Tuesday, February 09, 2021

I thought this was well understood by now…

https://www.databreaches.net/north-korea-is-using-cyberattacks-to-finance-updates-to-nuclear-program-un-experts-say/

North Korea Is Using Cyberattacks To Finance Updates To Nuclear Program, UN Experts Say

Edith M. Lederer of AP reports:

North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to seek material and technology overseas for its arsenal, U.N. experts said.
[…]
The panel said its investigations found that North Korean-linked cyber actors continued to conduct operations in 2020 against financial institutions and virtual currency exchange houses to generate money to support its weapons of mass destruction and ballistic missile programs.

Read more on HuffPost.





Some hacks are more for fun than profit, but that can change… Imagine this a ramsomeware…

https://www.vice.com/en/article/88ab33/hacker-poison-florida-water-pinellas-county

Hacker Tried to Poison Florida City's Water Supply, Police Say

On Monday officials from Pinellas County in Florida announced that an unidentified hacker remotely gained access to a panel that controls the City of Oldsmar's water treatment system, and changed a setting that would have drastically increased the amount of sodium hydroxide in the water supply.

During a press conference, Pinellas County Sheriff Bob Gualtieri said that a legitimate operator saw the change and quickly reversed it, but signaled that the hacking attempt was a serious threat to the city's water supply. Sodium hydroxide is also known as lye and can be deadly if ingested in large amounts.

"The hacker changed the sodium hydroxide from about one hundred parts per million, to 11,100 parts per million," Gualtieri said, adding that these were "dangerous" levels. When asked if this should be considered an attempt at bioterrorism, Gualtieri said, "What it is is someone hacked into the system not just once but twice ... opened the program and changed the levels from 100 to 11,100 parts per million with a caustic substance. So, you label it however you want, those are the facts."





I can remember being asked about this kind of risk years ago. Must have been a smart board member…

https://www.cpomagazine.com/cyber-security/why-boards-will-require-cybersecurity-scrutiny-during-financial-audits-in-2021-and-beyond/

Why Boards Will Require Cybersecurity Scrutiny During Financial Audits in 2021 and Beyond

Until recently, cybersecurity’s relationship with financial statements focused on fraudulent activities that disrupted a company’s bottom line. However, as breaches continue to rise, industry experts are starting to notice auditors aren’t doing enough to consider the risks created by these attacks. Because of this, in 2021 and beyond, board members, senior leaders and audit teams will need to start integrating cybersecurity into how they view compliance for Sarbanes-Oxley (SOX) and privacy-related mandates like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). And while this will lead to authoritative boards issuing guidance initiatives, it doesn’t mean businesses should wait to act.





To supplement my Computer Security class.

https://www.muo.com/tag/6-free-cyber-security-courses-thatll-keep-safe-online/

The 6 Best Free Cyber Security Courses: Learn How to Be Safe Online





So, misinformation can be both more subtle and more aggressive. Wonderful. How will anyone prove that they (did say / never said) that?

https://www.eurekalert.org/pub_releases/2021-02/uoc--ddc020821.php

Deepfake detectors can be defeated, computer scientists show for the first time

Systems designed to detect deepfakes --videos that manipulate real-life footage via artificial intelligence--can be deceived, computer scientists showed for the first time at the WACV 2021 conference which took place online Jan. 5 to 9, 2021.

In deepfakes, a subject's face is modified in order to create convincingly realistic footage of events that never actually happened. As a result, typical deepfake detectors focus on the face in videos: first tracking it and then passing on the cropped face data to a neural network that determines whether it is real or fake. For example, eye blinking is not reproduced well in deepfakes, so detectors focus on eye movements as one way to make that determination. State-of-the-art Deepfake detectors rely on machine learning models for identifying fake videos.





Governments have a “Big Brother” strategy. Never doubt it.

https://www.pogowasright.org/the-cbp-used-covid-as-an-excuse-to-install-facial-recognition-at-76-airports/

The CBP Used COVID As An Excuse To Install Facial Recognition At 76 Airports

Joe Cadillic writes:

A recent DHS report titled the “CBP Trade and Travel Report” reads like an instruction manual on how to exploit the public’s fear of COVID. The report is a perfect example of how the Feds used the pandemic as an excuse to install facial recognition cameras across the country.
The report starts out by claiming that the U.S. Customs and Border Protection (CBP) faced serious hardships because of the coronavirus epidemic.
Furthermore, passenger volumes for all modes of transportation combined decreased 42 percent, and air travelers specifically decreased 54.2 percent.
When other organizations had a decrease in business, they laid off or furloughed their employees as a result. What did Homeland Security do? They, instead, decided to increase biometric surveillance of everyone.

Read more on MassPrivateI.





Looking at my DNA without permission?

https://www.pogowasright.org/you-have-heard-of-the-bipa-but-what-about-the-gipa/

You Have Heard of the BIPA, But What About the GIPA?

Joseph J. Lazzarotti and Jody Kahn Mason of JacksonLewis write:

Enacted in 2008, the Illinois Biometric Information Privacy Act, 740 ILCS 14 et seq. (the “BIPA”), went largely unnoticed until a few years ago when a handful of cases sparked a flood of class action litigation over the collection, use, storage, and disclosure of biometric information. Seeing thousands of class action lawsuits, organizations have reevaluated and redoubled their compliance efforts. On January 28, 2021, a complaint was filed in Cook County, IL, Melvin v. Sequencing, LLC, alleging violations of the Illinois Genetic Information Privacy Act, 410 ILCS 513/1 – the “GIPA”…try not to get confused… which was originally effective in 1998.

Read more on Workplace Privacy, Data Management & Security Report





So long as everyone understands the implications…

https://www.ft.com/content/4c40c890-afd3-40a3-9582-78a66c37a8af

EU ready to follow Australia’s lead on making Big Tech pay for news

EU lawmakers overseeing new digital regulation in Europe want to force Big Tech companies to pay for news, echoing a similar move in Australia and strengthening the hand of publishers against Google and Facebook.

The initiative from members of the European parliament would be a serious blow to Google, which has threatened to leave Australia in protest at a planned new law that would compel it to pay for news.

Facebook has also warned it will stop users in Australia from sharing news if the legislation is passed in its current form.





Probably not as shocking as it seems at first.

https://www.zdnet.com/article/facebook-and-snap-inc-call-for-a-gdpr-aligned-australian-privacy-act/

Facebook and Snap Inc call for a GDPR-aligned Australian Privacy Act

In a submission [PDF] to the Attorney-General's review of the Privacy Act 1988, Facebook called for "effective privacy and data protection" as part of a "globally harmonised framework". It believes failing to do runs the risk of creating a "splinternet", where some countries or regions of the world adopt approaches to privacy and data protection that are mutually exclusive to other regimes.





Now if only someone would write a book explaining lawyers… (Not in my local library, yet)

https://abovethelaw.com/2021/02/new-book-aims-to-demystify-a-i-for-lawyers/

New Book Aims To Demystify A.I. For Lawyers

Last week, Kira Systems gurus Noah Waisberg and Dr. Alexander Hudek released AI For Lawyers: How Artificial Intelligence Is Adding Value, Amplifying Expertise, and Transforming Careers attempting to provide lawyers with a straight-forward guide to the technology and its potential.

From research to analytics to contract review, the book lays out the potential AI can bring to your practice. It’s almost as if the logic of A.I. permeates the very structure of the book, with multiple asides from other authors adding fresh insights or demonstrated use cases in their own personal styles — no survey of a body of data would be complete without tackling it from multiple perspectives and drawing consensus conclusions.





The future of libraries?

https://www.bespacific.com/internet-archives-modern-book-collection-now-tops-2-million-volumes/

Internet Archive’s Modern Book Collection Now Tops 2 Million Volumes

Internet Archive Blogs: “The Internet Archive has reached a new milestone: 2 million. That’s how many modern books are now in its lending collection available free to the public to borrow at any time, even from home. “We are going strong,” said Chris Freeland, a librarian at the Internet Archive and director of the Open Libraries program. “We are making books available that people need access to online, and our patrons are really invested. We are doing a library’s work in the digital era.” The lending collection is an encyclopedic mix of purchased books, ebooks, and donations from individuals, organizations, and institutions. It has been curated by Freeland and other librarians at the Internet Archive according to a prioritized wish list that has guided collection development. The collection has been purpose-built to reach a wide base of both public and academic library patrons, and to contain books that people want to read and access online—titles that are widely held by libraries, cited in Wikipedia and frequently assigned on syllabi and course reading lists. “The Internet Archive is trying to achieve a collection reflective of great research and public libraries like the Boston Public Library,” said Brewster Kahle, digital librarian and founder of the Internet Archive, who began building the diverse library more than 20 years ago…”





Opinion: The US has quit trying to be a leader in space.

https://www.technologyreview.com/2021/02/09/1017683/hope-mars-mission-orbit-milestone-uae-space-program-united-arab-emirates/

The UAE’s Hope probe is about to arrive at Mars in a historic first



No comments: