Friday, January 02, 2015

Troy will not be the only security expert taking this position.
Sony, North Korea and Cyberwarfare on RunAs Radio
It was the story that got weirder and weirder and will likely remain the high water mark for impactful security breaches for, well, probably not very long given this industry! Be that as it may, the Sony saga was unprecedented in many ways and it provoked some really interesting discussions.
A couple of weeks back I suggested that many of us are working for the next Sony Pictures insofar as a lot of the atrocious practices they followed being pretty much par for the course in large enterprises. This to me is one of the key lessons we should be taking away from all this – you may be nothing more than one bad employee or one nasty piece of malware away from your own place of work suffering the same fate.
Last week I caught up with Richard Campbell and we recorded a RunAs Radio episode on the hack. Whilst only a half hour can barely do it justice, we still covered a lot and I hope you find it interesting listening. Enjoy!

Every organization suffers from “bureaucrats,” few more than the FBI. The techies want to be right, the bureaucrats want to be flashy, fast, and most of all, “newsworthy!”
FBI may have made embarrassing mistake investigating Sony hack
A confidential bulletin sent by the FBI to companies across the US warning of further cyberattacks by the Sony hackers may have been based on fake posts and messages created by a prankster.
… But hours after the story published, a journalist who writes about cybersecurity stepped forward and claimed that he wrote the threat to CNN as a prank, copying another message that he found online and simply swapping some of the words.
Mediaite reports that David Garrett Jr., a writer for Homeland Security Examiner, took to Twitter and posted screenshots which appear to show that he was the author of the threat to CNN.
… But if Garrett is to be believed, then the FBI may have been fooled by a simple prank. If the FBI published a security bulletin based on anonymous and unauthenticated internet posts, that's going to make it more difficult for people to believe its other claims.
Along with the threat against CNN, the FBI also mentioned another PasteBin post that mocked the bureau's own investigation. If the prankster is to be believed, that second post could also be fake.
Some security experts have cast doubt on the FBI's claim that North Korea was behind the hack of Sony Pictures. If the FBI has been fooled by an online prankster, that could make its claim that North Korea ordered the hack more difficult to believe.

Perhaps a project for my Statistics students?
Police Officer Body-Worn Cameras
Police Officer Body-Worn Cameras – Assessing the Evidence, by Michael D. White, PhD – Office of Justice Programs.
“The majority of this publication reviews the claims made by advocates and critics regarding body worn camera technology and includes a discussion of the empirical evidence supporting each claim. Given the lack of research, there is little evidence to support or refute many of the claims, and there are outstanding questions regarding the impact and consequences of body-worn cameras. Nevertheless, the available studies have provided insight into several areas, suggesting that additional study of the technology is warranted. However, police departments should be cautious and deliberate in their exploration of the technology given the lack of research.”

Interesting resource.
Freer and Sackler Galleries Launch Free HiRes Download of Over 40,000 Works
Welcome to Phase 1 of Open F|S, the complete digitized collections of the Freer and Sackler Galleries and the Freer Study Collection. With more than 40,000 works being made available for high-resolution download—expanding regularly with our new acquisitions—you can explore the Smithsonian’s museums of Asian art from anywhere in the world, whenever you like. Images can be used for all non-commercial purposes, from desktop wallpapers to artistic gifts for family and friends.”

No comments: