Cyber Security Today – Be careful buying child GPS trackers, company exposes customer email and a report on crimeware

Be careful buying GPS trackers for keeping an eye on kids, a global company exposes customer email and a report on the extent of crimeware.

Welcome to Cyber Security Today. It’s Friday September 6th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

To hear the podcast click on the arrow below:

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

It’s a terrible thing to always have to worry where your children are and if they’re safe. But to meet this demand some electronics companies are selling GPS trackers kids carry — like a watch or a keychain fob — so you can keep an eye on them. Most send off a signal mom and dad can read off their cellphone or tablet through a mobile app. But these supposed helpers may come with security problems, says security vendor Avast. It studied 29 models made by a Chinese company and sold under different names and found problems.

First, the mobile app has to be downloaded from an unsecured website, exposing the users’ information. Second, design flaws in the trackers can also enable someone to fake the user’s location, or access the microphone for eavesdropping. Third, the default password is 123456, which can be hacked. As you all know, default passwords have to be changed. But Avast says as many as 600,000 buyers of these devices still use the default password. The takeaway: Don’t buy cheap or knock-off Internet-connected devices. And make sure if you have to download an app it comes from a reputable company whose website and online service are secure.

This week’s Ooopsy Award goes to DK-Lok, a South Korean manufacturer of industrial pipes, valves and fittings which sells products around the world. Why? Because security researchers at vpnMentor discovered an email database at the company hadn’t been properly protected from unauthorized Internet access. As a result researchers could read messages marked private and confidential between DK-Lok staff and customers in Canada, the U.S., Germany, France, Russia, Brazil and other countries. These messages included names, email addresses, product prices and quotes, project bids, travel arrangements and more. As the researchers note in a blog, this is bad for the company’s reputation. More so because the researchers’ warning emails to DK-Lok about the data breach seemed to be ignored.

Finally, with the regular reports of data breaches you may think police aren’t getting anywhere shutting down cybercrime. Well, now there’s some scientific evidence to back that up. A report this week from Chronicle, the cybersecurity unit of Google’s parent company, Alphabet, found that usually within six months of law enforcement action against crimeware gangs and their distribution infrastructure the amount of malware floating around the Internet goes back up. Despite the increasing number of arrests law enforcement operations are frequently hobbled by outdated laws and complex barriers to co-operation with the private sector, says the report. The report adds that it’s likely recent arrests are merely “culling the herd” of criminals that than impacting organized operations. The fact is crimeware — including stealing of data for resale and ransomware — is big business.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now