Hackers Target Czech Foreign Ministry's Email System
The Czech foreign minister said Tuesday his office had
fallen prey to hackers who worked their way into the email accounts of dozens
of employees including himself.
"Since early January we have known one of the attacks
was partly successful as the hackers managed to penetrate the email system of
the ministry," Lubomir Zaoralek told reporters.
He added however that no classified information was
compromised as hackers failed to get into the ministry's inner system.
"The data leak was considerable. The attack was very
sophisticated," Zaoralek said.
"It
must have been carried out from the outside, by another country. The way it was done bears a very strong
resemblance to the attacks on the US Democratic Party's internet system,"
said the foreign minister, citing experts.
… In neighboring Poland, the Rzeczpospolita
daily reported Monday that a group of Russian hackers called APT28 had tried to attack local
foreign ministry servers in December through emails pretending to be
sent by the NATO secretary general.
It’s not always the Russians. Sometimes it’s industrial espionage! (Yes, baseball is an industry.) How do you know what your employees are doing?
Brian Feldt reports:
Major League Baseball on
Monday afternoon ordered the St. Louis Cardinals to pay $2 million and turn
over two 2017 draft selections to the Houston Astros as a result of a former
Cardinals employee hacking the Astros’ computer system.
The league’s decision also permanently banned Chris
Correa, who was fired by the Cardinals in July 2015 for the incident, effective
immediately.
Read more on St.
Louis Business Journal.
Has no one in the industry secured their computers? Are these attacks that we are not being told
about?
Computer outage grounds Delta flights in U.S.
… The airline's website and mobile
apps also went down, adding to customers' frustrations.
… Delta's computer
problems came about a week after United
Airlines temporarily grounded domestic mainline flights due to an IT issue.
For my Computer Security researchers?
Jack Danahy of Barkly writes,
in part:
In a very short time, ransomware
has grown from a known but infrequent cyber attack to a profitable and
widespread epidemic. Attacks are
increasing in frequency and severity. On average, a new business is attacked every 40
seconds, and a disproportionately high number of victims are
healthcare providers. In fact, research
shows that healthcare providers were 4.5X more likely to be hit by
Cryptowall ransomware than operators in other industries.
He then goes on to review the observations of ransomware
that threatens to reveal patients’ sensitive information, such as Jigsaw.
For healthcare providers, adding
doxxing to the extortion equation transforms ransomware from a critical service
issue to a costly matter of HIPAA notification compliance and a case of public
data breach, raising the stakes considerably. Organizations are required to report this kind
of exposure of unsecured protected health information to the U.S. Department of
Health and Human Services’ Office for Civil Rights (OCR). In addition to potentially issuing a fine
— the largest issued to date totaled $4.8 million — the
OCR also publicly exposes all organizations experiencing breaches totaling 500
records or more.
This public exposure also puts
patients at risk. Stolen medical records
released publicly can quickly become fodder for a wide variety of fraudulent
activity, from buying and reselling medical equipment or prescription drugs to
filing false claims with insurers. Medical
identity theft can be a painful and damaging logistical nightmare for patients,
potentially ruining their credit and even endangering their lives. Victims experience the consequences of unpaid
deductibles, corrupted medical histories, and even prosecution for fraud.
Of course, it’s not only ransomware that can create the
risks he describes above. Theft
of data with ransom demands – even those attacks that do not involve ransomware
– can create the same risks, as I’ve noted previously.
But where are there are any data showing that any of these
potential horribles have actually happened as a result of either doxxing
ransomware or the sale of patients’ sensitive information? Do we have any actual reports or proof that
people have been injured in ways other than the time/stress of having to deal
with perhaps changing card numbers, etc.?
I need data.
I find it difficult to believe that the Executive Branch
didn’t want control over what its appointees were saying. ‘No plans’ translates to ‘No management
skills’ in my world.
With Trump, Twitter transition stirs confusion
The handoff of federal agencies' social media accounts to
the Trump administration is sparking controversy and complicating the
transition.
Trump's is
the first administration to take power in the Twitter age. That’s led to confusion about the rules for
handing off government accounts and oversight.
Twitter laid out plans for seamlessly transferring the
@POTUS account from former President Obama to President Trump — and other
social media platforms, including Instagram and Facebook, did the same.
But for
many other government agencies, there were no plans in place for how to manage
communications on social media as a new president took power.
Obama administration officials say that's because they
largely left agencies to handle their own accounts free of political influence
from the White House. They say they didn't anticipate that the next
administration would want tighter controls on social media.
For my Computer Security students, this is the enemy.
The Internet Is Mostly Bots
… Overall,
bots—good and bad—are responsible for 52 percent of web traffic, according to a new report by the
security firm Imperva, which issues an annual assessment of bot activity
online. The 52-percent stat is
significant because it represents a tip of the scales since last year’s report,
which found human traffic had overtaken bot traffic for the first time since at
least 2012, when Imperva began tracking bot activity online. Now, the latest survey, which is based on an
analysis of nearly 17 billion website visits from across 100,000 domains, shows
bots are back on top. Not only that, but
harmful bots have the edge over
helper bots, which were responsible for 29 percent and 23 percent of
all web traffic, respectively.
… “For the past
five years, every third website visitor was an attack bot.”
Put another way: More than 94 percent of the 100,000
domains included in the report experienced at least one bot attack over the
90-day period in Imperva’s study.
… the most active
helper-bot online is what’s known as a “feed fetcher,” and it’s the kind of bot
that helps refresh a person’s Facebook feed on the site’s mobile app. Facebook’s feed fetcher, by itself, accounted
for 4.4 percent of all website traffic, according to the report—which is
perhaps stunning, but not altogether surprising. Facebook is a behemoth, and its bot traffic
illustrates as much.
The survey can be yours for a mere $15,000.
Privacy worries are on the rise, new poll of U.S. consumers
shows
IDC advises
businesses to advertise the steps they take to protect personal information
A recent IDC survey found 84% of U.S. consumers are
concerned about the privacy of their personal information, with 70% saying
their concern is greater today than it was a few years ago.
… Younger
consumers, aged 18 to 35, were more concerned for their privacy than older
consumers, aged 36 to 50, the survey found. The younger age group also had a 56%
likelihood of switching business providers based on an impending hacker threat,
compared to 53% for the older group. Meanwhile, women were more likely to switch
than men, by a difference of 8 percentage points, for an impending hacker
threat.
If a breach affected them directly, 78% of all consumers
said they would switch to another business from the one where the breach
occurred.
The article says this is recent, but I don’t see a recent
survey on the PwC website.
PwC: 81% of consumers are aware of smart homes, but only 26%
want one
PwC interviewed more than 1,000 consumers via an online
survey to find out their views on smart homes. It did so because
just about every tech company is busy making products for the Internet of
Things, or smart and connected everyday objects. And smart home devices are part of that grand
plan.
While awareness of the technology is broad, adoption has
been slow, PwC said. Consumers with a
household income of $100,000 or more are the group most likely to interact with
smart home devices (43 percent), followed by men (32 percent).
Conversely, consumers above the age of 50 are the least
likely to interact with such devices (13 percent).
PwC said that among users, satisfaction is high, in the
90th percentile. Those current users of
smart devices are pleased not only with the device itself, but also with the
supporting apps.
There is a strong correlation between smart home device
use and connectivity with an app. Seventy-four
percent of respondents said they use their home device more frequently because
it connects to their mobile device.
For my Spring spreadsheet class.
Why we're so bad at statistics
None of my students predicted this! We need to work on our strategic
thinking.
Wal-Mart to offer free 2-day shipping to all customers
Wal-Mart is opening free two-day shipping to all
customers, dropping a paid membership program.
Starting Tuesday morning, the Bentonville, Ark.-based
retailer will ship eligible orders of $35 or more to customers' homes in two
days or less
For my geeks. What
say we try applying this to online poker? Purely as an academic exercise of course.
A Computer Just Clobbered Four Pros At Poker
Zillman’s lists are always extensive. Pulling out what might be useful is still a
huge job.
New on LLRX – Academic and Scholar Search Engines and Sources
2017
by Sabrina
I. Pacifici on Jan 30, 2017
Academic and Scholar Search Engines and Sources 2017 – From
arenas that encompass government, research, academic, international, health and
medicine, science and technology, economics and finance, libraries and open
source collections around the world, Marcus Zillman has compiled a benchmark resource on
search engines from which researchers may choose to support a wide range of
projects, programs and publications.
Perspective. For
every ‘disruption’ that creates new business models, there are ‘downsides.’
Taxi Medallion Prices Are Plummeting, Endangering Loans
… According to a
recent presentation prepared for Capital One Financial Corp. investors, some 81
percent of its $690 million in loans for taxi medallions are at risk of
default.
Medallions, the small metal shields affixed to the hoods
of taxi cabs, are issued by the local taxi authority and effectively allow the
cabs to operate legally. Owning one used
to be akin to owning a gas-guzzling, money-printing machine. Medallions in New York City traded at more
than $1 million in
2014, but today's prices are about
half of that.
Terrorists and techies.
Can President Trump tell the difference?
Is all of this just a way to say, “I kept all my campaign promises. Then Congress undid it!”
IT stocks drop 4% on H1-B visa fears, Rs 33,000 crore market
valuation lost
IT stocks plunged over 4% on Tuesday, knocking off more
than Rs 33,000 crore [$4.8
billion Bob] in
market valuation of top five firms, after a new H-1B Bill in the US set off
concerns that it will adversely impact hiring plans of Indian technology firms.
Dilbert illustrates the future of lawyering?
No comments:
Post a Comment