arrested its founder. Two years later, Chinese police announced that they would start enforcing laws banning the “unauthorized disclosure” of vulnerabilities. That same year, Chinese hackers, who were a regular presence at big Western hacking conventions, stopped showing up, on state orders.

“If they continue to maintain this level of access, with the control that they have, their intelligence community is going to benefit,” Mr. Kurtz said of China. “It’s an arms race in cyber.”

View Source

>>> Don’t Miss Today’s BEST Amazon Deals! <<<<

A Phishing Test Promised Workers a Covid Bonus. Now They Want an Apology.

A report released this week by Britain’s National Cyber Security Centre showed a 15-fold increase in the number of scams removed from the internet, and said the agency had taken more fraudulent sites offline in the past year than in the previous three years combined.

In the first quarter of this year, according to government statistics, almost 40 percent of businesses in Britain reported digital breaches or attacks, with an average cost for medium to large firms of around 13,400 pounds, or $18,800. And the cost of a serious breach can be far more daunting: One study conducted last year by the Ponemon Institute for IBM Security, which interviewed 524 organizations across 17 countries, found that data breaches in 2020 cost an organization on average $3.86 million.

Phishing has also been used by scammers attempting to swindle grandparents out of their savings, by intelligence agencies to gain information and diplomatic leverage, and by IT departments to see if employees are paying attention.

“A sufficiently well-designed phishing email will get clicked on 100 percent of the time,” said Steven J. Murdoch, a professor of security engineering at University College London, adding all companies were vulnerable to phishing.

But testing employees with fake emails about bonuses was “entrapment,” he said, adding that it risked harming the relationship between companies and employees, which was crucial for security. Some attacks, as an example, come from disgruntled employees, he said. “People responsible for fire safety don’t set fire to the building,” he said of the tests.

Rather than discouraging employees from clicking on any link, he said, more effective strategies could include blocking phishing emails, installing software to protect against ransomware, and addressing use of passwords.

Alienating employees also meant they could be less likely to report suspicious activity to their company departments, a crucial method of stopping attacks from becoming more serious, said Jessica Barker, a co-founder of Cygenta, a cybersecurity company.

View Source

$40,000 Swindle Puts Spotlight on Literary Prize Scams

The literary prize scammers seem more obviously motivated by money. The fraudster targeting the British awards appears to use the same approach each time, emailing administrators late at night after the winners’ announcement, using addresses featuring the author’s full name followed by the word “writes.” (Emails from The New York Times to those addresses went unanswered.)

As well as the Rathbones Folio and Baillie Gifford prizes, scammers also wrote to the organizers of the Encore Award last June; the Forward Prizes for Poetry, in October; and the Society of Authors Translation Prizes, in February, the organizers of those awards said. Britain’s most prestigious literary award, the Booker Prize, had not been contacted, its director, Gaby Wood, said in an email. “Oddly enough, no attempt has been made,” she added.

Caroline Bird, a winner in last year’s Forward Prizes, said in a telephone interview that Britain’s literary scene was trusting and cozy, and that the scammer was “clever” to exploit that. “It’s not the place you’d ever come across someone on the rob,” Bird said.

But several of the organizers who received the phishing emails said they suspected the fraudster was involved in British publishing, given the person knew who to contact and when to send the messages. Mundy, of the Baillie Gifford Prize, said he wondered whether the scammer might be a disgruntled author “who’d never won a prize and was furious about it, trying to claim what’s rightfully theirs, by fair means or foul.”

Did any authors come to mind? “There’s plenty,” Mundy said with a laugh. “But I’m not naming names.”

Few share that idea, though, for one simple reason: The emails lack a certain literary flair. “The prose was a bit dead, and there was no warmth,” said Patrick McGuinness, the winner of last year’s Encore Award, who had been passed the scammer’s email. “As a literary critic, I would say there was all the right words, but none of the fire.”

Brown, the Baillie Gifford winner, agreed. “I’m not thinking, ‘My God, it’s Salman Rushdie,’” he said. A published author would have put more effort into the grammar, for starters, he added.

View Source