Another
good (almost great) bad example.
CISA
Shares Details About Ransomware that Shut Down Pipeline Operator
… “Although
they considered a range of physical emergency scenarios, the
victim’s emergency response plan did not specifically consider the
risk posed by cyberattacks,”
CISA said in an alert
Tuesday.
“The victim cited gaps in cybersecurity knowledge and the wide
range of possible scenarios as reasons for failing to adequately
incorporate cybersecurity into emergency response planning.”
… According
to the CISA alert: “The victim failed to implement robust
segmentation between the IT and [Operational Technology] networks,
which allowed the adversary to traverse the IT-OT boundary and
disable
assets on both networks.”
CISA
said the attackers were able to gain initial access to the facility’s
IT through a successful spearphishing link, a social engineering
operation that would have targeted a specific individual to click and
download the malware.
The
attackers used commodity ransomware—conveniently available on the
dark web–to “Encrypt Data for Impact,” so that assets such as
Human Machine Interfaces were no longer accessible, causing a “Loss
of View.”
Consider
a “false flag” attack by Russia to convince Iran they need closer
ties to Moscow.
Massive
DDoS Attack Shuts Down Iran’s Internet, Tehran Blames Washington
The
head of Iran Civil Defense has accused Washington of the latest
large-scale cyber-attack that targeted Iranian infrastructure. The
coordinated Distributed Denial of Service (DDoS) attack affected two
mobile operators and partially shut down Iran’s internet for hours.
Iranian officials said they stopped the DDoS attack after activating
Iran’s digital fortress DZHAFA shield. He added that the frequent
cyber-attacks had become Washington’s only option after its failure
to respond to Iran’s shooting down of United States’ unmanned
aerial vehicle and Iranian missile attacks on Iraq’s Ain al-Assad
US military base.
Privacy
seems to be catching on.
Here’s
an update on some state-level privacy legislation in New Hampshire,
Massachusetts, and Washington State:
Michael
Boldin writes:
Today, the New Hampshire House approved a bill to ban government use of facial recognition surveillance technologies. The proposed law would not only help protect privacy in New Hampshire; it would also hinder one aspect of the federal surveillance state.
A bipartisan coalition of four Republicans, three Democrats and one Libertarian introduced House Bill 1642 (HB1642 ) on Jan. 8. The legislation would ban the state and its political subdivisions from using facial recognition and would make any such information obtained in violation of the act inadmissible in court.
Mike
Maharrey writes:
Yesterday, a Massachusetts joint legislative committee passed a bill that would put strict limitations on the use of automated license plate reader systems (ALPRs) by the state. Passage into law would also place significant roadblocks in the way of a federal program using states to help track the location of millions of everyday people through pictures of their license plates.
Rep. William Straus (D-Bristol) introduced House Bill 3141 (H3141) last year and it carried over to the 2020 session. The legislation would restrict law enforcement use of ALPRs to specific, enumerated “legitimate law enforcement purposes.” The proposed law would also put strict limitations on the retention and sharing of data gathered by license plate readers.
On
Feb. 18, the Joint Committee on Transportation passed H3141.
Read
more on TenthAmendmentCenter.
Colin
Wood reports:
A hearing this week in the Washington state House of Representatives will determine if the state legislature will go forward with a bill that would give the state sweeping new data-privacy rules. Members on Friday will take up the Washington Privacy Act, which passed out of the state Senate last week and, if enacted, would give the state’s 7.5 million residents digital privacy protections on par with those recently imposed in California.
These
are not the only states with privacy laws in the legislative hopper,
so to speak. As Aaron Kirkpatrick reports today on ABA
Risk & Compliance:
When this article went to press, at least eight states—Connecticut, Hawaii, Massachusetts, Mississippi, New Jersey, New Mexico, Rhode Island, Texas—had seen proposed legislation similar to CCPA, and even more states had seen approaches less intense than CCPA.
For example, some states don’t include CCPA’s private right of action under which consumers can sue companies for monetary compensation should their data be negligently handled. Other states, such as Nevada, have chosen to only include organizations that sell personal data under the law’s umbrella.
And
that’s just versions of CCPA. There are also bills like New York’s
even more protective and radical Privacy
Act,
although that bill doesn’t seem to have a lot of traction at this
point.
Could
this happen in other countries?
Swiss court
rules defamatory Facebook likes ‘can be illegal’
… The
case
related
to a dispute between animal rights activists from 2015. The
perpetrator had liked and shared several posts critical of fellow
animal rights activist Erwin Kessler.
In
groups like ‘Vegan in Zurich’ and ‘Indyvegan’, the
perpetrator had liked and shared posts which portrayed as a neo-Nazi
who harboured anti-Semitic ideas.
The
Zurich court fined the perpetrator saying the social media actions
amounted to defamation. The Federal Court on Thursday upheld the
verdict.
How
to Amazon? Interesting read.
Why
Amazon knows so much about you
BBC
News article
includes
extensive history, narrative, graphics, photos and insight into how
and why Amazon collects massive amounts of data Amazon on users
through multiple channels of e-commerce and devices – by Leo Kelion
– “You might call me an Amazon super-user. I’ve been a
customer since 1999, and rely on it for everything from grass seed to
birthday gifts. There are Echo speakers dotted throughout my home,
Ring cameras inside and out, a Fire TV set-top box in the living room
and an ageing Kindle e-reader by my bedside. I
submitted a data subject access request,
asking Amazon to disclose everything it knows about me Scanning
through the hundreds of files I received in response, the level of
detail is, in some cases, mind-bending. One
database contains transcriptions of all 31,082 interactions my family
has had with the virtual assistant Alexa. Audio clips of the
recordings are also provided.
The 48 requests to play Let It Go, flag my daughter’s infatuation
with Disney’s Frozen. Other late-night music requests to the
bedroom Echo, might provide a clue to a more adult activity…”
I’m
not sure I’m ready for tires that talk to me.
The
Amazing Ways Goodyear Uses Artificial Intelligence And IoT For
Digital Transformation
… Goodyear
uses internet of things technology in its Eagle
360 Urban tire.
The tire is 3D printed with super-elastic polymer and embedded with
sensors. These sensors send road and tire data back to the
artificial intelligence-enhanced control panel that can then change
the tread design
to respond to current road conditions on the fly and share info about
conditions with the broader network. If the tire tread is damaged,
the tire moves the material and begins
self-repair.
… Another
tire innovation from Goodyear is the Oxygene
model,
another 3D-printed tire that has embedded sensors connected to the
internet of things and also uses
living moss and photosynthesis to power its electronics.
The self-generated electricity powers onboard sensors, an
AI-processing unit, as well as a
light strip that illuminates when a driver brakes or changes lanes.
Of
course they are. Governance of Artificial Intelligence by
legislatures of Questionable Intelligence.
AI
Laws Are Coming
The
pace of adoption for AI and cognitive technologies continues unabated
with widespread, worldwide, rapid adoption. Adoption of AI by
enterprises and organizations continues to grow, as evidenced by a
recent
survey showing growth across
each of the seven
patterns of AI.
However, with this growth of adoption comes strain as existing
regulation and laws struggle to deal with emerging challenges. As a
result, governments around the world are moving quickly to ensure
that existing laws, regulations, and legal constructs remain relevant
in the face of technology change and can deal with new, emerging
challenges posed by AI.
Research
firm Cognilytica recently published a report on Worldwide
AI Laws and Regulations that
explores the latest legal and regulatory actions taken by countries
around the world across nine different AI-relevant areas.
Everyone
does it, they’re just not so blatant.
Trump
Backs Supporter Larry Ellison in Court Fight With Google
The
Trump administration urged the U.S.
Supreme Court to
reject an appeal by Alphabet
Inc.’s
Google, boosting Oracle
Corp.’s
bid to collect more than $8
billion in
royalties for Google’s use of copyrighted programming code in the
Android operating system.
The
administration weighed in on the high-stakes case on the same day
that President Donald Trump attended a re-election campaign
fundraiser in California hosted by Oracle’s co-founder, billionaire
Larry Ellison.
No comments:
Post a Comment