Friday, July 07, 2017
I bet this will not be part of the Trump-Putin discussion.
Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say
Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries.
Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.
… In most cases, the attacks targeted people — industrial control engineers who have direct access to systems that, if damaged, could lead to an explosion, fire or a spill of dangerous material, according to two people familiar with the attacks who could not be named because of confidentiality agreements.
… Hackers wrote highly targeted email messages containing fake résumés for control engineering jobs and sent them to the senior industrial control engineers who maintain broad access to critical industrial control systems, the government report said.
The fake résumés were Microsoft Word documents that were laced with malicious code. Once the recipients clicked on those documents, attackers could steal their credentials and proceed to other machines on a network.
(Related). …and apparently, this news was not ‘fit to print.’
Hackers breached at least a dozen US nuclear power sites — and officials are zeroing in on a familiar player
US officials have concluded that hackers working on behalf of a foreign power recently breached at least a dozen US nuclear power sites, Bloomberg reported on Thursday.
… But the hacks have raised red flags for investigators who worry Russia may be gearing up to levy an attack against the US power grid. If that were the case, it would fit into a pattern adopted by Russia in the past, particularly as it relates to Ukraine.
How many organizations would confirm a change like this? (We call the ones who do not “victims.”)
A Georgia man pleaded guilty Thursday to federal charges he was part of an e-mail spoofing scheme that cost Sedgwick County more than $566,000, U.S. Attorney Tom Beall said.
George S. James, 49, Brookhaven, Ga., pleaded guilty to one count of wire fraud.
In his plea, James admitted that on Oct. 7, 2016, Sedgwick County sent approximately $566,088 to his bank account [Makes the investigation rather simple. Bob] at a Wells Fargo bank in Georgia. James transferred part of the money he received from Sedgwick County to a bank account in Shanghai, China, and part of the money to an account at Deutsche Bank in Bremen, Germany. James also spent some of the money.
In his plea, James denied that the fraud scheme was his idea. He said that on Sept. 23, 2016, he was contacted by a person identified in court records as A.H., who asked to deposit some money into James’ account at Wells Fargo. James said he knew A.H. was engaged in fraud, but James denied knowing that Sedgwick County was the victim.
In his plea, James said it was A.H. – or someone working with A.H. – who sent an email to Sedgwick County on Sept. 23, 2016, purporting to be from Cornejo and Sons, LLC, and requesting the county send future payments to a new account number at Wells Fargo. On Oct. 7, 2016, the county sent $566,088 to James’ account at Wells Fargo. The county learned later that Cornejo did not request the change of account and did not receive the payment.
SOURCE: U.S. Attorney’s Office, Eastern District of Kansas
Is it sufficient to offer one year of anti-fraud coverage to breach victims?
Veronica Miracle reports:
Three Fresno suspects, accused of living off other people’s money– investigators said they found Andrew Clement, Katie Whala, and Randall McKinney with troves of stolen personal information last month.
“There was stolen mail, there were checks, there was a spreadsheet from the Unified School District– so this wasn’t just one item,” said Sgt. Jason Kadluboski, Gilroy Police Department.
The hard part now is finding the victims and figuring out how all this information ended up in the wrong hands. Gilroy Police said there is no way to pinpoint where or when the FUSD data breach happened– but it appears the information is a couple of years old.
Read more on ABC.
When they find the guilty party, they might bash them with a chair… (WWE = World Wrestling Entertainment)
Three million WWE fan accounts exposed online
Databases containing the personal information of more than three million WWE fans have been found lying unprotected online, allowing anyone with the correct address to view the plain text data.
Bob Dyachenko, of security firm Kromtech, told Forbes that he had discovered a massive trove of data stored on an Amazon Web Services (AWS) S3 server without username or password protection.
The data included home and email addresses, the ages and dates of birth of customers and their children, as well as their genders and ethnicity, although no financial information was stored. Dyachenko speculated that the database likely belonged to one of the WWE's marketing teams, as social media tracking data was also found.
If that wasn't bad enough, a second database was found shortly after, held on another AWS server and again entirely unprotected. This one appeared to hold data primarily on European customers, and contained only addresses, names and telephone numbers.
Something to get my students thinking. What is it and why would my organization be targeted?
… The Oxford English Dictionary defines cyberwar as the “use of computer technology to disrupt the activities of a state or organization.” It is for this reason that many experts dispute that cyberwarfare actually constitutes war. Instead, they believe that cyberwarfare is better viewed as a sophisticated version of sabotage or espionage.
A new term of art?
Apple’s ‘Differential Privacy’ Is About Collecting Your Data—But Not Your Data
… "Differential privacy is a research topic in the areas of statistics and data analytics that uses hashing, subsampling and noise injection to enable...crowdsourced learning while keeping the data of individual users completely private.
Is the Enterprise Social Media be used anti-socially? If so, who is liable?
Wiretap Raises $4.9 Million to Monitor Enterprise Social Networks
Wiretap has developed a platform that provides visibility into an increasingly important but dark aspect of corporate life: the enterprise social network (ESN). Slack is a prime example, although there are many others such as Microsoft Yammer, and Workplace by Facebook.
ESNs provide the modern 'water-cooler' environment, where employees meet informally for both corporate and social collaboration. The difficulty for management is that it has no visibility into that environment, leaving a new and unmeasured threat vector.
… Wiretap monitors the ESNs and provides unique visibility into corporate sentiment. Using artificial intelligence, including behavioral and linguistic analysis, it provides management awareness of corporate social health. [Might be fun to ask my students to define that… Bob] This could be used to highlight the problems that initially cause dissatisfaction and ultimately lead to insider threats, allowing HR to intervene and address the problem. Or it could be used to monitor for potential or actual leaks of PII or IP.
At the intersection of Privacy and Anti-trust?
… In an earlier article, two of us (Bala and Srinivasa) provided a context to understand the respective argument of the EU and Google using the lens of digital-age markets. We highlighted how antitrust, the underpinnings of which are based on industrial-age economic theories, needs new thinking in the digital age to ensure that antitrust policies continue to remain effective guardians of consumer welfare without inadvertently impeding economic progress.
I continue to watch…
Twitter’s lawsuit over U.S. surveillance gag order moves forward
A U.S. judge ruled on Thursday that Twitter could move forward with a lawsuit that aims to free technology companies to speak more openly about surveillance requests they receive from the U.S. government.
The U.S. government had failed to show the kind of “clear and present danger” that could possibly justify restraints Twitter’s constitutional right to talk about surveillance requests, U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, said in a written order.
June's Windows numbers: Microsoft Windows 7 maintains grip
… June's Windows 7 user share -- an estimate of the percentage of the world's personal computers powered by the eight-year-old operating system -- was 49%, according to U.S. analytics company Net Applications. However, Windows 7 ran 53.6% of all Windows machines. (The difference between the two figures stems from the fact that Windows powers 91.5% of the globe's personal computers, not 100%.)
Windows 7's share has not budged in the last 12 months, even as other editions have gone through substantial shifts.
Any value for Criminal Justice students?
When it launched in 2014, the Serial podcast pumped new life into the audio genre. The weekly investigative journalism format was an immediate hit. And listeners couldn’t get enough of host Sarah Koenig’s in-depth reporting into the criminal trial of Adnan Syed.
For many listeners and podcasters alike, Serial is what invigorated their interest in podcasts. Whether or not that’s the case for you, Serial is a great example of investigative journalism in podcasting at its absolute finest.
If you’re looking for similarly well-researched and binge-worthy podcasts — which you can manage using Pocket Casts — look no further than the podcasts below.
Of course I’m interested.
Kaspersky Releases Open Source Digital Forensics Tool
Kaspersky Lab researcher Vitaly Kamluk has released the source code of Bitscout, a compact and customizable tool designed for remote digital forensics operations.
Bitscout, which is not an official Kaspersky product, initially started as a hobby project a few years ago, and it has been continually improved based on the requirements that arose in Kaspersky investigations involving digital forensics.
Bitscout 2.0 – version 1.0 was never released to the public – enables forensic investigators to remotely analyze a system, while allowing the system’s owner to monitor the expert’s activities and ensure that their access is limited to the targeted disks. The tool can be useful to researchers, law enforcement cybercrime units, and educational institutions.
… The Bitscout source code and basic usage instructions are available on GitHub.
For all my spare time?
… Big Library Read calls itself the first global book club. And it could very well be true because, so far, the idea of an “online book club” has been used rather loosely. Yes, there are Facebook Groups by the bucketful, and there are Goodreads book groups too, and Oprah’s book club is also insanely popular.
But Big Library Read is something different. I t works like an actual book club and it sends you back to where it all started — your local library.
· OverDrive is the big organization behind the Big Library Read program. Its catalog holds over 2 million ebooks, audiobooks, and videos. Chances are your library will be among the 30,000 libraries in 40+ countries in their network.
· Find if your library is among the OverDrive partners with the help of their library finder.
· If it is, you can borrow ebooks and audiobooks instantly, for free, with Libby (the OverDrive app for iOS, Android, and Windows Phones).