Connect with us

Internet

China Announces Mandatory Security Reviews for Companies’ Data Exports From September 1

Avatar

Published

on

By Reuters | Updated: 7 July 2022

China’s cyberspace regulator on Thursday said that rules requiring data exports to undergo security reviews would be effective from September 1, the first time it has given a start date for a new regulatory framework that will affect hundreds, if not thousands, of Chinese companies.

The details of a new compulsory security review to be carried out by the Cyberspace Administration of China (CAC), which will be used to determine whether large quantities of Chinese user data in the possession of a private entity can be sent overseas, were also finalised and published on Thursday, the regulator said in a statement on its official WeChat account.

While much of what the security review will entail was already laid out by the CAC in draft rules published last October, the final version published on Thursday adds an important detail.

China’s cyberspace regulator on Thursday said that rules requiring data exports to undergo security reviews would be effective from September 1, the first time it has given a start date for a new regulatory framework that will affect hundreds, if not thousands, of Chinese companies.

The details of a new compulsory security review to be carried out by the Cyberspace Administration of China (CAC), which will be used to determine whether large quantities of Chinese user data in the possession of a private entity can be sent overseas, were also finalised and published on Thursday, the regulator said in a statement on its official WeChat account.

While much of what the security review will entail was already laid out by the CAC in draft rules published last October, the final version published on Thursday adds an important detail.

“Clarifying the specific provisions of the data export security review is necessary to promote the healthy development of the digital economy, prevent and resolve cross-border data security risks, safeguard national security and the societal and public interest,” CAC said on Thursday.

China’s concerns regarding overseas data exports have recently bruised a number of Chinese companies.

The CAC launched cybersecurity reviews into Chinese companies Full Truck Alliance, Kanzhun Ltd, and ride-hailing giant Didi Global in July last year, ordering them to stop registering new users, citing national security and the public interest.

While Full Truck Alliance and Kanzhun announced the resumption of new user registration last week and said it had “rectified” the issues identified by the CAC’s probe, Didi has yet to make a similar announcement.

© Thomson Reuters 2022

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet

China-Based APT41 Hacker Group Stole $20 Million Worth of US COVID-19 Relief Funds: Report

Avatar

Published

on

Other federal investigations of pandemic fraud reportedly seem to point back to foreign state-affiliated hackers.
By ANI | Updated: 8 December 2022

China-based hackers stole at least $20 million (roughly Rs. 165 crore) in US Covid relief benefits, including unemployment insurance funds and Small Business Administration loans, NBC news reported citing the country’s Secret Service. Hackers linked to the Chinese government are from a Chengdu-based group known as APT41. The report said other federal investigations of pandemic fraud also seem to point back to foreign state-affiliated hackers. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service, told NBC. The US Secret Service declined to confirm the scope of other investigations.

They said there are over 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, and APT41 is “a notable player,” according to NBC news.

In recent months, the US has witnessed a rise in espionage cases emanating from China.

Last month, in three separate cases, the US government charged 13 individuals, including members of China’s security and intelligence apparatus and their agents, for alleged efforts to unlawfully exert influence in the United States for the benefit of their government.

“As these cases demonstrate, the government of China sought to interfere with the rights and freedoms of individuals in the United States and to undermine our judicial system that protects those rights. They did not succeed,” said US Attorney General Merrick B. Garland, as quoted in the Justice Department press statement.

“The Justice Department will not tolerate attempts by any foreign power to undermine the Rule of Law upon which our democracy is based. We will continue to fiercely protect the rights guaranteed to everyone in our country. And we will defend the integrity of our institutions,” Garland added.

Seven Chinese nationals were charged – two of whom were arrested on October 20 in New York – with participating in a scheme to cause the forced repatriation of a PRC national residing in the United States.

The defendants are accused of conducting surveillance of and engaging in a campaign to harass and coerce a US resident to return to Beijing as part of an international extralegal repatriation effort known as “Operation Fox Hunt.”

Continue Reading

Internet

Data of 6 Lakh Indians Stolen, Sold on Bot Markets So Far; Around 50 Lakh Users Affected Globally, Study Shows

Avatar

Published

on

A study of three major bot markets found stolen logins including those from Google, Microsoft and Facebook accounts.
By Reuters | Updated: 8 December 2022

Around five million people globally have had their data stolen and sold on the bot market to date, of which 6 lakh are from India, making it the worst affected country, according to one of the world’s largest VPN service providers NordVPN.

Bot markets are used by hackers to sell stolen data from victims’ devices with bot malware.

The study by NordVPN, of Lithuania’s Nord Security, said the stolen data included user logins, cookies, digital fingerprints, screenshots and other information, with the average price for the digital identity of a person pegged at Rs. 490.

NordVPN tracked data for the past four years, ever since bot markets were launched in 2018.

India has been dealing with cyber security concerns for a while. As recently as last month, multiple servers of the All India Institute of Medical Sciences (AIIMS), a federal government hospital that caters to ministers, politicians and the general public, were infected on November 23, a senior police official told Reuters.

A week after the ransomware attack on AIIMS, the Indian Council of Medical Research (ICMR) faced around 6,000 hacking attempts within 24 hours on November 30, Times of India reported.

Indian cybersecurity rules have tightened only earlier this year, with the Indian Computer Emergency Response Team (CERT) requiring tech companies to report data breaches within six hours of noticing such incidents and to maintain IT and communications logs for six months.

NordVPN’s study looked into three major bot markets — the Genesis market, the Russian Market, and 2Easy — and found stolen logins including those from Google, Microsoft and Facebook accounts.

“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place,” said Marijus Briedis, chief technology officer at NordVPN.

“And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot.”

Researchers of NordVPN found 667 million cookies, 81,000 digital fingerprints, 5,38,000 auto-fill forms, numerous device screenshots, and webcam snaps in their study.

© Thomson Reuters 2022

Continue Reading

Internet

AIIMS Delhi Cyberattack Highlights Security Risks, Online Operations Resume After Two Weeks

Avatar

Published

on

The AIIMS Delhi attack was followed by a series of failed attempts to hack the ICMR, the country's top medical research organisation.
By Associated Press | Updated: 8 December 2022

AIIMS Delhi, the leading hospital in the national capital limped back to normalcy on Wednesday after a cyberattack crippled its operations for nearly two weeks. Online registration of patients resumed Tuesday after the hospital was able to access its server and recover lost data. The hospital worked with federal authorities to restore the system and strengthen its defences.

It’s unclear who conducted the November 23 attack on the All India Institute of Medical Sciences or where it originated. Hospital authorities didn’t respond to requests for comment.

The attack was followed by a series of failed attempts to hack the country’s top medical research organisation, the Indian Council of Medical Research. This raised further concerns about the vulnerability of the country’s health system to attacks at a time when the government is pushing hospitals to digitise their records.

More than 173,000 hospitals have registered with a federal program to digitise health records since its launch in September 2021. The program assigns patients numbers that are linked to medical information stored by hospitals on their own servers or in cloud-based storage. Experts fear that hospitals may not have the expertise to ensure digital security.

“Digitising an entire health care system without really safeguarding it can pretty much kill an entire hospital. It suddenly stops functioning,” said Srinivas Kodali, a researcher with the Free Software Movement of India.

That is what happened to the hospital in New Delhi. Healthcare workers couldn’t access patient reports because the servers that store laboratory data and patient records had been hacked and corrupted.

The hospital normally treats thousands of people a day, many of whom travel from distant places to access affordable care. Always crowded, queues at the hospital grew even longer and more chaotic.

“The entire system isn’t working because of the hack,” said Deep Ranjan, who came to New Delhi from north-eastern Assam state. He said he had spent five days waiting in line and still has not seen a doctor.

Sandeep Kumar, who accompanied his ill father, said the digital attack meant that appointments couldn’t be booked online, and that doctors could do little when they saw patients because they couldn’t access their medical history.

“We are digitising (everything), but then there is an attack on the country’s most important medical institute,” he said.

On November 30, there were repeated but ultimately unsuccessful attempts to breach the website of the Indian Council of Medical Research, the Press Trust of India news agency reported.

The attack on the hospital raised “serious questions about the cybersecurity of the country,” said K.C. Venugopal, a member of Parliament from the main opposition Congress party.

The government drafted a proposed law governing data privacy last month, but critics say it offers few safeguards to people. It has not yet been passed by Parliament.

Continue Reading

Internet

Google Asked to Drop Ads of Online Betting Firms in YouTube, Search Results: Report

Avatar

Published

on

Google was reportedly asked to remove direct or surrogate ads for betting platforms like Fairplay, PariMatch, and Betway.
By Reuters | Updated: 7 December 2022

Google has been asked by the government not to display surrogate ads of overseas betting companies, Mint newspaper reported on Wednesday, citing a person aware of the development in the ministry of information and broadcasting.

The letter sent last week to Alphabet’s Google India asked the company to immediately drop all advertising, direct or surrogate, from betting platforms like Fairplay, PariMatch, Betway in search results and YouTube, the report said.

India’s planned regulation of online gaming will apply to all real-money games after the prime minister’s office overruled a proposal to only regulate games of skill and leave out games of chance, Reuters reported on December 4, citing a government document and three sources.

“After our last advisory on 3 October, TV channels and OTT (over-the-top) players stopped showing surrogate ads of online betting firms, but it was brought to our notice that many such ads are running on YouTube and Google. We have asked Google to stop this immediately,” said a senior ministry official to Mint.

Google did not immediately respond to Reuters request for comment.

India should create a regulatory body to classify online games as based on skill or chance, introduce rules to block prohibited formats and take a stricter stance on gambling websites, a government panel stated in a draft report seen by Reuters earlier in September.

Reuters reported on Tuesday that a panel of state finance ministers was yet to submit its report on taxation of the booming online gaming sector that is crucial to a final decision on how the levies should be imposed, citing a senior government official.

The panel has for weeks been deliberating how it should tax online gaming companies — and whether federal tax should be imposed on only the profits of firms or on the value of the entire pool of money collected from participants.

© Thomson Reuters 2022

Continue Reading

Internet

New Zealand Plans to Introduce Law to Make Google, Facebook Pay Local Outlets for News

Avatar

Published

on

New Zealand is planning legislation to compensate news outlets that is modelled on similar laws passed in Australia and Canada.
By Reuters | Updated: 5 December 2022

The New Zealand government said it will introduce a law that will require big online digital companies such as Alphabet’s Google and Meta to pay New Zealand media companies for the local news content that appears on their feeds.

Minister of Broadcasting Willie Jackson said in a statement on Sunday that the legislation will be modelled on similar laws in Australia and Canada and he hoped it would act as an incentive for the digital platforms to reach deals with local news outlets.

“New Zealand news media, particularly small regional and community newspapers, are struggling to remain financially viable as more advertising moves online,” Jackson said. “It is critical that those benefiting from their news content actually pay for it.”

The new legislation will go to a vote in parliament where the governing Labour Party’s majority is expected to pass it.

Australia introduced a law in 2021 that gave the government power to make internet companies negotiate content supply deals with media outlets. A review released by the Australian government last week found it largely worked.

The law, which took effect in March 2021 after talks with the big tech firms led to a brief shutdown of Facebook news feeds in Australia, may need to be extended to other online platforms, the review said.

Since the News Media Bargaining Code took effect, the tech firms had inked more than 30 deals with media outlets compensating them for the content which generated clicks and advertising dollars, said the Treasury Department report, published last week.

The report mostly recommended that the government consider new methods of assessing the administration and effectiveness of the law, and did not suggest changing the law itself.

“At least some of these agreements have enabled news businesses to, in particular, employ additional journalists and make other valuable investments to assist their operations,” said the report. “While views on the success or otherwise of the Code will invariably differ, we consider it is reasonable to conclude that the Code has been a success to date.”

© Thomson Reuters 2022

Continue Reading

Internet

Google CEO Sundar Pichai Pays Tribute to Indian Roots on Being Honoured With Padma Bhushan

Avatar

Published

on

Google this year added 24 new languages to its translation service using a new advancement in machine learning.
By Press Trust of India | Updated: 3 December 2022

“India is a part of me and I carry it with me wherever I go,” Google and Alphabet CEO Sundar Pichai has said, as he received the prestigious Padma Bhushan award from the Indian envoy to the US.

Indian-American Pichai was awarded the Padma Bhushan for 2022 in the Trade and Industry category. The Madurai-born Pichai was named one of the 17 awardees earlier this year.

He received India’s third-highest civilian award in the presence of his close family members in San Francisco on Friday.

“I am deeply grateful to the Indian government and the people of India for this immense honour. It is incredibly meaningful to be honoured in this way by the country that shaped me,” 50-year-old Pichai said while accepting the award from India’s Ambassador to the US, Taranjit Singh Sandhu.

“India is a part of me. I carry it with me wherever I go. (Unlike this beautiful award which I will keep somewhere safe),” he said.

“I was fortunate to grow up in a family that cherished learning and knowledge, with parents who sacrificed a lot to make sure I had opportunities to explore my interests,” Pichai said.

India’s Consul General in San Francisco, T V Nagendra Prasad, was also present during the event.

Sandhu said that Pichai represented the limitless possibilities of technology for transformation.

“He has been making commendable efforts towards making digital tools, and skills accessible to across various segments of the society in different parts of the globe,” he said.

Recalling Prime Minister Narendra Modi’s vision of technology that combines 3Ss – speed, simplicity and service, Sandhu hoped that Google would make full use of the digital revolution happening in India.

Pichai said that it had been amazing to return to India many times over the years to see the rapid pace of technological change.

The innovations created in India are benefitting people around the world – from digital payments to voice technology, he said.

“I look forward to continuing the great partnership between Google and India, as we work together to bring the benefits of technology to more people,” he said.

Businesses are seizing the opportunities for digital transformation, and more people have access to the internet than ever before, including in rural villages, Pichai said.

“Prime Minister Modi’s Digital India vision has certainly been an accelerator for that progress and I’m proud that Google continues to invest in India, partnering with governments, businesses, and communities over two transformative decades,” he said.

“Every new technology that arrived at our doorstep made our lives better. And that experience put me on a path to Google, and the chance to help build technology that improves the lives of people all over the world,” he said.

Pichai said he sees so much opportunity ahead.

On India taking over the G20 presidency, Pichai said: “It’s an amazing opportunity to build consensus on strengthening the global economy by advancing an internet that is open, connected, secure, and works for everyone. That’s a goal we share, and are committed to advancing with you.” India formally assumed the G20 Presidency on Thursday.

“I am grateful for the opportunity to do this work together and bring the benefits of technology to more people,” Pichai said.

Google this year added 24 new languages to its translation service using a new advancement in machine learning. Eight of them are languages native to India.

“It means so much to see how people can access information and knowledge in their preferred language, and see the world open up to them in new ways. That’s why I continue to be so optimistic about technology, and why I believe India can and must continue to lead,” he added.

Continue Reading

Trending