• Garrett O'Hara

    Garrett O’Hara is the Principal Technical Consultant at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies. When not talking about the cyber security landscape, data assurance approaches and business continuity Garrett can be found running, surfing or enjoying the many bars and eateries of Sydney's Northern Beaches.

    Comments:0

    Add comment
Garrett O'Hara

This month in security: December 2019

Content

China bans deepfakes, New Zealand introduces a new data privacy Bill, hackers make off with $1 million and O365 disruptions plague APAC.

China leads the charge against deepfakes by banning unauthorised deepfakes altogether, even though it’s getting harder and harder to identify them. We share our thoughts on the Chinese initiative and the deepfake menace as a whole.

 

New Zealand is levelling up its data privacy laws to bring them in line with a more interconnected world and the globalised nature of business today.

 

Meanwhile, we discuss a million-dollar heist carried out over email between a hacker and two unsuspecting companies.

 

China slaps a ban on unauthorised deepfakes

As reported by Reuters, the Chinese government is taking steps to regulate the use of deepfakes by enacting a set of anti-deepfake laws. The new regulations make it clear that any content created with AI or VR must be clearly and prominently labeled as such. The Cyberspace Administration of China pointed to the potential misuse of deepfake technology, noting it could “endanger national security, disrupt social stability, disrupt social order and infringe upon the legitimate rights and interests of others”.


Perspective

The threat from deepfakes is quite real. The underlying AI and machine learning technologies are advancing pretty quickly and creating convincing deepfakes is getting easier by the day. Some deepfake generators need only four seconds of voice samples to create a convincing fake. It’s easy to see how a few well-made deepfakes can spread like wildfire and influence public opinion on a massive scale. Though there are technological countermeasures available, and many more in development, the problem goes beyond just technology and so must its solution. We’re going to need both human awareness and technology to tame this particular beast.

 

New Zealand is revamping its national data privacy policy

New Zealand is proposing a new Privacy Bill to upgrade the country’s 1993 Privacy Act. Taking a cue from the European General Data Protection Regulation (GDPR) act, the new policy intends to strengthen the rules around data privacy and modernise regulations for businesses operating in and out of the country.
 

Perspective

The new privacy bill could have big ramifications for overseas companies operating with NZ partners. The rules make it very clear that offshore companies can’t claim that New Zealand privacy laws do not apply to them. Given their recent tussles with Facebook and Google, it stands to reason the NZ government would put in some framework in place for local and foreign data companies using their citizens’ data. This means NZ companies will need to do their due diligence to make sure they’re compliant. It’s a difficult process to be sure, but a necessary one given how much of our data is in the hands of private businesses.

 

O365 disruptions impact businesses across APAC


Microsoft Office O365 experienced its fifth outage this year, disrupting a number of businesses across various locations in the APAC region. Many businesses expressed annoyance as their O365 email service encountered unexpected queuing and delivery problems.
 

Perspective

Email isn’t really something most people worry too much about, that is until it goes down and cuts you off from work. Outages like this are a reminder of how operational dependency on any one environment is just asking for trouble. Any email service disruption, however big or small, can cost millions of dollars in lost productivity. Cyber resilience emerged for a reason and situations like this highlight why a cyber resilient approach might be a necessity for certain types of organisations.

 

An Israeli startup and Chinese VC firm scammed out of $1 million

 

An Israeli startup and Chinese VC firm lost $1 million in seed money to Chinese hackers who used spoofed emails and fake domains to trick representatives in both companies into carrying out a fraudulent wire transfer.
 

Perspective

Incidents like this show how easy it can be to trick people into giving up sensitive information. Even though both parties exchanged multiple emails, no one noticed or questioned anything out of the ordinary. All the technology in the world can’t help if it doesn’t take into account the end-user, their level of awareness and their behaviour. Any effective cybersecurity measures need to be supported by a company’s culture: it’s got to be ingrained in the way they work. That means investing in staff training and education. In the long run, that will save you and your company a lot more money than it would cost. Like a $1 million more.

 

Download Now: Cyber Resilience Preparedness. Expert Insight, Tips And Guidance

Principal Technical Consultant

Garrett O’Hara is the Principal Technical Consultant at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies. When not talking about the cyber security landscape, data assurance approaches and business continuity Garrett can be found running, surfing or enjoying the many bars and eateries of Sydney's Northern Beaches.

User Name
Garrett O'Hara