Welcome to the latest round-up of cybersecurity stories from NetReporter Senior Contributor Davey Winder. Davey is a 30-year veteran of cybersecurity journalism. A Senior Contributor to forbes.com and Contributing Editor of PC Pro magazine, Davey is the only three-time winner of the ‘Security Journalist of the Year’ award.
The big cybersecurity news story of recent weeks has to be Operation Venetic. This Europol coordination investigation into organised crime, involving the compromise of an encrypted communications network, has resulted in the biggest ever law enforcement operation ever seen in the United Kingdom. That 746 people have been arrested and £54 million in ‘criminal cash’ seized is great, that an encrypted communications network was compromised by law enforcement could yet prove to be problematical for the future of encryption.
If there is one truism when it comes to the life of a cybersecurity journalist then it’s this: every week is full of learning and surprise. Recent weeks have served to prove this point very nicely indeed. I learned, for example, that hackers can now use an ordinary light bulb to spy on private conversations from 25 metres away. Researchers based at the Ben-Gurion University of the Negev (BGU) and the Weizmann Institute of Science in Israel didn’t even need a network-connected smart bulb to pull this one off, although a telescope and an electro-optical sensor were required. And this is new, even though the notion of using lasers to measure vibrations on windows has been a military spook thing for decades now. This light bulb hack doesn’t use lasers and is totally passive. And totally mind-blowing, well worth reading about if your cybersecurity interests extend beyond the normal network incidents, as they should.
And talking of normal network incidents, I learned that the average enterprise security team will employ 45 different tools and use 19 of them to respond to any given security incident. That sounds a crazy number to me, and research by the Ponemon Institute would only serve to confirm my suspicions. The latest Cyber Resilient Organisation Report, found that the more tools an enterprise uses, the less effective incident detection and response will be. The magic number being 50: this is where negative performance benchmarking starts kicking in.
I will finish my news round-up with another surprising story: your screen resolution can be used to block malware attacks. Security researchers have spotted that one particularly dangerous malware threat, Trickbot, will terminate itself depending on the screen resolution of the system it’s executing on. This is both good and bad news for security teams and threat researchers.