A war by any other name would void your insurance. Shouldn’t it?
Cyberwar: Are attacks by Russian hackers still covered by cyber insurance? Germany’s perspective (for now)
Google translation:
In the wake of Russia’s attack on Ukraine, there are fears that Russia will launch a broad-based cyber war. Western countries could also become the focus of Russian cyber attacks. In this context, it can be expected that cyber insurers will invoke the so-called war exclusion and refuse to pay benefits. However, the considerations made by the insurers are not convincing, as Jürgen Seiring, Managing Director of VSMA GmbH, reports.
[…]
Cyber attacks by Russian hackers against German companies should probably continue to be insured.
Read more at UnternehmenCybersicherheit.de.
Re: Emperors and new clothing… This is like ignoring a smoke alarm.
Would Sea Mar Community Health even know about large patient data dumps if not for DataBreaches.net?
The chronology of Sea Mar Community Health Center’s responses to a massive data breach suggests that they may be first learning of data dumps because of notifications by DataBreaches.net or this site’s reporting of our discoveries. If true, what does that say about their security and incident response? A DataBreaches.net commentary.
Since 2021, DataBreaches.net has been reporting on a massive breach involving Sea Mar Community Health Centers in Washington state. For almost one year now, DataBreaches.net has been contacting Sea Mar to alert them to data appearing on the internet and to ask them for a response. For more than one year, Sea Mar has not responded to a single alert or request from this site. The chronology of their public notifications, however, suggests that if it were not for this site, they might not even know that their patients’ and employees’ personal and protected health information had been dumped on the internet.
Last month, DataBreaches.net broke the story that yet another 161 GB of Sea Mar data had been leaked on the internet. The files in that leak, unlike two previous data dumps of Sea Mar data, consisted of more than 650,000 image files that, for the most part, were driver’s license images.
DataBreaches.net’s earlier coverage of prior data leaks of Sea Mar data are linked from our March article. The three leaks — one by Marketo and two by Snatch Team — all contained different files. Snatch Team would not reveal whether there were two different entities who had listed data with them at different times or if there was just one entity. Nor did Snatch Team even seem to know that the data came from Sea Mar, saying that the entity who listed the data dump with them did not indicate the source of the data. As a result, it is not clear how many threat actors or groups are in possession of the Sea Mar data or how broadly it has been circulated already.
Sea Mar has now issued another press release, stating that it has learned of additional information involved in their previously-reported incident. This additional information, they write, “may have impacted data belonging to current and former Sea Mar patients and other individuals associated with Sea Mar.” Looking at their press release below, keep in mind that DataBreaches.net first alerted Sea Mar to the Marketo leak on June 24, 2021. This site then posted updates to the incident in October, 2021 (when Sea Mar first issued a press release ), and then again in January, 2022 when we discovered the first dump of 22 GB on Snatch Team, in February after Sea Mar was sued, and then again in March, when we discovered the 161 GB dump on Snatch Team.
Keeping that chronology in mind, here is Sea Mar’s newest press release (emphasis added by DataBreaches.net):
On June 24, 2021, Sea Mar was informed that certain Sea Mar data may have been copied from its digital environment by an unauthorized actor. Upon receipt of this information, Sea Mar immediately took steps to secure its environment and commenced an investigation with the assistance of leading, independent cybersecurity experts. Through the investigation, Sea Mar learned that certain data may have been copied from its digital environment between December 2020 and March 2021 and provided notification to individuals known to have been potentially impacted.
In January and March 2022, Sea Mar learned of additional data that may have been copied from its digital environment, and, upon review, identified that such data contained personal and protected health information. The additional data contained the following personal and protected health information: Name, date of birth, and, in some cases, Social Security number and/or driver’s license information.
Sea Mar has provided notice of the incident on its website to alert all potentially impacted individuals of this incident and the update related thereto. The notice includes information about the incident and steps that potentially impacted individuals can take to protect their information.
The privacy and protection of personal and protected health information is a top priority for Sea Mar, which deeply regrets any inconvenience or concern this incident may cause. Sea Mar is continuing to work with cybersecurity experts to take steps to prevent a similar incident from occurring in the future. Sea Mar has also established a toll-free call center to answer questions about the incident. Call center representatives are available Monday through Friday from 6:00 am – 3:30 pm Pacific Time and can be reached at 1-855-651-2684.
Apart from the civil lawsuits they are facing, and from a regulatory standpoint: will investigators look at why Sea Mar had so much old and unencrypted data on their system? What did their risk assessment look like for old data? What security did they have on current data? And shouldn’t they have had a system to receive and acknowledge notifications of a breach? Finally, for now: would they have even known about the data leaks if this site hadn’t discovered their data on leak sites and taken the time to alert them each time?
Should they also explain to the customer? “We know you don’t want to subscribe, and we know why!”
https://www.reuters.com/technology/ai-is-explaining-itself-humans-its-paying-off-2022-04-06/
AI is explaining itself to humans. And it's paying off
Microsoft Corp's LinkedIn boosted subscription revenue by 8% after arming its sales team with artificial intelligence software that not only predicts clients at risk of canceling, but also explains how it arrived at its conclusion.
The system, introduced last July and to be described in a LinkedIn blog post on Wednesday, marks a breakthrough in getting AI to "show its work" in a helpful way.
… Google Cloud sells explainable AI services that, for instance, tell clients trying to sharpen their systems which pixels and soon which training examples mattered most in predicting the subject of a photo.
But critics say the explanations of why AI predicted what it did are too unreliable because the AI technology to interpret the machines is not good enough.
Perhaps easier than some people I know...
https://www.newyorker.com/tech/annals-of-technology/can-computers-learn-common-sense
Can Computers Learn Common Sense?
A few years ago, a computer scientist named Yejin Choi gave a presentation at an artificial-intelligence conference in New Orleans. On a screen, she projected a frame from a newscast where two anchors appeared before the headline “cheeseburger stabbing.” Choi explained that human beings find it easy to discern the outlines of the story from those two words alone. Had someone stabbed a cheeseburger? Probably not. Had a cheeseburger been used to stab a person? Also unlikely. Had a cheeseburger stabbed a cheeseburger? Impossible. The only plausible scenario was that someone had stabbed someone else over a cheeseburger. Computers, Choi said, are puzzled by this kind of problem. They lack the common sense to dismiss the possibility of food-on-food crime.
Perspective.
The Russian invasion shows how digital technologies have become involved in all aspects of war
Since Russia invaded Ukraine, we keep hearing that this war is like no other; because Ukrainians have cellphones and access to social media platforms, the traditional control of information and propaganda cannot work and people are able to see through the fog of war.
As communications scholars and historians, it is important to add nuance to such claims. The question is not so much what is “new” in this war, but rather to understand its specific media dynamics. One important facet of this war is the interplay between old and new media — the many loops that go from Twitter to television to TikTok, and back and forth.
Tools & Techniques. When you have that tingle of suspicion?
https://www.bespacific.com/reverse-google-images-search-can-help-you-bust-fake-news-and-fraud/
Reverse Google Images Search Can Help You Bust Fake News and Fraud
CNET: “On Friday, a photo that purported to show two British naval aircraft carriers dwarfing a much smaller French naval ship made the rounds on social media. But you can’t always believe your eyes online. Photos are easy to duplicate and then use in misleading ways. Scammers can lift a social media profile photo, for example, and use it to give a fake account a sheen of authenticity. Similarly, news photos can be grabbed from coverage of one event and pasted into stories about another event, misleading readers about what’s happening. In the case of the photo of the aircraft carriers, a reverse image search revealed the tiny vessel had been added digitally, Snopes found. A reverse image search can help you spot misleading photos by identifying their origin. If you’re in doubt, this search engine tool will help you spot scams, debunk false news, and discover people using your images without your permission. Reverse image searches rely on either Google’s Images or Lens service. Either will provide a list of websites displaying the photo or image, as well as a link and description. Both services can also give you a list of visually similar images that might provide images shot from different angles. The list might also show the same picture with an original caption or from an earlier news story. That information is often used by fact-checkers, who’ve been using the tools to verify whether images from the war in Ukraine are current and shared in the right context. These tools are so powerful that scammers are turning to high-tech methods to end-run reverse image searches. AI-generated profile pictures have become popular with dishonest groups that rely on bogus social media accounts, like the scheme researchers identified on LinkedIn that aimed to generate sales leads with a raft of fake profiles. Reverse image searching an AI-generated photo won’t lead you to a real person, so they’re harder to identify as fake. But the use of AI-generated photos is currently fairly limited…”
Tools & Techniques.
https://www.engadget.com/snapchat-american-sign-language-lens-practice-184825207.html
Snapchat's latest lens helps you learn the American Sign Language alphabet
Snap isn't done teaching Snapchat users how to communicate using sign language. The social media service has introduced an ASL Alphabet Lens that, as the name implies, significantly expands the American Sign Language learning experience. You'll still learn how to fingerspell your name using individual letters, but you now also get to practice the ASL alphabet and play two games to test your knowledge.
No comments:
Post a Comment