Apple Fights UK Over Encryption Backdoors as US Officials Warn of Privacy Violations

Apple Fights UK Over Encryption Backdoors as US Officials Warn of Privacy Violations

Image: garloon/Envato Images Senior officials from the U.K. have privately met with their U.S. counterparts to clarify that their request for access to encrypted data in Apple’s iCloud is not a blanket demand; instead, they are seeking access solely to data linked to individuals already involved in crimes such as terrorism, according to Bloomberg. People familiar with the matter told the publication that the British officials emphasized separate warrants would be required for each access…

Read More

Apple Taking Legal Action Against UK Over Backdoor Demands

Apple Taking Legal Action Against UK Over Backdoor Demands

Image: TheClimateGroup/Creative Commons (2014) Apple is taking legal action against the U.K. government over demands to weaken its strongest cloud security measures, arguing that compliance would jeopardize user privacy and set a dangerous precedence. The Cupertino giant has taken the case to the Investigatory Powers Tribunal, the U.K.’s judicial body responsible for handling complaints regarding the use of surveillance powers by public authorities. It is challenging the legality of the Home Office’s order under the…

Read More

Cyber Attack Severity Rating System Established in U.K.

Cyber Attack Severity Rating System Established in U.K.

A new rating system in the U.K. will classify the severity of cyberattacks on a scale from one to five, aiming to provide businesses and policymakers with more precise insights into the impact of cyber threats. The Cyber Monitoring Centre, an independent nonprofit organisation of industry experts, will assess incidents in real time and publish results for free. The system is designed to be easily understood, similar to the Saffir-Simpson hurricane scale, which categorises hurricanes…

Read More

U.K. Announces 'World-First' Cyber Code of Practice

U.K. Announces 'World-First' Cyber Code of Practice

The U.K. government has introduced its “world-first” AI Cyber Code of Practice for companies developing AI systems. The voluntary framework outlines 13 principles designed to mitigate risks such as AI-driven cyberattacks, system failures, and data vulnerabilities. The voluntary code applies to developers, system operators, and data custodians at organisations that create, deploy, or manage AI systems. AI vendors that only sell models or components fall under other relevant guidelines. “From securing AI systems against hacking…

Read More

UK Considers Banning Ransomware Payments

UK Considers Banning Ransomware Payments

The U.K. government is considering banning ransomware payments to make critical industries “unattractive targets for criminals.” It would apply to all public sector bodies and critical national infrastructure, which includes NHS trusts, schools, local councils, and data centres. Currently, all government departments nationwide are banned from paying cyber criminals to decrypt their data or prevent it from being leaked. This rule intends to protect the services and infrastructure the British public relies on from financial…

Read More

UK Cyber Risks Are ‘Widely Underestimated,’ Warns Security Chief

UK Cyber Risks Are ‘Widely Underestimated,’ Warns Security Chief

In his first speech on Tuesday, the new head of the U.K.’s National Cyber Security Centre warned that the country’s cyber risks are “widely underestimated.” Richard Horne, who took the position in October, says that hostile activity has “increased in frequency, sophistication and intensity,” largely from foreign actors in Russia and China. He highlighted the ransomware attacks on the British Library and pathology company Synnovis, which disrupted the NHS, illustrating a dependence on technology for…

Read More

Starbucks, Supermarkets Targeted in Ransomware Attack

Starbucks, Supermarkets Targeted in Ransomware Attack

Starbucks and several major U.K. supermarkets experienced disruption due to a ransomware attack on the prominent supply chain software provider Blue Yonder. The company disclosed the incident on Thursday, Nov. 21, and it was still working to restore services the following Monday. The disruption to the Blue Yonder platform prevented Starbucks from paying its baristas and managing their schedules, according to the Wall Street Journal. As a result, cafe managers had to manually calculate their…

Read More

Unlocking the Future Through the Industrial Strategy: A Policy Blueprint for the UK's Digital Transformation

Unlocking the Future Through the Industrial Strategy: A Policy Blueprint for the UK's Digital Transformation

In today’s fast-paced, technology-driven world, the UK stands at a critical juncture. The Industrial Strategy presents an opportunity to weave digital technologies as the golden thread through the UK’s economic plan. Moulding an economy that is fit for the modern world—with digital connectivity and skills as the cornerstone of economic growth—can spearhead efforts to secure the nation’s competitive edge in the industries of the future. With strategic direction and support from government, coupled with investment…

Read More

1.1 Million UK NHS Employee Records Exposed

1.1 Million UK NHS Employee Records Exposed

Over a million NHS employee records — including email addresses, phone numbers, and home addresses — were exposed online due to a misconfiguration of the low-code website builder Microsoft Power Pages. In September, researchers with the software-as-a-service security platform AppOmni identified a large shared business service provider for the NHS that was allowing unauthorised access to sensitive data through insecure permission settings on Power Pages. Specifically, the permissions on some tables and columns in Power…

Read More

NIS 2 Compliance Deadline Approaches: What You Need To Know

NIS 2 Compliance Deadline Approaches: What You Need To Know

On Oct. 17, the Network and Information Security 2 Directive takes effect. This means that relevant entities in industries such as energy, transport, water, healthcare, and digital infrastructure that carry out activities within the E.U. must comply with the relevant legislation. NIS 2, which was approved by the European Parliament in November 2022, aims to establish a consistent, minimum cybersecurity baseline across all E.U. member states, involving mandatory security measures and reporting procedures. Organisations subject…

Read More
1 2 3