Potential Changes to ‘Cookies’
As part of the Government’s proposed changes to data protection laws, one of the areas that would see changes is the practices around cookie consent. Currently, when you visit a website, a cookie pop up ‘pops up’ on your screen asking you to consent to the different types of cookies that the website wants to use.
The information that organizations may want to collect on you whilst you’re using their website are things like your location, the pages you have visited, the type of device you are using, as well as where you visit after leaving their website. Whilst this may seem intrusive, cookies are actually vital to a certain extent. For example, when shopping, a certain cookie is needed so that the website remembers what you have in your basket each time you visit a new area of the website. Cookies are also used for giving you a version of the website that is tailored to your interests.
Under the government’s proposed changes however, the cookie pop ups would be replaced with one singular setting that users would apply to a browser as a whole. But the TechUK trade association says there are "outstanding questions" around exactly how the UK's alternative would work, suggesting more consultation is needed.
And privacy campaigners the Open Rights Group are outraged it might involve opting out of tracking, rather than opting in, saying this wrongly places the onus on individuals preventing, rather than permitting, their online lives being monitored.
It stands to be seen whether any adaptations are made to the planned changes to cookie consent, however it is clear that despite the change, there are still concerns as to the message it might send should users be required to take away consent, as opposed to having the option to provide it in the first place.
NHS warns public of scam Covid-test text messages
People have been experiencing a new scam where they receive a text message that falsely tells them that they have been in close contact with someone who has tested positive for Coronavirus, prompting them to order a test kit. Using the still prominent concerts that people have about the pandemic, cyber criminals are finding success in these scam text messages, where people are inputting their financial and personal data. NCSC has stated that should you receive a suspicious text message, you should forward the message to ‘7726’. For any suspicious emails, you should forward the email to ‘
One tool that the NCSC has adopted to combat online scams is the ‘Suspicious Email Reporting Service’, which was created with the City of London Police. The service aims to identify dangerous sites and take them down, and helps the City of London Police assess new patterns in online cyber attacks. As a result of the service, the public have reported 12 million ‘red flags’ to highlight potential phishing attacks, and over 80,000 scams being removed from the internet.
Microsoft senior warns an increase in supply chain attacks is likely
The head of Microsoft Security Response Center Aanchal Gupta has warned that an increasing reliance on third party software means that supply chain attacks, as seen in the SolarWinds, Kaseya and Log4j attacks, are likely to grow over time.
As organisations across the world rely more on third-party and open-source software, cyber criminals benefit, as they can find unpatched vulnerabilities and exploit them.
The NCSC has guidance for organisations, based on twelve principles, to help establish effective control of supply chains.