Wednesday, April 08, 2015
Always consider the worst possible outcome of any hack. Protecting your data from deletion also protects it from other risks. I can only find the report in Spanish.
Destructive hacking attempts target critical infrastructure in Americas: survey
Hacking attacks that destroy rather than steal data or that manipulate equipment are far more prevalent than widely believed, according to a survey of critical infrastructure organizations throughout North and South America.
The poll by the Organization of American States, released on Tuesday, found that 40 percent of respondents had battled attempts to shut down their computer networks, 44 percent had dealt with bids to delete files and 54 percent had encountered “attempts to manipulate” their equipment through a control system.
Those figures are all the more remarkable because only 60 percent of the 575 respondents said they had detected any attempts to steal data, long considered the predominant hacking goal.
[The report: https://www.sites.oas.org/cyber/Certs_Web/OEA-Trend%20Micro%20Reporte%20Seguridad%20Cibernetica%20y%20Porteccion%20de%20la%20Inf%20Critica.pdf
Russia is not that clumsy. (If they had done it, North Korea would be blamed.) Perhaps hackers who reside in Russia and used this hack to “try out” for the big leagues?
Report: Russia Behind 2014 Attack on White House Computer System
Russian hackers last year were able to breach a White House computer system after a successful cyber-attack on the State Department, a news report said Tuesday.
The report by CNN says the hackers were able to get sensitive information, including non-public details about President Obama's schedule.
For those who have “nothing to hide?”
Sextortion Has Evolved And It’s Scarier Than Ever
Sextortion is an abhorrent, prevalent blackmailing technique – and it’s now even more intimidating.
It’s a simple practise, and increasingly widespread as our obsession with documenting ourselves develops. We record our lives through social media, and communication is so easy. We can share a lot with friends and family.
Cybercriminals are taking advantage of this. And it’s only getting worse.
Whatever it does, it does not prevent cheating. My students can tell you 99 ways to “beat the system” just of the tops of their heads. (Start with a partner positioned behind the camera...)
Lauren R.D. Fox reports:
Rutgers University and other academic institutions are using a monitoring program, Proctortrack, that reveals if a student is cheating on an exam for their online course.
Betsey Chao, a senior at Rutgers told The New York Times, she had to download the software on her computer and it uses her webcam to scan her features and verify her identity before her exams. During the exam, ProctorTrack flashes a red warning band to notify her that it is monitoring her computer activity and recording a video of her. It also shows a live image of Chao or any student who uses the tracking device during an exam. Proctortrack also surveys if students have opened apps or web browsers during online exams.
Read more on Madame Noire.
Interesting article. Perhaps hoodies make you smarter?
When technology executives imagine the boogeyman, they see a baby-face guy in wire-rim glasses. His name is Jay Edelson.
Mr. Edelson, 42, is a class-action lawyer. He is also, if not the most hated person in Silicon Valley, very close to it. His firm, Edelson PC, specializes in suing technology companies, claiming privacy violations.
… Edelson’s investigative team, which consists of three lawyers and a computer analyst. The group’s job, to put it plainly, is to find ways to sue companies [Another employment option for my Ethical Hackers? Bob]
… One of the members of the investigative unit is Shawn Davis, a digital forensics expert who previously worked as a network security analyst. Now, from an office strewn with cables and old cellphones, he spends his day playing with new devices as well as trawling through websites and mobile apps to try to figure out what kinds of data companies are collecting and how.
Got your attention, didn't it.
Greek PM in Moscow for Putin meet that rattles EU
Greek Prime Minister Alexis Tsipras was to meet Kremlin strongman Vladimir Putin in Moscow on Wednesday as part of an eye-catching visit that has fuelled EU fears that cash-strapped Athens is cosying up to Russia.
The two-day trip comes as Tsipras is battling to unblock a rescue package from the EU and IMF, with some in Brussels warning against any move to barter financial support from Moscow for political backing over the Ukraine crisis.
But analysts say that while the visit might see Moscow lift an embargo on Greek fruit, overall it is more about political grandstanding aimed at pressuring Europe rather than a serious shift in policy. Tsipras, a former Communist who came to power in January, has made no secret of seeking closer ties to Russia at a time when Moscow is at loggerheads with the European Union over the conflict in Ukraine.
For my Big Data students.
NIST Big Data interoperability Framework
by Sabrina I. Pacifici on Apr 7, 2015
NIST is seeking feedback on the Version 1 draft of the NIST Big Data Interoperability Framework. Once public comments are received, compiled, and addressed by the NBD-PWG, and reviewed and approved by NIST internal editorial board, Version 1 of Volume 1 through Volume 7 will be published as final. Three versions are planned, with Versions 2 and 3 building on the first. Further explanation of the three planned versions and the information contained therein is included in each volume.
NIST Big Data Definitions & Taxonomies Subgroup
1. M0392: Draft SP 1500-1 — Volume 1: Definitions
2. M0393: Draft SP 1500-2 — Volume 2: Taxonomies
NIST Big Data Use Case & Requirements Subgroup
NIST Big Data Security & Privacy Subgroup
4. M0395: Draft SP 1500-4 — Volume 4: Security and Privacy
NIST Big Data Reference Architecture Subgroup
5. M0396: Draft SP 1500-5 — Volume 5: Architectures White Paper Survey
6. M0397: Draft SP 1500-6 — Volume 6: Reference Architecture
NIST Big Data Technology Roadmap Subgroup
7. M0398: Draft SP 1500-7 — Volume 7: Standards Roadmap
Interesting failure of the customer feedback system reversed because of pressure from social networks?
He Said, She Said: How Uber Relied on Data in an Assault Dispute
… Stephanie complained to Uber that night. And though the company responded quickly—she had a reply by Sunday morning—the message she received was puzzling. Uber didn't seem to understand the seriousness of what had happened. "Our investigation is complete and the situation is closed," an Uber employee wrote, according to a screenshot of an email Stephanie provided.
… Uber's response didn't reassure her that the driver was being held accountable, Stephanie said. After she started tweeting at journalists about what had happened, she said the company apologized and credited her account for the ride. But she still didn't know what happened to the driver. "To my question of whether he could guarantee that this racist driver would not be the one to pick me up the next time I called an Uber, [the Uber representative] responded that he could not," Stephanie said. "Apparently, I do not have the right to know if the person entrusted with my safety would be fired for endangering me and calling me racial and sexist slurs."
As it turned out, Uber did ban the driver from using its platform, a spokeswoman confirmed. That decision is irreversible. In the 48 hours after her ride, Stephanie's complaint worked its way up the chain of command—a complaint of this nature is considered "critical," said Jennifer Mullin, an Uber spokeswoman. Uber acknowledged it mishandled its initial response to Stephanie's complaint. And the incident highlights how the company draws on its trove of user and driver data to decide how to proceed when a driver and a passenger have a dispute.
Another indication that organizations have to start using all the available data, not just the data they have in their systems. This should be interesting to my Data Management students. (Hint: It really, really should.)
Oracle brings big data back to database administrators
Now that many enterprises are seeing value in big data analysis, it may be time for their database administrators and data warehouse managers to get involved.
Oracle has released a new extension for its Oracle Data Integrator middleware that allows DBAs and data warehouse experts to treat big data repositories as just another data source, alongside their structured databases and data warehouses.
The Oracle Data Integrator for Big Data "makes a non-Hadoop developer instantly productive on Hadoop," said Jeff Pollock, Oracle vice president of product management.
… ODI provides the ability for organizations to pull together data from multiple sources and formats, such as relational data hosted in IBM or Microsoft databases, and material residing in Teradata data warehouses. So it was a natural step to connect to big data repositories to ODI as well.
(Related) This is exactly what my Data Management students found the last time I taught the class.
Why No One Uses the Corporate Social Network
… Altimeter’s research shows that less than half of the enterprise collaboration tools installed have many employees using them regularly (see figure below).
(Related) Twitter – outside the Google box? (I would have thought Microsoft was a better home for Twitter.)
Twitter: A Google Search For A Social Networking Firm?
The market is rife with rumors that Google is seriously considering buying out its social networking peer after somebody said that Twitter had hired Goldman Sachs to deal with a couple of unsolicited suitors.
There are only a handful of companies that have both the resources and the need for a social networking platform and Google seems to top that list. Amazon or Microsoft seem like a stretch of the imagination and Facebook has little need.
Apparently GIFs are more popular than I thought. (Article 5)
Hulu Launches Its Own GIF Tumblr
Hulu has launched its own Tumblr which acts as a GIF search engine for its content. Called The Perfect GIF, the Hulu Tumblr allows you to find just the right GIF to visualize your thoughts, with new GIFs being added on a regular basis.
This isn’t out of charity, of course, with all of the GIFs including the name of the show and the Hulu branding. Thus, Hulu gets free advertising every time someone posts one of its GIFs on a social network. Which, given how popular GIFs are becoming, will be often.