A service provider, IDC China Telecommunication, broadcasted inaccurate web traffic routes for roughly 18 minutes in April. The inaccurate routes just happened to go by way of China's state-owned "China Telecommunciations". Essentially sending bits and bytes from across the world through Chinese government controlled servers.
For the U.S., the bits and bytes that went across the servers belonged to U.S. companies, the U.S. government and the U.S. military. Data from many companies and departments such as the U.S. Senate, NASA, and the U.S. Armed Forces traveled this path.
A commission was formed to investigate and no evidence was found that this was intentional.
There are lots of conspiracy theories but I find these to be counter productive.
The real questions to me are:
1. What can companies and countries do to "own" their internet traffic supply chain? Is it even possible or economically feasible?
2. When accidents like this occur, what should the notification process be?
3. What governance and assurance process could we (or should we) create to avoid a copy-cat situation that would be on purpose?
4. How does one know for sure what was an "accident" vs. a test of capabilities?
Sources:
"Report Looks at How China Meddled with the Internet", John Markoff, November 17, 2010.
Online safety. Online security. Protecting Yourself Online. Protecting Kids Online. Keeping the U.S. Safe from Cybercreeps. Cybercrime. Protecting Against Fraud.
Friday, November 19, 2010
The Federal Reserve Bank hacked - Secret Service Foils the Plot
Quote of note:
U.S. Attorney Loretta Lynch said this case is an example of how "cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors."
A cybercriminal managed to hack his way into the Federal Reserve bank's computers and had also stolen 400,000+ credit card numbers. Luckily for all involved the U.S. Secret Service nabbed the person believed responsible. The man was arrested at JFK Airport, his name is Lin Mun Poo and he is from Malaysia.
The man was traveling to New York to meet with other cybercriminals. He planned to sell the information he gained hacking the Federal Reserve and potentially the credit card numbers he had stolen. His next plan? He mentioned he was going to hit the ATM machines using the stolen credit card numbers.
During questioning they learned he also compromised the computers at a defense contractor.
The final tally of how bad his compromise of the Federal Reserve may not be known for a while but Federal Reserve officials said he was not able to steal money or data.
Sources:
"Hacker Breaks into Federal Reserve: Feds", Jonathan Dienst, NBC New York, November 18, 2010.
U.S. Attorney Loretta Lynch said this case is an example of how "cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors."
A cybercriminal managed to hack his way into the Federal Reserve bank's computers and had also stolen 400,000+ credit card numbers. Luckily for all involved the U.S. Secret Service nabbed the person believed responsible. The man was arrested at JFK Airport, his name is Lin Mun Poo and he is from Malaysia.
The man was traveling to New York to meet with other cybercriminals. He planned to sell the information he gained hacking the Federal Reserve and potentially the credit card numbers he had stolen. His next plan? He mentioned he was going to hit the ATM machines using the stolen credit card numbers.
During questioning they learned he also compromised the computers at a defense contractor.
The final tally of how bad his compromise of the Federal Reserve may not be known for a while but Federal Reserve officials said he was not able to steal money or data.
Sources:
"Hacker Breaks into Federal Reserve: Feds", Jonathan Dienst, NBC New York, November 18, 2010.
A Woman Goes to Labor Camp Over Twitter Post - China
A man and his fiancee posted comments on Twitter which mocked Chines protesters who smashed products made by Japan during a demonstration.
The man was carted away first and held for 5 days. When he returned home, he learned from his fiancee's family that she had been taken away and sentenced to labor camp for one year.
The crime? "Disturbing Social Stability".
Ms. Cheng, who is 46, also recently supported the imprisoned Nobel Peace Prize Laureate, Liu Xiaobo, on Twitter.
Ms. Cheng's lawyer, Lan Zhixue said, "This is ridiculous and a typical case of censorship jail. People should not be put in jail due to their sarcastic words."
Sources:
"China Sentences Woman to Labor Camp for Twitter Post", CNN Wire Staff, November 18, 2010.
The man was carted away first and held for 5 days. When he returned home, he learned from his fiancee's family that she had been taken away and sentenced to labor camp for one year.
The crime? "Disturbing Social Stability".
Ms. Cheng, who is 46, also recently supported the imprisoned Nobel Peace Prize Laureate, Liu Xiaobo, on Twitter.
Ms. Cheng's lawyer, Lan Zhixue said, "This is ridiculous and a typical case of censorship jail. People should not be put in jail due to their sarcastic words."
Sources:
"China Sentences Woman to Labor Camp for Twitter Post", CNN Wire Staff, November 18, 2010.
New Tactics of Debt Collectors Using Facebook - Clever or Pitbull?
Most states have laws in place for consumer protections against debt collectors. For example, many states would not allow a debt collector to begin calling everyone you know and defaming you to embarrass you into paying.
This blog post is not going to get into the virtues of or evils of debt collection.
A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan. They allegedly sent the woman messages and told her family to please have her call the agency.
The woman is suing the debt collection agency.
What is your opinion? Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail? If yes, what should the boundaries be? For example, debt collectors are only allowed to call during certain hours of the day. What would the limitation be for social networks?
Sources:
"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.
This blog post is not going to get into the virtues of or evils of debt collection.
A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan. They allegedly sent the woman messages and told her family to please have her call the agency.
The woman is suing the debt collection agency.
What is your opinion? Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail? If yes, what should the boundaries be? For example, debt collectors are only allowed to call during certain hours of the day. What would the limitation be for social networks?
Sources:
"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.
New Tactics of Debt Collectors Using Facebook - Clever or Pitbull?
Most states have laws in place for consumer protections against debt collectors. For example, many states would not allow a debt collector to begin calling everyone you know and defaming you to embarass you into paying.
This blog post is not going to get into the virtues of or evils of debt collection.
A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan. They allegedly sent the woman messages and told her family to please have her call the agency.
The woman is suing the debt collection agency.
What is your opinion? Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail? If yes, what should the boundaries be? For example, debt collectors are only allowed to call during certain hours of the day. What would the limitation be for social networks?
Sources:
"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.
This blog post is not going to get into the virtues of or evils of debt collection.
A Florida debt collection firm allegedly used Facebook to track down a woman who owes $362 on her auto loan. They allegedly sent the woman messages and told her family to please have her call the agency.
The woman is suing the debt collection agency.
What is your opinion? Should debt collectors be allowed to use social networks as a means to reach people when they do not respond via phone or mail? If yes, what should the boundaries be? For example, debt collectors are only allowed to call during certain hours of the day. What would the limitation be for social networks?
Sources:
"Woman Says Debt Collectors Harassed Her on Facebook", Associated Press, November 18, 2010.
Good or Bad? Vending Machine in Japan Knows You
Remember the movie Minority Report? As people walked by Billboards the advertising changed to meet the exact needs of the person walking by? We have our first installment of this futuristic movie in Japan.
A Japanese vending machine is using facial recognition technology to "know" their customer. Based on the facial recognition, the machine determines age and gender, then recommends a drink. Better make sure I have my face cream and lipgloss on when I go! The firm said sales have tripled when compared to previous machines.
If a woman in her 20s walks up to the machine it will recommend a tea drink or a slightly sweet product.
If you go to Japan, there is a machine in place at the Tokyo train station. There is a rollout plan to install 500 in Tokyo by March 2012.
What is your opinion?
Should it have an "opt out" feature?
What other budding capitalists will want to use this software?
If the technology cost is reasonable and reliable, could it be deployed as an alternative to help TSA with their procedures?
Sources:
"Japanese Vending Machine Recommends Drinks to Buyers", Reuters, November 18, 2010.
A Japanese vending machine is using facial recognition technology to "know" their customer. Based on the facial recognition, the machine determines age and gender, then recommends a drink. Better make sure I have my face cream and lipgloss on when I go! The firm said sales have tripled when compared to previous machines.
If a woman in her 20s walks up to the machine it will recommend a tea drink or a slightly sweet product.
If you go to Japan, there is a machine in place at the Tokyo train station. There is a rollout plan to install 500 in Tokyo by March 2012.
What is your opinion?
Should it have an "opt out" feature?
What other budding capitalists will want to use this software?
If the technology cost is reasonable and reliable, could it be deployed as an alternative to help TSA with their procedures?
Sources:
"Japanese Vending Machine Recommends Drinks to Buyers", Reuters, November 18, 2010.
"Check In" Software Dark Side - Troop Safety Implications
We have covered the fun and the dark side of location software on this blog before.
Examples of Check In Software: Facebook Places, GoWalla, Foursquare, Loopt - once you check in, I can find you on a map.
Examples of Location Aware Software: Twitter allows you to turn on your location when you tweet
Benefits:
Locate your friends & family easily
Earn rewards points
Special deals
Dark Side:
Reputation: You may be broadcasting an image, based on where you check in, that you don't want to broadcast
Stalking: Young people or women traveling alone open themselves up to potential issues
The US Air Force put out a warning recently to its troops to be careful when they use social media networks because many of the new features show exactly where you are when you use them. This is potentially devastating for U.S. forces in war zones.
To put it into perspective, we have roughly 95,000 troops in Afghanistan and approximately 50,000 in Iraq.
If you have loved ones serving overseas, thank them for their service and then show them this warning and ask them to be safe.
Sources: "Air Force Warns Troops: Don't 'Check In' to Wars", Associated Press, November 18, 2010.
Examples of Check In Software: Facebook Places, GoWalla, Foursquare, Loopt - once you check in, I can find you on a map.
Examples of Location Aware Software: Twitter allows you to turn on your location when you tweet
Benefits:
Locate your friends & family easily
Earn rewards points
Special deals
Dark Side:
Reputation: You may be broadcasting an image, based on where you check in, that you don't want to broadcast
Stalking: Young people or women traveling alone open themselves up to potential issues
The US Air Force put out a warning recently to its troops to be careful when they use social media networks because many of the new features show exactly where you are when you use them. This is potentially devastating for U.S. forces in war zones.
To put it into perspective, we have roughly 95,000 troops in Afghanistan and approximately 50,000 in Iraq.
If you have loved ones serving overseas, thank them for their service and then show them this warning and ask them to be safe.
Sources: "Air Force Warns Troops: Don't 'Check In' to Wars", Associated Press, November 18, 2010.
Subscribe to:
Posts (Atom)