Oh my. This is a
somewhat different application of ransomware. I hope it doesn’t catch on.
The Local reports this incident in Austria:
One of Europe’s top hotels has
admitted they had to pay thousands in Bitcoin ransom to cybercriminals who
managed to hack their electronic key system, locking hundreds of guests in or out of their rooms until the money was
paid.
Furious hotel managers at the Romantik Seehotel
Jaegerwirt, a luxurious 4-star hotel with a beautiful lakeside
setting on the Alpine Turracher Hoehe Pass in Austria, said they decided to go
public with what happened to warn others of the dangers of cybercrime.
[…]
The attack, which coincided with
the opening weekend of the winter season, was allegedly so massive that it even
shut down all hotel computers, including the reservation system and the cash
desk system.
The hackers promised to restore
the system quickly if just 1,500 EUR (1,272 GBP) in Bitcoin was paid to them.
Managing Director Christoph
Brandstaetter said: “The house was totally booked with 180 guests, we had no
other choice. Neither police nor
insurance help you in this case.
Read more on The
Local.
[From the
article:
Hotel management said that they have now been hit three times by cybercriminals who this
time managed to take down the entire key system.
… "The
restoration of our system after the first attack in summer has cost us several
thousand Euros. We did not get any money
from the insurance so far because
none of those to blame could be found." [What is the real reason? Bob]
… We know that
other colleagues have been attacked, who have done similarly." [A warning
ignored? Bob]
… Yet according to
the hotel, the hackers left a back door open in the system, and tried to attack
the systems again.
On the fourth attempt the hackers had however no chance
because the computers had been replaced and
the latest security standards integrated, and some networks had been decoupled.
The Seehotel Jaegerwirt, which has existed for 111 years,
also has another, innovative, trick in store to keep the hackers out for good.
Brandstaetter said: "We are planning at the next room
refurbishment for old-fashioned door locks with real keys. Just like 111 years ago at the time of our
great-grandfathers."
Another ransomware incident. What is the thinking here? It’s only a few things on the Internet of
Things so we don’t need security?
Clarence Williams reports:
Hackers infected 70 percent of
storage devices that record data from D.C. police surveillance cameras eight
days before President Trump’s inauguration, forcing major citywide
reinstallation efforts, according to the police and the city’s technology
office.
City officials said ransomware
left police cameras unable to record
between Jan. 12 and Jan. 15. The
cyberattack affected 123 of 187 network video recorders in a closed-circuit TV
system for public spaces across the city, the officials said late Friday.
Read more on Washington
Post.
Perhaps he should have left his heart monitor somewhere
else?
So since I was just talking about biological data (DNA)
being obtained as evidence, it seems fitting to also point to a somewhat
concerning case in Ohio. Karin Johnson
reports:
A Middletown man was indicted on
charges of arson and insurance fraud.
Police said data they were able
to retrieve from his electronic heart monitor was one of the key pieces of
evidence that led to them charging Ross Compton.
A fire last September destroyed
Compton’s house on Court Donegal in Middletown.
In his 911 call, he told a dispatcher,
“I grabbed a bunch of stuff, threw it out the window.”
Compton also told the dispatcher
that he had an artificial heart.
Middletown police said Compton
told them that he was able to pack his suitcases and
throw them out his bedroom window after he broke out the glass with a walking stick.
throw them out his bedroom window after he broke out the glass with a walking stick.
According to court documents
obtained by WLWT, a cardiologist told police that those actions were “highly
improbable” because of Compton’s medical condition.
Police sought to prove that by
collecting electronic data stored in Compton’s electronic heart device. They wanted to know Compton’s heart rate,
pacer demand and cardiac rhythms before, during and after the fire.
Read more on WLWT.
So where are we going if devices that people wear for
their health conditions can be used as evidence against them to obtain
warrants, or to convict them? Does
evidence based on the devices meet the Daubert standard? Are there any Fifth Amendment issues here? Is this really any different than using a
blood draw for alcohol level in a suspected drunk-driving case that resulted in
injuries?
Facebook is addressing user concerns. Will others follow?
Facebook's
support for USB security keys is a good move and one others should follow
In an attempt to increase the security of online accounts,
Facebook has added support
for 2 factor authentication using USB security keys.
The security keys supported are ones that support a
standard called U2F which stands for Universal
2nd Factor authentication. Logging
into Facebook still involves using a username and password but the 2nd factor
of the process is simply a matter of inserting the key into the computer and
touching a metallic part of the key. The
process is faster than using an SMS text message or special authenticator app
and it is potentially more secure.
… There are a
number of issues with security keys however. They cost between US$18
and US$50 and they currently only work with modern versions of the Chrome and
Opera browsers on computers and Android phones that support NFC.
The other problem is that at present, you can only use a
security key using U2F to log into Google, Facebook, GitHub, Salesforce and
Dropbox.
Is this one possible future for IoT devices? What if it called my insurance company or my
parole officer or my boss?
Tostitos bag tells you when you’ve had too much to drink and
calls an Uber in Super Bowl campaign
… In a gimmicky,
but perhaps well-intentioned, Super Bowl advertising campaign, Tostitos has
created a
bag of chips that includes an alcohol sensor. The “Party Safe” bags flash red with the
message “Don’t Drink And Drive” if alcohol is detected on your breath and can
even use near field communication to call an Uber from your phone.
The battery-powered bags don’t appear to be available to
the public, but CNET
reporter Amanda Kooser was able to test one out. After downing a shot of whiskey, Kooser blew
and the bag glowed red and offered an Uber coupon for $10 off. While you might not be able to get your hands
on the bag, you can get the coupon.
In a partnership with Mothers Against Drunk Driving,
Tostitos will include a coupon for the ride-hailing service on most of its
bags. The coupon is only valid on Super
Bowl Sunday (Feb. 5) and is limited to the first 25,000 users. [So, get
drunk early? Or, use Uber to get to the
bar? Bob]
For my students.
Find an industry to disrupt.
The $99 Billion Idea
How Uber and Airbnb Fought City Hall, Won Over the People,
Outlasted Rivals, and Figured Out the Sharing Economy.
Is this fake news?
I certainly hope so!
Fake News Is About to Get Even Scarier than You Ever Dreamed
… One research
paper published last year by professors at Stanford University and the
University of Erlangen-Nuremberg demonstrated how technologists can record
video of someone talking and then change their facial expressions in real time.
The professors’ technology could take a
news clip of, say, Vladimir Putin, and alter his facial
expressions in real time in hard-to-detect ways. In fact, in this video demonstrating the
technology, the researchers show how they did manipulate Putin’s facial expressions and
responses, among those of other people, too.
No comments:
Post a Comment