It’s how you earn a bitcoin.
Bitcoin
Heist: 600 Powerful Computers Stolen in Iceland
REYKJAVIK, Iceland (AP) — Some 600 computers
used to "mine" bitcoin and other virtual currencies have
been stolen from data centers in Iceland in what police say is the
biggest series of thefts ever in the North Atlantic island nation.
Some 11 people were arrested, including a security
guard, in what Icelandic media have dubbed the "Big Bitcoin
Heist." A judge at the Reykjanes District Court on Friday
ordered two people to remain in custody.
The powerful computers, which have not yet been
found, are worth almost $2 million. But if the stolen equipment is
used for its original purpose — to create new bitcoins — the
thieves could turn a massive profit in an untraceable currency
without ever selling the items.
… The Bitcoin ledger is powered by "miners,"
so-called because they throw computational power into the system,
occasionally receiving — or "mining" — new bitcoins in
return. Drumming up that computational power usually means lots of
computers — and thus lots of electricity.
That desire for energy has created a gold rush for
bitcoin in Iceland. Traders searching for cheap, renewable energy
have been flooding into the island in recent months to take advantage
of its geothermal and hydroelectric power plants.
Police tracking the stolen computers are
monitoring electric consumption across the country in hopes the
thieves will show their hand, according to an industry source who
spoke on condition of anonymity because he is not allowed to speak to
the media.
Trying to give my Computer Security students some
perspective.
From Verizon:
We’ve re-examined the data within our Data Breach Investigations Report (DBIR) series (2016 and 2017) to focus in on the healthcare sector’s unique profile and security challenges, and particularly the use/abuse of protected health information (PHI). Our 2018 Protected Health Information Data Breach Report (PHIDBR) is underpinned by 1,368 incidents from this caseload covering 27 countries.
Our major findings are as follows:
-
58 percent of incidents involved insiders. Healthcare is the only industry in which internal actors are the biggest threat to an organization. Often they are driven by financial gain, such as tax fraud or opening lines of credit with stolen information (48 percent); fun or curiosity in looking up the personal records of celebrities or family members (31 percent); or simply convenience (10 percent).
-
70 percent of incidents involving malicious code within the healthcare sector were ransomware infections. Mirroring the ongoing use of ransomware across all business sectors, as we reported in our 2017 Data Breach Investigations Report and the cyber-attacks Europe witnessed mid-2017.
-
27 percent of incidents were related to PHI printed on paper. Medical device hacking may be in the news, but it seems the real criminal activity is found by following the paper trail. Whether prescription information sent from clinics to pharmacies, billing statements issued by mail, discharge papers physically handed to patients, or filed copies of ID and insurance cards, printed documents are more prevalent in the healthcare sector than any other. The very nature of how PHI paperwork is handled and transferred by medical staff has led to preventable weaknesses – sensitive data being misdelivered (20 percent), thrown away without shredding (15 percent), and even lost (8 percent).
-
21 percent of incidents involved lost and stolen laptops containing unencrypted PHI. More employee education is required to ensure that basic security measures are put in place.
Read more.
“NOW will you consider better security?” How
much should you spend to avoid $600 million in breach costs?
Equifax
breach could be most costly in corporate history
Equifax Inc
(EFX.N)
said it expects costs related to its massive 2017 data breach to
surge by $275 million this
year, suggesting the incident at the credit reporting
bureau could turn out to be the most costly hack in corporate
history.
The projection, which was disclosed on a Friday
morning earnings conference call, is on
top of $164 million in pretax costs posted in the second half of
2017. That brings expected breach-related costs through
the end of this year to $439 million, some $125 million of which
Equifax said will be covered by insurance.
… Total costs of the breach, which compromised
sensitive data of more than 147 million consumers, could
be “well over $600 million,” after including costs to
resolve government investigations into the incident and civil
lawsuits against the firm, he said.
Consider: Russia has demonstrated what some of its
offensive cyber weapons can do in very limited attacks. Can we now
imaging what a cyber war would look like?
Nuance
Estimates NotPetya Impact at $90 Million
Nuance
Communications, one of the companies to have been impacted by the
destructive NotPetya attack last year, estimates the financial cost
of the attack at over $90 million.
Initially
believed to be a ransomware outbreak, NotPetya
hit
organizations
worldwide on June 27, and was found within days to be a
destructive wiper
instead.
Linked
to
the Russia-linked BlackEnergy/KillDisk malware, NotPetya used a
compromised M.E.Doc
update server
as
infection vector.
… In
its latest 10-Q
filing
with
the Securities and Exchange Commission (SEC), Nuance reveals that,
for the fiscal year 2017, NotPetya caused losses of around $68.0
million in revenues, and incurred incremental costs of approximately
$24.0 million as result of remediation and restoration efforts.
… Last
month, Danish shipping giant A.P. Moller–Maersk said it had to
reinstall software on
nearly 50,000 devices
following
the NotPetya assault. In September 2017, FedEx revealed a negative
impact of around $300 million
on
its profit as result of the attack.
Interesting, but still leaves the package
vulnerable. No doubt they will ‘suggest’ allowing them to put it
inside. “Just give us the key!”
Amazon may
soon send you a photo of your own front door — here's why
What a typical photo confirmation looks like.
Business Insider/Hayley Peterson Herrin According
to USA Today, the online retailer has recently expanded a program
called Amazon Logistics Photo On Delivery that involves a carrier
taking a photo of a package after delivering it.
… The photo, included in the delivery
confirmation, is meant to help the customer identify where and when
the packages were left.
But Amazon also does this for internal insurance —
it gets a record of whether the package was left at the customer's
specified delivery location, should the customer say they never
received it. [Does that
transfer the liability to the homeowner’s insurance? Bob]
(Related) You could think of this as a ‘Trade
War’ or as a way to keep Google from seeing what Amazon does when
they deliver inside the house. (Will Google call this an abuse of
‘monopoly’ power?)
Amazon will
stop selling Nest smart home devices, escalating its war with Google
Anything to get rid of my students…