This is clearly not US
cyber-retaliation. (My Ethical Hackers say, “Oops!” Because we
don't know how to pronounce, “아차.”)
Cyberattack
suspected as North Korea experiences complete Internet outage
The
Internet in North Korea has gone completely dark.
"We
can confirm that a large number of connections have been withdrawn
and that North Korea does not currently have access to the web,"
a spokeswoman for CloudFlare, a California-based Internet company
that oversees a global network, told Mashable. But, she
said, the company "cannot confirm the source of the North Korean
Internet outage."
Connectivity
between North Korea and the outside world has been "spotty"
for at least the last 24 hours, according to the website North
Korea Tech. But The New York Times reports
that it has been unstable for days.
(Related)
A
peek into North Korea's Internet
So,
North Korea's Internet went down. What is it like anyway?
For
most North Koreans, it's nonexistent. There
are only 1,024 known IP addresses in the entire country.
The Internet is typically reserved for government officials, a few
foreign ambassadors and outside assistance groups, according to a
North
Korean defector-turned-journalist.
By
comparison, the United
States has 1.5 billion IP addresses.
…
Either the North Korean government pulled the plug (like
Syria did in 2012). Or
its main Chinese telecom provider turned it off. [My
bet. Bob] Or a few computer-savvy misfits overloaded
North Korea's tiny Internet "tube" with garbage traffic, a
relatively simple tactic known as a Distributed Denial of Service
attack.
Ditto.
Bruce makes many of the points I wish I was able to articulate. As
always, it is worth reading what Bruce has to say.
Did
North Korea Really Attack Sony?
I am
deeply skeptical of the FBI’s
announcement on Friday that North Korea was behind last month’s
Sony
hack. The agency’s evidence is tenuous, and I have a hard time
believing it. But I also have trouble believing that the U.S.
government would make the accusation this formally if officials
didn’t believe it.
Clues
in the hackers’ attack code seem to point in all directions at
once. The FBI points
to reused code from previous attacks associated with North Korea, as
well as similarities in the networks used to launch the attacks.
Korean language in the code also suggests a Korean origin, though not
necessarily a North Korean one since North Koreans use a unique
dialect. However you read it, this sort
of evidence is circumstantial at best. It’s easy to fake, and
it’s even easier to interpret it wrong. In general, it’s a
situation that rapidly devolves into storytelling, where analysts
pick bits and pieces of the “evidence” to suit the narrative they
already have worked out in their heads.
In
reality, there are several possibilities to consider:
[My
personal favorite:
This is the work of hackers who had no idea that there was a North
Korean connection to Sony until they read about it in the media.
Sony, after all, is a company that hackers have loved
to hate for a decade. The most compelling evidence for this
scenario is that the explicit North Korean connection—threats about
the movie The Interview—were only made by the hackers
after the media picked up on the possible links between the
film release and the cyberattack. There is still the very real
possibility that the hackers are in it just
for the lulz, and that this international geopolitical angle
simply makes the whole thing funnier.
…
Tellingly, the FBI’s press
release says that the bureau’s conclusion is only based “in
part” on these clues. This leaves open the possibility that the
government has classified evidence that North Korea is behind the
attack. The NSA has been trying to eavesdrop on North Korea’s
government communications since the Korean War, and it’s reasonable
to assume that its analysts are in pretty deep. The agency might
have intelligence on the planning process for the hack. It might,
say, have phone calls discussing the project, weekly PowerPoint
status reports, or even Kim Jong Un’s sign-off on the plan.
…
Sony also has a vested interest in the hack being the work of North
Korea. The company is going to be on the receiving end of a dozen or
more lawsuits—from
employees, ex-employees, investors, partners, and so on. Harvard Law
professor Jonathan Zittrain opined
that having this attack characterized as an act of terrorism or war,
or the work of a foreign power, might earn the company some degree of
immunity from these lawsuits.
Question:
It seems “everyone” is suggesting that Sony is the tipping point
for “reasonable security” in every organization. Will the next
large hacking “victim” be judged like the T J Hooper?
The
Sony Hack: A ‘Question of When’ for Other Companies
Listen
to the podcast:
https://itunes.apple.com/us/podcast/knowledge-wharton/id120724941
The
cyberattacks on Sony Pictures in response to a movie that depicts a
plot to kill North Korean leader Kim Jong-un should serve as a
wake-up call in the digital age for companies that have hitherto been
lax on information security.
“That
is the major takeaway for companies who are watching this train wreck
and breathing a sigh of relief that it wasn’t them,” according to
Andrea Matwyshyn, a law professor at Princeton University. The
hacking has been a “public relations nightmare,” for Sony, adds
Wharton marketing professor Pinar
Yildirim, as leaks of internal communications have fractured
relationships and cast major Hollywood players in an unflattering
light.
Pressure
from many players in Hollywood and Washington.
Sources
close to the matter tell FBN the potential partnership was derailed
Monday, after weekend conversations between the two companies about a
possible release. Had the movie run on Dish, tens of millions of
Americans could have watched "The Interview" as early as
Christmas Day.
…
Sources say top Sony executives have been working 24/7 to find a way
to release the movie, and that Sony Entertainment CEO Michael Lynton
is adamant that the movie air somewhere, somehow.
Sony
stands to lose up to $200 million by out-right cancelling "The
Interview." The company also
faces harsh long-term damage to its reputation if the
movie is never released.
For
my Computer Security students. Suspicions confirmed! Yet another
breach was due to the ability of hackers to search for and identify
holes in security faster and more reliably than security managers
can. Errors happen. Not confirming that all servers were updated is
not an error, it is a management failure.
Morning
Agenda: How Hackers Got Into JPMorgan
The
giant computer breach at JPMorgan Chase this summer might have been
prevented if the bank had installed a simple security fix to an
overlooked server in its network, Matthew
Goldstein, Nicole Perlroth and Michael Corkery report in DealBook.
While JPMorgan spends $250 million a year on computer security, the
weak spot in this case was very basic, according to people who have
been briefed on internal and outside investigations into the attack.
JPMorgan’s
security team had apparently
neglected to upgrade one of its network servers with a
double authentication scheme, known as two-factor authentication,
which requires a second one-time password to gain access to a
protected system. That left the bank vulnerable last spring, after
hackers stole the login credentials for a JPMorgan employee. Had the
dual password scheme been put in place, the attack could have been
stopped when it started.
Interesting
research.
From
the University of Arkansas on Newswise:
Information systems researchers at the University of Arkansas, who
studied the effect of two compensation strategies used by Target in
reaction to a large-scale data breach that affected more than 70
million customers, have found that overcompensation
of affected customers may only raise suspicions rather
than satisfy customers’ sense of justice.
The researchers have developed a model that organizations can use to
address and respond to large-scale data breaches and manage customer
outcomes.
Read
more on Newswise.
Okay,
this might heat up again. If Russia can afford to keep playing...
Ukraine
votes to drop non-aligned status
Ukraine's
parliament has voted to drop the country's non-aligned status and
work towards Nato membership.
Russian
Foreign Minister Sergei Lavrov called the move "counterproductive"
and said it would boost tensions.
The
BBC's David Stern in Kiev says it is not clear when Ukraine will
apply for Nato membership and many officials see it as a distant
prospect.
Ukrainian
President Petro Poroshenko pledged to seek Nato membership over
Russian support for rebels in the east.
(Related)
Putin
has one weapon to protect the rouble — he must use it wisely
On
top of his Ukrainian tribulations Vladimir Putin now has to manage a
war of attrition with currency speculators. Lack of confidence in
the Russian economy has prompted a flight in capital as some
investors seek to limit their losses on rouble assets while others
actively bet on a continued depreciation of the currency. The
president’s battlefield options range from strategic retreat
(allowing depreciation) to raising interest rates and selling foreign
exchange to imposing controls on capital outflows.
The
first three options are close to being exhausted. The
rouble has already depreciated by more than seems warranted even by a
pessimistic view of Russia’s economic fundamentals. Last week the
Central Bank of Russia increased interest rates to 17 per cent, a
level where further increases are likely to be self-defeating because
of the economic costs they would impose. Finally, Mr Putin indicated
in his press conference on Thursday that the country’s
international reserves, while still at a comfortable level, should no
longer be wasted in market interventions to prop up the national
currency.
This
leaves capital controls. Would they work for Russia? What can we
learn from international experience of the use of capital controls in
currency crises?
This
is cute!
The
Year in Management, Told in 20 Charts
…
What smart products do people actually want? Do employees like
negative feedback? And what’s the strangest educational background
for a member of the Fed (this is my favorite)?
For
all my students
The
Desmos iPad App Is Here!
Starting
today, students, teachers, and math enthusiasts can explore math
through Desmos without the need for an internet connection – or an
expensive hand-held graphing calculator. The app features many of
the familiar elements of desmos.com, but with dozens of built-in
examples, an enhanced design, and offline support.
Download
the free iPhone app here:
https://itunes.apple.com/us/app/desmos-graphing-calculator/id653517540?mt=8
…
our Android app works offline
and includes all of the features you've come to love: sliders,
implicit equations, even regressions.
Download
the Android App here:
https://play.google.com/store/apps/details?id=com.desmos.calculator&hl=en
This
one is for me – so my students aren't singing “La la la,
something something”
Google
is making the process of singing along to your favorite songs easier.
The search engine will
now provide users in North America with full lyrics for songs
above
their search results — assuming the lyrics are recorded in the
Google Play store. Append "lyrics" onto the song name of
your choice and Google will present a chunk of the words to your
selection, directing you to see the full lyrics on the tune's Google
Play store page.
No comments:
Post a Comment