Monday, May 29, 2017

We just finished talking about disaster recovery in my Computer Security class.  Perhaps BA should hire a few of my students? 
British Airways flight chaos lessens after weekend of disruption
The airline is "closer to full operational capacity" after an IT power cut resulted in mass flight cancellations at Heathrow and Gatwick.
Thousands of passengers remain displaced, with large numbers sleeping overnight in terminals.
BA has not explained the cause of the power problem.
   no-one from the airline has been made available to answer questions about the system crash, and it has not explained why there was no back-up system in place.
   BA blames a power cut, but a corporate IT expert said it should not have caused "even a flicker of the lights" in the data-centre.
Even if the power could not be restored, the airline's Disaster Recovery Plan should have whirred into action.  But that will have depended in part on veteran staff with knowledge of the complex patchwork of systems built up over the years.
Many of those people may have left when much of the IT operation was outsourced to India.
One theory of the IT expert, who does not wish to be named, is that when the power came back on the systems were unusable because the data was unsynchronised.
In other words the airline was suddenly faced with a mass of conflicting records of passengers, aircraft and baggage movements - all the complex logistics of modern air travel.  
   Former Virgin Airlines spokesman Paul Charles said: "What seems remarkable is there was no back-up system kicking in within a few minutes system failing.
"Businesses of this type need systems backing up all the time, and this is what passengers expect."
   The airline said there was no evidence the computer failure was the result of a cyber-attack.  It denied claims by the GMB union that the problem could be linked to the company outsourcing its IT work.

(Related).
Commentary: British Airways has no excuse for the chaos at Heathrow airport
   On the scant information available so far, there appears to be no good excuse for the crippling IT failure.  Mr Cruz said there was no evidence of a cyberattack and that the root cause seemed to be a power supply issue - the same reason given by Delta, the US airline, when IT problems forced it to ground planes around the world last year.
This is an entirely inadequate explanation.  Whatever back-up systems British Airways had in place, they are woefully deficient if they cannot withstand a power cut.  No chief executive today can afford to underestimate the threat posed by either cyberattack or more mundane IT glitches.


A few more details and a list of Colorado stores hit.
Most Chipotle restaurants hacked with credit card stealing malware
The company first acknowledged the breach on April 25.  But a blog post on Friday revealed the kind of malware used in the attack and the restaurants that were affected.
The list of attacked locations is extensive and includes many major U.S. cities.  When CNNMoney asked the company Sunday about the scale of the attack, spokesman Chris Arnold said that "most, but not all restaurants may have been involved."
Chipotle (CMG) said in its blog post that it worked with law enforcement officials and cybersecurity firms on an investigation.  
   A list of the restaurants and times they were affected can be found on Chipotle's website.


Where there is money to be made, legally or illegally, malware waits for you.
'Judy' Malware Potentially Hits Up to 36.5M Android Users
As outlined by security firm Check Point, 41 apps developed by Korea-based Kiniwini and published under the moniker ENISTUDIO Corp., "infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it."
It's "possibly the largest malware campaign found on Google Play," according to Check Point.
Google "swiftly" removed the apps from Google Play after being alerted to their existence, Check Point says, but not before they "reached an astonishing spread between 4.5 million and 18.5 million downloads."  Some were available on the store for several years and all were recently updated.


Of course not, they were making it (the entire campaign) up on the fly!
Trump campaign likely didn’t save documents: report
The Trump campaign likely did not preserve documents and communications key to the law enforcement investigation into possible collusion between President Trump's associates and the Kremlin, Politico reported Saturday.
Political campaigns, Politico noted, are typically not required to preserve emails on their private server for long windows of time, and most messages are deleted within 30 to 90 days, unless steps are taken to preserve them. 
What's more, the Trump campaign did not do much to establish a plan to maintain those communications, according to a former campaign aide.
"You’d be giving us too much credit,” the former aide told Politico.  "The idea of document retention did not come up.  The idea of some formal structure did not come up."


Now PowerPoint has an AI, and I still won’t use it!


Anything to help my students get jobs! 
LinkedIn's Top 50 Companies and the Skills Needed to Work There

No comments: