Tuesday, May 29, 2018

You should probably hire my students before you are attacked.
The War Few Are Talking About
Just as the world came to recognize IT cyberattacks as a new form of crime, motivated by profit, we must now recognize industrial cyberattacks as tactics in a new form of “economic warfare” being waged between nation-states to gain economic and political advantage without having to pay the price of open combat.
Malicious actors have shown they are quite adept at gaining access to vulnerable ICS networks, as we have seen a dramatic increase in successful penetration of industrial environments over the last 18 months. Though most of these intrusions have not yet resulted in an attack, we must interpret them as steps toward establishing persistence on vulnerable systems as part of a longer-term agenda.
So, why do industrial networks make such attractive targets? Three reasons:
The infrastructure they control is highly valuable.
It is an efficient means to cause tremendous disruption and economic loss to the targeted nation without having to take responsibility for the act.
ICS networks are unmonitored and unprotected.

Expand the Forensics course?
Smart devices in your home have data that may be used by law enforcement
Your Home is Your…Snitch? When your appliances work as police informants – By Daniel Zwerdling – The Marshall Project Justice Lab column examines the science, social science and technology of criminal justice.
“Police records in Bentonville, Arkansas show that James Bates called 911 on Sunday morning just before Thanksgiving 2015, and reported chilling news: he’d just opened his back door and found one of his buddies floating face down in the hot tub, dead. When police showed up, Bates said he had no idea how it happened. He also said they could search his home, according to police. And they found his house and yard were equipped with smart gadgets that might have served as digital eyes and ears. One was a smart utilities meter, which tracks far more details about water consumption than old-fashioned meters do. Another was an Amazon Echo on the kitchen counter—a smart speaker connected to the voice-controlled digital assistant service called Alexa—as in, “Hey Alexa, play me Drake/book a hotel/call an Uber.” As the police looked around, Bates probably had no inkling that he was entering a national debate: When do police have legal access to the trove of personal information that our smart homes collect? Two developments coming soon could affect the answer. The Supreme Court will rule on a case concerning privacy and digital records, and new regulations in Europe will tighten access to people’s digital information there. Back in Bentonville, police went after data from Bates’ smart home with zeal. A manager at the utilities department told them that Bates’ smart meter showed he’d used far more water between 1–3 a.m. than he’d ever used during the same period before. Police surmised that Bates had hosed the back patio to erase signs of a struggle. They charged him with murder. Prosecutors also ordered Amazon to turn over the recordings that Bates’ digital assistant made before and after he said he found the body. Amazon records your vocal commands, and sometimes background talk, and stores the audio on distant servers. Amazon resisted, the prosecutors started fighting the company in court—and Bates gave up the recordings voluntarily. Prosecutors dropped the case late last year, saying they couldn’t prove he was guilty. Apparently, Alexa still awaits her court debut. But the case gave the nation a glimpse of what’s in store as our homes keep getting smarter: law enforcement will treat your appliances as potential witnesses.
It seems new smart gadgets are introduced every week. There are smart TVs, which suggest the programs they think you’ll like. Smart refrigerators are equipped with interior cameras and UPC scanners that keep track of the items you stock in your refrigerator, and then reorder them as they run out. One brand of smart mattress “tracks over 15 factors about your sleep and health, including deep sleep, heart rate and respiratory rate,” according to its website. “From a law enforcement or intelligence perspective, these are very valuable tools that can let them monitor or listen to individuals,” says Dale Watson, the FBI’s former executive assistant director, now a consultant…

Some tips for my Software Architecture students too.
Everyone’s talking about a future in which vehicles are shared rather than owned, autonomous rather than driven, and where car companies make large shares of their profits on digital “mobility services.” But if you are the Ford Motor Company and face the prospect of investing billions in new technology while your century-old business model is overturned, you might first have a few questions. How are consumers going to react to all of this? What do they really want? How can you tell which opportunities are real and which are science fiction?
To help test drive the future, in 2016 Ford paid about $50 million to acquire Chariot, a startup mobility service. Incubated at Y Combinator, the venture was aimed squarely at the most important, most reliable, most consistent mobility need that consumers have every day: getting to and from work. While this seemed like a small bet for a $165 billion company built on the mass production of vehicles, the deal was scouted, in part, by Jim Hackett, then head of Ford Smart Mobility who has since been elevated to CEO.
All this makes the early lessons from the Chariot venture worth heeding as it gains traction in the market. Here are five to learn from Ford thus far, about mobility services in particular, and more broadly, about how to deal with the uncertainty of new business models in new markets by testing and learning one’s way forward.

No comments: