This just got nasty.
You may have never heard of Flathead Valley in
Montana. I’ll admit that I had never heard of it until tonight
when I received a tip to go look at a post on their sheriff’s
Facebook page. And that’s when I learned that Flathead County
schools had not only been
hacked and threatened if they didn’t pay the hackers, but parents
had received messages threatening to kill their children.
The threats were taken seriously enough that 30
schools were closed for days while the county and federal law
enforcement investigated the threats.
We are now in the realm of TheDarkOverlord v2.0,
it seems.
For those who, like this blogger, have followed
the criminal activities of TheDarkOverlord, reading a report of them
thoroughly hacking an entity and then writing a lengthy demand letter
threatening to expose confidential files or personal information –
well, that’s nothing new. But contacting parents of school
children and threatening their children’s physical safety?
It is TheDarkOverlord on steroids, at the very
least. But is it a real threat?
As The Flathead Beacon reported
after the situation escalated:
The
individual apparently gained access to the Columbia Falls School
District’s electronically stored directory and began contacting and
threatening families individually.
How do you terrorize an entire community? You
raise the spectre of Sandy Hook. And you show that you know details
about the children and the school.
TheDarkOverlord are masters at doing their
research, and were aiming to create significant terror in their
targets. I think it’s pretty clear that they accomplished that –
at least in the short-term. But is this approach likely to result in
more payments from victims, or has TheDarkOverlord misunderstood the
psychology of its intended victims? There is certainly no indication
that Flathead Valley will be paying them any money.
What the people of Flathead County may not know,
but what law enforcement should certainly know, is that this is not
the first time TheDarkOverlord has threatened physical violence
against a victim. DataBreaches.net is not reproducing an earlier
threat missive, but it, too, was designed to terrorize its target by
threatening physical violence against the victim’s family. And the
Flathead case is not the first case where TheDarkOverlord has
contacted its victims by phone or SMS to threaten them or deliver
obscenity-laden messages.
And maybe that’s the first thing law enforcement
could have done to reassure the community: to recognize from the
style and writing that this was/is the work of TheDarkOverlord and
they’ve threatened physical violence before but never followed up
on it – at least, not to date.
Of course, if TheDarkOverlord is really outside of
the U.S., as the sheriff apparently told the community, then actual
physical violence seems less likely. But should the county be
telling the public that TheDarkOverlord is outside of the U.S.? It’s
a reasonable hypothesis, but do they actually have any hard proof of
that? If they don’t have actual proof, wouldn’t it be more
honest to say, “We believe that they’re outside of the U.S.”
than to assert that they are?
… In the meantime, the Flathead Beacon
has done a truly admirable job of reporting on the situation as it
has evolved, and you can get caught up on the details by reading
their reports (in reverse chronological order, below:)
Management did not take the earlier breach as an
indication that security was not up to snuff?
Equifax
Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed
Equifax
Inc. learned about a major breach of its computer systems in
March -- almost five months before the date it has publicly
disclosed, according to three people familiar with the situation.
In a statement, the company said the March breach
was not related to the
hack that exposed the personal and financial data on 143 million
U.S. consumers, but one of the people said the
breaches involve the same intruders.
… Equifax hired the security firm Mandiant on
both occasions and may have believed it had the initial breach under
control, only to have to bring the investigators back when it
detected suspicious activity again on July 29, two of the people
said.
… The revelation of a March breach will
complicate the company’s efforts to explain a series of unusual
stock sales by Equifax executives. If it’s shown that those
executives did so with the knowledge that either or both breaches
could damage the company, they could be vulnerable to charges of
insider trading. The U.S. Justice Department has opened a criminal
investigation into the stock sales, according to people familiar with
the probe.
Equifax has said the executives had no knowledge
that an intrusion had occurred when the transactions were made.
… There’s no evidence that the publicly
disclosed chronology is inaccurate, but it leaves out a set of key
events that began earlier this spring, the people familiar with the
probe said.
In early March, they said, Equifax began notifying
a small number of outsiders and banking customers that it had
suffered a breach and was bringing in a security firm to help
investigate. The company’s outside counsel, Atlanta-based law firm
King & Spalding, first engaged Mandiant at about that time.
[Hired not by Equifax, but
by their lawyers. Bob] While it’s not clear how long
the Mandiant and Equifax security teams conducted that probe, one
person said there are indications it began to wrap up in May.
Equifax has yet to disclose
that March breach to the public.
One possible explanation, according to several
veteran security experts consulted by Bloomberg, is that the
investigation didn’t uncover evidence that data was accessed. Most
data breach disclosure laws kick in only once there’s evidence that
sensitive personal identifying information like social security
numbers and birth dates have been taken. The Equifax spokesperson
said the company complied fully with all consumer notification
requirements related to the March incident.
Apparently, a large percentage of people prefer
conspiracy over truth.
Is There
Any Hope for Facebook's Fact-Checking Efforts?
Facebook’s fact-checking efforts are on the
rocks. Five months after the social-media giant debuted a
third-party tool to stop the spread of dubious news stories on its
platform, some of its fact-checker partners have
begun expressing frustration that the company won’t share data
on whether or not the program has been effective.
In the absence of that official data, a study
by Yale researchers made waves last week by suggesting that flagging
a post as “disputed” makes readers just a slim 3.7 percent less
likely to believe its claim. Among
Trump supporters and young people, the fact-checking program
seems to backfire entirely: Those respondents
were more likely to believe flagged posts than unflagged ones.
… Facebook users who cluster around
conspiracy-related content tend to interact only with material that
affirms their preexisting worldview, but in the rare cases when they
do come into contact with dissenting information that attempts to
debunk conspiracy theories—in the form of public posts by
science-related pages—the conspiracy theorists become more, rather
than less, likely to interact with conspiracy-related content in the
future. In fact, conspiracy theorists who never interact with
dissenting viewpoints are almost twice as likely as those who do to
eventually drift away from conspiracy-themed content.
In other words, attempting to correct wrongheaded
beliefs on Facebook appears to accomplish the precise opposite.
For my students who read.
Google adds
local library ebook options to search results
… The user will need to first apply their
location, though, so Google knows which library to search. T he
results, as shown in the tweeted image above, lists the library under
a ‘Borrow ebook’ section which itself appears to be found under
the ‘Get Book’ tab. You’ll need to search the book’s title
to see this, at which point there’s only a bit of scrolling and a
tap to get to the item.
If you do tap the link to borrow the ebook, you’ll
be taken to a page where you can then sign in with your library
credentials. From there you can proceed as usual, reading a sample
or outright borrowing the book if you already know you want it. The
feature is rolling out now and can be found on mobile and desktop (at
the bottom of the right-hand panel in the latter case).
No comments:
Post a Comment