Thursday, July 07, 2016
No indication of how long this was going on. Sounds like the employee had access to “network drivers” when he shouldn’t have.
Alexa Huffman reports:
Snooping on personal staff data, including SIN numbers, salaries and spouse names, led to a SaskPower employee being fired in January.
According to a report released in June by the Saskatchewan Information and Privacy Commissioner, Ron Kruzeniski, the employee inappropriately accessed 4,382 human resources files from current and former employees at the Crown-owned company.
The report said the information included names, addresses, social insurance numbers, salaries and life insurance coverage and beneficiaries.
Read more on Global News.
[From the article:
SaskPower concluded that the breach was due to the employee searching network drives. The report says the employee then previewed and saved to the files to his corporate workstation without a business purpose.
The employee also put the files onto portable storage devices.
… SaskPower has improved systems security including locking affected network folders so they can only be accessed by authorized users, the report says.
I don’t get the attraction, but is this a Security risk for children? Sure sounds like it.
Australian cops to Pokemon fans: Do not come looking for Pikachu in our police station
The new smartphone app Pokémon Go begins with a warning screen.
Pokémon Go simply wants its players to avoid physical trauma.
Played on a smartphone screen in lieu of a Game Boy or other handheld console, Pokémon Go uses cameras and GPS to construct an augmented reality in which collectible 3-D monsters float over physical locales.
To collect these digital critters, you have to get off the couch, get outside and track them down.
… The team behind Pokémon Go — developers Niantic Labs and video game giant Nintendo — is concerned that you may walk off a bridge, for instance, while you are engrossed in a real-world hunt for the digital critters. Recognizing that the app, which launched in the United States late Wednesday, may encourage the sort of obliviousness that comes when noses are buried in smartphones, other groups began issuing their own warnings, too.
This should interest both my Computer Security and Data Management students.
Businesses in the Dark on Value of Corporate Data
According to the company’s Risky Business Report, only 28% of CISOs conduct regular exercises to categorize and value the data within the company, which allows them to evaluate the risk associated with the loss of this data. In fact, 17% of surveyed business executives say they didn’t take action in this regard, while 55% of them have taken partial action, the report (PDF) reveals.
What’s more, 40% of responding CISOs said they have no clear view into the location and nature of their information assets, IRM says. The risks associated with poor knowledge of the value of data include difficulties in building an effective protection strategy, or in determining the amount that should be invested in data protection solutions, Charles White, Founder and CEO of IRM, warns.
Findings in the report are in line with thoughts from SecurityWeek columnist Rafal Los, on what he believes is the most important security question nobody seems to be able to answer: “What is your organization’s sensitive data, and where is it?”
Gosh, what would government workers do all day?
House passes bill to block porn from feds' computers
I already have one (several?) starting with Cortana.
Are You Ready for Robot Colleagues?
… if robots become as clever as we are, how will the role of managers change?
Bernd Schmitt, the Robert D. Calkins Professor of International Business at Columbia Business School, thinks the convergence is coming, and that managers have to start preparing now.
Beware of bragging on film.
A new film gives a frightening look at how the US used cyberwarfare to destroy nukes
… A fascinating new documentary film by Alex Gibney called "Zero Days" that premieres on Friday tells the story of Stuxnet, along with the frightening takeaway that, while this was the first cyber weapon, it will certainly not be the last.
… First authorized by President Bush and then re-authorized by President Obama, the top secret computer worm was designed by the US and Israel to infect an Iranian nuclear enrichment facility at Natanz.
And it did. Too well.
The code made its way into the facility and infected the specific industrial control systems the Iranians were using. Once it turned itself on about 13 days after infection, it sped up or slowed down the centrifuges until they destroyed themselves — all while the operators' computer screens showed everything was working as normal.
… The most incredible revelation from the film comes from Gibney's NSA source, who talks about a much larger operation than Stuxnet. It's a news-breaking claim that The New York Times has since corroborated: The US had an in-depth cyber attack plan that was much larger than Natanz.
"We were inside, waiting, watching," the source says. "Ready to disrupt, degrade, and destroy those systems with cyber attacks. In comparison, Stuxnet was a back alley operation. NZ was the plan for a full scale cyber war with no attribution."
NZ is the acronym for a separate operation called Nitro Zeus, which gave the US access into Iran's air defense systems so it could not shoot down planes, its command-and-control systems so communications would go dead, and infrastructure like the power grid, transportation, and financial systems.
… Now there is a new weapon that can do a better job at destruction than bombs. But the difference between highly-controlled nuclear materials and computer code, is that anyone — and any state — can develop it.
“It seems pretty reasonable to think that there are things out there today that we haven’t seen that are much more advanced [than Stuxnet]," O'Murchu told TI in a phone interview.
We'll just have to wait and see who uses it next.
What am I missing? Did the Post suddenly turn on Hillary? This does not read like a typical Post article.
How the FBI director systematically dismantled Hillary Clinton’s email defense
Because I need a guide.
Hey, granddad, here’s a Millennial’s guide to Snapchat
… The social media app that’s popular with the youngest Millennials is now booming with older people: Now 38% of people ages 25 to 34 use the flighty picture-sharing app, according to an online report — a 100% increase from just two years ago. And 14% of people over 35 use the app, too — which represents a 35% jump.
At this point, the only adults not using Snapchat are the ones who don’t get it. So let this bona fide Millennial — I’m 18 — explain it to you old folks:
10 Practical Tips for New Periscope Users
Periscope is a live-streaming app owned by Twitter that allows users to broadcast moments of their lives with followers across the globe. Viewers can interact with broadcasters through comments, and live streams can be shared through social media much like any other kind of photo or video post.
10 Things You Didn’t Know You Could Do On Instagram
Includes my personal nemesis, the translator.
10 Handy Productivity Add-Ins for Microsoft Word