data breach baring the personal information of almost all the population of Ecuador to unlicensed third-party agents. The leaked 18Gigabyte-sized data contained research documents and statistics on over 20 million individuals.

The leaked data encompasses such information as names, addresses, employment status, phone numbers, and national identity numbers. Derived from about 7.5 million personage financial and banking records, 2.5 million car ownership logs as well as detailed information on infant demography in the region, to the tune of 6.7 million children data.

According to the report released by ZDNet, this data infringement is believed to be as a result of carelessness on the part of the administrators of the IT consulting firm who allowed entry to the Elasticsearch server unchecked and without a password. Otherwise granting access to these records to anyone on the Internet.

In a statement issued by the Ministry of Telecommunications and Information Society on Monday. The Minister of telecommunications – Andrés Michelena Ayala announced that Novaestrat – the data analytics and IT consulting firm directly involved with the leaked data, and its employees are been placed under investigation upon the charges of privacy violation and distribution of private information to the general public without due authorization.

Subsequently, the Ecuadorian authorities swooped down on Williams Roberto G. – Director of Novaestrat. As the management at Novaestrat is been slapped with the allegations of accumulating these data illegally. Although a government-endorsed data analytics firm, since Novaestrat boasts of a number of contracts been awarded by the Ecuadorian government between 2015 to 2017. What is not actually known is whether the employees at Novaestrat intentionally broadcasted this data or perhaps it was a glitch on the company’s server-side handling. 

However, one certainty stands to be that these data are originally not supposed to be in the possession of the company who might have come across such data while working extensively with the government in the past. Inclined by the gravity of the data breach, the Ecuadorian government is set to take a giant leap towards implementing a stricter data privacy law with plans to pass this new law to the parliament within the next three days.

News

US-China Trade War: the US Continues To Fuel The Rivalry By Blacklisting 28 More Chinese Companies

Published

on

US-China Trade War the US Continues To Fuel The Rivalry By Blacklisting 28 More Chinese Companies

In the wake of the US-China trade war that has seen such technology companies as Huawei, Google, Hikvision, Megvii Technology, Tesla, iFlytek Co, NVIDIA, SenseTime, Dahua Technology, Intel Corp alongside a host of others experiencing a breach in trade due to the international trade restrictions.

And even though the trend of events that follows afterward may be detrimental to both nations on a long term basis including the global economy at large. The governments of the two largest economies in the world seem to be adamant towards admonishing the trade rift between them.

In furtherance, Donald Trump’s administration seems to be at the forefront of fueling the trade dispute since it bears the burden of initiating the tariff that started the trade war. In a press release on Monday, President Donald Trump accused Hong Kong of getting involved in anti-human practices against the Muslim community – particularly the Uighurs and other minority Muslims. By means of illegal surveillance feeds from top surveillance hardware companies as Hikvision and Dahua Technology, China was able to detain over a million Muslims. 

In light of this, Trump claims that the events in Xinjiang could pose a threat to countries involved in trade with the aforementioned companies, therefore the 28 list ban. Furthermore, the US imposed restrictions on China to the tune of over $360 billion in tariff on Chinese commodities as well as various other constraints on Chinese investments in the United States. With talks about limiting exportation services to China if they are not forthcoming, Trump added that;

“I think they’re coming to make a deal, It’s got to be a fair deal.”

In the ensuing trade-war, the US State Department also issued a visa embargo on some Chinese officials that Washinton termed as ‘committing acts that are unacceptable’. Following the course of these happenings, the US went on to amend the Export Administration Regulations (EAR). By increasing the number of Chinese entities banned from engaging in whatever form of trade with any company registered in the US as of Tuesday, 8th October. Hence the entity list was updated with 28 Chinese companies in addition to the six companies already present on the list.

Accordingly, Ted Bauman – An Economist and Expert Analyst at Banyan Hill Publishing, pinpoints these moves as a strategy employed by the US bureau towards subjecting the Chinese Government to utter pressure on multiple levels. From Bauman’s point of view, this comes as a notice to the upcoming trade talks between the two nations in Washington later this week. In addition, he added that the Chinese Government is ready and prepared to stretch the trade wars to greater lengths, asserting that;

“The latest blacklist announcement is consistent with the Trump administration’s strategy of seeking new sources of leverage in the ongoing trade negotiation. I don’t think it’s a coincidence that this announcement came hard on the heels of leaked reports that they are considering limiting U.S. investor capital flows to Chinese companies. It’s as if the administration has realized that the Chinese are not going to back down in the face of increased U.S. tariffs, so they are casting around for other ways to threaten the Chinese.” 

This new development has discouraged the trust that once existed in the trading sector on a global scale. Given that it has the potential to trim company return margins in both nations. As it subsequently encourages the Chinese Government to deter funding of Chinese companies by US Investors.

Even though the US seems to be nonchalant towards a conclusive detente, it is evident that the economic state of the country has been posed with more threatening effects than that of the Chinese. And as such the Xi Jinping administration recently aired its indifference with regards to the trade talks as it is not phased by whatever the outcome may be.

Continue Reading

News

CISA Prepares For Another ‘WannaCry’ Incident: Says Something Big is Coming to The Entire Cyber-Space

Published

on

CISA Prepares For Another ‘WannaCry’ Incident_ Says Something Big is Coming to The Entire Cyber-Space

According to Assistant Director Jeanette Manfra of the Cybersecurity and Infrastructure Security Agency (CISA) – A Division of the US Department of Homeland Security, there is an impending cyberattack of an even greater magnitude than the ‘2017 WannaCry Attack’ to be expected within the next few years.

As a branch of the Department of Homeland Security (DHS) focused mainly on cybersecurity, CISA becomes wholly in charge of protecting and increasing the security of critical government networks by means of collaborating with the private sector on a global scale. And as such any threat within the aforementioned jurisdiction falls under the responsibility of the agency. 

Just last week at the TechCrunch Disrupt in San Francisco, California, following a statement by Manfra who analyzed the current situation of cyberspace to be at a very vulnerable state. Elaborating further, the former Senior Counsellor to the Secretary of the DHS highlighted on the uncertainty of preventing such attacks in the near future but also emphasizes on the readiness of the department in the event of such occurrence. Stressing yet on the ‘WannaCry Attack’ she said;

“I don’t know that we could ever prevent something like that, we just have something that completely manifests itself as a worm. I think the original perpetrators didn’t expect probably that sort of impact.” 

Nonetheless, she also added that;

“Updating your patches would have prevented a good quantity of individuals from being a sufferer.”

The Bluekeep Glitch

All of these statements about a worldwide ransomware attack comes as a warning against a looming loophole in Bluekeep, which was detected a few months back. The ‘Bluekeep’ terminology was coined by another cybersecurity expert – Kevin Beaumont in a tweet, as it often leads to a Blue screen when exploited.

The Bluekeep glitch is a “wormable” vulnerability that was first reported sometime in May on Microsoft’s Remote Desktop Protocol (RDP) that allows for remote code execution. This bug was initially believed to be present in all unpatched versions of the NT-based Windows ranging from Windows 2000 through Windows Server 2008 R2.

While the much newer versions such as Windows 7 and all other versions upwards to Windows 10 were prone to the ‘Dejablue’ flaw. Subsequently, this error could compromise over a million internet-connected gadgets from all over the world that are connected and susceptible to Microsoft’s BlueKeep.

Although Bluekeep shares similar characteristics to other wormable viruses such as the NotPetya and WannaCry bug, all of which are capable of creeping into weak computer systems on a broader network. And given that the Bluekeep bug allows for remote access from unlicensed third-party agents, it is only a matter of time before ‘Black hackers’ exploits this vulnerability.

Notwithstanding, the Expert Cybersecurity Analyst – Manfra guarantees that extreme measures by the governments of multiple nations are underway to help manage such incidents if and when it happens.

Continue Reading

Trending