Saturday, February 04, 2017

An interesting choice of attack vector, but anything that ‘touches’ your target is worth examining. 
Patrick O’Neill reports:
Polish banks have spent the last week searching for hackers who broke into several of the country’s financial institutions in an incident that looks to be three months old, according to Polish media.
The malware infection appears to have come through — of all things — compromised servers at the Polish financial regulator KNF, which is responsible for enforcing security standards in the banking industry.
The hackers stole no money.  Instead, they exfiltrated large amounts of unidentified encrypted data, according to new reports from Polish and English-language media including Money.pl and Bad Cyber.
Read more on CyberScoop.


How to deal with election meddling?
NATO Publishes Tallinn Manual 2.0 on International Law Applicable to Cyber Ops
Tallinn 2.0 incorporates Tallinn 1.0, published in 2012.  While Tallinn 1 sought to define how international law relates to cyberwar, Tallinn 2 expands the content to include cyber activity that falls short of actual warfare.
   Tallinn Manual 2.0 is available from Cambridge University Press.


Splitting hairs?
S.P. Sullivan reports:
Police in New Jersey can sift through a suspect’s private social media messages without applying for an order under the state’s wiretapping laws, according to a state appeals court decision published Thursday.
The three-judge panel ruled communications such as direct messages and protected posts on platforms like Twitter aren’t subject to the tighter privacy rules that apply to telephone calls.
The court held that authorities still need a communications data warrant before they can compel social media companies to produce private user data.
Read more on NJ.com.


I am trying to make my students into disruptors. 
Why Health Care is Ripe for Digital Disruption
The U.S. health care system, with its brick and mortar, provider-centric business model where doctors dispense face-to-face care during scheduled appointments, is ripe for digital disruption.


I suspect this is the first of many ‘strategy’ articles.  Which most closely matches the facts?
The method to President Trump's madness
What looks like chaos is at least in part a strategy to remind voters that they're getting what they asked for — a real shakeup in Washington.
   The strategy?  To send one deafening message that rings louder than all the seeming commotion: Trump is bringing a sledgehammer to the status quo.

(Related).  We’re still trying to figure out how Trump won.  Does the campaign strategy carry over into Trump’s executive strategy? 
How the Twittersphere Helped Donald Trump Win
Did the Twittersphere help Donald Trump become the Republican nominee for president?  A Wharton analysis of tweets sent before, during and after the 2016 Republican primary debates found an interesting correlation — as well as some sobering trends.  Substantive tweets had less staying power than sensational tweets, which later shaped public opinion about the debates.

Friday, February 03, 2017

It’s that time of year again!
When someone appearing to be your boss emails you and says they urgently need you to send them employees’ W-2 information from 2016, what do you do?  Well, if you haven’t been trained properly or reminded often enough – or if your employer doesn’t have safeguards in place that might prevent you from just sending an email with an attachment out of the system – you might fall for the scam and email criminals the requested information.
If you don’t want to be hated by your colleagues whom you have put at risk of tax refund fraud and identity theft, when you get a request to email W-2 information, STOP and consult with a supervisor and ask them to confirm up the chain that this is a legitimate request.
Last year, this site compiled 145 such incidents before I somewhat waved a white flag in terms of trying to keep up.  Let’s see how 2017 goes.  Here’s the list I’ve got so far, and it will be updated as I become aware of new incidents.  Steve Ragan of Salted Hash has indicated that he will keep track, so do check his space also.
  1. Dracut Schools.
  2. Tipton County Schools 
  3. Odessa School District
  4. Campbell County Health 
  5. Marin Software
  6. UGI Utilities
  7. Sunrun
  8. Lexington School District Two in SC.
  9. Mercedes ISD in Texas.
  10. eHealthInsurance (eHealth, Inc.)
  11. Kuhana Associates
  12. Point Coupee Hospital
  13. Morton School District (IL)
  14. Scotty’s Brewhouse (IN)
  15. Mitchell Gold + Bob Williams
  16. Persante
  17. TransPerfect 
  18. Davidson County Schools (NC)
  19. Belton Independent School District (TX)
  20. Argyle School District (TX)
  21. Renovate America (CA)


Everyone blames the Russians.  Probably because the Russians are hacking everyone.
The Labour Party’s parliamentary group suffered a hack in autumn that was carried out by Russians, TV2 reported.
The attack against Labour is being compared to the hack of the Democratic National Committee that American intelligence agencies said was carried out by Russia in an effort to influence the outcome of the US election.
According to TV2’s report, Labour’s parliamentary group was notified of the hack by the Norwegian Police Security Service (Politiets Sikkerhetstjeneste – PST).
Read more on TheLocal.no.
Everyone tries to hack everyone to get intel.  [Some are better at avoiding detection,  Bob] 

(Related).  Of course, the Russians blame the Chinese.
Chinese Cyberspies Target Russia With New Malware
A China-linked cyber espionage group has been using new malware and new techniques in attacks aimed at military and aerospace organizations in Russia and Belarus.
In July 2016, security firm Proofpoint reported that the threat actor had been using NetTraveler (aka TravNet) and the PlugX RAT to target Russia and neighboring countries.


Update.  It didn’t take long to find these hackers.  They must not be Russian!
Peter Hermann reports:
Two people have been arrested in London in the hacking of storage devices that record data from D.C. police surveillance cameras, law enforcement authorities said Thursday.
The arrests were made in the south London neighborhood of Streatham and followed a search warrant that was served Jan. 19, the day before the presidential inauguration in the District.
Read more on Washington Post.
[From the article: 
D.C. officials said last week that the hack appeared to be an extortion effort that “was localized.”
   City officials revealed the hack last week and said ransomware had been left on the camera system between Jan. 12 and Jan. 15.

(Related).  Ransomware is becoming more common.  Government computer systems are too easily hacked. 
Officials in Licking County tell 10TV that ransom was demanded for an IT hack that impacted the county’s phone and computer systems.
A computer virus shut down more than a thousand computers inside the Licking county government center late Tuesday.
A county commissioner says that the virus demanded a payment in Bitcoin for the county to regain control of their systems.  Officials declined to specify the amount of money that was requested.
Read more on 10TV.


Next time the FBI need to break into a phone they can call my Ethical Hacking students. 
Hacker Dumps iOS Cracking Tools Allegedly Stolen from Cellebrite
In January, Motherboard reported that a hacker had stolen 900GB of data from mobile phone forensics company Cellebrite.  The data suggested that Cellebrite had sold its phone cracking technology to oppressive regimes such as Turkey, the United Arab Emirates, and Russia.
Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite relating to Android and BlackBerry devices, and older iPhones, some of which may have been copied from publicly available phone cracking tools.


For my Computer Security students.
Javelin 2017 Identity Fraud Study
by Sabrina I. Pacifici on Feb 2, 2017
“The 2017 Identity Fraud Study released today by Javelin Strategy & Research (@JavelinStrategy), revealed that the number of identity fraud victims increased by sixteen percent (rising to 15.4 million U.S. consumers) in the last year, a record high since Javelin Strategy & Research began tracking identity fraud in 2003.  The study found that despite the efforts of the industry, fraudsters successfully adapted to net two million more victims this year with the amount fraudsters took rising by nearly one billion dollars to $16 billion.  There was a resurgence in existing card fraud in 2016, which saw an increase of 40 percent in card-not-present (CNP) fraud.  The study also found that the increase in EMV cards and terminals was a catalyst for driving fraudsters to shift to fraudulently opening new accounts.  On a positive note, while fraudsters are becoming better at evading detection, consumers with an online presence are getting better at detecting fraud quicker, leading to less stolen overall per attempt”


You don’t have to tell your computer what’s in a picture – it can tell you.
Facebook AI Lumos Can Find Your Photos Even Those You Are Not Tagged In
   the company announced that its artificial intelligence technology Lumos can now search for pictures not just based on dates, places, and tags.  Rather, the technology can also find specific photos just because it understands what's in them.


All tech companies want a vacuum cleaner like connection to your wallet.  This is Apple’s. 
Apple is truly determined to disrupt banking with Apple Pay
Apple Pay is much more than a frictionless and secure payments service, Apple also thinks it will help accelerate the digital transformation of the banking industry.
   In recent court filings reported by the Sydney Morning Herald, the company explained how Apple Pay-driven disruption of the banking system may help customers:
  • By opening up the market to smaller lenders through the provision of an alternative to card payment systems.
  • Increased competition should force better rates.
  • Lenders should begin offering better promotional deals, such as air miles or cash back.


Perspective.  Imagine using your building lights to play Tetris, stream the news or advertise your company.
Now Cisco can even network your building systems
The Catalyst Digital Building Series Switch is an Ethernet switch designed to link different kinds of building infrastructure over a network.
   It uses Cisco’s enhanced version of PoE (Power over Ethernet) to run things like lights and cameras while collecting data about those devices over the same standard cable.
The switch embodies the merger of IT and OT (operational technology), one of the big enterprise trends that the internet of things is driving.
   Cisco’s new switches can power all the lights in a building by themselves.  Instead of being connected to the traditional AC power grid that feeds wall sockets, the lights will run off Ethernet cables from ports in the switch.
This wasn’t possible until LED lights became affordable for use in new buildings and renovations.

Thursday, February 02, 2017

Data Breach: The ‘never-ending story’ of management nightmares.
It ain’t over until…. well, no body-shaming here, but Target is not out of the woods on litigation from their massive 2013 breach.
Law360 is reporting:
The Eighth Circuit decided Wednesday to send back to lower court the $10 million deal that let Target Corp. out of multidistrict litigation over its notorious 2013 data breach, after two men raised concerns about inadequate class representation and compensation.
You’ll need a subscription to read the article, but if I find other coverage, I’ll add it here.


What do the Dutch know?  Are we missing something or is this just paranoia?
Dutch to Count Election Votes by Hand to Thwart Hackers
Dutch authorities will count by hand all the votes cast in next month's general elections, ditching "vulnerable" computer software to thwart any cyber hacking bid, a top minister said Wednesday.
"I cannot rule out that state actors may try to benefit from influencing political decisions and public opinion in The Netherlands," Interior Minister Ronald Plasterk said in a letter to parliament.


Should I teach my Computer Security students how to monitor these sites? 
You’ve probably heard of Alpha Bay and some other dark web marketplaces.  But have you ever heard about Kick Ass Marketplace or The Stock Insiders?  Mohit Kumar reports that there are dark web marketplaces where one can buy and sell stolen insider data.
According to a new report from the US-based risk security firm RedOwl and Israeli threat intelligence firm IntSights, staff at corporations are selling company’s internal secrets for cash to hackers on one of the most famous dark web markets Kick Ass Marketplace (Onion URL).
Besides selling their company’s secret information, researchers also found evidence of rogue staff, in some cases, even working with hackers to infect their company networks with malware.
Read more on The Hacker News and then think some more about your protection against insider threats.


An amusing debate for my Computer Security students?
A dumpster diver in Harlingen, Texas hit pay dirt:
“Social Security numbers, birthdays, home addresses, home telephone numbers, you name it,” he said.
Channel 5 News tracked the documents back to Harlingen Texas Motors, which closed last year.  But wait…. it’s probably not what you’re guessing.  Read on:
We spoke to the owner of the business.  He said the files were held in a storage unit.
“They told me I had a new credit card and the chip changed on it so they didn’t run it.  So they sold it out or foreclosed on it or whatever they call it.  So somebody purchased it on Saturday and they threw my files away,” Andre Cano, the owner of Harlingen Texas Motors, said.
Read more on KRGV.
So, assuming for now that the owner is telling the truth, who’s responsible for or accountable for the incident? 


Try to learn from the failures of others – it’s much less painful. 
GitLab Learns Hard Lessons After Production Data Accidentally Gets Nuked
   What happened here is that an IT manager working a late night accidentally deleted the wrong folder, and by the time the mistake was recognized, only a few gigabytes of data was able to be saved (of a few hundred).  Following this accident, the company took to Twitter to announce that the server was being taken offline, and then followed-up not long after with an admission of what happened.
This kind of transparency is great to see, and we hope GitLab's admittance inspires future companies to not waste time in coming forward.  Unfortunately for GitLab, even though it took precautions to backup its data, multiple restore methods failed.  Imagine being the person having to deal with this reality - it's painful.
When all was said and done, it appears that the company didn't end up losing much data at all (if any - it's hard to tell), and as such, the service has been put back online.  Throughout the entire restore process, the company left nothing to the imagination, going as far as sending a new tweet out after the restore process went up a few more percentage points.
While GitLab was able to recover, it ultimately got very lucky.  But this is another lesson to learn not only about the importance of keeping backups, but making sure those backups work.


If you over-promise, be sure not to under-lawyer.
New York Attorney General Sues Charter Over Dismal Internet Speeds, Defrauding Customers
New York Attorney General Eric Schneiderman’s office is suing Charter-owned Spectrum (previously Time Warner Cable) for knowingly failing to live up to its promise of ‘blazing fast’ and ‘super reliable’ service.
Schneiderman conducted a statewide study in 2015 to measure broadband speeds after receiving thousands of complaints from Time Warner Cable customers.  The study discovered that at least 640,000 customers who signed up for high-speed internet received much slower speeds.  It was also unveiled that customers were often unable to access Facebook, Netflix, YouTube and gaming platforms that had been promised to them.  The lawsuit seeks full restitution for affected customers.


We knew all of this, right?
New powers of FBI made public to shine light on threats to civil liberties
by Sabrina I. Pacifici on Feb 1, 2017
The Intercept: “In the wake of President Donald Trump’s inauguration, the FBI assumes an importance and influence it has not wielded since J. Edgar Hoover’s death in 1972.  That is what makes today’s batch of stories from The Intercept, The FBI’s Secret Rules, based on a trove of long-sought confidential FBI documents, so critical: It shines a bright light on the vast powers of this law enforcement agency, particularly when it comes to its ability to monitor dissent and carry out a domestic war on terror, at the beginning of an era highly likely to be marked by vociferous protest and reactionary state repression.  In order to understand how the FBI makes decisions about matters such as infiltrating religious or political organizations, civil liberties advocates have sued the government for access to crucial FBI manuals — but thanks to a federal judiciary highly subservient to government interests, those attempts have been largely unsuccessful.  Because their disclosure is squarely in the public interest, The Intercept is publishing this series of reports along with annotated versions of the documents we obtained…”


For my Data Management students.
Powering-up Digital Transformation in Industrial Sectors
Why is it that when Forrester polled global enterprises, 83% of energy respondents and 74% of respondents in manufacturing put digital transformation at the top of their business priorities?  It’s because business and IT decision makers in both sectors see digital transformation as the path to growth and innovation.
   Traditionally, the operational technology (OT) components controlling the physical processes at the core of these organizations have been completely separate from their IT counterparts that handle the flow of business information.  But as OT assets increasingly collect data that’s critical in today’s decision making processes, IT and OT are converging.  Companies need access to all available data to monitor changes occurring in their business environment, to optimize their customer experiences and operations, and to capture new market opportunities.  Here are just three ways in which energy companies and manufacturers can use this data to their advantage.
1. Predictive Maintenance.
2. Production Optimization.
3. Innovation.

(Related).  Another job opportunity for my Data Managers?  
Legal industry embracing trend to employ technology assisted document review
by Sabrina I. Pacifici on Jan 31, 2017
Via Quartz – “Academically trained attorneys are increasingly being replaced by technology to analyze evidence and assess it for relevance in investigations, lawsuits, compliance efforts, and more.  Forty percent of more than 100 in-house attorneys in major American corporations told the industry publication Corporate Counsel, in a survey published on Jan. 23, that they rely on technology assisted review (TAR).  Technology assisted review (TAR) is a term that covers many different aspects of machine reading, including analytics, predictive coding, and more.  Predictive coding uses patterns of human responses to “train machines to read” and decide if documents are relevant to a legal matter, ostensibly as attorneys would.  So, rather than having many lawyers read a million documents, a few review a percentage of the possible evidence and predictive coding technology uses those answers to guide a computer review of the rest.  This eliminates the need for all but a few lawyers to review evidence and assess it, then train machines, rather than lawyers with training eyeballing all the documents….”


A tool our techies swear by…
Despite its ubiquity, many people still don’t have a basic grasp on how to use the internet properly.  Often, these folks ask their friends for help with basic questions that could easily be answered with a Google search.
Longtime site Let Me Google That For You (LMGTFY) has just received an update, and it’s worth keeping in mind for those times when someone asks you to search the internet for them.
To keep up with Google’s many changes, LMGTFY has added a big number of new features.  It now supports Bing, Yahoo, AOL, Ask, and DuckDuckGo search engines if you want to send someone to a service other than Google.  For Google searches, you can choose to search images, videos, news, and other categories in addition to a normal web search.
Finally, you’ll notice a new Include internet Explainer check box below the search bar.  If you enable this, the link includes a little explanation about how search engines let you search the web for whatever you need.  The service also works better on mobile now, and changing the language directs the link to the proper international version of Google.
   Need to send your friends more guides to the internet?  Show them how to use Twitter without screwing up.


A tool for the age of ‘fake news?’ 
   The problem arises when a site is so driven by its bias that it begins to misrepresent reality, such as by distorting the opposition’s viewpoint or producing fake news and conspiracy theories. This is what you want to avoid, and that’s where Media Bias Fact Check comes in.
   You can read about their methodology if you’re skeptical.  If you don’t see a particular site being tracked, you can submit a source.  If there’s a particular claim or article that doesn’t seem credible or true, you can submit a fact check request.

Wednesday, February 01, 2017

Imagine that.  I wonder how long he has been reading my Blog? 
Trump expected to put agency heads in charge of cyber security for their organizations
U.S. President Donald Trump on Tuesday postponed signing an executive order that is expected to require the heads of government agencies to play a more direct role in reviewing and managing risks to networks under their control.
Trump, at a White House event with top officials to discuss his order, said his initiative would “hold my Cabinet secretaries and agency heads accountable, totally accountable, for the cyber security of their organizations.”


Why hackers succeed.  Think a global population of hackers looking at whatever catches their fancy.  Compare that to an infinite number of monkeys pounding on typewriters. 
Graham Cluley writes:
A security researcher has described how he uncovered a severe security hole in dozens of different Netgear routers, meaning that “hundreds of thousands, if not over a million” devices could be at risk of having their admin passwords stolen by hackers.
Simon Kenin, a researcher at Trustwave, has explained how sheer laziness on a cold and rainy winter night stopped him from getting out of bed and going downstairs to reboot his router.
Instead, he stayed under the covers and investigated whether he could find a way to hack into the device’s web admin panel, having forgotten the access password.
Shockingly, Kenin discovered that all he had to do was send a simple web request to the router’s management software to retrieve its admin password, using two security flaws previously disclosed on other Netgear routers back in 2014.
Read more on We Live Security.


For my Computer Security students.
The State of Malware: 1 Billion Samples Under the Microscope
   Anti-virus firm Malwarebytes examined almost 1 billion malware instances from June to November 2016. Data was drawn from nearly 100 million Windows and Android devices in more than 200 countries, together with additional data from its own honeypots. The ensuing report (PDF) looked at six threat categories: ransomware, ad fraud malware, Android malware, botnets, banking trojans, and adware.
The two standout malware categories are ransomware and ad fraud. Malwarebytes suggests this indicates a growing trend among cybercriminals -- the desire to realize monetary return as quickly and easily as possible.


A Privacy perspective on the (potentially) new court?
FourthAmendment.com points us to two articles about how Supreme Court nominee Gorsuch might impact privacy:
I hope liberals don’t just oppose Gorsuch just because Trump nominated him.  Remember that conservatives can be very good friends when it comes to privacy.  Then again, if they’re anti-abortion, this might be a serious problem.  So start reading up, folks, and let’s see what opinions he’s written about privacy issues of concern to you.


This is what my Data Management students will face. 
The Flood of Data From IoT Is Powering New Opportunities — for Some
   Recently, Stephanie Jernigan, David Kiron, and I researched the effect that IoT is having on organizations.  A combination of interview and survey responses from 1,480 managers resulted in a summary report of this research, “Data Sharing and Analytics Drive Success With IoT”.


The cost of investigation is a ‘loss.’  Will that transfer to individuals whose accounts have been breached? 
Carol Mongtgomery of Butler Snow LLP writes:
The Eleventh Circuit ruled last week in a wrongful discharge turned Computer Fraud and Abuse Act (“CFAA”) case, spinning the employee’s case against his employer on its head.  The facts of Brown Jordan International, Inc. v. Carmicle stemmed from the employment of Christopher Carmicle by Brown Jordan, a furniture manufacturer.  Carmicle was an executive at Brown Jordan, but his relationship with the company deteriorated with the hiring of a new CEO, Gene Moriarty.  Moriarty had doubts about Carmicle based on excessive entertainment expenses, and Carmicle, in turn, had doubts about Moriarty’s trust in him.
In the year prior to Carmicle’s termination, Brown Jordan switched to a new email service.  This switch (and the corresponding provision of a generic password—Password1—to all employees) was what Carmicle used to investigate his suspicions of Moriarty and others.  Over the course of several months, Carmicle repeatedly hacked into the accounts of Brown Jordan employees, including his superiors, and took hundreds of screenshots on his personal iPad.
Read more on JDSupra.
[From the article: 
Applying a plain language approach, and noting that “loss” is defined in the disjunctive, the Eleventh Circuit held that there can be two types of loss.  While the first type requires an interruption of service, the second type does not.  Brown Jordan’s use of the consultants to investigate the unauthorized access after the fact is sufficient to constitute “loss” under CFAA.


Isn’t this just a ‘minimum wage’ taken to an extreme?
Indians Are Freaking Out Over Plans To Change The US Visa System
India’s biggest technology companies lost more than $7 billion in market value in a single hour of trading Tuesday, after news reports of proposals in the US to restrict the availability of skilled worker visas for foreigners.
   On January 24, Democratic Congresswoman Zoe Lofgren, whose district encompasses much of Silicon Valley, introduced a new bill that sought to reform the H-1B program.  Her proposal — which is unlikely to be passed by a Republican-led Congress — would more than double the minimum annual wage for H-1B visa holders, from $60,000 to $130,000.


Works for me!
Google Wins ‘Right to Be Forgotten’ Case in Japan
The country’s top court says scrubbing search results could be seen as a restriction on speech


All I have to say is, ‘Guard your pet pigs!’ 
Americans Are Eating So Much Bacon That Reserves Are at a 50-Year Low


The Trump cartoons are priceless. 
The Enduring Humor of New Yorker Cartoons
In the wake of the November election, election-related New Yorker cartoons (Clinton– and Trump-specific) have kept people laughing and spreading the humor via social media.


Dilbert continues to explain how ‘automated lawyering’ will work.

Tuesday, January 31, 2017

Any valuable data source is an obvious target.  I can’t believe Russia is the only country clumsy enough to be caught. 
Hackers Target Czech Foreign Ministry's Email System
The Czech foreign minister said Tuesday his office had fallen prey to hackers who worked their way into the email accounts of dozens of employees including himself.
"Since early January we have known one of the attacks was partly successful as the hackers managed to penetrate the email system of the ministry," Lubomir Zaoralek told reporters.
He added however that no classified information was compromised as hackers failed to get into the ministry's inner system.
"The data leak was considerable. The attack was very sophisticated," Zaoralek said.
"It must have been carried out from the outside, by another country.  The way it was done bears a very strong resemblance to the attacks on the US Democratic Party's internet system," said the foreign minister, citing experts.
   In neighboring Poland, the Rzeczpospolita daily reported Monday that a group of Russian hackers called APT28 had tried to attack local foreign ministry servers in December through emails pretending to be sent by the NATO secretary general.


It’s not always the Russians.  Sometimes it’s industrial espionage!  (Yes, baseball is an industry.)  How do you know what your employees are doing?
Brian Feldt reports:
Major League Baseball on Monday afternoon ordered the St. Louis Cardinals to pay $2 million and turn over two 2017 draft selections to the Houston Astros as a result of a former Cardinals employee hacking the Astros’ computer system.
The league’s decision also permanently banned Chris Correa, who was fired by the Cardinals in July 2015 for the incident, effective immediately.


Has no one in the industry secured their computers?  Are these attacks that we are not being told about? 
Computer outage grounds Delta flights in U.S.
   The airline's website and mobile apps also went down, adding to customers' frustrations.
   Delta's computer problems came about a week after United Airlines temporarily grounded domestic mainline flights due to an IT issue.


For my Computer Security researchers?
Jack Danahy of Barkly writes, in part:
In a very short time, ransomware has grown from a known but infrequent cyber attack to a profitable and widespread epidemic.  Attacks are increasing in frequency and severity.  On average, a new business is attacked every 40 seconds, and a disproportionately high number of victims are healthcare providers.  In fact, research shows that healthcare providers were 4.5X more likely to be hit by Cryptowall ransomware than operators in other industries.
He then goes on to review the observations of ransomware that threatens to reveal patients’ sensitive information, such as Jigsaw.
For healthcare providers, adding doxxing to the extortion equation transforms ransomware from a critical service issue to a costly matter of HIPAA notification compliance and a case of public data breach, raising the stakes considerably.  Organizations are required to report this kind of exposure of unsecured protected health information to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR).  In addition to potentially issuing a fine — the largest issued to date totaled $4.8 million — the OCR also publicly exposes all organizations experiencing breaches totaling 500 records or more.
This public exposure also puts patients at risk.  Stolen medical records released publicly can quickly become fodder for a wide variety of fraudulent activity, from buying and reselling medical equipment or prescription drugs to filing false claims with insurers.  Medical identity theft can be a painful and damaging logistical nightmare for patients, potentially ruining their credit and even endangering their lives.  Victims experience the consequences of unpaid deductibles, corrupted medical histories, and even prosecution for fraud.
Of course, it’s not only ransomware that can create the risks he describes above.  Theft of data with ransom demands – even those attacks that do not involve ransomware – can create the same risks, as I’ve noted previously.
But where are there are any data showing that any of these potential horribles have actually happened as a result of either doxxing ransomware or the sale of patients’ sensitive information?  Do we have any actual reports or proof that people have been injured in ways other than the time/stress of having to deal with perhaps changing card numbers, etc.?
I need data.


I find it difficult to believe that the Executive Branch didn’t want control over what its appointees were saying.  ‘No plans’ translates to ‘No management skills’ in my world. 
With Trump, Twitter transition stirs confusion
The handoff of federal agencies' social media accounts to the Trump administration is sparking controversy and complicating the transition.
Trump's is the first administration to take power in the Twitter age.  That’s led to confusion about the rules for handing off government accounts and oversight.
Twitter laid out plans for seamlessly transferring the @POTUS account from former President Obama to President Trump — and other social media platforms, including Instagram and Facebook, did the same.
But for many other government agencies, there were no plans in place for how to manage communications on social media as a new president took power.
Obama administration officials say that's because they largely left agencies to handle their own accounts free of political influence from the White House.  They say they didn't anticipate that the next administration would want tighter controls on social media.


For my Computer Security students, this is the enemy. 
The Internet Is Mostly Bots
   Overall, bots—good and bad—are responsible for 52 percent of web traffic, according to a new report by the security firm Imperva, which issues an annual assessment of bot activity online.  The 52-percent stat is significant because it represents a tip of the scales since last year’s report, which found human traffic had overtaken bot traffic for the first time since at least 2012, when Imperva began tracking bot activity online.  Now, the latest survey, which is based on an analysis of nearly 17 billion website visits from across 100,000 domains, shows bots are back on top.  Not only that, but harmful bots have the edge over helper bots, which were responsible for 29 percent and 23 percent of all web traffic, respectively.
   “For the past five years, every third website visitor was an attack bot.”
Put another way: More than 94 percent of the 100,000 domains included in the report experienced at least one bot attack over the 90-day period in Imperva’s study.
   the most active helper-bot online is what’s known as a “feed fetcher,” and it’s the kind of bot that helps refresh a person’s Facebook feed on the site’s mobile app.  Facebook’s feed fetcher, by itself, accounted for 4.4 percent of all website traffic, according to the report—which is perhaps stunning, but not altogether surprising.  Facebook is a behemoth, and its bot traffic illustrates as much.


The survey can be yours for a mere $15,000. 
Privacy worries are on the rise, new poll of U.S. consumers shows
IDC advises businesses to advertise the steps they take to protect personal information
A recent IDC survey found 84% of U.S. consumers are concerned about the privacy of their personal information, with 70% saying their concern is greater today than it was a few years ago.
   Younger consumers, aged 18 to 35, were more concerned for their privacy than older consumers, aged 36 to 50, the survey found.  The younger age group also had a 56% likelihood of switching business providers based on an impending hacker threat, compared to 53% for the older group.  Meanwhile, women were more likely to switch than men, by a difference of 8 percentage points, for an impending hacker threat.


If a breach affected them directly, 78% of all consumers said they would switch to another business from the one where the breach occurred.


The article says this is recent, but I don’t see a recent survey on the PwC website. 
PwC: 81% of consumers are aware of smart homes, but only 26% want one
PwC interviewed more than 1,000 consumers via an online survey to find out their views on smart homes.  It did so because just about every tech company is busy making products for the Internet of Things, or smart and connected everyday objects.  And smart home devices are part of that grand plan.
While awareness of the technology is broad, adoption has been slow, PwC said.  Consumers with a household income of $100,000 or more are the group most likely to interact with smart home devices (43 percent), followed by men (32 percent).
Conversely, consumers above the age of 50 are the least likely to interact with such devices (13 percent).
PwC said that among users, satisfaction is high, in the 90th percentile.  Those current users of smart devices are pleased not only with the device itself, but also with the supporting apps.
There is a strong correlation between smart home device use and connectivity with an app.  Seventy-four percent of respondents said they use their home device more frequently because it connects to their mobile device.


For my Spring spreadsheet class.
Why we're so bad at statistics


None of my students predicted this!  We need to work on our strategic thinking. 
Wal-Mart to offer free 2-day shipping to all customers
Wal-Mart is opening free two-day shipping to all customers, dropping a paid membership program.
Starting Tuesday morning, the Bentonville, Ark.-based retailer will ship eligible orders of $35 or more to customers' homes in two days or less


For my geeks.  What say we try applying this to online poker?  Purely as an academic exercise of course.
A Computer Just Clobbered Four Pros At Poker


Zillman’s lists are always extensive.  Pulling out what might be useful is still a huge job.
New on LLRX – Academic and Scholar Search Engines and Sources 2017
by Sabrina I. Pacifici on Jan 30, 2017
Academic and Scholar Search Engines and Sources 2017 – From arenas that encompass government, research, academic, international, health and medicine, science and technology, economics and finance, libraries and open source collections around the world, Marcus Zillman has compiled a benchmark resource on search engines from which researchers may choose to support a wide range of projects, programs and publications.


Perspective.  For every ‘disruption’ that creates new business models, there are ‘downsides.’
Taxi Medallion Prices Are Plummeting, Endangering Loans
   According to a recent presentation prepared for Capital One Financial Corp. investors, some 81 percent of its $690 million in loans for taxi medallions are at risk of default.
Medallions, the small metal shields affixed to the hoods of taxi cabs, are issued by the local taxi authority and effectively allow the cabs to operate legally.  Owning one used to be akin to owning a gas-guzzling, money-printing machine.  Medallions in New York City traded at more than $1 million in 2014, but today's prices are about half of that.


Terrorists and techies.  Can President Trump tell the difference?  Is all of this just a way to say, “I kept all my campaign promises.  Then Congress undid it!” 
IT stocks drop 4% on H1-B visa fears, Rs 33,000 crore market valuation lost
IT stocks plunged over 4% on Tuesday, knocking off more than Rs 33,000 crore [$4.8 billion  Bob] in market valuation of top five firms, after a new H-1B Bill in the US set off concerns that it will adversely impact hiring plans of Indian technology firms.


Dilbert illustrates the future of lawyering?

Monday, January 30, 2017

“Those who fail to secure are securing their future failure.”  Sounds philosophical as hell, doesn’t it?  I’m going to copyright that phrase and have T-shirts printed up.  (Colorado adopted this rule last year.)
New on LLRX – Cybersecurity For Lawyers: The Nitty Gritty
by Sabrina I. Pacifici on Jan 29, 2017
Via LLRX.com – Cybersecurity For Lawyers: The Nitty Gritty – Nicole Black reports that 26 states now require lawyers to stay abreast of changes in legal technology and advises colleagues on how to implement security procedures that will protect your law firm’s data and help to keep client data confidential and secure.


For my Computer Security students.  Will hacks try to add names to these databases? 
What It Takes To Truly Delete Data
In February of 2014, New York City Mayor Bill de Blasio announced the creation of IDNYC, a municipal identification card primarily designed to ease bureaucratic burdens for the city’s immigrant population.  When the card became available a year later, de Blasio described the program as “fraud-proof, secure and appealing to anyone.”
Now privacy advocates and progressives are worried that it also may be appealing to Donald Trump.  The president-elect has said he plans to deport up to three million undocumented immigrants, and immigrant advocates are concerned the database of immigrants may be a good place to start.  That combined with de Blasio’s vow that New York will remain a sanctuary city has brought renewed attention to the security of the database.  In December, a court barred the city from deleting the data to protect users’ identities and an ongoing lawsuit ensures that the records continue to be retained today.  But there’s an urgent question about the records, fundamental to understanding not just the fate of the data for IDNYC, but all consumer data in the hands of third parties, be they private companies or state departments: Can an entire dataset of important information really be deleted, just like that?


Is this also removing a tool for hackers or just making ‘used’ iPhones less valuable?
Used iPhones: Apple quietly kills tool to check lock status of secondhand devices
Apple has quietly removed a feature on iCloud that helped buyers remotely check the Activation Lock status of a used iPhone before buying it.
Until recently, buyers could go to iCloud.com and type in the IMEI or serial number of a device being sold online to check whether it was still locked by another Apple account.


For my geeks.  I can think of a few places in Colorado that would like this technology. 
Australian archaeological startup raises $679,000 to rebuild ancient sites in VR
Archaeology isn’t an easy job, but it becomes easier in virtual reality, where you can walk around ancient buildings as if they were still there.
Lithodomos VR, an Australian virtual reality archaeological startup, knows this and has raised $900,000 in Australian dollars ($679,000 U.S.) in a seed funding round.
Melbourne-based Lithodomos VR creates what it calls breathtaking, archaeologically accurate reconstructions of the ancient world in VR for use in the tourism, education, and entertainment industries.
   The company’s free app, Ancient World in VR, is available on Google Play now, and it has a paid app, Ancient Jerusalem in VR (Google Play, App Store).


For my researching students.  A technique to use when you encounter a website that may eventually want to disappear or that might be disappeared by governments.
Saving web pages for archiving on the Wayback Machine
by Sabrina I. Pacifici on Jan 29, 2017
Via the managing editor, TV News Archive/Internet Archive: “I want to remind folks — though I’m sure many here are well versed in this — that it’s possible to save web pages to be archived on the Wayback Machine: https://archive.org/web/
1. You can download a handy chrome extension that will allow you to save from your browser: https://chrome.google.com/webstore/search/wayback%20machine
2. Or if you go to the Wayback site: https://archive.org/web/ and paste in a URL, there is a “save now” function.  I’m told the “save now is being used an average of 38/times/second.”