Obama to Announce Retaliation Against Russia for Election
Hacks
The Obama administration is
thought to be finalizing its response to Russian interference in the 2016
election. This could include any
combination of economic sanctions, criminal indictments or a cyber response -- but the
intention is to get something in place that cannot easily be rolled back by
President-elect Donald Trump. [That seems rather petty. Bob] Details could be announced as early as this week.
Government agencies have concluded that Russia, likely
with the personal direction of Vladimir Putin, were behind the DNC hacks
earlier this year. This is thought to be
part of a wider 'disinformation' campaign designed to support Trump over
Clinton. Similar disinformation concerns
have been raised in Germany
over next year's German elections.
One of Obama's problems is that he has limited means to
invoke retaliation at this stage of his presidency. A 2015 executive order
allows sanctions against people who harm computer systems that are part of the
US critical infrastructure (CI) or seek to gain competitive advantage through
the cybertheft of commercial information; but
elections have not been considered part of the CI.
(Related). On the
other hand…
Video – How 60 ambiguous words gave the United States’
president unprecedented war power
by Sabrina
I. Pacifici on Dec 28, 2016
‘The President is authorised to use
all necessary and appropriate force against those nations, organisations, or
persons he determines planned, authorised, committed, or aided the terrorist
attacks that occurred on September 11, 2001, or harboured such organisations or
persons, in order to prevent any future act of international terrorism against
the United States by such nations, organisations or persons.’
“Written in haste and passed by the US Congress in the
days after 11 September 2001, the ambiguously worded Authorisation for the Use
of Military Force (AUMF) greatly expanded the war powers of the executive
branch, granting US presidents the choice to bomb, raid, detain and monitor
nation states and organisations around the world as they see fit. Centred around an interview with
Representative Barbara Lee, the sole member of congress to vote against the
AUMF, War Authority examines how the
authorisation’s vague language – invoked at least 18 times by the former
president George W Bush, and at least 19 times by President Barack Obama – has
shaped modern US foreign policy and affected people around the world.”
Director: Matthew Palmer.
[The video: https://aeon.co/videos/how-60-ambiguous-words-gave-the-united-states-president-unprecedented-war-power
(Related). Release
of the information would reduce speculation of a political rather than logical “conclusion.”
Intel agencies sued for records on Russian election
interference
by Sabrina
I. Pacifici on Dec 28, 2016
Follow-up to previous posting – Unreleased CIA assessment concludes Russia aided Trump
– via The Hill – Lydia Wheeler, December
27, 2016: “A lawsuit has been filed
against the CIA, the FBI, the Department of Homeland Security and the Office of
the Director of National Intelligence seeking records pertaining to Russia’s
interference in the presidential election. Journalist Jason Leopold and Ryan Shapiro, a
Ph.D. candidate at the Massachusetts Institute of Technology (MIT), filed a lawsuit in the U.S. District Court for the District
of Columbia on Monday asserting that the agencies have failed to comply with
their request for documents under the Freedom of Information Act (FOIA). Earlier this month, the CIA reportedly concluded in a secret
assessment that Russia had intervened in the presidential election to help
President-elect Donald Trump defeat
Democratic nominee Hillary Clinton. That assistance, officials believe, included
the hacking of Democratic email accounts…”
Russia is a member of the OSCE. Did they think they were being lied to or
that OSCE was withholding information?
DW reports:
The Organization for Security
and Cooperation in Europe (OSCE) confirmed on Wednesday that it
has been the target of a “major security information incident.”
The international security and
human rights watchdog became aware of the security breach in November. According to an OSCE spokesperson, the systems
are now safe.
“We were given entirely new
security systems and passwords,” she added.
Read more on DW.
And yes, the Russians have been blamed
for this, too, by an “unnamed Western intelligence agency.” It would be nice if the “unnamed Western
intelligence agency” would respond to FOIA requests made by others for you
know, records providing actual proof….
Something I could ask my Computer Security students to use
when analyzing security breaches? Sounds
like fun to me!
FDA Releases Guidance for Medical Device Cybersecurity
The U.S. Food and Drug
Administration (FDA) has released guidance on the postmarket management of
cybersecurity for medical devices, encouraging manufacturers to implement
security controls that cover products throughout their entire life cycle.
In 2014, the FDA released guidance for the premarket
management of cybersecurity. The
recommendations include limiting access to trusted users via various
authentication methods, ensuring that only authorized firmware and software can
be installed, and implementing features for cyber incident detection, response
and recovery.
The new
guidance issued by the FDA focuses on managing cybersecurity risks
after the devices have been deployed on a hospital’s network, a patient’s home
network, or in a patient’s body.
(Related). For
example…
Add Desert Care Family & Sports
Medicine in Casa Grande, Arizona to the list of health
facilities who suffered a ransomware attack. But what happened to them has resulted in my
updating my worst
breaches of 2016 list.
On December 20, the center notified HHS that 500 patients
were being notified that their server had been infected in August 2016. Of note, not only were the data on the server
encrypted – including patient records – but Desert Care took the server to
several IT specialists who were all reportedly unable to break the encryption.
“As a result,” their patient notification letter explains,
“the server remains locked and encrypted by the ransom ware, and patient
records are unavailable.”
They do not explain whether they paid the ransom, and if
they didn’t, why they hadn’t once they determined that they could no longer
access patient records. And for the
center to write that three months after a ransomware attack, “patient records
are unavailable” raises several additional
questions, including whether there had been any backup, and if so, what
happened to it (and if there was no backup, why not)?
Information on the server included patient’s “full name
date of birth, home address, account number, diagnosis, types of treatment
information, disability codes, etc.”
To add to their regulatory woes, not only was the center
unable to recover access to their patient records, but they were also unable to determine if patient records were exposed or acquired.
“We have not received any indication that the information
on the server has been accessed or used by an unauthorized individual, but
Desert Care cannot be sure of this, so it is providing you with this notice out
of an abundance of caution,” they write.
DataBreaches.net sent an inquiry to the center asking
whether they were subsequently able to determine what type of ransomware was
involved, and whether they had any backup of their patient records, as their
statement seems to suggest that there may be no backup that they could use to
recover patient information.
This post will be updated if a response is received.
Insider trading or AI trading. Will the SEC believe me when I claim superior
Watson made me do it?
Unusual trading activity in Kate Spade ahead of headlines
about potential sale
Minutes before Dow
Jones reported that Kate Spade
is exploring
a sale of its business, one options trader purchased nearly 2,000 calls in
the accessories label — resulting in a quick $320,000 profit.
According to CNBC "Fast Money Halftime Report"
trader Jon Najarian, thousands of Kate Spade's call options were purchased at
12:23 p.m. ET Wednesday — roughly 10 minutes before headlines of a potential
sale hit.
… When options
activity spikes ahead of an announcement, it can indicate that someone had
inside information. Kate Spade has been
under pressure to sell its business, after activist firm Caerus Investors
suggested the company do so last month.
It’s not SciFi, it’s just Amazon! These could also replace the Goodyear blimps
at some future Superbowl.
Amazon files patent for flying warehouse
Amazon has filed a patent
for massive flying warehouses equipped with fleets of drones that deliver goods
to key locations.
Carried by an airship, the warehouses would visit places
Amazon expects demand for certain goods to boom.
It says one use could be near sporting events or festivals
where they would sell food or souvenirs to spectators.
The patent also envisages a series of support vehicles
that would be used to restock the flying structures.
Amazon air force
The filing significantly expands on Amazon's plans to use
drones to make deliveries. Earlier this
month it made the first commercial delivery using a drone via a test scheme
running in Cambridge.
In the documents detailing the scheme, Amazon said the
combination of drones and flying warehouses, or "airborne fulfilment
centres", would deliver goods much more quickly than those stationed at
its ground-based warehouses.
Also, it said, the drones descending from the AFCs - which
would cruise and hover at altitudes up to 45,000ft (14,000m) - would use almost
no power as they glided down to make deliveries.
Many firms working on drones are struggling with ways to
extend their relatively short range, which is typically dependent on the size
of the battery they carry.
The patent lays out a comprehensive scheme for running a
fleet of AFCs and drones. It suggests
smaller airships could act as shuttles taking drones, supplies and even workers
to and from the larger AFCs.
… Amazon's patent
was filed in late 2014 but has only now come to light thanks to analyst Zoe
Leavitt from CB Insights who unearthed the
documents.
Students ask about this all the time.
Learning to program may seem like a daunting task.
Luckily, it’s not nearly as difficult as it seems. With a bevy of resources
available both on and offline, dedicated communities, and experts to follow on
social media, learning programming is much simpler than it used to be.
I know it’s unlikely, but my geeks might have missed one. On the other hand, they research movies much
more intensely than they do my homework assignments.
I’ve got lots of gamers.
I’m not sure how many developers I have. Let’s find out!
Do you have an idea for a game that’s been brewing in your
mind for years? What if I told you that
you could make that idea come to life, even if you have no game development
experience? These days, anyone can make
a video game with a bit of elbow grease and perseverance.
Of course, that doesn’t mean game development is easy. Not by a long shot. Even something as simplistic as Flappy
Bird or Tetris can take a lot of time and effort to make it look
and feel good. But thanks to free game
development software tools, a game that might’ve required one year can now be
made in six months or faster — sometimes without any code!
Note that this list is ordered by least complex to most complex. The simpler free game development tools are
easier to pick up but have limitations. As
you go down the list, you gain more flexibility at the cost of a greater
learning curve.
No comments:
Post a Comment