Why you can’t just nuke the ‘obvious guilty
party.’
Sophisticated
False Flags Planted in Olympic Destroyer Malware
The
Olympic Winter Games in Pyeongchang, South Korea, was hit by a
cyberattack
that caused temporary disruption to IT systems, including the
official Olympics website, display monitors, and Wi-Fi connections.
The attack involved Olympic Destroyer, a piece of malware designed to
wipe files and make systems inoperable, and steal passwords from
browsers and Windows. Compromised credentials are used to spread to
other machines on the network.
Kaspersky
has also spotted infections at several ski resorts in South Korea.
The malware, which leverages a leaked NSA exploit known as
EternalRomance
to spread via the SMB protocol, temporarily disrupted ski gates and
lifts at the affected resorts.
Several
cybersecurity firms launched investigations into the Olympic
Destroyer attack shortly after the news broke, and while they mostly
agreed on the malware’s functionality, they could not agree on who
was behind the operation. Some pointed the finger at North Korea,
while others blamed China or Russia, leading some industry
professionals to warn
against this type of knee-jerk attribution.
Kaspersky
researchers also analyzed the Olympic Destroyer worm in an effort to
determine who was behind the attack. While they have’t been able
to identify the culprit, experts have found some
interesting clues.
The
security firm has found a unique “fingerprint” associated with
the notorious Lazarus Group, which has been linked to North Korea and
blamed for high profile attacks such as the one on Sony, the WannaCry
campaign, and various operations targeting financial organizations.
This
fingerprint was a 100% match to known Lazarus malware components and
it did not appear in any other files from Kaspersky’s database.
While this piece of evidence and the type of attack suggested that
Olympic Destroyer could be the work of North Korea, other data
gathered by researchers as a result of an on-site investigation at a
South Korean target revealed inconsistencies.
Experts
determined that the unique fingerprint was likely a sophisticated
false flag planted by the attackers to throw investigators off track.
… One
possible scenario is that the Russian hackers attempted to frame
Lazarus for the attack after the North Korean group tried to pin
one of its campaigns on Russian actors. It’s also possible
that the false flag used in the Olympics attack is part of the
hackers’ efforts to improve their deception techniques.
Less than I would have expected in the most
populous nation on earth.
For comparison purposes:
“As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total number of 49,455, 50,362 and 53,081 cyber security incidents were observed during the year 2015, 2016 and 2017, respectively,” IT Minister Ravi Shankar Prasad said in a written reply to Rajya Sabha today.
Read more on India.com.
This is depressing, but maybe the National
Enquirer is on to something.
Paper –
The spread of true and false news online
The
spread of true and false news online. Soroush Vosoughi, Deb Roy,
Sinan Aral. Science 09 Mar 2018: Vol. 359, Issue 6380, pp. 1146-1151
DOI: 10.1126/science.aap9559
“Lies spread faster than the truth – “There
is worldwide concern over false news and the possibility that it can
influence political, economic, and social well-being. To understand
how false news spreads, Vosoughi et al. used a data set of
rumor cascades on Twitter from 2006 to 2017. About 126,000 rumors
were spread by ∼3 million people. False
news reached more people than the truth; the top 1% of
false news cascades diffused to between 1000 and 100,000 people,
whereas the truth rarely diffused to more than 1000 people.
Falsehood also diffused faster than the truth. The degree of novelty
and the emotional reactions of recipients may be responsible for the
differences observed. Science, this issue p. 1146.”
“Abstract – We investigated the differential
diffusion of all of the verified true and false news stories
distributed on Twitter from 2006 to 2017. The data comprise ~126,000
stories tweeted by ~3 million people more than 4.5 million times. We
classified news as true or false using information from six
independent fact-checking organizations that exhibited 95 to 98%
agreement on the classifications. Falsehood diffused significantly
farther, faster, deeper, and more broadly than the truth in all
categories of information, and the effects were more pronounced for
false political news than for false news about terrorism, natural
disasters, science, urban legends, or financial information. We
found that false news was more novel than true news, which
suggests that people were more likely to share novel information.
Whereas false stories inspired fear, disgust, and surprise in
replies, true stories inspired anticipation, sadness, joy, and trust.
Contrary to conventional wisdom, robots accelerated the spread of
true and false news at the same rate, implying that false news
spreads more than the truth because humans, not robots, are more
likely to spread it.”
(Related?)
Taming the
Data for Better BI
Campus Technology – David Raths – The
secret to successful business intelligence is data governance and a
metadata repository that connects data to standardized definitions
across the campus. [h/t Pete Weiss]
“In 2015, the University of Washington began
work on its own repository called the Knowledge Navigator, which is
designed to give context to the enterprise data warehouse and allow
business users to see relationships between concepts, terms, tables,
columns and reports. “Someone who is exploring a business question
such as how many women graduated with STEM degrees last year can find
agreed-upon definitions of terms like STEM and then
navigate to the database,” explained Matt Portwood, a UW metadata
analyst. Most such repositories are designed for metadata management
by data architects, noted Pieter Visser, a UW solutions architect.
“They are not created for the end-user at all,” he said. In
contrast, Knowledge Navigator was intended to be a tool for
everybody. Visser described it as being like Google for your
metadata: “We try to make it as easy as possible to find how
everything is related to everything else. You can start with your
business terms and go all the way to the Tableau visualization or web
service, and we give you the context right away.” In their
metadata repository work, both UW and Notre Dame use graph database
technology from Neo4j
to represent entities and their relationships. Visser explained that
within the metadata world, everything is related to everything else.
“A resource in a web service or a label on a report can relate to a
business term or a concept,” he said. “In a graph database you
can easily connect any node to another node. Trying to do it in a
relational database is almost impossible.”
Where you might run into a self-driving vehicle.
… last
fall we put the world’s first
fleet of fully self-driving cars on public roads in the Phoenix
area.
Now we’re turning our
attention to things as well. Starting
next week, Waymo will launch a pilot in Atlanta where our
self-driving trucks will carry cargo bound for Google’s data
centers.
No comments:
Post a Comment