Friday, April 15, 2022

Consider these as training exercises for future wars. They even pay for themselves.

https://www.databreaches.net/north-korean-hackers-behind-600-million-crypto-heist-fbi-spying-on-south-korean-chemical-sector-firms-symantec/

North Korean hackers behind $600 million crypto heist – FBI; spying on South Korean chemical sector firms – Symantec

Ameya Paleja reports:

Cyber actors such as the Lazarus Group and APT38, from North Korea, have been confirmed by the Federal Bureau of Investigation (FBI) to be involved in the $600-million crypto-heist that took place last month, the investigation agency said in a press release.
Earlier this year, we had reported that North Korean cybercriminals made away with over $400 million in 2021 alone. These actors are backed by the North Korean state and have made a bold start to 2022 after pulling off what is believed to be the biggest theft of cryptocurrency ever.

Read more at InterestingEngineering.

But that’s not all they have been up to, it seems. Jessica Lyons reports, in part:

Fresh evidence has been found linking a recent espionage campaign against South Korean targets to file hashes, file names, and tools previously used by Lazarus, according to Symantec.
The security shop says the spy operation is likely a continuation of the state-sponsored snoops’ Operation Dream Job, which started back in August 2020.

Read more at TheRegister.



(Related) You ain’t seen nothing yet!

https://thehackernews.com/2022/04/as-state-backed-cyber-threats-grow.html

As State-Backed Cyber Threats Grow, Here's How the World Is Reacting

The ongoing list of significant cyber incidents curated by the Center for Strategic and International Studies (CSIS) shows that the number of major incidents in January 2022 is 100% higher compared to the same period in the previous year. With the recent activities in cyberspace impacted by the emergence of the geopolitical tumult in February, it is not going to be surprising to see an even more dramatic rise in the number of significant incidents.

Here's a look at how state-backed cyberattacks are shaping up this early into 2022 and what the world is doing in response.





Some breaches require zero hacking skills…

https://www.cpomagazine.com/cyber-security/fox-news-data-leak-exposed-13-million-records-including-personally-identifiable-information-and-celebrity-details/

Fox News Data Leak Exposed 13 Million Records Including Personally Identifiable Information and Celebrity Details

A Fox News data leak reportedly exposed at least 13 million records, including personally identifiable information and content management data via a cloud storage configuration error.

According to a Website Planet research team led by Jeremiah Fowler, the 58 GB trove was left open without a username or password, allowing anybody with an internet connection to access it.





If you don't know where you are going, you might wind up someplace else. Yogi Berra

https://www.cpomagazine.com/cyber-security/why-data-for-datas-sake-creates-risks-for-business/

Why ‘Data for Data’s Sake’ Creates Risks for Business

If you offered any boardroom free access to 10 times the amount of data that they currently have access to, almost 99% of them would take you up on the offer. C-suite executives are so used to hearing about the power of data and analytics for driving profit that the equation has been reduced to: more data = more revenue. This is no surprise, given the global big data analytics market size is expected to be worth USD 549.73 billion in 2028.

However, even if we ignore the (sometimes colossal) costs incurred by companies that are paying service providers to gather more data for them, there is another gaping hole in the logic of these decision makers. More data can only generate value if you know how to use it. Data for data’s sake is completely pointless, and organisations are increasingly jumping the gun when it comes to pursuing ambitious insights strategies, without the know-how to make the most of new data. AI is thought to be the go-to solution for this, but this is probably where the biggest misconceptions come in; AI is not a thing in itself that just ‘works’ – algorithms need to be trained and to do that, you need proper strategic objectives and an understanding of what AI can really do for you.





Interesting application.

https://www.gcn.com/public-safety/2022/04/ai-app-fills-last-mile-gps-gap-responders/365695/

AI app fills last-mile GPS gap for responders

A couple years ago, the team at Beans.ai, based about 76 miles from Salinas in Palo Alto, California, approached SFD about digitizing those maps. It scanned them, ran machine learning algorithms on them, geocoded them and then passed them through a process of human and machine review to verify the data before giving it back to the department through an app.

The maps include details on where units or offices are located, the closest access doors and where to find gas or electricity shut-offs and stairways. According to Beans.ai’s website, its map gets responders to within 10 feet of their destination.

It gets you to the closest parking spot to the destination,” Melia said. “It saves you a lot of time.”

… Beans.ai gets its data in several ways. One is by scanning paper maps, whether they are from fire departments, building managers, leasing offices or other public sources. It also downloads publicly available maps. Third, the company works with a network of about 1,400 delivery drivers who request maps when they make deliveries, and anyone using the app can upload data about locations by dropping a custom pin on the map and noting what it indicates, such as a fire hydrant location. The company pays users $6 to $8 per map if they upload one the company didn’t already have.

Right now, Beans.ai is launching pilots for indoor mapping, especially at hospitals and condos, for navigation but also to help firefighters determine the best flight paths for drones. In Chicago and Houston, it is testing the creation of 3D maps. “If you are responding to an emergency in a high-rise, sometimes it becomes really hard for the other firefighters or first responders to find the first, first responder who went inside the building,” Agarwal said.

Additionally, the company is working to fine-tune its integration with 911 dispatch centers so that dispatchers can guide responders who are en route. For example, they can say, “You will see three buildings. Go to the one on the right and around the back.”



No comments: