We’ll
probably have to wait for the Olympics to end before they start
naming names. (Russia)
… The cyberattack took out internet access and
telecasts, grounded broadcasters’ drones, shut down the Pyeongchang
2018 website, and prevented spectators from printing out reservations
and attending the ceremony, which resulted in an unusually high
number of empty seats.
Security experts
said they had uncovered evidence that the attack had been in
the works since late last year. It was directed at the
Pyeongchang Organizing Committee and incorporated code that was
specifically designed to disrupt the Games or perhaps even send a
political message.
… “This
attacker had no intention of leaving the machine usable,” a team of
researchers at Cisco’s Talos threat intelligence division wrote in
an
analysis Monday. “The
purpose of this malware is to perform destruction of the host” and
“leave the computer system offline.”
In an interview, Talos researchers noted that
there was a nuance to the attack that they had not seen before: Even
though the hackers clearly demonstrated that they had the ability to
destroy victims’ computers, they stopped short of doing so. They
erased only backup files on Windows machines and left open the
possibility that responders could still reboot the computers and fix
the damage.
“Why did they pull their punch?” asked Craig
Williams, a senior technical leader at Talos. “Presumably, it’s
making some political message” that they could have done far worse,
he said.
… Adam Meyers, vice president of intelligence
at CrowdStrike, said his team had discovered time stamps that showed
the destructive payload that hit the opening ceremony was constructed
on Dec. 27 at 11:39 a.m. Coordinated Universal Time — which
converts to 6:39 a.m. Eastern Time, 2:39 p.m. in Moscow and 8:39 p.m.
in South Korea.
Attackers clearly had a target
in
mind: The word Pyeongchang2018.com was hard-coded into their
payload, as was a set of stolen credentials belonging to Pyeongchang
Olympic officials. Those stolen credentials allowed attackers to
spread their malware throughout the computer networks that support
the Winter Games on Friday, just as the opening ceremony was timed to
begin.
Security companies would not say definitively who
was behind the attack, but some digital crumbs led to a familiar
culprit: Fancy Bear, the Russian hacking group with ties to Russian
intelligence services.
Food for thought.
What could possibly go wrong, right?
Read
this presser to get some more background and details.
Thanks to Joe Cadillic for these links. I imagine
he’ll have tons to say on his blog about all this. Me, I’m just
stockpiling those little thingees that block cameras on devices.
How
very Facebook of them.
Facebook is
suggesting mobile users 'Protect' themselves...by downloading a
Facebook-owned app that tracks their mobile usage
Facebook is now offering some mobile app users a
wireless-networking app without first disclosing that it's owned by
Facebook, or that it collects information for the social networking
company.
The app, Onavo Protect, provides users with a
virtual private network, or VPN. Typically, a VPN cloaks the user's
identity and adds other security features, making it a more secure
way to get online, particularly when using public Wi-Fi networks.
Yet the Onavo app also tracks data that it shares
with Facebook and others, "including the applications installed
on your device, your use of those applications, the websites you
visit and the amount of data you use," according to its own
privacy policies.
Facebook can use that data to track what users do
online even when they're not on one of its websites. The company
could also find out how apps made by its rivals, such as Snap
and Twitter,
are being used.
Interesting.
I wonder what else the UK will want to block in the future?
UK unveils
extremism blocking tool
The UK government has unveiled a tool it says can
accurately detect jihadist content and block it from being viewed.
Home Secretary Amber Rudd told the BBC she
would not rule out forcing technology companies to use it
by law.
Ms Rudd is visiting the US to meet tech companies
to discuss the idea, as well as other efforts to tackle extremism.
Thousands of hours of content posted by the
Islamic State group was run past the tool, in order to "train"
it to automatically spot extremist material.
The government provided £600,000 of public funds
towards the creation of the tool by an artificial intelligence
company based in London.
ASI Data Science said the software can be
configured to detect 94% of IS video uploads.
… The company said it typically flagged 0.005%
of non-IS video uploads. On a site with five million daily uploads,
it would flag 250 non-IS videos for review.
It is intended to lighten the moderation burden
faced by small companies that may not have the resources to
effectively tackle extremist material being posted on their sites.
(Related) “We can, therefore we must!”
The medical profession has an ethic: First,
do no harm.
Silicon Valley has an ethos: Build it first and
ask
for forgiveness later.
Now, in the wake of fake news and other troubles
at tech companies, universities that helped produce some of Silicon
Valley’s top technologists are hustling to bring a more
medicine-like morality to computer science.
This semester, Harvard University and the
Massachusetts Institute of Technology are jointly offering a
new course on the ethics and regulation of artificial
intelligence. The University of Texas at Austin just introduced a
course titled “Ethical
Foundations of Computer Science” — with the idea of
eventually requiring it for all computer science majors.
And at Stanford University, the academic heart of
the industry, three professors and a research fellow are developing a
computer science ethics course for next year.
Perspective.
Cisco:
Cloud computing workloads to skyrocket by 2021
Cloud computing workloads continue to skyrocket
and will account for 95% of all data center traffic by 2021,
according to Cisco's most recent Global Cloud Index study, released
this week. The vendor said global cloud data center traffic will
more than triple in the next three years, rising from 6 zettabytes
in 2016 to 19.5 zettabytes by 2021.
… In
the study, Cisco said security concerns that formerly hindered
the extent of cloud adoption have diminished, further contributing to
the increase in cloud computing workloads.
In addition, IoT
and related systems, encompassing such operations as connected
healthcare and digital utilities, have further fueled the growth
in cloud traffic. Cisco said IoT connections are projected to reach
almost 14 billion in 2021, more than twice as many as there were in
2016.
(Related)
Oracle
Leaps Into the Costly Cloud Arms Race
Oracle Corp. plans to quadruple the number of its
giant data-center complexes over the next two years, a move that
could significantly boost capital spending as it tries to chip away
at Amazon.com Inc.’s massive lead in the cloud-infrastructure
market.
The expansion thrusts Oracle into an expensive
arms race against the market’s biggest spenders, Amazon, Microsoft
Corp. and Alphabet Inc.’s Google. Those giants are working to
wrest away traditional Oracle database customers shifting from their
own data centers to web-based...
Perspective. Fueling the next ‘energy crisis?’
Energy
riches fuel bitcoin craze for speculation-shy Iceland
Iceland is expected to use more energy “mining”
bitcoins and other virtual currencies this year than it uses to power
its homes.
Perspective. Up until WWII, the British navy
probably went through the South China Sea every week. (And their
navigators knew that was not “on the way home” from Australia.)
British
defense secretary says warship bound for South China Sea: media
A British warship will sail through the South
China Sea next month to assert freedom-of-navigation rights, British
Defence Secretary Gavin Williamson said in remarks published on
Tuesday.
… The frigate HMS Sutherland will sail through
the region after a visit to Australia, Williamson said in an
interview with The Australian newspaper.
“She’ll be sailing through the South China Sea
(on the way home) and making it clear our navy has a right to do
that,” he said, according to the newspaper.
Nicely done!
Dow Jones –
100 Year Historical Chart
Macrotrends: “Interactive
chart of the Dow Jones Industrial Average stock market index for the
last 100 years. Historical data is inflation-adjusted using the
headline CPI and each data point represents the month-end closing
value. The current month is updated on an hourly basis with today’s
latest value.
For my Data Management students.
For my Computer Security students.
Interesting tool for pointing out evidence?
Pixorize -
Free Image Annotation Tool
Pixorize
is a free tool for adding interactive annotations to your images.
Using Pixorize is a fairly straight-forward process. To get started
just upload any picture that you have saved on your computer. (After
your image is uploaded you may need to resize it to make it fit into
your browser). Once the image is uploaded you can add points,
circles, squares, and stars as annotation markers on your image.
After adding an annotation marker you can write text to explain the
element of the image to which you are calling attention.
To save and or share your work on Pixorize
you must create an account. However, creating an account didn't
require validating your email address (I created an account with a
fake email address that I have for one of my dogs). After saving
your image on Pixorize you can share a link to it or embed it in a
blog post as I have done below.
Pixorize
is still a new product, but it has great potential as an alternative
to Thinglink. You could have students use Pixorize to annotate
diagrams, maps, or images like the one in my
example featured above.
No comments:
Post a Comment