Tuesday, April 02, 2019

A good article for a Computer Security discussion.
On March 29, WWMT in Michigan reported:
Hacked and held for ransom by a computer virus, a doctor’s office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out.
Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside ENT and Hearing Center and the hackers demanded $6,500 in exchange for a code to access the files.
With no guarantee the code would unlock the files or the hackers wouldn’t come back to ask for more money later, Scalf and his partner, Dr. John Bizon, did not pay the ransom.
All of office’s files, including appointment schedules, payment and patient information was erased, Scalf said.
Read more on WWMT.
There are things about this incident that I don’t yet understand, like:
  1. Did the practice have any backup? If so, what happened to it or why couldn’t they use it? And if they didn’t have one, why not?
  2. What kind of ransomware was used?
  3. Did the practice have any cyberinsurance that would have covered the ransom payment or part of it? If you don’t have a backup or usable backup that you can rely upon (if that was the case here, and we don’t know that), maybe you should gamble and pay the ransom? It’s a tough call, but isn’t that something insurance should help with?
  4. What did the ransom demand look like? Is this likely to be low-level attackers who bought ransomware on a marketplace with some instructions and did a massive phishing campaign to see who would open links and become victims? Or is this part of a more organized group of hackers who target their phishing emails after doing research? $6,500 does not strike me as a huge amount when a medical database is involved, which leads me to think that this was a random hit or attack.
Yes, there’s a lot more I’d like to know, but first and foremost, I feel sick inside for what the doctors, staff, and patients are going through.
It’s just not supposed to be this way. What these attackers have done has not only caused economic harm to the doctors and employees, but it has caused harm to patients whose records are no longer available to guide their treatment. And that is horrifying.




Some of this data is collected whenever certain services or Apps are used.
Utah has become the first state in this country to require law enforcement to get a warrant for data held by a third party
This is huge.
Hunton Andrews Kurth writes:
On March 27, 2019, Utah Governor Gary Herbert signed HB57, the first U.S. law to protect electronic information that individuals have shared with certain third parties. The bill, called the “Electronic Information or Data Privacy Act,” places restrictions on law enforcement’s ability to obtain certain types of “electronic information or data” of a Utah resident, including (1) location information, stored data or transmitted data of an electronic device, and (2) data that is stored with a “remote computing service provider” (i.e., data stored in digital devices or servers). The law provides for situations in which law enforcement may obtain such information without a warrant.
Related: bill text




This seems to be a hot topic. The Privacy Foundation at the University of Denver Sturm College of Law holds their seminar on April 19th. No doubt they will answer all of these questions and some of my dumb ones.
You’re Invited to an In-Person Event: CCPAnow: Understanding the Challenge Ahead and What You Should Be Doing Now
A few key topics that will be addressed are:
  • How should you interpret key definitions like “personal information,” “sale,” “third party,” and “business” when operationalizing the CCPA?
  • How far does a business have to go to implement a consumer’s opt-out of sales to third parties?
  • How will the financial incentives and anti-discrimination provisions actually work when consumers exercise their rights?
  • How do the CCPA’s exceptions for certain regulated companies, such as financial services, work?
  • What is happening in the California Office of the Attorney General’s rulemaking process and, more broadly, in the state and federal legislative landscape?




Chasing Amazon?
Walmart teams up with Google to offer voice-activated grocery shopping
Walmart customers will be able to order groceries with voice commands through Google’s smart-home assistant, the retail giant announced on Tuesday in its latest effort to compete with Amazon.
Starting this month, shoppers will be to add items directly to their Walmart Grocery cart using Google Assistant by saying “Hey Google, talk to Walmart.” In a blog post published early Tuesday, Walmart hinted that voice shopping might be available with other partners in the future.




Is there a self-driving bike in our future? (video)
This e-bike uses artificial intelligence for a smarter, less distracted ride — Future Blink




Perspective.
Tesla boom lifts Norway's electric car sales to record market share
Almost 60 percent of all new cars sold in Norway in March were fully electric, the Norwegian Road Federation (NRF) said on Monday, a global record as the country seeks to end fossil-fueled vehicles sales by 2025.
Exempting battery engines from taxes imposed on diesel and petrol cars has upended Norway’s auto market, elevating brands like Tesla and Nissan, with its Leaf model, while hurting sales of Toyota, Daimler and others.




Politics in law enforcement? Say it ain’t so!
New book looks inside Apple’s legal fight with the FBI
A new biography of Apple chief executive Tim Cook out this month describes the moment — and the deliberations — after the FBI issued an unprecedented legal order demanding Apple undermine the security of its flagship product.
The new book, “Tim Cook: The Genius Who Took Apple to the Next Level” by Leander Kahney, offers a first-hand view from former staff about how Apple battled the order, which Cook said would be “too dangerous” to comply with.
… “There was a sense at the FBI that this was the perfect storm,” said Sewell, as quoted. “We now have a tragic situation. We have a phone. We have a dead assailant. This is the time that we’re going to push it. And that’s when the FBI decided to file [the order],” he said.




How to write for user attention? More likely, the Facebook algorithm’s attention.
How a 119-Word Local Crime Brief Became Facebook’s Most-Shared Story of 2019
On an otherwise ordinary Sunday in late January, a 32-year-old web editor for a chain of local radio stations in Central Texas ran across a news item that he found interesting. Ten minutes later, he had written and published what would become Facebook’s most-shared story of 2019 so far.
The story has nothing to do with Donald Trump, celebrities, teens in MAGA hats, or the Democratic primary candidates. It’s a 119-word local crime brief about a wanted suspect, and the man who wrote it never intended for it to reach a national audience, let alone amass more than 800,000 Facebook shares in the six weeks following its publication—nearly twice as many as any other piece of English-language content this year.
Exactly how this news stub went mega-viral is a mystery no one has quite solved, though there are clues, starting with its alarming yet geographically ambiguous headline: “Suspected Human Trafficker, Child Predator May Be in Our Area.”
… “It just took off.” Savage, who monitors traffic data on his stories via the Facebook-owned analytics tool CrowdTangle, says the numbers for the story “went through the roof” overnight, quickly becoming US 105 FM’s most-shared post ever. Savage didn’t know until I told him in a phone interview last week that the story was named in a recent study by the analytics firm NewsWhip as the most-shared web content of 2019 so far.
It beat out, among other extremely viral stories, TMZ’s report of Luke Perry’s death, CNBC’s breaking story about the end of the U.S. government shutdown, and an aggressively SEO-optimized Daily Mirror story about the viral “Momo challenge.” The original news brief that Savage’s post was based on, by KWTX 10’s weekend anchor Ke’Sha Lopez, was nowhere on the list.


No comments: