STE WILLIAMS

Several hours past the payment deadline, Johannesburg has vowed not to give in to criminal hackers who demanded £29,000 (4 bitcoins) not to publish its data, four days after the South African city shut down its public sector networks in response to the breach.

Several “customer facing systems – including the city’s website, e-services, and billing system[s]” – have remained offline since they were pulled down Thursday night “as a precaution” after a “network intrusion”, which the city first announced just after 11pm local time on 24 October.

In a statement issued this afternoon, city councillor Funzela Ngobeni said: “I can confirm that the city will not concede to their demands and we are confident that we will be able to restore systems to full functionality.”

The ransom demand, for 4 bitcoins, expired at 17:00 local time (15:00 UTC) today.

Ngobeni, the city’s elected finance chief, said that Joburg authorities had managed to switch on some of the city’s billing and CRM systems as well as various others, including library admin and land ownership databases.

“I acknowledge the impact of this on our customers – specifically those who have joined our environmental drive to reduce paper usage by registering to receive their statement by email,” he added.

As reported everywhere last week, a crew calling themselves Shadow Kill Hackers claimed responsibility for the hack, with a ransom note reportedly stating: “We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.”

The hackers threatened to publish data they had stolen from the city’s systems unless their ransom demand was met.

Matthew Aldridge, a senior solutions architect at Webroot, opined that the attackers were probably inexperienced in the arts of criminality, albeit technically skilled enough to break in and help themselves to other people’s data.

He told The Register: “I do find it interesting that the attackers chose not to encrypt any of the City’s systems – that would give them a much stronger hand to play. As things stand, they are relying on having enough backdoors into the network to be sure that they can’t all be closed off before the City brings their systems back online. This could be a sign of an inexperienced or weak adversary.”

Aldridge added: “The comment made by the City that they will be looking for a potential insider threat or disgruntled former employee as part of their investigation could also relate to this.”

Authorities in Joburg, the largest city in South Africa*, also said they “know where the attack (hacker) comes from” as this article was being written, with 80 per cent of systems said to be coming back online by the end of the day.

Infosec biz Emsisoft told The Register that the attack malware might have been custom-made, pointing to the personalised login screen (“quite unusual”, as the firm’s Brett Callow told us) and the fact that the email address in the ransom note wasn’t one they had seen being used elsewhere.

Back in July, Joburg electricity company City Power was infected with ransomware that prevented pre-paid meter customers from topping up online, potentially leaving locals in the dark. ®

* at 1,645 km^², it is slighter bigger than Greater London

Sponsored:
How to Process, Wrangle, Analyze and Visualize your Data with Three Complementary Tools

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2019/10/28/johannesburg_ransomware_payment_demand_refused/

Traditionally, the worlds of IT (the hoodie) and OT (the hard hat) have been separate. That must change.

For nearly 30 years, operational technology (OT) in industrial facilities was considered relatively safe from outside hacking risk. The so-called air gap between IT and OT, paired with the heavy use of proprietary industrial control systems, created a mindset of “security via obscurity.”

In recent years, there have been multiple, well-publicized cyberattacks on industrial facilities, which are now occurring with greater frequency and sophistication. As a result, industrial operations leaders, IT executives, and the CEOs they report to are taking significant interest in improving OT cybersecurity. One challenge to that effort is the different worlds IT (the hoodie) and OT (the hard hat) practitioners come from. Historically, these two groups have stayed out of each other’s areas because of the deep and different complexity of the two domains and the rightful separation of responsibilities. To improve awareness, we’ve outlined the top five things IT and OT should learn from one another.

1. Operational facilities no longer are — and frankly never were — an island. The air gap between IT and OT systems and networks is no longer valid, if it ever was. IT professionals have understood that a persistent, smart hacker can eventually find a way into your network. It’s not a question of if but when you will be breached, and IT leaders design their security strategy based on this premise. It’s time for OT to do the same.

The assumptions OT has made regarding security via obscurity are also no longer valid. With the large revenue generated by industrial facilities and hazardous processes/chemicals used, hackers have been taking more interest in distributed control systems (DCSs), programmable logic controllers, safety instrumented systems, and process control networks. These systems appear as complex black boxes to most IT people.

2. IT people don’t fully appreciate the meaning of OT reliability. When discussing reliability, IT people use terms like MTTR (mean time to repair) and MTBF (mean time between failure) and, in a cloud-based world, it’s common to remove a bad or compromised server and just spin up a new one. That approach doesn’t fly in an industrial plant. You can’t just shoot a DCS that is managing hundreds of different control valves and monitoring thousands of measurements. That can have a catastrophic impact on the personnel, the environment, and the surrounding community, not just a disruption to production and lost revenue.

Today, most IT people think of servers like cattle, not pets. This has been one of the huge benefits of shared or cloud infrastructure. But this approach cannot apply when you are talking about machines that move molecules and where things can go boom — literally.

3. The concept of defense-in-depth applies to both IT and OT. Enterprise CISOs know reliance on a single solution or silver bullet puts them at risk. This is why we implement multiple firewalls, intrusion-detection tools, antivirus software as well as identity, data, and endpoint security technologies. They create multiple layers of defense, often using multiple vendors within each layer. It’s like a moat around your moat backed up by a castle wall with another wall beyond that, and so on. Embracing defense-in-depth from web apps to Level 0 components (e.g., valves, sensors, actuators, robots) that move molecules in a plant is key.

The concept of defense in depth isn’t foreign to the OT world, which uses a similar approach called independent protection layers (IPLs). These safety layers protect, monitor, and respond when critical measurements (such as pressure and temperature) exceed predefined boundary limits. These IPLs are also a high-consequence hacking risk. One of the most prominent industrial hacking attacks recently was the inadvertent tripping of a safety instrumented system in a major refinery. This caused the entire industrial sector to take notice.

4. There’s no such thing as Patch Tuesday in OT. In an industrial plant, changes must be well planned and coordinated with operations and maintenance groups. In the OT world, you might not be able to introduce changes more often than once a year or longer. Furthermore, many of the control systems have been in place for more than 15 years. We don’t replace OT every three to five years like IT does. When managing security vulnerabilities, it’s critical to take this into account. You also can’t just put a network packet sniffer on a plant control network and build a comprehensive inventory and identify all vulnerabilities. You need much more granularity to see if a vulnerability exists on a specific I/O card or a controller within a DCS, and that requires capturing data from configuration backups.

5. OT needs to understand digital transformation will have a profound effect and it’s going to be driven primarily from people who come from outside of OT. Chief digital officers and chief data officers are being appointed every day. The hiring profile rarely includes an understanding of OT. This poses a challenge because these new leaders don’t know what they don’t know. However, it also presents an opportunity to help them understand how a “digital plant” can drive revenue growth through improved efficiency, expanded operations, and production visibility. It also means ensuring the integrity of industrial operations from both a cybersecurity and a process safety perspective is paramount, and that requires IT and OT to work together.

Related Content:

• Utilities’ Operational Networks Continue to Be Vulnerable
• 7 Considerations Before Adopting Security Standards
• Airports Operational Technology: 4 Attack Scenarios
• Vulnerabilities in Our Infrastructure: 5 Ways to Mitigate the Risk

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “Building a Cybersecurity Culture: What’s Love Got to Do With It?“

Eddie Habibi is the Founder and CEO of PAS Global. Eddie is a pioneer and a thought leader in the fields of industrial control systems (ICS) cybersecurity, Industrial IoT, data analytics, and operations management. In the past several years, PAS was recognized in CRN’s 15 … View Full Bio

Article source: https://www.darkreading.com/iot/5-things-the-hoodie-and-the-hard-hat-need-to-know-about-each-other/a/d-id/1336052?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Whether you’re a leader of a large enterprise or a smaller business, part of your ongoing security, risk management, and compliance strategy will be sourcing the most effective solution. This guide, sponsored by Akamai, will help you determine what to look for.

It’s a bold claim, one that hasn’t always been accepted as truth. In the not-so-distant past, digital security was seen as a cost center. Those days are gone.

Security is essential to the success of any digital business. If there is one thing you can always count on, however, it’s that security-related incursions are inevitable. And it’s news to no one to say that these disruptions can have dire consequences beyond downtime. Security breaches erode trust and damage reputation.

Simply put, there’s no longer a choice. As a CIO, CISO, or other security or IT leader, you know it’s your job to be the central agent stressing the connections between business and digital risk. It’s your responsibility to find the talent and technology to ensure the protection of your digital assets.

According to Gartner, by 2020, 100% of large enterprises will be asked to report on their cybersecurity and technology risks to their boards of directors at least annually. That’s up from 40% in 2018. Whether you’re a leader of a large enterprise or a smaller business, part of your ongoing security, risk management, and compliance strategy will be sourcing the most effective security solution for your business.

We know. Easier said than done. To help, we’ve compiled this guide for you to find the right solution for your business to scale resilience, build trust, and drive revenue.

(Registration required.)

Article source: https://www.darkreading.com/edge/theedge/new-the-2019-security-buyers-guide/b/d-id/1336181?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

The database was open for approximately one week before the problem was discovered.

An unprotected Elasticsearch database left the account details of 7.5 million Adobe Creative Cloud customers exposed to anyone with a Web browser. The open database, since closed, could have provided information such as names, email addresses, and Creative Cloud applications used to any curious individual.

Comparitech, with security researcher Bob Diachenko, discovered the database on Oct. 19. Diachenko, who estimated the database had been open for approximately one week, notified Adobe that same day, which is also when the company secured the database.

While no payment information was compromised, the information in the database could be used for phishing attacks against customers.

Read more here.

 

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/attacks-breaches/database-error-exposes-75-million-adobe-customer-records/d/d-id/1336185?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

The popular video app has more than 110 million downloads in the United States and could give China access to users’ personal data, they say.

US senators are calling for an assessment of risks posed by video app TikTok, citing concerns related to parent company ByteDance sharing users’ data with the Chinese government.

TikTok is a hugely popular app that lets users create and share short videos set to music. It has more than 500 million users around the world and more than 110 million downloads in the US. Senate Democratic Leader Chuck Schumer and Republican Senator Tom Cotton have submitted a letter to acting director of national intelligence, Joseph Maguire, suggesting the sheer size of TikTok’s audience poses a security risk, given the amount of personal data it gathers from users.

Their letter indicates ByteDance may be forced to share data with Chinese officials or give Chinese intelligence a means of spying on TikTok users’ smartphones. Senators emphasize the app could be a potential target of foreign influence campaigns, similar to those seen in the 2016 election, and say further action is needed to address the threats posed by China-owned firms.

ByteDance has published a statement confirming TikTok’s US user data is stored in the United States, with backup residency in Singapore. It claims it “does not remove content based on sensitivities related to China” and it has “never been asked by the Chinese government to remove any content.” It would not comply with such requests if they were made, TikTok says.

“We are not influenced by any foreign government, including the Chinese government; TikTok does not operate in China, nor do we have any intention of doing so in the future.”

Senators note TikTok does not operate in China and stores US user data in the US; however, “ByteDance is still required to adhere to the laws of China,” they write. “Questions have also been raised regarding the potential for censorship or manipulation of certain content.” The app reportedly censors content considered politically sensitive to the Chinese Communist Party; for example, materials related to Hong Kong protests and references to Taiwanese independence.

Read the full letter here and TikTok’s statement here.

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/risk/us-lawmakers-fear-chinese-owned-tiktok-poses-security-risk/d/d-id/1336188?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Polish police have arrested the president of cryptocurrency exchange Crypto Capital on charges of money laundering.

According to reports from the Polish news outlets W Polityce and RMF24, Ivan Manuel Molina Lee was arrested in Greece in March 2019 and extradited to Warsaw on Thursday.

Molina Lee was wanted in Poland for allegedly laundering up to 1.5 billion zloty – about US $390m or £303m – that came from “illegal sources.” Specifically, prosecutors believe he’s a member of a Colombian cartel who laundered drug money through Crypto Capital.

They also believe that the cryptocurrency exchange Bitfinex has similarly laundered illegal proceeds through a Polish bank. Prosecutors say that Crypto Capital held accounts in Bank Spółdzielczy in the town of Skierniewice.

Both Bitfinex and Crypto Capital are already tangled in legal trouble. In April, New York Attorney General Letitia James accused Bitfinex and the cryptocurrency Tether – which calls itself a stablecoin – of an $850m fraud. That’s how much she says Bitfinex transferred to Crypto Capital, all without a written contract, and all of which Crypto Capital has refused to remit.

The extradition of Molina Lee to Poland comes within days of Bitfinex having filed a request to subpoena an ex-banking exec as it tries to get back that money.

Cryptocurrency investors have been talking about the lost money for months, speculating that they’ll never see it again. Polish authorities said that they seized $390m worth of what they say is Crypto Capital’s laundered drug money.

Between the interwoven problems with Bitfinex, Tether and Crypto Capital, the cryptocurrency community has been shaken. In the words of one Redditor:

The whole crypto community is worse off because of this.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/LnDwGsb6p10/

A mirror copy of the BBC’s international news website is now available to users on the so-called dark web.

The site is the result of a collaboration between the BBC and Alec Muffett who in 2017 launched something called the Enterprise Onion Toolkit (EOTK) to make it easier to create dark web mirror sites. Muffett tweeted:

I should probably admit: this has been a 2 year project, though it could only have been brought to fruition with the partner/involvement of both @OpenTechFund the BBC.

As well as English, versions for the BBC’s Arabic, Persian and Russian services will also be available.

The Corporation isn’t the first news organisation to do this with EOTK – Facebook and The New York Times mirrored their sites in 2014 and 2017 – but it’s still a big advert for what remains a largely mysterious part of the internet.

But what is the ‘dark web’ and why might the BBC and others want to mirror themselves on it when you can already access the standard site using Tor?

Not so dark

The dark web gets its name the fact users must access it unconventionally using a browser designed to connect via dedicated privacy-preserving routing networks, principally Tor. Because of its private nature, it has a reputation for hiding shady websites (child abuse imagery, drugs, weapons, etc).

While it’s true that the dark web is used for criminality, it could just as easily be used to preserve privacy and anonymity for positive reasons too.

That includes people in countries that censor news content and that may spy on those who try to access it, which is why the BBC and others are interested.

As already noted, users can already gain access visiting the standard BBC site using the Tor browser, but there’s a potential problem with this – malicious Tor exit nodes.

We won’t delve into the inner workings of Tor (see previous coverage), but suffice to say that exit nodes – the last router before traffic is directed to the real site – have been under attack by nation-states looking to compromise and spy on Tor users for some years.

EOTK’s answer to that is to create an .onion proxy that mirrors the standard site, in other words allowing traffic to enter Tor but not leave it, bypassing the exit part.

For the BBC’s new site that’s https://www.bbcnewsv2vjtpsuy.onion/, while for the NYT it’s https://www.nytimes3xbfgragh.onion/ (notice the use of HTTPS to secure the first hop between the user and Tor itself).

Importantly, .onion addresses are self-authenticating and can’t be spoofed by surveillance attempting to lure users to a fake version of a site as a way of unmasking them.

You also can’t accidentally plug on into a standard browser and visit it by mistake because it won’t work.

The BBC has a history of embracing services such as these – in 2015 it announced local language channels on the encrypted Telegram app designed to beat Russian and Iranian censorship.

All of this might seem a bit removed from everyday internet concerns, but there is a growing band of advocates who believe that digital privacy has become a major battleground that will define the future of society itself.

Tor is only a part of that, but the model it proposes of an internet overlay where privacy is preserved is not universally popular with governments and commercial organisations who would like to watch what people do and why they are doing it.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/sRi_R8Cw8DM/

TikTok – the Chinese-owned, massively popular, kid-addicting, fine-accruing, short-and-jokey video-sharing platform – is a potential threat to national security, US lawmakers said last week.

Senators Tom Cotton and Chuck Schumer on Wednesday sent a letter to Acting Director of National Intelligence Joseph Maguire, asking that the intelligence community please look into what national security risks TikTok and other China-owned apps may pose.

TikTok’s parent company, Bytedance, is a private startup based in Beijing that was valued at $75 billion as of July. Most of that is thanks to TikTok and its Chinese equivalent, Douyin.

The senators pointed out that TikTok has been downloaded in the US more than 110 million times. At least one Chinese doctor specializing in addiction has warned that young people are so hooked on social media approval that they’ve been risking their lives to garner likes with their 15-second Douyin clips, which have featured things like dancing in front of a moving bus or trying to flip a child 180 degrees …and then dropping her.

The day after the letter was published, TikTok defended itself in a company blog post in which it reiterated what it’s repeatedly claimed – that Chinese law doesn’t influence TikTok, given that its data is stored on servers in the US:

We store all TikTok US user data in the United States, with backup redundancy in Singapore. Our data centers are located entirely outside of China, and none of our data is subject to Chinese law. Further, we have a dedicated technical team focused on adhering to robust cybersecurity policies, and data privacy and security practices.

The senators are familiar with that line, and they don’t necessarily buy it. From their letter:

TikTok’s terms of service and privacy policies describe how it collects data from its users and their devices, including user content and communications, IP address, location-related data, device identifiers, cookies, metadata, and other sensitive personal information. While the company has stated that TikTok does not operate in China and stores U.S. user data in the U.S., ByteDance is still required to adhere to the laws of China.

Look, guys, we’re not about kowtowing to the Chinese government. We’re dedicated to entertainment and creativity, TikTok said in its post. The company denied ever having been asked by the Chinese government to remove content and said it “would not do so if asked. Period.”

But how, the senators asked, would we even know if that were true? As it is, there’s no legal means to appeal a content removal request in China, they pointed out.

Security experts have voiced concerns that China’s vague patchwork of intelligence, national security, and cybersecurity laws compel Chinese companies to support and cooperate with intelligence work controlled by the Chinese Communist Party. Without an independent judiciary to review requests made by the Chinese government for data or other actions, there is no legal mechanism for Chinese companies to appeal if they disagree with a request.

Schumer and Cotton pointed to security experts’ concerns that Chinese law compels its companies to “support and cooperate with intelligence work controlled by the Chinese Communist Party.” They quoted the US Intelligence Community’s 2019 Worldwide Threat Assessment report, which notes that the hometown of TikTok’s parent company, Beijing, authorizes cyberespionage against US technology sectors “when doing so addresses a significant national security or economic goal not achievable through other means.”

From the report:

We are also concerned about the potential for Chinese intelligence and security services to use Chinese information technology firms as routine and systemic espionage platforms against the United States and allies.

The threat assessment report deemed China the most active nation-state when it comes to cyberespionage against the US government, its corporations and its allies. The report also said that China is working on improving its cyberattack capabilities and its ability to “alter information online” so as to shape Chinese views and, potentially, the views of US citizens…

…That’s been a major concern in the US, following the rise of fake news operations linked to Russia and Iran, both in the 2016 US presidential election and in the runup to the 2020 election.

Case in point: On Thursday, Facebook leader Mark Zuckerberg appeared on Capitol Hill to talk to lawmakers about his pet cryptocurrency project, Libra. Lawmakers took the opportunity to grill him about, and to slam, Facebook’s policy of not removing posts that contain misleading or bogus claims.

Zuckerberg said that Facebook would “probably” allow candidates to buy ads that lie about their opponents. Facebook doesn’t fact-check such ads because it thinks that in a democracy, “people should decide what’s credible, not tech companies,” he said.

Regarding TikTok, Schumer and Cotton noted that the company reportedly censors material deemed to be distasteful to the Chinese Community Party. TikTok could serve as a platform for foreign influence campaigns like those we saw in 2016, they said.

The government has already taken steps to limit potential dangers posed by the Chinese company Huawei, the senators pointed out. In 2018, due to concerns about spying, the Pentagon banned the sale of Huawei and ZTE phones at military exchanges – only one of multiple warnings about using gear from companies that might be under China’s thumb.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/GlESIs9AFxA/

Johannesburg spent the weekend struggling to recover from its second cyberattack this year as it took key services systems offline.

The city first alerted users of the attack via Twitter on Thursday 24 October:

The City has detected a network breach in its systems ^TK https://t.co/r43iiJiUya

—
City of Joburg (@CityofJoburgZA) October 24, 2019

The cyberattack came from a group calling itself the Shadow Kill Hackers. Some media outlets are reporting it as a ransomware attack, but according to a note reportedly sent to city employees and shared on Twitter, the hackers didn’t encrypt data. Instead, they stole it and threatened to upload it to the internet if the City didn’t pay up. The note read:

All your servers and data have been hacked. We have dozens of back doors inside your city. We have control of everything in your city. We also compromised all passwords and sensitive data such as finance and personal population information.

The group reportedly demanded a payment of four bitcoins (£30,347) by 5pm today, Monday 28 October, or they will release the compromised data.

The attack also affected City Power, a city-owned utility providing pre-paid electrical power to residents. It said that it was experiencing call centre problems due to the incident, and urged people to use its mobile app to log power problems instead. It also said that billing systems had been affected:

UPDATE: Please find the media release about COJ hacked computer systems.^JM https://t.co/q7oEwIurpx

—
@CityPowerJhb (@CityPowerJhb) October 25, 2019

The City updated citizens on the 25th with several tweets, including this one:

#COJSystemBreach Update: City continues to work towards restoring service. The dispatched high level technical team… twitter.com/i/web/status/1…

—
City of Joburg (@CityofJoburgZA) October 25, 2019

Johannesburg added that its call centre and e-services platforms all remained offline, alongside its website. Cashiers remained offline, it said, adding that people could pay municipal accounts via electronic funds transfer and third party payment systems.

In an interview with a local TV station on Friday, a City spokesperson explained the rationale for shutting down key systems:

We shut down the system as a professional measure to protect the integrity of our data and make sure that the critical information of customers is not compromised…

It was important for us to safeguard systems fast before we began remedial work.

He added that the hackers had compromised systems “at the user level rather than the application level as such”, adding that the application level is where the account numbers were held, and “that part had not been affected as yet.”

The hacking group fought back on Twitter, seeming to refute the suggestion that sensitive customer account data had not been compromised while also stating that they were not responsible for attacks on several South African banks around the same time:

@CityofJoburgZA Well, we have read some of the news. Many lies. They say no data compromised, yes we DO have their… twitter.com/i/web/status/1…

—
Shadow Kill Hackers (@ShadowKillGroup) October 25, 2019

In another tweet on Friday, the group did accept responsibility for hacking resort company First Group SA. That company’s site was also down on Sunday night.

As the reported deadline approached, the hacking group turned up the pressure on the City of Johannesburg:

City of Joburg is HACKED. Time is running out… https://t.co/H1b4vbK7rB

—
Shadow Kill Hackers (@ShadowKillGroup) October 25, 2019

City Power spokespeople told reporters that the attackers “won’t get a cent”. At the time of writing, that seemed accurate: there were no significant transactions into the bitcoin address reportedly quoted in the extortion note.

This is the second publicly-known attack that the City of Johannesburg has weathered this year. In July, a ransomware infection encrypted City Power’s database, internal network, web apps, and website, making it difficult for people to purchase power from the company.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/3n2p-QydisI/

A competition to produce stock pictures of infosec that does not involve hoodies or waterfalls of 0s and 1s has yielded a mixed bag of images to illustrate the industry’s digital doings for the world’s consumption.

Open Ideo, an American graphic design biz, ran an event co-sponsored by the Hewlett Foundation aimed at developing new imagery for infosec news. Rather than filling image slots with stereotypical pics of the type you all love to hate, they were hoping to get something a bit more inspiring and uplifting.

A few are good. But some of the published submissions look more like corporate report covers than something we’d elevate to the hallowed homepage of El Reg. Tellingly, only one journalist sat on the six-strong panel of judges.

As we wrote a couple of months ago when it launched, the competition – titled “How might we reimagine a more compelling and relatable visual language for cybersecurity?” – was intended to stimulate visual and pictorial folk into coming up with something to replace pictures of Justin Trudeau outdated stereotypes that are nonetheless firmly entrenched in the news media’s collective mind.

As Open Ideo told us in August, up to 25 shortlisted contributors were to be mentored by an infosec wizard and given $500 each. And five more “non-hoodie artists” were to be given $7,000 each.

Among the five winners was one Abraham Joel Pena Puleo, among whose submissions was an image about… well, have a guess.

Unfortunately his image is not very useful for news purposes because it’s in portrait and not landscape format – but some judicious cropping, as seen on the organiser’s own website, might make it pass muster.

Fellow winner Afsal CMK’s batch of entries focusing on everyday uses of encryption had one simple and direct image that stuck out to your correspondent:

What’s going on here? Clear to us, anyway

We at El Reg are fans of shortlisted ex-infosec bod Jason Kravitz’s idea, which in his words shows “a series of unlikely or unexpected ‘hackers’ with a sticker proclaiming that their other computer is your device”.

Neat. We like this

Meanwhile, at least some of the entries submitted for what was billed as a competition to find new illustrative images for news organisations, charities and the like to illustrate security concepts seemed distinctly wide of the mark to us:

Caroline Matthews’ entry. Click to enlarge

And an entry from Mai Arollado looked strangely familiar…

Mai Arollado’s entry, depicting giant feet about to tread on a cyber landmine

Giant foot, you say?

You can read full details of the competition’s entrants and see their submissions on the Ideo website.

It seems that infosec is quite a hard concept to illustrate once you look past the hoodie-hacker stereotype. It would be too easy to sit here and poke fun at people who actually had a go at it in good faith, so we throw the obvious challenge open to you, good Reg readers.

What would you devise to illustrate the concept of infosec, given the chance? ®

Sponsored:
Technical Overview: Exasol Peek Under the Hood

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2019/10/28/cybersecurity_stock_image_challenge/