Friday, November 11, 2016

What went wrong with your analysis?  A near perfect spear phishing question. 
Russian ‘Dukes’ of Hackers Pounce on Trump Win
Less than six hours after Donald Trump became the presumptive president-elect of the United States, a Russian hacker gang perhaps best known for breaking into computer networks at the Democratic National Committee launched a volley of targeted phishing campaigns against American political think-tanks and non-government organizations (NGOs).
   Volexity reports in a blog post published Thursday morning.
   “Two of the attacks purported to be messages forwarded on from the Clinton Foundation giving insight and perhaps a postmortem analysis into the elections,” Adair wrote.”  Two of the other attacks purported to be eFax links or documents pertaining to the election’s outcome being revised or rigged.  The last attack claimed to be a link to a PDF download on “Why American Elections Are Flawed.

Was the insurance company on the hook for other costs if they didn’t pay the ransom?
Well, this is interesting: a media report says that a county’s insurer advised them to pay a ransomware demand.  Ken de la Bastide reports:
On the advice of their insurance company Madison County officials are moving forward to pay the ransom demands by a unknown group that attacked the county’s computer system.
Madison County was hit by a ransomware attack over the weekend that prevented access to county records.
The malware attack has not affected the election where the voting registration records are maintained on a separate computer server.
The amount of the ransom is not being provided by the commissioners, but Travelers Insurance, the county’s insurance carrier, will reimburse a portion of the cost, less the county’s deductible.
Read more on the Washington Times Herald.
[From the article:
Lisa Cannon, director of the county’s IT department, said the county will make sure the system is secure before new data is placed in the system.
“We’re in the process of adding a backup system,” she said.
   Lyons said her employees were taking either vacation or personal time off.
“Without the computer system there could be no work done,” Lyons said.  “We have to access all our information on the computers.”

Crazy crazy or crazy cool?  Social engineering on a national scale? 
Mark Zuckerberg Says Fake News on Facebook Affecting the Election Is a 'Crazy Idea'
A lot of questions are emerging about Facebook’s role in this year’s election cycle, especially given the proliferation of sensationalistic and even outright fake news stories, and CEO Mark Zuckerberg has responded.
“I think the idea that fake news on Facebook—of which it’s a very small amount of the content—influenced the election in any way is a pretty crazy idea,” he said on Thursday at the Techonomy conference in Half Moon Bay, Calif.

Technology for the next election?
Inside Donald Trump’s Data Analytics Team on Election Night
At a little past 9:30 p.m. Tuesday, the head of a little-known data analytics team working for Donald Trump in San Antonio sent a flurry of messages to the campaign’s New York war room: Florida had tipped and the models were predicting a more than 50% chance he would win the presidency.
Until then, the number-crunching and analytics for Mr. Trump felt more like a “data experiment,” said Matthew Oczkowski, head of product at Cambridge Analytica, who led the team for nearly six months.
   It is too early to assess the full impact Cambridge Analytica had on the Trump campaign.  While its advice aided the campaign in targeting ads, some of its polling predictions, like those from most survey firms, were off.
On Monday, Cambridge Analytica gave Mr. Trump less than a 30% chance of winning.  “So many states were close to the margin of error that it could swing either way,” Mr. Oczkowski explained.
But the unexpected win is likely to bring new attention to the company’s psychological approach, in which it used reams of information about voters harvested from databases, the internet and field operatives.

“We thought we knew what we were doing, but now we think we don’t.”
Concern about data security derails plan to expand PreCheck
The agency for a year had been working through a solicitation to bring on additional private companies to beef up the PreCheck application network as it works toward the Department of Homeland Security's goal of enrolling 25 million people in trusted-traveler programs (PreCheck and Global Entry) by 2019.  At present, PreCheck enrollment is close to 4 million, TSA says.
In late October, however, the TSA withdrew the solicitation, citing "the increased and evolving cybersecurity risks over the past year.
   Increasing enrollment in PreCheck is a goal of both the TSA and travel industry advocates, who cite the efficiency and safety enhancements [Like what?  Bob] that trusted-traveler programs bring to airport security checkpoints.  PreCheck members move more quickly through screening lines than other travelers because they don't have to remove shoes, jackets or belts, or take laptops out of carry-on bags.  

Anti-outsourcing?  “Keep our citizens in our jurisdiction.”
After LinkedIn Ban, Russia Warns Facebook And Twitter
Russia has for the first time invoked its ban on websites storing personal data outside the country.  It’s picked a high-profile target, LinkedIn – and says even bigger companies could be next on the list.
According to local media, a court has upheld a complaint by regulator Roskomnadzor, which says that LinkedIn has failed to satisfy its concerns.  Indeed, according to local news agency TASS, the company hasn’t even been in touch since the ruling was announced yesterday.
   Since the law came into effect in September last year, Russia has audited more than 1,500 companies to make sure they comply, gaining agreement from Google, eBay, and other Western firms.

More on outsourcing.  (Interesting that California is the starting point.) 
A CIO rejects, for now, university’s IT offshoring plan
There are reservations within the University of California system about a plan to move IT work offshore and lay off employees.

After Computerworld wrote in September about the layoff plan at the university's San Francisco campus, Larry Conrad, the associate vice chancellor for IT and CIO at the Berkeley campus, wrote a memo to IT staff about it.
He noted that some on his IT staff had seen the story and he wanted to respond.
"The UCSF effort is indeed an ambitious undertaking," wrote Conrad in a memo obtained by Computerworld.  "Candidly, I am not aware of any major university in the country which has successfully implemented such a substantive IT outsourcing initiative."
The San Francisco campus, which includes a medical center, has hired India-based HCL under a five-year contract valued at $50 million.  As part the move, the university is laying off 49 permanent IT employees and cutting about 30 contractors.  Some of the IT workers say they expect to be training H-1B-visa-holding foreign replacements.

As goes Facebook, so goes the world?
Facebook CTO explains social network’s 10-year mission: Global connectivity, AI, VR
   The company is focused on three areas, which it has discussed publicly in recent years.  The first is bringing connectivity to 4.1 billion people who are still not online.
   He also cautioned patience on artificial intelligence.  As much progress as has been made, he said the ability of machines to match human intelligence is still years away.
By contrast, he said virtual reality is here, after decades of waiting.  He said components and pricing have finally caught up so that truly immersive experiences can be delivered in a meaningful way.
Here’s a video of his full talk this week:

Continuing to think about Blockchain. 
Fraud and privacy problems on the blockchain

I’ll be curious to see what my students are asking Santa for…
Best Buy Black Friday ad reveals $100 Windows laptop deal, $125 iPad Air 2, Pro savings

For my students.  Nice long list…
Here's where military service members can get freebies on Veterans Day

No comments: