Friday, February 06, 2015
The article seems a bit speculative as it relates to this single hack, but the generalization is correct. Hack everything you can. Gather all the data you can. Put it together as relevant dossiers when you select a target.
Chinese State-Sponsored Hackers Suspected in Anthem Attack
Investigators of Anthem Inc.’s data breach are pursuing evidence that points to Chinese state-sponsored hackers who are stealing personal information from health-care companies for purposes other than pure profit, according to three people familiar with the probe.
… The attack appears to follow a pattern of thefts of medical data by foreigners seeking a pathway into the personal lives and computers of a select group -- defense contractors, government workers and others, according to a U.S. government official familiar with a more than year-long investigation into the evidence of a broader campaign.
… Hackers could use stolen information -- which Anthem said in its case included birthdates and e-mail addresses -- to conduct “phishing” attacks on customers who unwittingly provide access to their companies’ networks.
Now we know who will take the blame for the Sony breach.
… Ms. Pascal had been in contract renewal talks for months, well before hackers in December made available private correspondence in which she made denigrating remarks about President Obama’s presumed preference for black-themed movies.
She profusely apologized, and top studio executives stood behind her in the aftermath. But the pressures of the hacking crisis, coupled with structural changes at the studio, made alternatives to renewing her contract more attractive.
… Ms. Pascal also went through a draining month of turmoil within Sony as studio leaders struggled to cope with a hacking that crippled the company’s computers and exposed personal data about its employees. Known to be a fiery counterpart to the more reserved Mr. Lynton, Ms. Pascal was particularly distressed by the assault, exhibiting both anger and tearful regret before Sony employees.
For my Ethical Hackers. What a target! Note that a breach would be easy to detect if it resulted in Congress actually doing something.
Reps. Steve Pearce (R-N.M.) and Eric Swalwell (D-Calif.) have introduced a bill urging development of ways for members of Congress to avoid traveling to Washington away from their districts.
The resolution offered by Pearce and Swalwell, who both hail from districts on the opposite side of the country as Washington, envisions a Congress allowing members to vote and participate in committee hearings via the Internet.
… The bipartisan duo argue that a virtual Congress would prevent members and staff from becoming out of touch with their districts.
… The measure further cites security concerns of having all 535 members of Congress in one place.
...and you still wonder why medical records are targeted?
Putin Has Asperger's, Pentagon Report Says
Russian president Vladimir Putin has Asperger's syndrome, according to a Pentagon report obtained by US broadcaster CBS News.
The report, written in 2008, describes Asperger's as "an autistic disorder which affects all of his decisions".
The research was conducted by the Office of Net Assessment and is based solely on videos of Mr Putin dating back to 2000.
… "His primary form of compensation for his disorder is extreme control and this is reflected in his decision style and how he governs," the report says.
How not to get the best out of Best Practices. Lots of bad examples for my Comouter Security class.
Understanding the Federal Government’s IT Insecurity Crisis
A February 5, 2015 Report From the International Association of Information Technology Asset Managers – “U.S. taxpayers have paid $59 billion for data protection since Fiscal Year 2010, including $10.3 billion in the most recent year under the Federal Information Security Management Act (FISMA). This week, the Obama Administration proposed a $14 billion cybersecurity budget for 2016. Nonetheless, Information Technology (IT) security and IT Asset Management (ITAM) woes in federal agencies have been major staples of headlines in recent months, including problems and mishaps at the Internal Revenue Service, the White House, State Department, and the Veteran’s Administration.”
Still not the perfect model. (Article 1)
Record Labels Streaming Music Money
An increasing number of artists are expressing their displeasure at the sums of money they see from music streaming services such as Spotify and Deezer. The most obvious example is Taylor Swift, who went as far as removing her whole back catalog from Spotify because of her distaste for the company’s business model.
However, a new report compiled by Ernst & Young strongly suggests it’s the labels that these artists should be angry with rather than the streaming services themselves. This is because the labels are taking the lion’s share of the revenue generated by people subscribing to these services.
As discussed by TechDirt, the labels take 45.6 percent of a typical $10 subscription. The platform itself takes 20.8 percent. And 16.7 percent disappears in taxes. A further 10 percent goes to the songwriters and publishers. Which leaves just 6.8 percent going to the artists actually recording this music for our listening pleasure.
OK, so that’s still more than artists see from music piracy, but the labels are still to blame much more than the likes of Spotify and Deezer.
My students have never heard of these shows. (Article 5)
Watch Old Shows on Shout Factory TV
A new, free, ad-supported streaming service called Shout Factory TV has launched, with a hefty collection of movies and TV shows that can best be described as cult classics. With 1,000 hours of content to begin with, and 200 hours more promised each month, there should be something for everyone here.
TV shows available to watch include The Abbott & Costello Show, The Twilight Zone, and Mystery Science Theater 3000. Classic films available to watch include Death of a Salesman, Room With a View, and Jackie Chan’s Police Story. All of which are well worth the price of admission of zero dollars and zero cents.
Something my students should watch before working on their projects?
Got a wicked problem? First, tell me how you make toast
Making toast doesn’t sound very complicated — until someone asks you to draw the process, step by step. Tom Wujec loves asking people and teams to draw how they make toast, because the process reveals unexpected truths about how we can solve our biggest, most complicated problems at work. Learn how to run this exercise yourself, and hear Wujec’s surprising insights from watching thousands of people draw toast.
[You will also need: http://www.drawtoast.com/