Thursday, November 13, 2014

Apparently, they don't have a handle on this breach yet. They shut down VPN either at headquarters or nationwide. Also, read the FAQ with particular attention to the question on lessons learned. They didn't.
Postal Service Suspends Telecommuting, VPN Access as Breach Investigation Continues
The United States Postal Service (USPS) has shut down employee VPN (virtual private network) access and suspended telecommuting until further notice for employees at Postal Service headquarters.
USPS Media Relations Manager David Partenheimer told SecurityWeek via email that while VPN is out nationwide, the suspension of telecommuting does not affect a huge number of employees.
In a FAQ for employees dated Nov. 10, the postal service stated that VPN access was identified as being vulnerable to intrusion and would be unavailable as USPS makes modifications.
… "Additionally, we are instituting numerous additional security measures, some of which are equipment and system upgrades that will not be visible to any users, and some of which are changes in policies and procedures that we will be rolling out in the coming days and weeks." [Translation: “Our security was lousy but we're scrambling to fix all the holes we've known about for years.” Bob]

Why would China (or anyone else) want to break into the US Weather Service? It has military implications. Does the US have better weather models than China?
Cyberattackers believed to have been working from China broke through defenses of the US weather service recently, according to a Washington Post report.
US media outlets on Wednesday said that the US National Oceanic and Atmospheric Administration (NOAA) confirmed that some of its websites had been compromised but declined to discuss who may have been responsible.
NOAA, which includes the National Weather Service, reportedly sealed off weather data relied upon for aviation, shipping, and more after security teams caught on to the breach.

I need to think about this a bit. Clearly , there's a new sheriff in town, but what will really change and how fast?
Jeff Kosseff writes:
When Republicans take over the Senate in January, new leaders will control key committees that oversee privacy and data security issues, and their priorities will differ significantly from those of their predecessors. Privacy issues, however, generally tend not to break neatly along party lines and there will remain bipartisan support – and bipartisan opposition – to most initiatives.
But you shouldn’t expect an immediate sea-change in privacy laws, leaders of Covington’s privacy and data security practice said on a post-election conference call on Monday.
Read more on Covington & Burling InsidePrivacy.

What does it take to rise to the level of a constitutional amendment?
Aaron Schrank reports:
State lawmakers this week will hear proposals to add an individual right to privacy to the Wyoming Constitution.
The Digital Information Privacy Task Force is made up of lawmakers and Wyoming citizens. Task Force Chairman Senator Chris Rothfuss says the proposed amendment would limit what information Wyoming could compile about its citizens. The goal is to ensure privacy rights aren’t ignored in service of other state interests.
Read more on Wyoming Public Radio.

Pew is listening. Is Congress?
Pew Study: Two Thirds Say Gov't Should Limit Ways Advertisers Use Personal Data
Almost two out of three Americans think the government should limit how advertisers draw on consumers' personal information. That's according to the Pew Research Center, which earlier today released the report, “Public Perceptions of Privacy and Security in the Post-Snowden Era.”
… More than nine in 10 respondents, 91%, said that consumers no longer wield control over how their personal information is collected and used by companies, while 80% of social networking users said they are concerned that the data they share on those services will be accessed by advertisers or businesses.

Would you expect anything else from Facebook?
Facebook Profiles Young People as Optimistic and Globally Conscious
… more mobile devices and Internet access mean more social media use, too. But what does this all mean for young people?
Perhaps unsurprisingly, it keeps them connected to their friends, family and the world around them, according to a new study from Facebook for Business. In the survey, 74 percent of young people ages 13 to 24 said that social media helps them stay up-to-date with their friends and family, 65 percent said they use social media to connect with people they see every day, 61 percent said that social media makes them feel like part of a wider community and 66 percent said that social media makes them feel more up-to-date with the world.

Google + Drone = Groan?
Google Leases Historic Navy Air Base ... for 60 Years
Earlier this week, Google (GOOGL) made headlines with news that it’s spending over a $1 billion to lease an old NASA hangar on a historic Navy air base for a 60-year period. More specifically, the Internet search company is leasing a 1,000-acre site that is part of the former Moffett Field Naval Air Station on the San Francisco Peninsula.
While Google was rather tight lipped on the event, more insight was had from the NASA press release that said a Google subsidiary called Planetary Ventures LLC will use the hangars for “research, development, assembly and testing in the areas of space exploration, aviation, rover/robotics and other emerging technologies."

The future is “Services?” Look at the list and you decide.
There Is an Uber for All of the Things (Even for This Article)
This week, the new on-demand laundry service Washio launched in Boston. With just a tap on your smartphone, you can get somebody else to come get your laundry.
Do you need that? Probably not. (Or maybe!) But it’s just one example of the many, many smartphone-powered service industry apps that have sprung up in recent years. The most popular, of course, is the ride-calling app Uber. And that has given rise to a refrain in the startup world. There is an Uber, it seems, for everything—an “Uber for laundry” is just the latest example.
… Here are a mere 50 of them, ranging from the possibly useful (Uber for dog walkers) to the wildly vague (Uber for anything) to the decidedly weird (Uber for your uterus).

Cute! Put your money where your hack is!
Scared of cyberattacks? Buy this ETF
"HACK" is the ticker symbol of the first exchange-traded fund focused on cybersecurity. If the past year is any indication, companies will continue to pour money into cyber defense.
"It's a way for investors to play the space thematically instead of trying to bet on one horse," said Daniel Ives, an analyst who covers cyber stocks at FBR Capital Markets.
… The biggest lure to cyber stocks is the fact that security spending continues to ramp up -- to the tune of 15% to 20% a year -- even as overall IT spending is barely growing at all.

No comments: