Thursday, August 04, 2016

Do you really want my Ethical Hacking students to choose the next president?  “We’ve ignored this since the last election, but now it’s an emergency!” 
U.S. Seeks to Protect Voting System From Cyberattacks
The Obama administration is weighing new steps to bolster the security of the United States’ voting process against cyberthreats, including whether to designate the electronic ballot-casting system for November’s elections as “critical infrastructure,” Jeh Johnson, the secretary of Homeland Security, said on Wednesday.
   a vastly complex effort given that there are 9,000 jurisdictions in the United States that have a hand in carrying out the balloting, many of them with different ways of collecting, tallying and reporting votes.  [Far less than the number of Starbucks.  Bob] 
   Mr. Johnson said he was considering communicating with state and local election officials across the country to inform them about “best practices” to guard against cyberintrusions, and that longer-term investments would probably have to be made to secure the voting process.

Interesting.  This starts like a report of a breach that has nothing to do with health records, then they are amazed to find that it does!  They have no idea how that happened, but they claim to have blocked it? 
Rajiv Leventhal reports:
Phoenix-based Banner Health, one of the largest healthcare systems in the U.S., announced on August 3 that it is notifying approximately 3.7 million individuals about a breach in which cyber attackers gained unauthorized access to computer systems that process payment card data at food and beverage outlets at certain Banner locations.
The incident was discovered by Banner Health on July 7, though the attack was initiated on June 17, according to the health system’s press release.  The attackers targeted payment card data, including cardholder name, card number, expiration date and internal verification code, as the data was being routed through affected payment processing systems.  Payment cards used at food and beverage outlets at certain Banner Health locations during the two-week period between June 23 and July 7 may have been affected.  The investigation revealed that the attack did not affect payment card payments used to pay for medical services, the organization said.
Then, on July 13, Banner Health learned that the cyber attackers may have indeed gained unauthorized access to patient information, health plan member and beneficiary information, as well as information about physician and healthcare providers.  The patient and health plan information may have included names, birthdates, addresses, physicians’ names, dates of service, claims information, and possibly health insurance information and social security numbers, if provided to Banner Health.  The physician and provider information may have included names, addresses, dates of birth, social security numbers and other identifiers they may use.
Read more on Healthcare Informatics.
Banner Health has created a support site for the breach.
[From the Healthcare article: 
How the hack expanded from certain food and beverage outlets to patient information systems is currently unclear.  But, Banner has mailed letters to 3.7 million patients, health plan members and beneficiaries, food and beverage customers and physicians and healthcare providers related to the attack.
The health system said that it “worked quickly to block the attackers and is working to enhance the security of its systems in order to help prevent this from happening in the future.” 

This makes no sense.  Why give up such valuable access for a few minutes of “fame?”  The standard playbook suggests they did not have access, but may be able to get their hooks into a hurriedly created replacement. 
JTA reports:
An Israeli cyberintelligence company claims it has hacked Islamic State communications and learned about the group’s plans to attack U.S. air bases in Kuwait, Bahrain and Saudi Arabia.
Intsights, which is run by former Israel Defense Forces intelligence officers and based in Herzliya, said Wednesday it had hacked the forum on which ISIS operatives publish terror attack plans, the Times of Israel reported citing Channel 10.
Read more on JTA.
[From the Times article:
Arvatz said the group would doubtless be closed down now it had been exposed on Israeli television.

Just whisper in Big Brother’s ear. 
Joe Cadillic writes:
Researchers at the University of Salamanca (USAL) have developed a ‘Sentiment Analysis’(SA) algorithm that monitors Twitter and Facebook.
Psychologist, Paul Ekman has worked with the CIA, DOD and DHS for years, helping develop facial emotion detection, click here to read more.
Our government is also using ‘Emotive Analytics‘ (EA), to arrest and imprison innocent people!
Ekman has provided training to a whole series of people who were guards at Abu Ghraib prison, too, in how to extract information and truth without torture.  “They used my [facial analysis] work, and it was very successful,” Ekman said.
It’s only a matter of time, before police use Emotive Analytics to arrest Americans.
American policing of a person’s sentiments, is this a joke?
Sadly, this is no joke.
Read more on MassPrivateI.

What can my students learn for this?  I’ll have them hack in and see.  (They’ll want to leave their resumes on the group’s desktops in any case.)
IBM Unveils "X-Force Red" Pen Testing Group
The new "IBM X-Force Red" team is a group of ethical hackers that will pound the virtual walls of companies in an effort to discover vulnerabilities in their networks, hardware, and applications.
Led by pen testing guru Charles Henderson, who previously served as VP of Managed Security Testing at Trustwave, the X-Force Red team consists of hundreds of security professionals scattered across dozens of locations around the world.
In addition to searching for software vulnerabilities and misconfigurations, the team will help test the human element, by performing phishing and social media attack simulations, along with physical security tests to determine the risks associated with in-person interactions. 

IT Architecture.
A new set of relationships is being formed within companies around how people working in data, analytics, IT, and operations teams work together.  Is there a “right” way to structure these relationships?

Perhaps “brick and mortar” isn’t enough anymore? 
Will Walmart Really Buy is new, available to the general public for only a little over a year.  A year that has been a turbulent one – had to reset its business model away from memberships early on and its valuation got a quick resetting from a targeted $2 billion to the $1.34 billion valuation eventually settled on in November of last year.  But on the other hand, it did hit that unicorn valuation in less than six months – the firm found itself involved in some high profile partnerships (like this one with the White House) and has ended its years with numbers trending toward the black – but not there yet.
But differences aside, they have a common enemy in Amazon – the firm that disrupted Walmart out of being the biggest retailer on Earth by market cap, and the undisputed leader in U.S. eCommerce that entered the field to disrupt.  In some sense the firms were always natural friends despite being competitors.
And now, if recent reports are to be believed, it may be the case that and Walmart are going to be more than friends with a common enemy, and instead may become a single firm with a common cause – retail dominance in store and online.

The very definition of unpredictable?  “I can’t win because everything is rigged against me?”
'A sense of panic is rising' among Republicans over Trump, including talk of what to do if he quits
Donald Trump’s relations with the Republican Party – and his political fortunes – worsened dramatically Wednesday, as party leaders fretted openly about the inability of his campaign staff to control him and even began to discuss what to do if their unpredictable nominee suddenly quit the race.
   “The bottom line is that he has to get more disciplined,” said Bennett, still a Trump supporter.  “There’s no doubt about it.  We can’t have unforced errors.”
Trump showed no signs he would heed that advice.
   He ran through a long list of other grievances, insisting the media had unfairly criticized him at every turn.

For our Networking students?
Israel’s SolidRun creates open networking kit inspired by Raspberry Pi
SolidRun, a developer of electronic modules and PCs, said it is launching ClearFog Base kit, an off-the-shelf open development kit that enables do-it-yourself hardware enthusiasts to create their own telecom-grade routers.

I often feel like Wally after teaching a class.

No comments: