Friday, March 09, 2018

Why you can’t just nuke the ‘obvious guilty party.’
Sophisticated False Flags Planted in Olympic Destroyer Malware
The Olympic Winter Games in Pyeongchang, South Korea, was hit by a cyberattack that caused temporary disruption to IT systems, including the official Olympics website, display monitors, and Wi-Fi connections. The attack involved Olympic Destroyer, a piece of malware designed to wipe files and make systems inoperable, and steal passwords from browsers and Windows. Compromised credentials are used to spread to other machines on the network.
Kaspersky has also spotted infections at several ski resorts in South Korea. The malware, which leverages a leaked NSA exploit known as EternalRomance to spread via the SMB protocol, temporarily disrupted ski gates and lifts at the affected resorts.
Several cybersecurity firms launched investigations into the Olympic Destroyer attack shortly after the news broke, and while they mostly agreed on the malware’s functionality, they could not agree on who was behind the operation. Some pointed the finger at North Korea, while others blamed China or Russia, leading some industry professionals to warn against this type of knee-jerk attribution.
Kaspersky researchers also analyzed the Olympic Destroyer worm in an effort to determine who was behind the attack. While they have’t been able to identify the culprit, experts have found some interesting clues.
The security firm has found a unique “fingerprint” associated with the notorious Lazarus Group, which has been linked to North Korea and blamed for high profile attacks such as the one on Sony, the WannaCry campaign, and various operations targeting financial organizations.
This fingerprint was a 100% match to known Lazarus malware components and it did not appear in any other files from Kaspersky’s database. While this piece of evidence and the type of attack suggested that Olympic Destroyer could be the work of North Korea, other data gathered by researchers as a result of an on-site investigation at a South Korean target revealed inconsistencies.
Experts determined that the unique fingerprint was likely a sophisticated false flag planted by the attackers to throw investigators off track.
One possible scenario is that the Russian hackers attempted to frame Lazarus for the attack after the North Korean group tried to pin one of its campaigns on Russian actors. It’s also possible that the false flag used in the Olympics attack is part of the hackers’ efforts to improve their deception techniques.

Less than I would have expected in the most populous nation on earth.
For comparison purposes:
“As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total number of 49,455, 50,362 and 53,081 cyber security incidents were observed during the year 2015, 2016 and 2017, respectively,” IT Minister Ravi Shankar Prasad said in a written reply to Rajya Sabha today.

This is depressing, but maybe the National Enquirer is on to something.
Paper – The spread of true and false news online
The spread of true and false news online. Soroush Vosoughi, Deb Roy, Sinan Aral. Science 09 Mar 2018: Vol. 359, Issue 6380, pp. 1146-1151 DOI: 10.1126/science.aap9559
“Lies spread faster than the truth – “There is worldwide concern over false news and the possibility that it can influence political, economic, and social well-being. To understand how false news spreads, Vosoughi et al. used a data set of rumor cascades on Twitter from 2006 to 2017. About 126,000 rumors were spread by ∼3 million people. False news reached more people than the truth; the top 1% of false news cascades diffused to between 1000 and 100,000 people, whereas the truth rarely diffused to more than 1000 people. Falsehood also diffused faster than the truth. The degree of novelty and the emotional reactions of recipients may be responsible for the differences observed. Science, this issue p. 1146.”
“Abstract – We investigated the differential diffusion of all of the verified true and false news stories distributed on Twitter from 2006 to 2017. The data comprise ~126,000 stories tweeted by ~3 million people more than 4.5 million times. We classified news as true or false using information from six independent fact-checking organizations that exhibited 95 to 98% agreement on the classifications. Falsehood diffused significantly farther, faster, deeper, and more broadly than the truth in all categories of information, and the effects were more pronounced for false political news than for false news about terrorism, natural disasters, science, urban legends, or financial information. We found that false news was more novel than true news, which suggests that people were more likely to share novel information. Whereas false stories inspired fear, disgust, and surprise in replies, true stories inspired anticipation, sadness, joy, and trust. Contrary to conventional wisdom, robots accelerated the spread of true and false news at the same rate, implying that false news spreads more than the truth because humans, not robots, are more likely to spread it.”

Taming the Data for Better BI
“In 2015, the University of Washington began work on its own repository called the Knowledge Navigator, which is designed to give context to the enterprise data warehouse and allow business users to see relationships between concepts, terms, tables, columns and reports. “Someone who is exploring a business question such as how many women graduated with STEM degrees last year can find agreed-upon definitions of terms like STEM and then navigate to the database,” explained Matt Portwood, a UW metadata analyst. Most such repositories are designed for metadata management by data architects, noted Pieter Visser, a UW solutions architect. “They are not created for the end-user at all,” he said. In contrast, Knowledge Navigator was intended to be a tool for everybody. Visser described it as being like Google for your metadata: “We try to make it as easy as possible to find how everything is related to everything else. You can start with your business terms and go all the way to the Tableau visualization or web service, and we give you the context right away.” In their metadata repository work, both UW and Notre Dame use graph database technology from Neo4j to represent entities and their relationships. Visser explained that within the metadata world, everything is related to everything else. “A resource in a web service or a label on a report can relate to a business term or a concept,” he said. “In a graph database you can easily connect any node to another node. Trying to do it in a relational database is almost impossible.”

Where you might run into a self-driving vehicle.
Same driver, different vehicle: Bringing Waymo self-driving technology to trucks
last fall we put the world’s first fleet of fully self-driving cars on public roads in the Phoenix area.
Now we’re turning our attention to things as well. Starting next week, Waymo will launch a pilot in Atlanta where our self-driving trucks will carry cargo bound for Google’s data centers.

No comments: