Morning Security Brief: Chinese Cyber Attacks, Google Readies a Settlement for Data Collection, And More
The U.S. National Security Adviser warns China regarding cyber attacks, Google readies a settlement in a case alleging the company stole personal information through its Street View cars, and a company finds vulnerabilities in the iOS system.
►U.S. National Security Adviser Tom Donilon spoke out yesterday about the Chinese cyber threat. Donilon stated that the United States needs China to acknowledge the urgency, scope, and risk of attacks emanating from China; to take steps to investigate and stop the activities; and to engage in a dialogue with the United States about establishing acceptable cyberspace behavioral norms. Reuters reports that China offered today to discuss cybersecurity with the United States. According to the article, "A U.S. computer security company said last month that a secretive Chinese military unit was likely behind a series of hacking attacks mostly targeting the United States."
► All Things Digital reports that Google is nearing a $7 million settlement with 30 states' attorneys general over its controversial Street View data collection. Google's Street View cars had collected user personal data (referred to as "payload data") through open Wi-Fi networks. Google admitted that the system that collected the data was designed by a "rogue engineer." A Federal Communications Commission report from last year found that Google was knowingly collecting the data, though the company had said the collection was a mistake and they did not plan on using it.
► Apple's iOS system is not immune to malware attacks, says a new report out of Skycure Security . According to a Skycure blog post, iOS profiles, known as mobileconfig files, which allow configuration of various system settings on iOS devices, such as e-mail and wireless, can be used by malicious attackers to circumvent security. Skycure provides some tips on avoiding such attacks.