KW 28: Siemens and Nato continue cooperation, Racism debate over White Hat and Black Hat, US is looking at banning TikTok

NEWS

Siemens and Nato continue cooperation: Siemens Smart Infrastructure and the Nato Cooperative Cyber Defense Center of Excellence (CCDCOE) have signed a memorandum of understanding to continue the cooperation on cybersecurity for critical infrastructure. The CCDCOE organized annual cyber defense exercise Locked Shields provides a key pillar to jointly build up defense capabilities. With the new agreement, the parties advance their existing cooperation on cybersecurity training for power grids. In experimenting with grid control software Spectrum Power, Siemens gains valuable insights on the potential attack vectors and can thoroughly test new security features for its products. “Our long-term cooperation with Siemens in training the cyber experts to protect critical infrastructure in general and power grids in particular has been a major asset for the NATO CCDCOE technical cyber defense exercises,” said Colonel Jaak Tarien, Director of the NATO CCDCOE.
automation.com

Racism debate over White Hat and Black Hat: David Kleidermacher, who is Google’s VP of Android security and privacy, has ignited a debate in the cybersecurity industry over the use of potentially discriminatory language after withdrawing from the upcoming Black Hat USA virtual event in protest. Kleidermacher thanked the organizers of the long-running security conference but said it was time to change: “Black hat and white hat are terms that need to change. This has nothing to do with their original meaning, and it’s not about race alone – we also need sensible gender-neutral changes like PITM versus MITM,” he argued on Twitter. Many leapt to his defense: noted researcher Kevin Beaumont argued that more speakers and attendees should boycott Black Hat until the organizers change the name.
infosecurity-magazine.com

US is looking at banning TikTok: The United States could ban Chinese social media apps, including TikTok, Secretary of State Mike Pompeo said Monday. Pompeo suggested the possible move during an interview with Fox News’ Laura Ingraham, adding that the government was taking this very seriously. Washington’s top diplomat added that people should only download the app “if you want your private information in the hands of the Chinese Communist Party.” Pompeo’s remarks come during a time of heightened tensions between the United States and China, which have spilled over into several arenas including national security, trade and technology.
cnn.com

Coronavirus contact list can be viewed online: A data leak at Swiss startup Lunchgate has resulted in the customer data of almost 200,000 guests being accessible on the internet without protection. Swiss restaurants have to document some of their guests’ data in the current pandemic. The Zurich-based company added a tracing function to its reservation app “Foratable” aimed at the catering industry. However, everyone can access the data, not just the restaurant owners who use the app. Security company Modzero discovered the failure and pointed it out to Lunchgate. The startup claims to have fixed the problem on July 3rd. So far, there are no signs of misuse of the data.
golem.de

TMG reform: Last week, the German parliament passed a government draft for a reform of the Telemedia Act (TMG). The focus: providers of video sharing platforms like YouTube or Vimeo, but also social media apps like TikTok. In the future, these platforms will have to install a well-defined reporting and remedial procedure for user complaints regarding violations of advertising and youth protection regulations, in addition to the requirements for criminally relevant content. Providers must also incorporate a so-called “Notice & Action” mechanism for complaints about illegal content. Such content should be publically deleted immediately after notification, but should be saved for ten days as evidence. Additionally, the commercial processing of data that service providers collect for the protection of minors or otherwise is prohibited.
heise.de

Talks on gigabit funding apparently failed: The talks on gigabit funding between Germany’s Federal Ministry of Transport and Digital Infrastructure (BMVI) and the EU Commission have failed. What remains is the previously applicable funding threshold for the planned fiber optic funding in areas that are not supplied with gigabit. The result: a patchwork of individual streets and districts in gigabit expansion. In the end, residents of less well developed areas are left behind.
it-times.de

Cybersecurity: “Virtual NTT Summit Germany 2020” in September funkschau.de
Fritzbox: Big update starts n-tv.de
Smartphone: Adware prevents deletion of malicious files datensicherheit.de
Android: Protection leaves much to be desired it-markt.ch
IoT: The IoT is broken – frail but curable datensicherheit.de

NUMBER OF THE WEEK

69 percent of Germans have been more aware of their companies’ cybersecurity guidelines since the beginning of the coronavirus pandemic.
it-daily.net

BACKGROUND

Cybersecurity on vacation: It is important to protect oneself from cybersecurity risks, especially on vacation. Holidaymakers are currently at risk of fake coronavirus apps, but also when using the internet with mobile devices. Free WiFi connections in hotels or at tourist hotspots in particular are being manipulated by criminals in many places in order to access vacationers’ personal data. The rule of thumb is: Do not give out sensitive data or passwords to be able to connect to the internet.
wiwo.de

QUOTE

“We want to shape digitization – with confidence and a good mood.”
German Health Minister Jens Spahn has welcomed the recently passed Patient Data Protection Act (PDSG).
bundesgesundheitsministerium.de

SECURE?

SIM card could disappear: In the past decade, SIM cards have become smaller and smaller – and the card’s final end could soon be approaching. The eSIM for IoT devices could instead come to the fore – for companies it offers the advantage of being safer and more resilient. eSIM cards are intended to make networks in IoT ecosystems even more secure.
industry-of-things.de

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings