Coming soon to a college near me?
Hackers
target Monroe College with ransomware, demand $2 million in bitcoin
Monroe College is “under cyberattack” by hackers who demanded approximately $2 million in bitcoin, police and school officials said Thursday.
The school’s computer programs were hacked around 6:45 a.m. Wednesday by a group that got in through ransomware and halted the system, cops said.
The hackers sent a message demanding that the university, which has a location on Jerome Avenue in Kingsbridge Heights, send 170 bitcoin — the equivalent of $2 million — in order to have its system restored.
Read
more on the New
York Post.
There
should be an easy-to-follow procedure for building a database…
K12
Inc. Data Breach Opens Doors to Students' Personal Information
A
K12 Inc. company database that included information for 19,000
students was available for anyone with an internet connection to see
for at least a week, according to a report from Comparitech, which
describes itself as a pro-consumer organization that offers security
services.
It's
not clear that anyone with ill intentions accessed the information
during the data exposure, which lasted from June 23 until July 1.
Worth
noting.
Incident
Response is Changing, Here’s Why and How
… Every
year Ponemon reports on the relationship between how quickly an
organization can identify and contain a breach and the financial
consequences. The 2018 Ponemon Cost of a Data Breach Study found
that the
average total cost of a data breach has now reached $3.86 million
and the chance of recurrence is 28%. Mean times to identify and
contain have continued to creep up and are now at 197 days and 69
days respectively. To reverse these trends and better protect
themselves from future attacks, organizations need to shift from a
reactive approach to incident response to a proactive incident
readiness mindset.
Fortunately,
organizations are recognizing this and taking action. Nearly half of
the respondents to the Cisco
2019 CISO Benchmark Study say
they are focusing on time to remediate as a key indicator to measure
their security posture, up from 30% last year.
Good
on them, but I doubt they will keep their pledge.
U.S.
Mayors Pledge Not to Give in to Ransomware Demands
The
United States Conference of Mayors has promised that its members will
“stand united” against paying ransoms in case their systems are
hit by ransomware.
The
organization represents over 1,400 mayors from U.S. cities with a
population of at least 30,000. At its 87th annual meeting, members
adopted many resolutions,
including a couple on cybersecurity. One of them is related to
ransomware attacks targeted at local governments.
… The
Conference of Mayors has admitted that ransomware attacks can result
in the loss of millions of dollars and months of work to repair
damage, but highlighted that paying the attackers only “encourages
continued attacks on other government systems, as perpetrators
financially benefit.”
In
an effort to disincentivize these attacks, the organization’s
members have vowed not to pay ransoms in the event of a cyberattack.
The
mayors have also urged Congress to pass the State Cyber Resiliency
Act, which would provide grants to state and local governments
to help support the development and implementation of cyber
resiliency plans.
Dilbert
explains the role of a Computer Security manager.
Let’s
see how well this works.
Facebook
Will Now Show You How To Opt Out Of Targeted Ads
The
new tool tells you how an ad was targeted and which third-party
agency or data broker was used. It also links to pages to opt out.
GDPR
requires you to protect paper too.
Just days after proudly announcing its first fine
under the GDPR, the Romanian Data Protection Authority has done it
again: World Trade Center Bucharest S.A. must pay 15,000 euro for
breaching the provisions of Art. 32 para. (4) GDPR corroborated with
Art. 32 paras. (1) and (2) GDPR.
What happened: according to the official statement
posted on the website of the Romanian Authority, a
paper-printed list, used in order to check the clients who
were having breakfast at the hotel owned by the controller, was
photographed by persons outside the company and subsequently
published online, thus leading to a data breach which
affected 46 persons.
(Related) Is they is or is they ain’t covered?
German
Supervisory Authorities Issue Guidance on Data Subject Rights
On
July 1, 2019, the Bavarian Supervisory Authority for the public
sector (“SA”) published guidance
on
how to verify the identity of data subjects exercising their data
protection rights under the GDPR. The guidance is directed at public
bodies, but is also helpful for private entities.
According
to the guidance, the controller may only request the provision of
additional information if it has “reasonable doubts” about the
data subject’s identity.
The US has no strategy. No surprise there. The
full report (PDF) is 188 pages.
New Report
on the Regulation of Artificial Intelligence
“Everybody
seems to be talking
about artificial
intelligence (AI). Some people laud its possibilities, whereas
others envisage nightmare scenarios where robots take over. But what
is AI exactly and how are countries dealing with it? The
Oxford Dictionary defines
AI
as “the theory and development of computer systems able to perform
tasks normally requiring human intelligence, such as visual
perception, speech recognition, decision-making, and translation
between languages.”
In a recently published report, “Regulation
of Artificial Intelligence,”
the Law
Library of Congress looks
at the emerging regulatory and policy landscape surrounding AI,
including guidelines, ethics codes, and actions by and statements
from governments and their agencies, in jurisdictions around the
world. An international part deals with approaches that United
Nations agencies
and regional organizations have taken towards AI. The country
surveys look at various legal issues, including data protection and
privacy, transparency, human oversight, surveillance, public
administration and services, autonomous vehicles, and lethal
autonomous weapons systems (LAWS). However, the most advanced
regulations were found in the area of autonomous vehicles, in
particular for the testing of such vehicles. The report includes
three maps on national
AI strategies,
a country’s position
on LAWS,
and the testing
of autonomous vehicles.
As the regulation of AI is still in its early stages and constantly
evolving, this report offers a snapshot of the legal situation at the
time the report was written (January 2019). Updates
will
be provided on the Global
Legal Monitor (GLM) website..”
More and bigger (faster) computers. What else is
new?
Facebook
VP: AI has a compute dependency problem
… Examples
of systems less reliant on compute for innovative breakthroughs
include Pluribus,
an AI system developed by Facebook AI Research and
Carnegie Mellon University and introduced today, that can take on
world-class poker players. In an article in Science,
researchers said Pluribus only required $150 in cloud computing to
train.
In
fact, Pesenti cited an OpenAI
analysi that
found the compute necessary to create state-of-the-art systems has
gone
up 10 times each year since 2012.
… He
believes bias typically comes from data sets, rather than the
creators of AI systems. [Should
we train AI to recognize biased datasets? (Hint: Hell yes!)]
We haven’t figured it out yet.
Asia’s AI
agenda: The ethics of AI
… This report, the fourth in our “Asia’s
AI agenda” series, combines an Asia-wide executive survey with
expert interviews from industry, government, and academia, and takes
the pulse of public and private actors in the AI ethics debate in the
region.
Here are the key findings of the report:
- AI will be a major growth driver for Asia in the coming decade.
- Biases within AI tools are potentially dangerous for Asia—but biases about AI’s use in Asia could be even more so.
- Asian governments are building institutional capacity and frameworks to increase AI governance—but have yet to develop regulations.
- Asian respondents are engaged in AI ethics discussions and see a constructive role for governments.
- AI-driven unemployment narratives are counterbalanced by the potential to enhance and augment human work.
The first part of this series, “The
ecosystem,” explores Asian governments’ plans for leadership
in AI. The second, “AI
for business,” examines how businesses are creating strategies
for deploying the technology. The third, “AI
and human capital,” looks at how executives in Asia Pacific are
preparing for the automation of job roles.
It’s not a tariff! US probably will retaliate
with a tariff. Can you name any French firm that takes in 25 million
Euros in the US? (Napoleon made strange laws.)
France
passes tax on tech giants despite US threats
… Any digital company with revenue of more
than €750m ($850m; £670m) - of which at least €25m is generated
in France - would be subject to the levy.
It will be retroactively applied from early 2019,
and is expected to raise about €400m this year.
Perspective. How will this impact Facebook’s
cryptocurrency?
Jamie
Redman reports:
An IRS slideshow created by James Daniels, IRS-CI cyber crimes program manager, describes some concerning methods IRS agents should use to crack down on crypto-using tax evaders. The slide follows the IRS’ recently announcing tax guidelines on cryptocurrencies, which will contain rules about the tax treatment of digital assets and forks. Even though the new tax guidelines haven’t been issued to the public, IRS agents who enforce the tax laws have have had no problems prosecuting bitcoin users for tax evasion. Agent Daniels’ recently published slide gives a lot of detail on how agents should combat crypto tax evaders by using a variety of investigation methods. Within the 181-page document, there are thorough descriptions of what a cryptocurrency is and chronicled paragraphs on assets like ripple (XRP) and bitcoin cash (BCH). The report discusses a myriad of digital currencies including BTC, XMR, BCH, XLM, XRP, and LTC. Daniels’ descriptive study even calls certain hardware wallet users “fanboys.”
Read
more on Activist
Post.
Could explain a lot…
Compiling a
Federal Legislative History: A Beginner’s Guide
Library
of Congress research guide – A
comprehensive research guide on finding federal legislative history
documents, including congressional committee reports and hearings,
presidential signing statements, and the debates of Congress
Worth
mentioning to my students.
YouTube
is launching educational playlists that won’t include algorithmic
recommendations
YouTube
is introducing a new education feature called Learning Playlists that
will offer dedicated landing pages for educational videos on a
variety of topics, including math, science, music, and language. The
playlists will have organizational features, like chapters around key
concepts, ordered from beginner to advanced lessons. The pages will
also be notably free from recommended videos, letting viewers focus
on their lessons without distractions.
No comments:
Post a Comment