Tuesday, October 03, 2017

The number never seems to go down.
Equifax raises estimate of people hit by breach
Equifax says that 2.5 million more Americans than originally believed have been affected by the record-breaking cyber attack on the firm.
The new additions bring the total of affected Americans to 145.5 million. Names, social security numbers, birthdates and other information were all compromised in the breach.

Equifax Announces Cybersecurity Firm Has Concluded Forensic Investigation Of Cybersecurity Incident

Something for my Computer Security students to kick around.
The Increasing Effect of Geopolitics on Cybersecurity
The effect of geopolitics on cybersecurity can be seen daily – from Chinese cyber espionage to Russian attacks on the Ukraine and North Korea’s financially-motivated attacks against SWIFT and Bitcoins – and, of course, Russian interference in western elections and notably the US 2016 presidential election.
The primary cause is political mistrust between different geopolitical regions combined with the emergence of cyberspace as a de facto theater of war.
"Of course there is a connection between cybersecurity and geopolitics,” Ilia Kolochenko, CEO of High-Tech Bridge, told SecurityWeek. “Hackers are now acting as soldiers, and it's difficult to find a country that has never used a cyber weapon.”
Although not necessarily recognized at government level, few people involved with cybersecurity have any doubt that cyber warfare is current and ongoing. Governments are reluctant to openly acknowledge this reality for fear that recognition will require retaliation – and the big fear then is that it could escalate into kinetic warfare. Kinetic provocation leads to kinetic responses; cyber provocation tends not to. Consider, for example, the U.S. response to North Korea’s missile tests compared to the response to North Korea’s cyber attacks against Sony and SWIFT.
Cyber warfare has further advantages: the difficulty of attribution provides plausible deniability.
The first negative effect is already being felt: it is the balkanization of the internet. There are two aspects to this: the first is to protect the national internet from the global internet; and the second is to promote the use of locally produced products over foreign-produced, and therefore suspect, products. The Iranian, North Korean and Chinese intranets are the best known examples.

(Related). Should we assume this was at the direction of the President?
U.S. Cyber Command Launched DDoS Attack Against North Korea: Report
The United States Cyber Command has reportedly been engaged in offensive activity, namely a DDoS attack, against North Korea's military spy agency, the Reconnaissance General Bureau (RGB). The attack is thought to have commenced on September 22, and continued until September 30.
The attack occurred just five weeks after President Trump elevated U.S. Cyber Command to a Unified Combatant Command.

Over the last two years, U.S. banks and government agencies have enjoyed a notable respite from malicious Iranian cyber activity. The timing of this drop-off happens to coincide with the signing of the nuclear deal with Iran in 2015.
Now with U.S. President Donald Trump threatening to walk away from the nuclear deal, cybersecurity experts say it is likely Iran could resume its attacks against Western targets should Trump actually follow through with his threat.

Think about this. If an IG finds a poorly managed process in one agency, this website could provide everything other agencies need to correct the problem! Or, we could find evidence that management should have known about a particular problem because it had been found in one or more other agencies.
New Website Shows IGs Found More Than $25B in Potential Cost Savings in FY 2017
by Sabrina I. Pacifici on Oct 2, 2017
Oversight.gov was created by the Council of the Inspectors General on Integrity and Efficiency (CIGIE) to consolidate in one place all public reports from Federal Inspectors General (IGs) in order to improve the public’s access to independent and authoritative information about the Federal Government. The site includes a publicly accessible, text searchable repository of reports published by IGs. The reports appearing on Oversight.gov, as well as the data associated with them, have been posted directly to the site by the IG that issued it. CIGIE operates and maintains the site. Reports on Oversight.gov can also be accessed through the websites of the individual Offices of Inspectors General (OIGs)…
The data presented in the charts on the Home and Reports pages are from three sources:
  • CIGIE’s Annual Progress Reports the President, which present aggregate data about the annual accomplishments of Federal OIGs. This data is uploaded to Oversight.gov directly by CIGIE upon publication of a new annual report.
  • OIGs’ Semiannual Reports, which present data about the semiannual accomplishments of individual OIGs. This data is uploaded to Oversight.gov by each OIG.
  • Data from individual reports uploaded to Oversight.gov. This data is uploaded to Oversight.gov by each OIG…”
See alsoOversight Garden – “a free and open source project of Eric Mill, David Cook, Olivia Cheng, Steve Pulec, and other wonderful humans. Original writing licensed under CC-BY 4.0…Gathers and allows users to search for reports of every U.S. federal IG that publishes them..”

Perhaps we could train them to build robots?
Robots Are Taking Americans’ Jobs. What Can Be Done?
David Besanko, the IBM professor of regulation and competitive practice at the Kellogg School, says halting automation would only harm the nation’s global competitiveness. Instead of banning driverless trucks or hitting companies with a “robot” tax, Besanko argues in a new white paper cowritten with Max Meyers that the most strategic way to protect workers is through policies that help them adjust to the new economy. Such policies should be aimed at offering workers better access to training and equipping them to build their own businesses.

Mass Shootings Are A Bad Way To Understand Gun Violence

See readers? You are not alone!
Why blogs endure: A study of recent college graduates and motivations for blog readership
by Sabrina I. Pacifici on Oct 2, 2017
Why blogs endure: A study of recent college graduates and motivations for blog readership, Alison J. Head, Michele Van Hoeck, Kirsten Hostetler. First Monday, Volume 22, Number 10 – 2 October 2017.
“This paper reports the results from a mixed methods study of recent college graduates who were asked if and why they used blogs as sources for continued learning purposes. Findings are based on 1,651 online survey responses and 63 follow-up telephone interviews with young graduates from 10 U.S. colleges and universities. Despite the media’s declarations about the impending demise of the blogosphere, almost two-thirds of the respondents (62 percent) had read blogs to fulfill their learning needs during the past 12 months. Blogs were an affordable source of information to these readers, especially for acquiring additional knowledge and closing skill gaps in their personal lives after college. Results from a logistic regression analysis indicated respondents were more likely to have read blogs during the past 12 months if they needed step-by-step instructions for hobbies, do-it-yourself household repairs, or money management and creating a personal budget. Respondents who used blogs were also more likely to also use complementary sources, such as educational videos on YouTube, to meet their learning needs. The concept of shared utility is introduced as a basis for explaining reasons for use of the blog format, and conclusions are drawn about why blogs, an early Web form, are still useful to millennials as sources of continued learning.”

No comments: