1.) The field of hardware security is getting ready for a revolution as Google is helping to design an Open Source, super-secure silicon wafer which is scheduled to be released at the same time next year.
Dubbed at OpenTitan, this super secure processing chip is intended to give hackers a tough time to their intentions in the long run.
Also named as “Secure Enclave” (project source wise) the processor is said to have tamper-resistant firmware along with a processing chip that is ambled to thwart cyberattacks of any range.
Google’s researchers say that the chip will have the feature of making cryptographic checks every time a user starts a system that ensures whether the onboard data or the memory had encountered any malicious alterations.
And as the security checks are being done at the hardware level, the root of trust schemes is said to offer real-time security improvements in myriad ways.
The Web search giant claims that OpenTitan is loosely based on the root of trust chip feature that is being used in Pixel 3 and 4 phones and was designed by engineers at lowRISC, along with technology integration from partners such as ETH Zurich, G+D Mobile Security, Nuvoton Technology and Western Digital.
NOTE- As ‘Open Titan’ will be an open-sourced project, like Linux, community feedback and development ideas to improve the chip design and operations are being welcomed by the internet juggernaut.
2.) In other news related to ransomware, Las Cruces Public Schools has issued a public statement yesterday that on Oct 29 this year it witnessed a ransomware attack on its school database which has made stored data impossible to access.
However, the school Superintendent Karen Trujillo said that the school authorities will no bow down to the demands of hackers and will instead scrub down over 30,000 infected systems to upload new operating systems and related software.
Currently, there is no news on how sensitive data related to school staff and students are going to be recovered. However, a source from Las Cruces Public Schools revealed that all info was loaded onto a central server which is being operated by a third party and so wasn’t impacted by the attack.
Presently, prima facie reveals that the malware was introduced into the network via phishing attack driven email attachment.
3.) The third news is related to the penalty to be paid by the University of Rochester Medical Center (URMC) in New York to the US Office of Civil Rights (OCR). It is learned that the URMC of New York has agreed to pay OCR $3 million for failing to have an action plan related to mobile device security which includes failing to encrypt devices.
As it was a clear cut violation of HIPPA regulations the healthcare provider was fined to pay $3 million to the OCR authority for failing to protect data of users two times i.e. in 2013 and 2017 after the former lost an unencrypted flash drive and an unencrypted laptop on a respective note in the said years.