STE WILLIAMS

People who think they’re tech-savvy are just kidding themselves: they’re actually 18% more likely to be hit by identity theft, according to a new study.

The study, from the online IT training company CBT Nuggets, derived its conclusions from a survey of 2,039 people after testing their knowledge about online information security.

Our attitudes to security practices matter if we want to keep from becoming a statistic. Unfortunately, at least in the US, our attitude toward infosec often amounts to “Pardon me, I really need to take a nap right now.”

When asked why they didn’t follow basic security recommendations, 40% of respondents said they were too lazy, found it to be too inconvenient, or they didn’t really care. In fact, only a smidgen of respondents – 3.7% – said they follow all of the basic security requirements…

…Which is weird, given that 65.9% said that having their personal information compromised is a medium or huge risk.

What are the basic security requirements that all these people are rolling over and playing dead about? For one, the study found, most people use public WiFi – an inherently risky thing to do unless you use a Virtual Private Network (VPN).

We’ve listed some of the risks of free, open Wi-Fi before, and they’re worth repeating here:

• The hotspot could be run by anyone, and there’s almost no way of telling who that might be.
• Anyone in the vicinity, whether they’re on the network or not, can “sniff” (eavesdrop on) and record all your network traffic.
• Your DNS requests, which turn server names into network numbers, are visible to anyone, so even if you subsequently use secure HTTPS connections only, the services you’re using are nevertheless revealed.
• The hotspot can send you bogus DNS replies, redirecting you to imposter servers, blocking your access to security updates, and more.

In addition, free hotspots often rely on a login page, rather tellingly known as a captive portal, where you have to first sign up for the service, even if your plan once online is to hop onto your own VPN to keep your network traffic secure.

Basically, a VPN encrypts all your network data before it leaves your phone or laptop, sending the scrambled stream of data back to your own network and decrypting it there before it gets sent to the internet.

The study found that many people also procrastinate when it comes to updating their computers or their mobile phones. Well, that’s nothing new. A study done five years ago for International Technology Upgrade Week – yup, that was really a thing, for at least one year! – found that 40% of users don’t upgrade when they probably should.

The other basic security practice cited by the study’s authors as being a snooze-fest: the lazy habit of keeping private passwords somewhere on the computer. In fact, over half of survey respondents kept those keys to the kingdom tucked somewhere on their computers.

Unique passwords is another good habit: one that Naked Security cites when we list basic security steps. In the CBT Nuggets survey, people who self-identify as tech-savvy are just a wee bit more likely to use unique passwords: just over 6% more likely, in fact. Why didn’t that keep them from having a higher incidence of identity theft? The study doesn’t say, but it does a lot more slicing and dicing of demographics more likely to suffer ID theft.

For example, when it comes to age, Generation Xers – those born between 1965 and 1980 – are the most likely to have been victims of ID theft. Millennials – those born between 1981 and 1997 – are the least likely. That could be due to the fact that Millennials have simply spent fewer years in the online trenches, of course.

More interesting factoids about the people who are more likely to use unique passwords:

• Android users were almost 11% more likely than iPhone users to have unique passwords. That could be one reason why they’re less likely to get hacked.
• Windows users were over 12% more likely than those on a Mac to use unique passwords. Apple users were 22% more likely than Windows users to be victims of ID theft, as well.
• Women were slightly more likely than men to use unique passwords.

Using more unique passwords doesn’t necessarily keep a given demographic from getting hacked more often, though. For example, women use 2.9% more passwords than men, but they get hit with ID theft 14% more often than men. The authors didn’t explain that discrepancy, though it could well amount to the fact that using “more” passwords doesn’t mean the same thing as “using unique passwords for every site”.

More factoids:

• The curse of the egghead: PhDs are the most likely to be hacked out of any education level. High school diploma holders are the lowest. One imagines that could have to do with PhDs spending a whole lot more time online, of course.
• PhDs are the least likely education level to use unique passwords.
• The laziest people – or, well, those more likely to say they’re lazy or that security is inconvenient – work in the religious and legal industries.
• Overall, 40% of respondents are too lazy, think it’s inconvenient, or just don’t care about using security best practices.

At Naked Security, we feel your pain. Sure, it can be inconvenient to use best practices to secure your online information. There was a whole lot of head-desk banging when I lost my phone recently and suddenly felt how very tight my security straitjacket is, with all those unique passwords locked away in a password manager I couldn’t get to without the two-factor authentication (2FA) Google Authenticator app (which was on my phone!) allowing me to get to them online.

But we believe in that armor. Common sense dictates that unique passwords keep thieves who’ve stolen your credentials for one site from reusing them to hijack all your accounts, be they your bank accounts, your social media accounts or anything and everything else.

We believe that multifactor authentication (MFA) is worth using, too. It’s a good stumbling block for identity thieves. To read more about the hows and whys of 2FA, check out our Power of Two post.

And some of us believe that if we can’t handle the concept of one unique, strong password for every site, then we can rely on a password manager to keep track of them for us.

If you’ve read this far, we know you’re likely not too lazy to use good security practices. That means we’re preaching to the choir. Your assignment: go preach to your friends and family who can’t be bothered, before their personal details get vacuumed up in the ever-expanding list of breaches.

Follow @NakedSecurity
Follow @LisaVaas

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/gG6MjOZ37Jk/

For more than a decade, a debate has rumbled on: are Macs more secure and less prone to malware than Windows computers?

As more malware targeting Macs entered the scene, Windows devotees used that to make the case that Apple’s technology was no more secure than all the others. Mac fans have responded with endless examples of how Windows is targeted much more often.

In the past week, debate has been rekindled by a series of articles questioning Mac security:

• TechRadar reported that Proton – a RAT (remote access trojan) targeting macOS – was circulating in an underground Russian cybercrime forum.
• Forbes published an article about how macOS isn’t as secure as its users think, based on a blog post from Thomas Reed, director of Mac offerings at Malwarebytes Labs.
• Macworld didn’t directly address those articles in a piece it published Monday about Mac security, but it did acknowledge the threats are real.

In the big picture, which operating systems attract more malware is beside the point. Windows may be targeted more often, but if you’re the Mac user who gets victimized by tainted code, the tally doesn’t matter. For Mac users, the important thing is to raise awareness of the threats they face and explain what they can do about it.

Below is a look at the Mac malware SophosLabs has intercepted, analyzed and protected customers against, followed by recent issues Naked Security has written about. From there, we look at some tips to ensure better protection.

View from the lab

Mac malware has been studied at length by SophosLabs, and in a 2017 malware forecast released last month, it warned that more threats are coming, including several varieties of ransomware.

Xinran Wu, a senior threat researcher with SophosLabs who specializes in Mac malware, said MacOS tends to be more a victim of nuisance programs known as potentially unwanted applications (PUA) – adware, for example. From his vantage point, Mac malware tends to be more targeted than the drive-by downloads that have caused a lot of past damage across the operating system landscape. He explained:

Over the past few years, there have been limited numbers of malware families discovered each year. Most of them seem to be targeted rather than drive-by. Technically speaking, there are lots of things that are possible for malware. My guess is that the GateKeeper feature and payment required for getting Apple developer accounts to sign and distribute software, coupled with low market share, might have helped with the lack of drive-by malware for Mac platform.

Gatekeeper is a new feature in Mountain Lion and OS X Lion v10.7.5 that builds on OS X’s existing malware checks to help protect Macs from malware and misbehaving apps downloaded from the internet.

Wu said the lab intercepts a lot of PUA families that are constantly being updated and “aggressively pushed” at Sophos customers.

Recent threats

In addition to the malware mentioned in the SophosLabs malware forecast, Naked Security has covered a large number of Mac-based threats. For example:

• On February 28, we wrote about ransomware detected and blocked by Sophos as OSX/Filecode-K and OSX/Filecode-L, written in the Swift programming language and primarily aimed at the macOS and iOS platforms.
• On January 24, we wrote about how Apple’s macOS Sierra 10.12.3 security update addressed significant vulnerabilities attackers could use to hijack Mac and iPhone devices.
• On December 14, we wrote about another Mac security update to address vulnerabilities that, if exploited, allowed attackers to hit users with drive-by downloads.

Defensive measures

Now that we’ve mapped out the various threats, let’s delve into some things users can do to protect themselves. First, some suggestions for dealing with ransomware:

• Read our advice on avoiding ransomware. Your best defense against any sort of malware is not to get infected in the first place.
• Listen to our podcast on dealing with ransomware. We explain what you need to know in plain English.
• Make regular backups and keep at least one copy offline. Ransomware is only one of many sudden ways to lose your precious data.
• Try our free Sophos Home product to protect your Mac. Anti-virus and web filtering is for everyone, not just for Windows.

Other tips:

• Consider using a real-time anti-virus on your Mac, even (or perhaps especially) if you have managed unharmed for years without one.
• When Apple releases a security update, don’t put it off. Download it immediately.

Follow @NakedSecurity
Follow @BillBrenner70

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/sZJksOzQrHU/

Mobile operator Three has admitted that some customers were able to view the mobile account details of other Three users via their accounts yesterday.

The incident emerged as customers complained to Three via social media.

One customer Mark Thompson, wrote on Three’s Facebook page: “Care to explain just how my details have been shared, how many people have had access to my personal information, for how long, and how many of your other customers have had their details leaked by yourselves to other members of the public as well?”

A Three spokesman told The Guardian the firm is investigating the incident. “We are aware of a small number of customers who may have been able to view the mobile account details of other Three users using My3.

“No financial details were viewable during this time and we are investigating the matter.”

The Information Commissioner’s Office said it “will be looking into this potential incident involving Three”.

A spokeswoman for the regulator said: “Data protection law requires organisations to keep any personal information they hold secure. It’s our job to act on behalf of consumers to see whether that’s happened and take appropriate action if it has not.”

Last year Three admitted its customer database was compromised by hackers and more than 130,000 customers had had their account data exposed.

Three is owned by Hong Kong-based company CK Hutchison and has 9 million users in the UK. The firm had hoped to merge with Telefonica’s O2, but last year the £10.5bn deal was smacked down by European regulators. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/03/21/three_admits_to_data_breach/

Targeted industrial control systems-themed malware is less prevalent yet persistent, including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find.

A piece of crimeware posing as legitimate Siemens PLC software has been in circulation for four years by an unknown attack group attempting to infect industrial networks mainly in the US.

The backdoor malware is packaged to appear as a Siemens programmable logic controller installer file, and around 10 industrial sites have reported coming across the targeted attack campaign, seven of which are located in the US as well as some in Europe and China, according to new research from Dragos.

“It tries to fool operators into installing what they expect to be files related to their PLCs, but in fact, it’s a backdoor,” says Robert M. Lee, founder and CEO of Dragos, a critical infrastructure security firm that today at the SANS ICS Summit released findings from its study of malware found in ICS networks.

Lee and his colleague Ben Miller, director of the Dragos Threat Operations Center, identified and analyzed malware cases associated with ICS networks, studying 15,000 malware samples from ICS environments over a three-month period. The researchers studied malware culled from public databases such as VirusTotal, where malware gets uploaded and tested against anti-malware products, as well as from Google searches and Doman Name Service (DNS) data.

Dragos’ so-called Malware in Modern ICS (MIMICS) project was meant to provide a gut-check on the actual types of malware hitting ICS environments today. The researchers were able to identify mostly everyday malware: no new Stuxnet-type targeted malware attacks. Even the Siemens-themed malware, while targeting ICS networks, still uses a crimeware-type backdoor piece of malware: nothing destructive or customized like Stuxnet, Havex, or BlackEnergy2.

The researchers found mostly common and easily spreadable malware samples had hit ICS networks: Sivis was by far the most prolific, with 15,863 detections, followed by Lamer (6,830), Ramnit (3,716), Sinwal (2,909), and other common malware families including Virut (1,814) and Sality (1,225). The researchers calculate that some 3,000 industrial sites per year get infected with this type of non-targeted, everyday malware, a figure they consider conservative since not all infected sites necessarily submit their malware to VirusTotal, for instance.

“People expect Stuxnet 2.0 instead of obvious things [malware infections] happening,” Lee says. “Our hypothesis is that it doesn’t take Stuxnet 2.0 to get into [industrial] facilities. It’s more impactful if you can show traditional malware used to target ICS.”

The targeted attacks they found besides the Siemens PLC-poser malware were not as widespread as the non-targeted malware. There were around 10 other such ICS-themed malware cases, Lee says. One such attack, dating back to 2011, was a phishing email targeting multiple nuclear sites in the West, but mainly in the US. “We can’t tell who was actually affected” from the data set, Lee says. “But we saw it did occur.”

Lee says that the presence of any of this malware on ICS systems doesn’t mean a manufacturing facility was shut down, or there was a nuclear meltdown. MIMICS’ findings shows actual data on what type of malware and attacks are hitting ICS plants. “A lot of [plant owners] want to make user cases for security,” he says. “The hope is that this will cut through the hype and show that there are issues.” 

More unnerving, however, was how many legitimate ICS files MIMICS discovered incorrectly flagged as malware in VirusTotal and other public sites, leaving those files exposed to abuse by cybercriminals or other threat actors looking for that type of intel to wage a targeted attack on an industrial site. They discovered thousands of legit ICS software programs including human machine interface installers, data historian installers, and key generators for the software, all up for grabs by bad guys.

Lee and Miller found some 120 project files that had been flagged as malicious and submitted to those public databases, including a Nuclear Regulatory Commission report, substation layout specifics and maintenance reports, and other types of sensitive information inadvertently posted publicly.

Pulling off a targeted and destructive attack on an ICS system in an industrial plant isn’t so simple. It takes a fair amount of knowledge and understanding of the physical layout of the plant, as well as some knowledge of the industrial processes there. ICS security experts such as Ralph Langner of Langner Communications have argued that in order to execute a “cyber-physical” attack that causes damage to the plant or its processes, the attacker needs knowledge of the physical and engineering aspects of the targeted site. That’s a skillset that goes beyond malware and hacking, according to Langner.

But the legitimate files the Dragos team found online could be used as part of an intel- and reconnaissance operation by malicious attackers. “They could get information on where the site was, what the asset owner was, the configuration and layout of the process, what equipment they are using, what software they have,” for instance, Lee says. “They could get a lot of information. It wouldn’t necessarily give them the physical engineering” information, but it would provide a good amount of information, he says.

An attacker would need to do a large amount of research to hack a plant, but finding this type of legitimate data as well as files on VirusTotal, for example, would shorten that research process by the attacker, Lee notes.

ICS security expert Joseph Weiss this week in a blog post pointed out that malware indeed is resident in ICS systems, so plant operators must “focus on resilience and recovery” from potential cyberattacks. Ensuring that critical control systems are not available on the Internet, as well as establishing secure software updates and limiting access to trusted users are among some of the protections these sites should employ, he noted.

Related Content:

• Ex-US National Security Official Clarke: Regulation Key To Protecting ICS/SCADA From Cyberattacks
• Lessons From The Ukraine Electric Grid Hack
• ‘Project SHINE’ Illuminates Sad State Of SCADA/ICS Security On The Net

 

 

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise … View Full Bio

Article source: http://www.darkreading.com/threat-intelligence/3000-industrial-plants-per-year-infected-with-malware-/d/d-id/1328444?_mc=RSS_DR_EDT

Vulnerability was discovered in WikiLeaks’ recent data dump on CIA’s secret cyber-offensive unit.

Cisco has issued a security advisory that a bug in the cluster management protocol code of its IOS and IOS XE software may have affected 300 of its switches and can be exploited by a malformed protocol-specific Telnet command, reports ZDNet. Though the company is yet to issue a patch, it says disabling Telnet could remove some risks.

The flaw was discovered by Cisco on Vault7, WikiLeaks’ recent disclosure of CIA’s secret Center for Cyber Intelligence. WikiLeaks faces criticism for not having edited out all sensitive information in its disclosures and is also under fire for reportedly not providing details of vulnerabilities to affected companies. 

However, a WikiLeaks spokesman said that “Fortunately, WikiLeaks’ Vault7 has permitted Cisco’s security team to identity the vulnerability without releasing the exploit code.”

Cisco was involved in a similar issue last year when two vulnerabilities found in hacking tools, allegedly created by the National Security Agency, were identified to impact its products.

Click here for details.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: http://www.darkreading.com/vulnerabilities---threats/cisco-issues-advisory-on-flaw-in-hundreds-of-switches/d/d-id/1328446?_mc=RSS_DR_EDT

Malware targets Middle Eastern airlines, government, financial industries and critical infrastructure with a simple but powerful backdoor created by infected Excel files attached to phishing emails.

New research released by LogRhythm Labs offers details behind the malware campaign commonly referred to as “OilRig,” including the tools, techniques, and procedures (TTPs) used to compromise security operations centers of government, financial, airline and critical infrastructure entities located primarily in the Mideast.

Unlike earlier threat intelligence reports, which addressed only a few indicators of compromise by OilRig, this new research specifies the full front-end infrastructure of the campaign, including malware associated with initial compromise (stage 1 droppers) and a significant number of indicators that have yet to be made publicly available.  

Cyberattacks attributed to OilRig first surfaced in late 2015. Since then, the threat intelligence community identified two periods of high activity following the initial attack: in May and October 2016.

All known samples from these efforts used infected Excel files attached to phishing emails to infect victims, such as the phishing email — shown below — that appeared to be sent to an organization within the Turkish government. Once infected, the victim machine can be controlled by the attacker to perform basic remote-access Trojan-like tasks, including command execution and file upload and download.

Moving Targets
Early attacks focused on Middle Eastern banks, government entities and critical infrastructure entities. However, targets have expanded both geographically and by industry over time. For example, the October 2016 attacks targeted companies in the U.S., as well government organizations, companies and government-owned companies in Saudi Arabia, United Arab Emirates, Qatar, Turkey and Israel. OilRig also expanded its aim to include a number of Middle Eastern airlines.

History suggests this attacker is most interested in espionage, rather than other malicious activities such as theft of intellectual property. However, it is also likely that the attacker will continue to expand to other industries. 

Malware Submission by Country
The origin of the malware submissions, obtained through analysis of threat intelligence data, revealed both targeted countries and those countries that are likely performing analysis on this campaign group. For example, Saudi Arabia — with 22 unique submissions — likely contains the majority of targeted organizations by this actor group. Separately, representation from Great Britain and the United States, with 11 and 9 different submissions of malware respectively, likely reflects their analysis on this campaign rather than being direct targets.

Other countries of note include United Arab Emirates, Qatar, Israel, Turkey, and Azerbaijan. While the report doesn’t fully confirm that this actor group attacked organizations from each of these countries, there are several indicators that support this conclusion. Filenames such as “TurkishAirline_Offers.xls” and “Israel Airlines.xls” make a strong correlation that these organizations were targets at one point.

Malware Submission Analysis
The LogRhythm Labs team identified 23 unique, weaponized, Microsoft Excel files that contained OilRig malware. Based on the filenames used, their country of origin, when they were identified, and the command and control method, it was determined that nearly all samples fell into one of four groups. A representative sample from each of these groups was analyzed, in detail, in the report.

When the weaponized documents are executed, most malware samples use VisualBasic for application payload to infect a system with PowerShell (.ps1) and VisualBasic scripts. The malware achieves persistence by Microsoft Scheduled Tasks, and its capabilities include very basic command execution, file upload and file download capability.

Communication Analysis
Command and control mechanisms exist for both HTTP as well as a stealthier DNS-based C2 and data infiltration/exfiltration mechanisms. The malware uses a customized UDP packet or DNS record query and response pattern for command and control and includes basic upload, download, and arbitrary command execution functionality. LogRhythm Labs’ full report outlines analysis of the methodology, and includes detection and remediation details.  

While not overly sophisticated, OilRig attacks are highly effective. The attacker has created a simple, powerful backdoor using infected Excel files laced with malicious VBA, VBS, and PowerShell code. To date, the attacker has primarily used Excel files attached to spear phishing emails for malicious payload delivery. However, this attack could be easily incorporated into many different file formats that could also be attached to phishing emails.

Despite the fact that only a few industries have been targeted by this campaign, this code is widely known, which means other threat actors could incorporate it into their own campaigns and target different countries or industries. Given this, it would be wise for security analysts to guard against similar attacks regardless of their industry or location. 

Related Content:

• New MagikPOS Malware Targets Point-of-Sale Systems In US Canada
• North Korea’s ‘Lazarus’ Likely Behind New Wave of Cyberattacks
• Enterprises Hit with Malware Preinstalled on their Androids

 

James Carder brings more than 20 years of experience working in corporate IT security and consulting for the Fortune 500 and U.S. Government. At LogRhythm, he develops and maintains the company’s security governance model and risk strategies, protects the confidentiality, … View Full Bio

Article source: http://www.darkreading.com/threat-intelligence/report-oilrig-attacks-expanding-across-industries-geographies/a/d-id/1328443?_mc=RSS_DR_EDT

Webmasters should register on Search Console for hack notifications, advises the company.

A State of Website Security Report for 2016 by Google says the number of hacked websites rose by 32% in 2016 when compared to the previous year, Softpedia reports. In a blog post, the company says “We don’t expect this trend to slow down. As hackers get more aggressive and more sites become outdated, hackers will continue to capitalize by infecting more sites.” 

Webmasters not registered on Search Console stand to lose out on being notified of hacks, claims Google. It adds that around 61% of webmasters do not know they are infected because they are not registered, while, on the other hand, 84% with a reconsideration request for site review are able to fully fix all issues.

The organization offers assistance with a clean-up guide to troubleshoot issues associated with known hacks including cleaning up after a “cloaked keyword hack” or a “Japanese keywords hack.” 

Read details on Softpedia.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: http://www.darkreading.com/cloud/hacked-sites-up-by-32--in-2016-over-2015-says-google/d/d-id/1328445?_mc=RSS_DR_EDT

Delivery is the weakest link in the “dark web” drug trade: the postal habits of a large-scale trader have led to his undoing.

Chukwuemeka Okparaeke is accused of dealing in very nasty stuff: Fentanyl, a high-strength synthetic opioid the Centre for Disease Control says is 50 times the potency of heroin and was responsible for nearly 10,000 deaths in the US in 2015.

Okparaeke may have been a capable Tor user, but his logistical clue needed work: he was caught not because someone linked him to his handle (“Fentmaster”, on a site called the AlphaBay Marketplace), but because wearing latex gloves while depositing large numbers of packages at US post offices got the attention of staff.

He was seen at several post offices in the Middletown area of New York, and because he was bulk-buying priority delivery stamps, staff had also viewed his driver’s licence.

The United States Department of Justice’s (DoJ’s) filing sets out where things went from there. Law enforcement was already interested in the area as a source of “fentanyl analogs”, so the approach from a postal inspector was welcome.

Investigators only needed to place an order with Fentmaster and keep an eye on Okparaeke to tie him to the fentanyl he sent them.

When arrested, Okparaeke’s Galaxy S5 carried the tools you’d expect: the Private Internet Access VPN application, the Orbot Tor proxy, and a Bitcoin app.

There were also text messages suggesting Okparaeke realised he was being watched, and tried to recruit someone else to distribute packages on his behalf.

In an act of astonishing naivete, Okparaeke didn’t clear his browser history, so police were also able to connect him to a lengthy Reddit post under the handle “bmoreproduct1”, describing his activities as a “darknet drug trader”.

The DoJ media release says Okparaeke is charged with one count of conspiracy to distribute large quantities of an analogue of fentanyl”, which if he’s found guilty will get him a sentence between ten years and life. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/03/21/darknet_drug_lord_caught_going_postal/

From today, passengers are banned from flying into the US from specific overseas airports if their carry-on luggage contains devices larger than a mobile phone. The clampdown is a result of counterterrorism intelligence, we understand.

Electronic gadgets bigger than phones – such as laptops and tablets – must be left behind, or stowed in the hold, which is less than ideal, if you’re arriving from one of the listed airports. News of the device ban broke on Monday although details were scant.

Now senior US Homeland Security officials, who asked not to be named, have told The Register the rules follow evaluated intelligence that suggests terrorists are targeting flights with electronic devices. Specific details about any possible threats were not provided.

These fresh restrictions, which do not have a set end date and do not apply to crew members, were characterized as necessary to enhance security at specific airports. The rules do not, therefore, apply to internal flights in America. Cellular phones and essential medical devices are exempt. Laptops, tablets, cameras, DVD players, and game players are among the types of electronic devices no longer allowed in airplane cabins.

The 10 airports affected by the US-levied ban are: Queen Alia International Airport in Jordan; Cairo International Airport in Egypt; Istanbul Atatürk Airport in Turkey; King Abdulaziz International Airport in Saudi Arabia; King Khalid International Airport in Saudi Arabia; Kuwait International Airport in Kuwait; Mohammed V International Airport in Morocco; Hamad International Airport in Qatar; Dubai International Airport, in the United Arab Emirates; and Abu Dhabi International Airport, in the United Arab Emirates. Contrary to previous reports, the crackdown affects only travelers flying to the US from these airports.

Airlines that must obey the new rules, because they run flights from the above airports to America, include: Royal Jordanian Airlines, Egypt Airlines, Turkish Airlines, Saudi Arabian Airlines (Saudia), Kuwait Airways, Royal Air Maroc, Qatar Airways, Emirates, and Etihad Airways.

Royal Jordanian Airlines jumped the gun on Monday by advising passengers via Facebook that “carrying any electronic or electrical device on board in the flight cabins is strictly forbidden.”

The carrier said the new rules will be enforced on Tuesday, March 21, 2017. A staffer reached by phone yesterday confirmed the ban. “We received an email from the TSA,” the worker told El Reg.

Saudi Arabia’s Saudia Airlines has also acknowledged the ban with a notice to passengers that specifically mentions Kindles and iPads, as well as laptops. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/03/21/tsa_laptop_ban_latest/

People traveling by air to America from an undisclosed list of countries will no longer be allowed to carry devices larger than a mobile phone in carry-on baggage.

Those traveling with such devices will be required to store them in checked baggage.

The new travel rule was reportedly issued by the US Transportation Security Administration (TSA) in the form of a confidential email, or circular, on Monday and distributed to nine airlines serving 10 foreign airports in eight countries. Recipients of the missive are said to have been given 96 hours to comply.

Royal Jordanian Airlines on Monday advised passengers via Facebook that “carrying any electronic or electrical device on board in the flight cabins is strictly forbidden,” only to later remove the tweet.

After “instructions from concerned US departments,” Royal Jordanian Airlines announces a laptop ban (?) on flights to and from the US. pic.twitter.com/V1s0FkLHNn

— Allison Deger (@allissonCD) March 20, 2017

Cellular phones and required medical devices are exempted. Laptops, tablets, cameras, DVD players, and game players are among the kinds of electronic devices no longer allowed in the airplane cabins of affected airlines. The gadgets have to be left behind – or stowed in the hold, which isn’t ideal.

Royal Jordanian Airlines said the new rule will be enforced Tuesday, March 21, 2017, aboard New York, Chicago, Detroit, and Montreal flights. A Royal Jordanian Airlines ticket agent, reached by phone, confirmed the ban. “We received an email from the TSA,” the agent told El Reg.

Saudi Arabia’s Saudia Airlines has also acknowledged the ban with a notice to passengers that specifically mentions Kindles and iPads.

Asked about the new restrictions, a TSA spokesperson referred The Register to the Department of Homeland Security. DHS spokesperson David Lapan did not acknowledge the new rules when asked about them. “We have no comment on potential security precautions, but will provide an update when appropriate,” he said in an email. We’ll update this article as soon as we have more information. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/03/20/tsa_bans_devices_bigger_than_phones_certain_airlines/