Your daily round-up of some of the other stories in the news
Drones’ wings could be clipped
If you’ve got a drone made by manufacturer DJI, make sure you’ve read the email it sent out to its customers earlier this week – or your drone could be hobbled.
DJI has warned customers that they need to activate their devices to ensure they “will use the correct set of geospatial information and flight functions for your aircraft as determined by your geographical location and user profile”.
This applies even to those who’ve already activated their devices, said the manufacturer – and if you don’t, your drone will be limited to a height of just 30 metres and a range of 50 metres.
The move comes as concern has been rising about drone pilots who ignore laws and fly their aircraft alarmingly near airports: there has been a growing number of reports from airline pilots of too-close-for-comfort encounters with drones as they approach airports.
Ransomware damage ‘to top $5bn’
The WannaCry ransomware outbreak that crippled PCs around the world carried with it a ransom demand of $300 in Bitcoin, the cryptocurrency – although it seemed that very few victims had actually paid up, according to a Twitter bot that monitors the payments made to the three wallets associated with the attackers.
As of 1700 BST on Wednesday, the wallets contained just over 49 Bitcoins, worth $116,542.
However, that’s a fraction of what researchers Cybersecurity Ventures said it expects the cost of ransomware damage to be this year: in a report released last week, it predicted that the total global costs of ransomware would exceed $5bn – up from $325m in 2015 and $1bn in 2016.
Marc van Zadelhoff at IBM said: “This is a new business model and it is growing at an extraordinary rate. “In 2016 an average of 40% of spam emails contained malware links to ransomware, an increase of 6,000% over 2015, when less than 1% contained ransomware.”
Had everyone who was hit by WannaCry paid up, estimated pymnts.com, the attackers could have scooped more than $60m.
Target agrees $18.5m settlement
Target, the US retailer, has agreed to pay $18.5m in a settlement with 47 states and the District of Columbia over the giant 2013 data breach that hit some 70m customers.
The breach, the result of a major malware infection in its payment systems, saw the exposure and skimming of up to 70m credit and debit cards.
The money however doesn’t go to the victims of the breach – the customers whose cards were compromised – but to the individual state, and, as The Register pointed out, amounts to about eight hours’ worth of profits for the giant retailer. However, in 2015 Target offered a fund of $10m for its customers whose data had been exposed.
Catch up with all of today’s stories on Naked Security
Steve
Wait a minute… if $18.5M “amounts to about eight hours’ worth of profits”, that works out to over $20 billion for a year. A quick check of Wikipedia shows Target’s total revenue for 2016 was less than 70 billion, with net income under 3 billion. Eh, what’s up, doc?
Steve
Oops; submitted prematurely. What really irks me is that those state/district governments should get that money and not pass it along to the victims. What claim do the states have of financial harm, other than as representatives of their constituents? It’s interesting – and irritating – that they got a bigger payout than the fund for the victims.