Techwinnews

Hot

Wednesday, July 3, 2019

Can You Hear Me Now? Staying Connected During a Cybersecurity Incident

July 03, 2019 0
prepare communication backup plans and workarounds in advance to respond effectively to a cybersecurity incident
We all know that communication is important. Anyone who's ever been married, had a friend, or held a job knows that's true. While good communication is pretty much universally beneficial, there are times when it's more so than others. One such time? During a cybersecurity incident.
Incident responders know that communication is paramount. Even a few minutes might mean the difference between closing an issue (thereby minimizing damage) vs. allowing a risky situation to persist longer than it needs to. In fact, communication -- both within the team and externally with different groups -- is one of the most important tools at the disposal of the response team.
This is obvious within the response team itself. After all, there is a diversity of knowledge, perspective and background on the team, so the more eyes on the data and information you have, the more likely someone will find and highlight pivotal information. It's also true with external groups.
For example, outside teams can help gather important data to assist in resolution: either technical information about the issue or information about business impacts. Likewise, a clear communication path with decision makers can help "clear the road" when additional budget, access to environments/personnel, or other intervention is required.
What happens when something goes wrong? That is, when communication is impacted during an incident? Things can get hairy very quickly. If you don't think this is worrisome, consider the past few weeks: two large-scaledisruptions impacting Cloudflare (rendering numerous sites inaccessible) and adisruption in Slack just occurred. If your team makes use of either cloud-based correspondence tools dependent on Cloudflare (of which there are a few) or Slack itself, the communication challenges are probably still fresh in your mind.
Now imagine that every communication channel you use for normative operations is unavailable. How effective do you think your communication would be under those circumstances?

Alternate Communication Streams

Keep in mind that the middle of an incident is exactly when communications are needed most -- but it also is (not coincidentally) the point when they are most likely to be disrupted. A targeted event might render critical resources like email servers or ticketing applications unavailable. A wide-scale malware event might leave the network itself overburdened with traffic (impacting potentially both VoIP and other networked communications), etc.
The point? If you want to be effective, plan ahead for this. Plan for communication failure during an incident just like you would put time into preparedness for the business itself in response to something like a natural disaster. Think through how your incident response team will communicate with other geographic regions, distributed team members, and key resources if an incident should render normal channels nonviable.
In fact, it's often a good idea to have a few different options for "alternate communication channels" that will allow team members to communicate with each other depending on what is impacted and to what degree.
The specifics of how and what you'll do will obviously vary depending on the type of organization, your requirements, cultural factors, etc. However, a good way to approach the planning is to think through each of the mechanisms your team uses and come up with at least one backup plan for each.
If your team uses email to communicate, you might investigate external services that are not reliant on internal resources but maintain a reasonable security baseline. For example, you might consider external cloud-based providers like ProtonMail or Hushmail.
If you use VoIP normally, think through whether it makes sense to issue prepaid cellular or satellite phones to team members (or to at least have a few on hand) in the event that voice communications become impacted. In fact, an approach like supplementing voice services with external cellular or satellite in some cases can help provide an alternate network connectivity path at the same time, which could be useful in the event network connectivity is slow or unavailable.

Planning Routes to Resources and Key External Players

The next thing to think through is how responders will gain access to procedures, tools and data in the event of a disruption. For example, if you maintain documented response procedures and put them all on the network where everyone can find them in a pinch, that's a great start… but what happens if the network is unavailable or the server its stored on is down? If it's in the cloud, what happens if the cloud provider is impacted by the same problem or otherwise can't be reached?
Just as you thought through and planned alternatives for how responders need to communicate during an event, so too think through what they'll need to communicate and how they'll get to important resources they'll need.
In the case of documents, this might mean maintaining a printed book somewhere that they can physically access -- in the case of software tools, it might mean keeping copies stored on physical media (a USB drive, CD, etc.) that they can get to should they need it. The specifics will vary, but think it through systematically and prepare a backup plan.
Extend this to key external resources and personnel your team members may need access to as well. This is particularly important when it comes to three things: access to key decision-makers, external PR, and legal.
In the first case, there are situations where you might need to bring in an external resources to help support you (for example, law enforcement or forensic specialists). In doing that, waiting for approval from someone who is unavailable because of the outage or otherwise difficult to reach puts the organization at risk.
The approver either needs to be immediately reachable (potentially via an alternate communication pathway as described above) or, barring that, have provided approval in advance (for example, preapproval to spend money up to a given spending threshold) so that you're not stuck waiting around during an event.
The same is true for external communications. You don't want to find your key contact points and liaisons (for example to the press) to be MIA when you need them most. Lastly, it is very important to have access to legal counsel, so make sure that your alternative communication strategy includes a mechanism to access internal or external resources should you require their input.
The upshot of it is that the natural human tendency is to overlook the fragility of dependencies unless we examine them systematically. Incident responders need to be able to continue to operate effectively and share information even under challenging conditions.
Putting the time into thinking these things through and coming up with workarounds is important to support these folks in doing their job in the midst of a cybersecurity event.
Read More
By at No comments:
Labels:

Tuesday, July 2, 2019

Cryptohackers Breach StatCounter to Steal Bitcoins

July 02, 2019 1
hackers planted malware on statcounter to steal bitcoin from gate.io users
Hackers planted malware on StatCounter to steal bitcoin revenue from Gate.io account holders, according to Eset researcher Matthieu Faou, who discovered the breach.
The malicious code was added to StatCounter's site-tracking script last weekend, he reported Tuesday.
The malicious code hijacks any bitcoin transactions made through the Web interface of the Gate.io cryptocurrency exchange. It does not trigger unless the page link contains the "myaccount/withdraw/BTC" path.
The malicious code secretly can replace any bitcoin address that users enter on the page with one controlled by the attacker. Security experts view this breach as critical because so many websites load StatCounter's tracking script.
"This security breach is really important considering that -- according to StatCounter -- more than 2 million websites are using their analytics platform," Faou told TechNewsWorld. "By modifying the analytics script injected in all those 2 million websites, attackers were able to execute JavaScript code in the browser of all the visitors of these websites."

Limited Target, Broad Potential

The attack also is significant because it shows increased sophistication among hackers regarding the tools and methods they use to steal cryptocurrency, noted George Waller, CEO of BlockSafe Technologies.
Although this form of hijacking is not a new phenomenon, the way the code was inserted was.
The growth of the cryptocurrency market and its emerging asset class has led hackers to increase their investments in devising more robust attempts and methods to steal it. The malware used is nothing new, but the method of delivering it is.
"Since the beginning of 2017, cryptocurrency exchanges suffered over (US)$882 million in funds stolen through targeted attacks across at least 14 exchanges. This hack adds one more to the list," Waller told TechNewsWorld.
In this instance, attackers chose to target the users at Gate.io, an important cryptocurrency exchange, said Eset's Faoul. When a user submitted a bitcoin withdrawal, attackers in real time replaced the destination address with an address under their control.
Attackers were able to target Gate.io by compromising a third-party organization, a tactic known as a "supply chain attack." They could have targeted many more websites, Faoul noted.
"We identified several government websites that are using StatCounter. Thus, it means that attackers would have been able to target many interesting people," he said.

Telling Financial Impact

Gate.io customers who initiated bitcoin transactions during the time of the attack are most at risk from this breach. The malware hijacked transactions legitimately authorized by the site user by changing the destination address of the bitcoin transfers, according to Paige Boshell, managing member of Privacy Counsel.
As a rule, the number of third-party scripts, such as StatCounter, should be kept to a minimum by webmasters, as each represents a potential attack vector. For exchanges, additional confirmations for withdrawals would have been beneficial in this case, given that the exploit involved swapping the user's bitcoin address for that of the thieves.
"Gate.io has taken down StatCounter, so this particular attack should be concluded, Boshell told TechNewsWorld.
The extent of the loss and the fraud exposure for this breach is not yet quantifiable. The attackers used multiple bitcoin addresses for the transfers, Boshell added, noting that the attack could have been deployed to impact any site using StatCounter.

Protection Strategies Not Foolproof

StatCounter needs to improve its own code audit and constantly check that only authorized code is running on its network, suggested Joshua Marpet, COO at Red Lion. However, most users will not realize that StatCounter is at fault.
"They'll blame Gate.io, and anything could happen -- loss of business, run on the bank,' and even closing their doors," he told TechNewsWorld.
Checking the code is not always a workable prevention plan. In this case, the malware code looked like the Gate.io user's own instructions, noted Privacy Counsel's Boshell.
"It was not easily detectable by the fraud tools that Gate.io uses to protect against and detect malware," she said.
Network admins are not really affected in this type of breach, as the malicious code is processed at the workstation/laptop rather than on the webserver, according to Brian Chappell, senior director of enterprise and solutions architecture at BeyondTrust. It also does not provide any mechanism to gain control over the system.
"In essence, a lot of stars need to line up to make this a significant risk in that regard," he told TechNewsWorld. "Effective vulnerability and privilege management would naturally limit the impact of any intrusion."
That is a direction that admins need to look. There is nothing they can do to control the initial attack, assuming the targeted websites are accepted sites within their organization, Chappell added.
Even a well-protected website can be breached by compromising a third-party script, noted Eset's Faou.
"Thus, webmasters should choose carefully the external JavaScript code they are linking to and avoid using them if it is not necessary," he said.
One potential strategy is to screen for scripts that replace one bitcoin address with another, suggested Clay Collins, CEO of Nomics.
Using analytics services that have a good security reputation is part of that, he told TechNewsWorld.
"Folks with ad/script blockers were not vulnerable," Collins said.

More Best Practices

Traffic analysis, website scanning and code auditing are some of the tools that could have detected that something was causing abnormal transactions and traffic, noted Fausto Oliveira, principal security architect at Acceptto. However, it would have been ideal to prevent the attack in the first place.
"If the Gate.io customers had an application that requires strong out-of-band authentication above a certain amount, or if a transaction is aimed at an unknown recipient, then their customers would have had the opportunity to block the transaction and gain early insight that something wrong was happening," Oliveira told TechNewsWorld.
Using script blocking add-ons like NoScript and uBlock/uMatrix can put a measure of personal control in the website user's hands. It makes Web browsing more challenging, noted Raymond Zenkich, COO of BlockRe.
"But you can see what code is being pulled into a site and disable it if it is not necessary," he told TechNewsWorld.
"Web developers need to stop putting third-party scripts on sensitive pages and put their responsibility to their users over their desire for advertising dollars, metrics, etc.," Zenkich said.

Beware Third-Party Anythings

As a rule, the number of third-party scripts should be kept to a minimum by webmasters, suggested Zenchain cofounder Seth Hornby, as each one represents a potential attack vector.
"For exchanges, additional confirmations for withdrawals would also be beneficial in this case, given that the exploit involved swapping the user's bitcoin address for that of the thieves," he told TechNewsWorld.
Even third-party outsourcing solutions can open the door to cyber shenanigans, warned Zhang Jian, founder of FCoin.
"So many companies within the cryptocurrency space rely on third-party companies for different duties and tasks. The ramification of this outsourcing is a loss of accountability. This puts many companies in a tough spot, unable to locate attacks of this nature before it is too late," he told TechNewsWorld.
Instead, network admins should work toward creating in-house versions of their tools and products, from beginning to end, Jian suggested, to ensure that control of these security measures lies within their reach
Read More
By at 1 comment:
Labels:

The Democratic Debate That Wasn't: How Tech Could Help Elections

July 02, 2019 0
technology could make political debates vastly more informative

I watched the Democratic debates last week and was struck by three things: I'd likely rather watch paint dry; the application of technology to improve the experience was nonexistent; and I'd bet that if the Democrats don't up their game President Trump will have them to thank when he wins re-election.
I'm generally frustrated about how little technology is used to improve the presentations made by technology companies, but in this case both the preservation of the U.S. and perhaps the survival of the world are tied to the next election, and last week's effort fell well below what should have been done.
I'll suggest some ways technology could be used to improve events like the non-debate the Democrats put on last week. I'll close with my product of the week: Amazon's new Echo Show 5, which has taken the lead for price performance among digital assistants.

How to Improve Political Debates

Given how much the Democrats complain about the U.S. president's inability to tell the truth, you'd think that if they put on something called a "debate" it would include some debating. The closest we got to that last week was when the folks on stage went off script and started yelling at each other. (That was more argument than debate but at least it was interesting.)
We used to have to watch things like this live, and there were time limits that created ugly compromises, much like we saw last week. No one got enough time. However, we are at critical mass for people who stream content now. Plus, our TVs are increasingly intelligent, and most of us have some digital device with us as we watch a debate.
This means debates could be more dynamic. For those who don't know a candidate, provide links so they can learn more without having to go off on their own and search Google (which happened a lot).
In addition, with an app you could allow viewers to stream a full argument from a politician they were interested in and get the complete picture of a position. You then could, through automatic transcription and the application of an AI, get near real-time comparisons between a number of politicians at once, so you could identify those you mostly agreed with and separate from those you thought were nuts. Granted, this doesn't help if they are all nuts.
You must believe that the political parties, not to mention the social networks, know all about you, and they could point out which candidates are the most aligned to your mindset and interests. I know a few years back when we had no incumbent, a similar analysis (I'm a Republican) indicated my views were closest to moderate Democrat Joe Biden.
With smart glasses, or simply a feed to their podiums, candidates could get real-time updates and help from their staff. Once they had the job, they would have the CIA, FBI, NSA, Secret Service, State Department and other organizations to rely on. They wouldn't need to rely on their memories alone, and they shouldn't be in the habit of doing that.
Many of our problems are the result of politicians unnecessarily firing from the hip because they failed to research their positions or to use their resources in a timely way. In a data-rich age, we should have fewer hip shooters, not more.
Demonstrating the capability to use technology in real time to improve positions and decisions should be a requirement of the job, and it isn't cheating in this instance. These people aren't competing in a game show -- they are trying to showcase that they would be the best candidate. The job will require them to use the vast resources of the U.S. -- not act like some old guy who only watches Fox News and chases kids off his lawn in his substantial free time.
There was a lot of wasted screen space during the debate, which could have been used to provide background on the candidates or display information about what people are searching on most frequently. Granted, you'd want to use a censoring AI to make sure folks didn't game that system to prank the speakers or do them harm. Just a running chart on what folks were searching on would tell the viewer, moderators and even speakers what was resonating so they could appeal to the audience more effectively.
Why is it necessary to have an audience in the room? That just forces a rigid timeline, and that timeline reduces understanding as well as the effectiveness and entertainment value of the result. Yes, an audience provides applause, but that tends to slow down the process anyway.
Now of the 10 people on the stage, chances are you are only interested in two or three of them. An AI could help you pick which two or three (and make recommendations for those who aren't on your list). Then it also could formulate and present a virtual debate surrounding issues you care about between the two candidates using an AI clone.
Recall that IBM Watson did a really good job of debating a real debate champion a few months ago. It lost, but it showcased that you could program an AI to perform as a debater. If you trained multiple AIs on the politicians, users could pick those they wanted and pit them against each other virtually. Granted, each campaign would need to train its own AI, but the AI also could answer questions from voters at scale.
Now we also can engage at scale through smartphone apps or websites. Moderators have choices of questions, and they could have the audience vote on the questions to ask and even which candidates to ask them of in real time. That way the event automatically would be optimized for the people who tuned in.

Tracking Things Like Equal Time

Coverage of the candidates went from around 10 minutes, which wasn't enough, to five minutes, which was a joke. I mean, why show up if you are only going to get five minutes out of two hours? Moderators can get running tallies that showcase who is getting the least coverage and then could direct more questions to those people.
Given what happened between Bernie Sanders and Hillary Clinton in the last election, special care should be taken at least to appear fairer so large numbers of voters wouldn't feel disenfranchised again and stay home.

Real-Time Translation

It was cute to see some of the politicians speak Spanish, but there is a decent chance that most of their audience wasn't that impressed, because they didn't. We could do real-time translation, though, and either pop up subtitles or have a voiceover with the translation.
The politicians wouldn't have to repeat themselves, and viewers could hear or see the response in their preferred language. I think language skills are a plus in a politician, particularly when it comes to negotiations, and this would allow a politician to show off those skills without pissing off or losing the audience.

Job Interview at Scale

When you and I interview for a job we start with a resume and then sit for an interview focused on whether we have the skills for the job. We don't get on TV and get asked a bunch of wide-ranging questions, have little or no time to answer them, and then get sniped at by our competitors.
The interview process may have very little to do with the job we will get, but this fake debate format is even further from the job a president will do. In short, all these folks are attempting to showcase skills they may never use outside of the campaign.
A real debate would be closer to a negotiation they might have to do between countries, but wouldn't it be nice to hear some details from folks who worked with them on how well they did their past jobs?
Having a job and doing that job well are potentially two different things, and rather than just focusing on questions having to do with the next job, wouldn't it make more sense to focus on how well they did in the last one?
If it really isn't going to be a debate, why not just make this a job interview? You could show some of the questions in real time but provide links to more extensive interviews for audience members who might want to drill down.
I'm suggesting that with technology we could focus a bit more on competence and a ton less on BS. Maybe, just maybe, we'd get a final choice for president of both candidates being qualified rather than the more typical case of neither making the grade.

Wrapping Up

We have all this technology, and the information out there on each one of us could fill books, but it's not being used to improve our election process, in terms of fielding the best candidates for the job. Technology not only could make election events more interesting, but also could help us make better choices between candidates, and perhaps get us back to talking about issues rather than the latest ad hominem attack.
Whether in politics or in technology, the goal appears to be to just to get through the event when it should be to help us make better, more informed choices. Borrowing from The Six Million Dollar Man, we have the technology -- why don't we fricken use it to improve our world, starting with helping us make better political choices? Maybe, in the future, our governments would get the things done we want done. Right now, I doubt our government even knows what that is.

Rob Enderle's Product of the Week

I was one of the early adopters for the Amazon Echo Show and it had some issues -- from a camera that made it iffy in the bedroom to a price that pushed it out of range for most of us.
Then came the Echo Spot, which was far more attractively priced but had a tiny display that was almost useless, along with a camera. Both had buttons to turn the cameras off, but it was easy to turn them back on again without the user knowing, which is problematic when it comes to privacy expectations and some laws.
Amazon Show 5
Amazon Show 5
Well the new Echo Show is priced like the Spot was (around US$89), has a larger and more useful display, plus a slider that physically blocks the camera and puts a white dot on the face to show you the camera has been blocked. Someone would have to come into the room to turn the camera on, and doing so would remove the white dot. (I'd still like a bigger alert that the camera is active myself, but this is an improvement.)
There still is a larger Echo Show for $229 with twice the screen and better speakers, but you can upgrade this Show with Bluetooth speakers for better sound, and the 5-inch display is fine for most things. (You aren't watching movies on a 10-inch device anyway). The larger one also has a Zigbee smart hub that most will never use.
This is likely the perfect Echo device for many, in that it is well-priced, has the full feature set (including video), and is useful in most of the places you'd use it. I'd still like more choices as to activation words, as every one of the Echos I have has a different word, and everyone fires up unintentionally from time to time. (My favorite is watching Star Trek and having the one in my living room, which answers to "computer," try to respond to the TV actors interacting with the computer in the Enterprise or Discovery).
I also anticipate a future app for the Echo Show 5 that would call out BS every time someone on the TV lied. Granted, when some politicians are talking, it might have a meltdown. Still, because this is the best Echo to date and I am up to my armpits in Echo devices, the new Amazon Echo Show is my product of the week.
During the coming Amazon Prime day, I'll bet you can buy one of these for closer to $50, which would be a huge deal. Christmas shopping early, anyone?
Read More
By at No comments:
Labels:

Clean Energy Solutions to Lower Your Electric Bill

July 02, 2019 0
Arcadia Power clean energy solutions
Using clean energy is the best bet we have to reduce the effects of environmental damage caused by using fossil fuels like oil, coal, and natural gas to power our daily lives.
Not only is the act of relying on finite resources an intrinsically unstable and expensive way to depend on power for the things we rely on the most, it negatively impacts the world around us — and our own health and sustainability.
Large companies like Google and Amazon have amassed enough resources and capital to leverage lower rates for their clean energy solutions -- but Arcadia Power is helping disrupt that market for the average consumer. Here's how it works: Arcadia Power connects you to an online platform. When you can connect your utility bill, you're given access to low cost clean energy programs.

Green Power Solutions

Arcadia Power partners with green electricity suppliers, pulled primarily from wind farms -- the primary currency of the green power market.
wind farms are the primary currency of the green power market
Once you connect to the platform, Arcadia Power monitors the energy market in your area, and pulls the lowest rates from local suppliers to ensure that you consistently get access to the least expensive rates available to you.
The free Price Alerts system lets you know when there's a better option available to you -- but you can opt-out any time, without worrying about cancellation fees or getting locked into an expensive contract.
You get an email with your new rate and estimated yearly savings -- so at the end of the day, you get a combination of offers and solutions, ranging from wind power, to community solar and price alerts.

Clean Power in Numbers

So, how can Arcadia Power connect homeowners and renters to their membership for free? The answer is in negotiating power: the company's large customer base gave them the ability to access clean power priced at 10-25% less than the usual rates. So as the company grows in numbers and strength, so does the affordability of the solutions.

Plus, the whole process is simple and continuous: as long as you're connected to the Arcadia Power energy platform, you're sent new plans once there's a price drop for a better solution in your area, which you can opt-in for or not. And once your contract expires, Price Alerts runs the whole process again.
Arcadia Power offers utility billing at no transaction fee, meaning members can earn credit card rewards points every time they pay their bill -- so using clean energy solutions can help you pay for your next plane tickets for your next vacation. Sign up for free here today.
Read More
By at No comments:
Labels:

Thursday, June 27, 2019

NSA Admits Improper Collection of Phone Data, 2nd Time Around

June 27, 2019 0
Civil Liberties Union on Wednesday released documents showing the United States National Security Agency improperly collected Americans' call and text logs in November 2017 and in February and October 2018.
The unauthorized collections occurred just four months after the agency announced it was deleting more than 620 million call detail records acquired since 2015 under Title V of the Foreign Intelligence Service Act.
The NSA relied on the improperly collected information from the February 2018 violation to seek approval from the Foreign Intelligence Surveillance Court to spy on individuals, the ACLU said.
The NSA later informed the court of the error, the ACLU noted, but there's no indication whether anyone was spied on unlawfully as a result, or whether the agency notified people improperly spied upon as required.
In October, the NSA again discovered it had obtained private information about Americans' phone calls in violation of Section 215 of the Patriot Act.
The agency stopped receiving data from the carrier involved but resumed accepting data after the carrier indicated it had resolved the problem, according to the ACLU.
The ACLU obtained the redacted documents by filing a Freedom of Information Act lawsuit against the Office of the Director of National Intelligence in December.
The 2015 USA Freedom Act, adopted in 2015 after Edward Snowden disclosed the NSA's surveillance activities, restricts the government's phone record program, noted Andrew Crocker, senior staff attorney at the Electronic Frontier Foundation.
"We've learned that the NSA has been entirely unsuccessful in working within these limits, leading to the continued collection of hundreds of millions of phone records, including many it was not entitled to under the law," Crocker told TechNewsWorld.

The Carriers' Fault?

The NSA blamed the renewed spying on carriers' mistakes, stating that technical irregularities led it to receive call detail records it was not authorized to obtain.
"We don't know what caused the NSA's egregious noncompliance," said Sandra Fulton, government relations director at Free Press.
"Broadly it seems to be the result of at least one carrier overproducing the amount of user data it is meant to give the agency, but within the system designed by the NSA, so the fault is on both sides," she told TechNewsWorld.
"While it is entirely possible there could be a sinister reason behind it, we've seen time and time again the nature of bureaucratic inefficiencies when dealing with large agencies," said Heidari Power Law Group attorney Yasha Heidari.
"Otherwise, I would expect a more evasive response -- and indeed, I would not believe we would even be hearing about this issue," he told TechNewsWorld.

Blame It on Technology

"Presented with a request for a particular population of numbers and associated dial information, you're going to capture a lot of extra stuff," said Michael Jude, program manager at Stratecast/Frost & Sullivan.
"Metadata is leaky," he told TechNewsWorld. "Even criminals and enemy agents make calls to local pizza places, and you have all that information captured in the metadata. I don't think technology is up to protecting people's privacy and call patterns."
The bigger question, Jude noted, is whether the NSA is using the data the way it should.

National Security's Sometimes Broad Brush

The NSA for years has fought calls for greater transparency on the grounds of national security.
It has not yet responded to a demand from six Democratic Party Senate Intelligence Committee members to release a public update on its mass phone data collection program, Free Press' Fulton said.
A court this spring dismissed the Electronic Frontier Foundation's lawsuit challenging the NSA's surveillance of Americans -- Jewel v. NSA -- on national security grounds. The EFF filed an appeal with the Ninth Circuit Court of Appeals.
The NSA this spring also recommended dropping the phone surveillance program, according to reports, because its logistical and legal issues outweighed any intelligence benefits. It apparently has quietly killed the program since then.

Demands for More Safeguards

The ACLU on Tuesday wrote the House Judiciary Committee urging it to end the NSA's Section 215 call detail record authority and to investigate and make public additional information about the agency's recent compliance violations.
The NSA may have replicated its collection of surveillance data under a different authority, ACLU Senior Legislative Counsel Neema Singh Giuliani speculated, and she urged Congress to prevent resurrection of the program.
She also suggested Congress do the following:
  • Let Section 215 of the Patriot Act expire at the end of the year as scheduled;
  • Pass additional reforms to halt large-scale surveillance being conducted under other Patriot Act authorities;
  • Strengthen existing First Amendment protections;
  • Limit how federal agencies can access and use information that's collected, and ensure they provide notice to individuals when information is used in criminal proceedings;
  • Close the backdoor search loophole inSection 702 of the FISA Amendments Act; and
  • Reform the FISC.
Meanwhile, Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., and Reps. Justin Amash, R-Mich., and Zoe Lofgren, D-Calif., jointly introduced the "Ending Mass Collection of Americans' Records Act," S. 936 and H.R. 1942, in the Senate and House respectively.
S. 936 has a mere 4 percent chance of being enacted, according to Skopos Labs.
"This bipartisan effort to end the NSA's call detail record authority is a welcome sign and something that should be a no-brainer for Congress," ACLU spokesperson Abdullah Hasan remarked.
"We agree with the senators that broader legislative reforms to the NSA's surveillance authorities are needed," he told TechNewsWorld, "including limiting large-scale collection of data, preventing discrimination and First Amendment violations, and enhancing transparency
Read More
By at No comments:
Labels:

Wednesday, June 26, 2019

Chinese Hackers Linked to Global Attacks on Telcos

June 26, 2019 0
chinese hackers most likely are responsible for a years-long campaign targeting global telcos reported research firm cybereason
Security researchers on Monday reported that Chinese hackers are the likely perpetrators of a series of cyberattacks against telecommunications companies around the world.
The campaign, dubbed "Operation Soft Cell," has been active since 2012, according to Cybereason, an endpoint security company based in Boston.
There is some evidence suggesting even earlier activity against the telecommunications providers, all of whom were outside North America, the researchers said.
The attackers attempted to steal all data stored in the active directory servers of the organizations, including all usernames and passwords in the companies, as well as other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more, according to the report.
Based on the tools used in the attacks, such as PoisonIvy RAT, and the tactics, techniques and procedures deployed by the attackers, the campaign likely was run by APT10, a notorious group of Chinese hackers, the researchers pointed out.
The U.S. Justice Department last year indicted two members of APT10 for conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.
There is some solid evidence APT10 was behind the attacks, such as the way they customized PoisonIvy and the idiosyncratic bread crumbs they left behind, said Sam Curry, chief security officer at Cybereason.
"The way the customization is done, the way they write the scripts, is the sort of thing we've seen time and again," he told TechNewsWorld. "There's a high probability that it's a Chinese hacker."

Alarming Attack

The hackers attacked organizations in waves launched over a period of months, the report notes. During that time, they were able to map the target networks and compromise credentials. That enabled them to compromise critical assets -- such as production and database servers, and even domain controllers.
"Beyond targeting individual users, this attack is also alarming because of the threat posed by the control of a telecommunications provider," the report states. "Telecommunications has become critical infrastructure for the majority of world powers. A threat actor with total access to a telecommunications provider, as is the case here, can attack however they want passively and also actively work to sabotage the network."
The attack has widespread implications -- not just for individuals, but also for organizations and countries alike, the Cybereason researchers said.
"The use of specific tools and the choice to hide ongoing operations for years points to a nation state threat actor, most likely China," they wrote. "This is another form of cyber warfare being used to establish a foothold and gather information undercover until they are ready to strike."
There are similarities between Operation Soft Cell and another telecom attack, suggested Lavi Lazarovitz, a cyber research group manager at CyberArk Labs, an information security company based in Newton, Massachusetts.
"This widespread attack on telecommunications companies has similar characteristics to Operation Socialist," he told TechNewsWorld.
Operation Socialist -- a CIA and British GCHQ campaign revealed by Edward Snowden -- attempted to take control of the Belgian telecommunications company Belgacom.
"It leverages privileged accounts and probably shadow admins to allow persistency and control," Lazarovitz said.

Useful Information

Information reaped by campaigns like Operation Soft Cell can be invaluable to a foreign intelligence service, noted Jonathan Tanner, a senior security researcher at Barracuda Networks, based in Campbell, California.
"Tracking a target's daily routines alone can be useful for a number of motivations, ranging from enumerating contacts to asset recruitment, to abduction or assassination," he told TechNewsWorld.
That sort of work traditionally is carried out by surveillance teams, but with technology it's becoming increasingly easy to gain that information by other means with significantly less manpower, Tanner explained.
"The irony with this breach is that many carriers actually sell this data anyway, through third parties such as Zumigo, who then resell it without checking into their buyers backgrounds," he said.
Stolen data from telcoms can be valuable to more than just Chinese intelligence agencies.
"This type of attack would greatly help Huawei in their fight to control as much of the 5G space as possible," said Jonathan Olivera, a threat analyst forCentripetal Networks, a network security company in Herdon, Virginia.
"When a country like China relies on surveillance and intellectual property theft to keep its momentum going, it will be hard to stop and prevent expansion," he told TechNewsWorld.

Familiar Playbook

The breadth and persistence of the attacks aren't the only discouraging characteristics of Operation Soft Cell.
"This plays out like every other hack that we've heard about in a major organization for years and years and years," said Chet Wisniewski, principal research scientist at Sophos, a network security and threat management company based in the UK.
"It's clear that these big companies are not taking this stuff seriously enough, especially the ones that have sensitive information about us. The giant role these companies play in our lives demands that they take security more seriously," he told TechNewsWorld.
"The stuff that these guys did was stuff any skilled pen tester would do," Wisniewski said.
"The attacks didn't have any super secret stuff. There were no new zero-day vulnerabilities here -- no new tools that no one had ever heard of before. All the stuff was off the shelf. I could teach a college student to how to use it in a semester," he said.
"We know this playbook," Wisniewski added, "and big companies should be able to defend against it."

Cold War in Cyberspace

Campaigns like Operation Soft Cell are likely to continue without abatement, noted Satya Gupta, CTO of Virsec, an applications security company in San Jose, California.
"These attacks will continue for the foreseeable future, as long as there is political tension and unrest in any number of regions," he told TechNewsWorld. "Infrastructure attacks on all sides are trying to sow uncertainty, which has both political and financial value to the perpetrators."
As for China, it seems content with economic espionage, for the most part, but that could change in the future, too.
"As long as we're involved in trade wars, I'm not as worried as if China starts to feel threatened about its sphere of influence," said Richard Stiennon, chief research analyst at IT Harvest, an industry analyst firm in Birmingham, Michigan.
"If it's trade wars, China's target of interest will be the same as it's always been: economic espionage. If it's sphere-of-influence stuff, then the targets of interest could escalate dramatically," he told TechNewsWorld.
"We are essentially in a cyber cold war, and many of the same factors still apply regarding escalation of hostilities and the overall desire to avoid an actual war as a result of ongoing activities," Barracuda's Tanner added. "Countries will continue to push the boundaries, but a major increase in attacks runs the risk of being seen as an act of war, which no country wants.
Read More
By at No comments:
Labels:

Internet's Crowds Stunting Its Growth: Trends Report

June 26, 2019 0
although more people are connected to the internet the rate of growth is trending downward
More than half the world's population -- 3.8 billion people -- have access to the Internet and that may not be a good thing, at least for business, according to digital savant Mary Meeker's Internet Trends 2019 report.
Global Internet user growth has slowed to 6 percent year over year, down from 7 percent, noted the Bond Capital general partner.
Nevertheless, "there is still half of the world not connected to the Internet," said Ray Wang, principal analyst at Constellation Research.
The Asia-Pacific region leads in the number of Internet users and potential, accounting for 53 percent of Internet users despite just 48 percent penetration.
"As a market grows, growth rates tend to plateau at times as different waves of adapters migrate," said Rob Enderle, principal analyst at the Enderle Group.
"The Asia-Pacific, which is relatively underdeveloped, will have the greatest growth potential," he told the E-Commerce Times.
Privacy issues, breaches, and issues with social media also have created friction that impedes growth, which likely isreflected in the numbers, Enderle said.

E-Commerce Trends

Reaching nearly $140 billion, e-commerce sales accounted for 15 percent of retail sales in Q1 2019 versus 14 percent the previous year. There was a slight uptick in YoY sales growth from 2.1 percent in Q4 2018 to 2.4 percent in Q1 2019. However the growth rate in general has been spiraling downward, Meeker said.
E-commerce growth mirrored the trend in physical retail sales. The uptick in both cases could be due to disappointing sales over the holiday period. Retail sales in December were 1.2 percent lower overall than in November.
That was the largest slippage since 2009, and it led to widespread skepticism among analysts, with some suggesting sales were undercounted. Sales by non-store retailers, including online operations, fell 3.9 percent month-over-month in December.
The slippage in online sales could be attributed to a number of factors.
"Retailers like Best Buy, Target and Walmart are learning to fight back more effectively," Enderle observed. "Also, package theft and missed delivery are becoming bigger problems, and buyers are learning that it's often more convenient to just go to a local store for a lot of things."
Still, e-commerce has been gaining ground overall, accounting for 15 percent of retail sales in Q1 2019 vs. 14 percent the previous year.
"I think that demographically, you will see an uptick as the millennials reach their prime consumption years in the next five to 10 years," suggested Michael Jude, program manager at Stratecast/Frost & Sullivan.

Online Ads

Internet advertising spend increased 22 percent YoY from 21 percent YoY, Meeker said. Mobile ads showed most of the growth, a continuation of the trend begun in 2016.
However, quarterly Internet ad revenue on the leading U.S. platforms fell from 29 percent to 20 percent between Q4 2018 and Q1 2019.
"Too many channels," Jude told the E-Commerce Times. "Where do you place your advertising? If online is one channel, how do you place your advertising to best effect when there are other ways of reaching consumers? Also, competition is driving down prices as more online channels duke it out for share."
The slippage is due in part to advertisers "getting smarter at balancing the ad venues and learning how to better direct market to their customers using communications tools and in-band social networking efforts," Enderle suggested. "They are learning how to better target their spend."
That said, global ad revenues on U.S.-based ad platforms Google and Facebook, as well as Amazon, Twitter, Snap and Pinterest combined, is on an upward trend despite having dipped between Q4 2018 and Q1 2019 on all the platforms, according to Meeker.

The Impact of Mobility

Mobile devices accounted for 58 percent of site visits in 2018 by U.S. users, according to Stone Temple. Mobile devices accounted for 42 percent of time spent online.
More than 60 percent of global consumers shop online at least once a month, with the majority of them using a mobile device, according to an Episerver study of 1.3 billion Website visits. In some cases, more than 80 percent of sessions came through mobile devices on certain days.
However, consumers made more purchases using desktop computers -- 3.6 items per order compared to 3.3 items per order for tablet users and 2.9 items for smartphones.
Mobile ads showed the most growth despite the reduction in online ad revenue.
Also, "mobile ads, due to the real estate limitations, have far more limitations," Enderle remarked.

Going Digital

Digital media usage among U.S. adults grew 7 percent YoY, up from 5 percent, with the bulk of the growth coming from mobile users, Meeker said.
Meanwhile, voice-activated technology performed well, with the Amazon Echo installed base growing from 30 million in Q4 2017 to 47 million in Q4 2018.
Businesses "should realize that these voice-activated devices are digital storefronts they're locked out off," Enderle said. "Retailers "will either launch their own digital assistants or do what Microsoft's competitors did to that company, and use anticompetition laws to force Amazon and others to open up their platforms."
"A major push to change this dynamic" is likely within the next two years, he predicted.
This is "a battle of digital duopolies in every market -- from gaming, media, digital ads and cloud computing to social networks," Constellation's Wang told the E-Commerce Times.
"We will see a battle for time and attention," he said. "Screen time, engagement and usage are key."
Read More
By at No comments:
Labels:

Post Top Ad

tamiltechnologywin