Tuesday, December 23, 2014
This is clearly not US cyber-retaliation. (My Ethical Hackers say, “Oops!” Because we don't know how to pronounce, “아차.”)
Cyberattack suspected as North Korea experiences complete Internet outage
The Internet in North Korea has gone completely dark.
"We can confirm that a large number of connections have been withdrawn and that North Korea does not currently have access to the web," a spokeswoman for CloudFlare, a California-based Internet company that oversees a global network, told Mashable. But, she said, the company "cannot confirm the source of the North Korean Internet outage."
Connectivity between North Korea and the outside world has been "spotty" for at least the last 24 hours, according to the website North Korea Tech. But The New York Times reports that it has been unstable for days.
A peek into North Korea's Internet
So, North Korea's Internet went down. What is it like anyway?
For most North Koreans, it's nonexistent. There are only 1,024 known IP addresses in the entire country. The Internet is typically reserved for government officials, a few foreign ambassadors and outside assistance groups, according to a North Korean defector-turned-journalist.
By comparison, the United States has 1.5 billion IP addresses.
… Either the North Korean government pulled the plug (like Syria did in 2012). Or its main Chinese telecom provider turned it off. [My bet. Bob] Or a few computer-savvy misfits overloaded North Korea's tiny Internet "tube" with garbage traffic, a relatively simple tactic known as a Distributed Denial of Service attack.
Ditto. Bruce makes many of the points I wish I was able to articulate. As always, it is worth reading what Bruce has to say.
Did North Korea Really Attack Sony?
I am deeply skeptical of the FBI’s announcement on Friday that North Korea was behind last month’s Sony hack. The agency’s evidence is tenuous, and I have a hard time believing it. But I also have trouble believing that the U.S. government would make the accusation this formally if officials didn’t believe it.
Clues in the hackers’ attack code seem to point in all directions at once. The FBI points to reused code from previous attacks associated with North Korea, as well as similarities in the networks used to launch the attacks. Korean language in the code also suggests a Korean origin, though not necessarily a North Korean one since North Koreans use a unique dialect. However you read it, this sort of evidence is circumstantial at best. It’s easy to fake, and it’s even easier to interpret it wrong. In general, it’s a situation that rapidly devolves into storytelling, where analysts pick bits and pieces of the “evidence” to suit the narrative they already have worked out in their heads.
In reality, there are several possibilities to consider:
[My personal favorite:
This is the work of hackers who had no idea that there was a North Korean connection to Sony until they read about it in the media. Sony, after all, is a company that hackers have loved to hate for a decade. The most compelling evidence for this scenario is that the explicit North Korean connection—threats about the movie The Interview—were only made by the hackers after the media picked up on the possible links between the film release and the cyberattack. There is still the very real possibility that the hackers are in it just for the lulz, and that this international geopolitical angle simply makes the whole thing funnier.
… Tellingly, the FBI’s press release says that the bureau’s conclusion is only based “in part” on these clues. This leaves open the possibility that the government has classified evidence that North Korea is behind the attack. The NSA has been trying to eavesdrop on North Korea’s government communications since the Korean War, and it’s reasonable to assume that its analysts are in pretty deep. The agency might have intelligence on the planning process for the hack. It might, say, have phone calls discussing the project, weekly PowerPoint status reports, or even Kim Jong Un’s sign-off on the plan.
… Sony also has a vested interest in the hack being the work of North Korea. The company is going to be on the receiving end of a dozen or more lawsuits—from employees, ex-employees, investors, partners, and so on. Harvard Law professor Jonathan Zittrain opined that having this attack characterized as an act of terrorism or war, or the work of a foreign power, might earn the company some degree of immunity from these lawsuits.
Question: It seems “everyone” is suggesting that Sony is the tipping point for “reasonable security” in every organization. Will the next large hacking “victim” be judged like the T J Hooper?
The Sony Hack: A ‘Question of When’ for Other Companies
Listen to the podcast: https://itunes.apple.com/us/podcast/knowledge-wharton/id120724941
The cyberattacks on Sony Pictures in response to a movie that depicts a plot to kill North Korean leader Kim Jong-un should serve as a wake-up call in the digital age for companies that have hitherto been lax on information security.
“That is the major takeaway for companies who are watching this train wreck and breathing a sigh of relief that it wasn’t them,” according to Andrea Matwyshyn, a law professor at Princeton University. The hacking has been a “public relations nightmare,” for Sony, adds Wharton marketing professor Pinar Yildirim, as leaks of internal communications have fractured relationships and cast major Hollywood players in an unflattering light.
Pressure from many players in Hollywood and Washington.
Sources close to the matter tell FBN the potential partnership was derailed Monday, after weekend conversations between the two companies about a possible release. Had the movie run on Dish, tens of millions of Americans could have watched "The Interview" as early as Christmas Day.
… Sources say top Sony executives have been working 24/7 to find a way to release the movie, and that Sony Entertainment CEO Michael Lynton is adamant that the movie air somewhere, somehow.
Sony stands to lose up to $200 million by out-right cancelling "The Interview." The company also faces harsh long-term damage to its reputation if the movie is never released.
For my Computer Security students. Suspicions confirmed! Yet another breach was due to the ability of hackers to search for and identify holes in security faster and more reliably than security managers can. Errors happen. Not confirming that all servers were updated is not an error, it is a management failure.
Morning Agenda: How Hackers Got Into JPMorgan
The giant computer breach at JPMorgan Chase this summer might have been prevented if the bank had installed a simple security fix to an overlooked server in its network, Matthew Goldstein, Nicole Perlroth and Michael Corkery report in DealBook. While JPMorgan spends $250 million a year on computer security, the weak spot in this case was very basic, according to people who have been briefed on internal and outside investigations into the attack.
JPMorgan’s security team had apparently neglected to upgrade one of its network servers with a double authentication scheme, known as two-factor authentication, which requires a second one-time password to gain access to a protected system. That left the bank vulnerable last spring, after hackers stole the login credentials for a JPMorgan employee. Had the dual password scheme been put in place, the attack could have been stopped when it started.
From the University of Arkansas on Newswise:
Information systems researchers at the University of Arkansas, who studied the effect of two compensation strategies used by Target in reaction to a large-scale data breach that affected more than 70 million customers, have found that overcompensation of affected customers may only raise suspicions rather than satisfy customers’ sense of justice.
The researchers have developed a model that organizations can use to address and respond to large-scale data breaches and manage customer outcomes.
Read more on Newswise.
Okay, this might heat up again. If Russia can afford to keep playing...
Ukraine votes to drop non-aligned status
Ukraine's parliament has voted to drop the country's non-aligned status and work towards Nato membership.
Russian Foreign Minister Sergei Lavrov called the move "counterproductive" and said it would boost tensions.
The BBC's David Stern in Kiev says it is not clear when Ukraine will apply for Nato membership and many officials see it as a distant prospect.
Ukrainian President Petro Poroshenko pledged to seek Nato membership over Russian support for rebels in the east.
Putin has one weapon to protect the rouble — he must use it wisely
On top of his Ukrainian tribulations Vladimir Putin now has to manage a war of attrition with currency speculators. Lack of confidence in the Russian economy has prompted a flight in capital as some investors seek to limit their losses on rouble assets while others actively bet on a continued depreciation of the currency. The president’s battlefield options range from strategic retreat (allowing depreciation) to raising interest rates and selling foreign exchange to imposing controls on capital outflows.
The first three options are close to being exhausted. The rouble has already depreciated by more than seems warranted even by a pessimistic view of Russia’s economic fundamentals. Last week the Central Bank of Russia increased interest rates to 17 per cent, a level where further increases are likely to be self-defeating because of the economic costs they would impose. Finally, Mr Putin indicated in his press conference on Thursday that the country’s international reserves, while still at a comfortable level, should no longer be wasted in market interventions to prop up the national currency.
This leaves capital controls. Would they work for Russia? What can we learn from international experience of the use of capital controls in currency crises?
This is cute!
The Year in Management, Told in 20 Charts
… What smart products do people actually want? Do employees like negative feedback? And what’s the strangest educational background for a member of the Fed (this is my favorite)?
For all my students
The Desmos iPad App Is Here!
Starting today, students, teachers, and math enthusiasts can explore math through Desmos without the need for an internet connection – or an expensive hand-held graphing calculator. The app features many of the familiar elements of desmos.com, but with dozens of built-in examples, an enhanced design, and offline support.
Download the free iPhone app here: https://itunes.apple.com/us/app/desmos-graphing-calculator/id653517540?mt=8
… our Android app works offline and includes all of the features you've come to love: sliders, implicit equations, even regressions.
Download the Android App here: https://play.google.com/store/apps/details?id=com.desmos.calculator&hl=en
This one is for me – so my students aren't singing “La la la, something something”
Google is making the process of singing along to your favorite songs easier. The search engine will now provide users in North America with full lyrics for songs above their search results — assuming the lyrics are recorded in the Google Play store. Append "lyrics" onto the song name of your choice and Google will present a chunk of the words to your selection, directing you to see the full lyrics on the tune's Google Play store page.