Tuesday, September 19, 2017

This just got nasty.
You may have never heard of Flathead Valley in Montana. I’ll admit that I had never heard of it until tonight when I received a tip to go look at a post on their sheriff’s Facebook page. And that’s when I learned that Flathead County schools had not only been hacked and threatened if they didn’t pay the hackers, but parents had received messages threatening to kill their children. The threats were taken seriously enough that 30 schools were closed for days while the county and federal law enforcement investigated the threats.
We are now in the realm of TheDarkOverlord v2.0, it seems.
For those who, like this blogger, have followed the criminal activities of TheDarkOverlord, reading a report of them thoroughly hacking an entity and then writing a lengthy demand letter threatening to expose confidential files or personal information – well, that’s nothing new. But contacting parents of school children and threatening their children’s physical safety?
It is TheDarkOverlord on steroids, at the very least. But is it a real threat?
As The Flathead Beacon reported after the situation escalated:
The individual apparently gained access to the Columbia Falls School District’s electronically stored directory and began contacting and threatening families individually.
How do you terrorize an entire community? You raise the spectre of Sandy Hook. And you show that you know details about the children and the school.

TheDarkOverlord are masters at doing their research, and were aiming to create significant terror in their targets. I think it’s pretty clear that they accomplished that – at least in the short-term. But is this approach likely to result in more payments from victims, or has TheDarkOverlord misunderstood the psychology of its intended victims? There is certainly no indication that Flathead Valley will be paying them any money.
What the people of Flathead County may not know, but what law enforcement should certainly know, is that this is not the first time TheDarkOverlord has threatened physical violence against a victim. DataBreaches.net is not reproducing an earlier threat missive, but it, too, was designed to terrorize its target by threatening physical violence against the victim’s family. And the Flathead case is not the first case where TheDarkOverlord has contacted its victims by phone or SMS to threaten them or deliver obscenity-laden messages.
And maybe that’s the first thing law enforcement could have done to reassure the community: to recognize from the style and writing that this was/is the work of TheDarkOverlord and they’ve threatened physical violence before but never followed up on it – at least, not to date.
Of course, if TheDarkOverlord is really outside of the U.S., as the sheriff apparently told the community, then actual physical violence seems less likely. But should the county be telling the public that TheDarkOverlord is outside of the U.S.? It’s a reasonable hypothesis, but do they actually have any hard proof of that? If they don’t have actual proof, wouldn’t it be more honest to say, “We believe that they’re outside of the U.S.” than to assert that they are?
… In the meantime, the Flathead Beacon has done a truly admirable job of reporting on the situation as it has evolved, and you can get caught up on the details by reading their reports (in reverse chronological order, below:)

Management did not take the earlier breach as an indication that security was not up to snuff?
Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed
Equifax Inc. learned about a major breach of its computer systems in March -- almost five months before the date it has publicly disclosed, according to three people familiar with the situation.
In a statement, the company said the March breach was not related to the hack that exposed the personal and financial data on 143 million U.S. consumers, but one of the people said the breaches involve the same intruders.
… Equifax hired the security firm Mandiant on both occasions and may have believed it had the initial breach under control, only to have to bring the investigators back when it detected suspicious activity again on July 29, two of the people said.
… The revelation of a March breach will complicate the company’s efforts to explain a series of unusual stock sales by Equifax executives. If it’s shown that those executives did so with the knowledge that either or both breaches could damage the company, they could be vulnerable to charges of insider trading. The U.S. Justice Department has opened a criminal investigation into the stock sales, according to people familiar with the probe.
Equifax has said the executives had no knowledge that an intrusion had occurred when the transactions were made.
… There’s no evidence that the publicly disclosed chronology is inaccurate, but it leaves out a set of key events that began earlier this spring, the people familiar with the probe said.
In early March, they said, Equifax began notifying a small number of outsiders and banking customers that it had suffered a breach and was bringing in a security firm to help investigate. The company’s outside counsel, Atlanta-based law firm King & Spalding, first engaged Mandiant at about that time. [Hired not by Equifax, but by their lawyers. Bob] While it’s not clear how long the Mandiant and Equifax security teams conducted that probe, one person said there are indications it began to wrap up in May. Equifax has yet to disclose that March breach to the public.
One possible explanation, according to several veteran security experts consulted by Bloomberg, is that the investigation didn’t uncover evidence that data was accessed. Most data breach disclosure laws kick in only once there’s evidence that sensitive personal identifying information like social security numbers and birth dates have been taken. The Equifax spokesperson said the company complied fully with all consumer notification requirements related to the March incident.

Apparently, a large percentage of people prefer conspiracy over truth.
Is There Any Hope for Facebook's Fact-Checking Efforts?
Facebook’s fact-checking efforts are on the rocks. Five months after the social-media giant debuted a third-party tool to stop the spread of dubious news stories on its platform, some of its fact-checker partners have begun expressing frustration that the company won’t share data on whether or not the program has been effective.
In the absence of that official data, a study by Yale researchers made waves last week by suggesting that flagging a post as “disputed” makes readers just a slim 3.7 percent less likely to believe its claim. Among Trump supporters and young people, the fact-checking program seems to backfire entirely: Those respondents were more likely to believe flagged posts than unflagged ones.
… Facebook users who cluster around conspiracy-related content tend to interact only with material that affirms their preexisting worldview, but in the rare cases when they do come into contact with dissenting information that attempts to debunk conspiracy theories—in the form of public posts by science-related pages—the conspiracy theorists become more, rather than less, likely to interact with conspiracy-related content in the future. In fact, conspiracy theorists who never interact with dissenting viewpoints are almost twice as likely as those who do to eventually drift away from conspiracy-themed content.
In other words, attempting to correct wrongheaded beliefs on Facebook appears to accomplish the precise opposite.

For my students who read.
Google adds local library ebook options to search results
… The user will need to first apply their location, though, so Google knows which library to search. T he results, as shown in the tweeted image above, lists the library under a ‘Borrow ebook’ section which itself appears to be found under the ‘Get Book’ tab. You’ll need to search the book’s title to see this, at which point there’s only a bit of scrolling and a tap to get to the item.
If you do tap the link to borrow the ebook, you’ll be taken to a page where you can then sign in with your library credentials. From there you can proceed as usual, reading a sample or outright borrowing the book if you already know you want it. The feature is rolling out now and can be found on mobile and desktop (at the bottom of the right-hand panel in the latter case).

No comments: