Cybercriminal Talent Recruitment Moves Swiftly on the Dark Web
April 8, 2016
No matter the industry, it’s tough to recruit and keep talent. As the Skills shortage hits hackers published by Infosecurity Magazine reports, cybercriminals are no exception. Research conducted by Digital Shadows shows an application process exists not entirely dissimilar from that of tradition careers. The jobs include malware writers, exploit developers, and botnet operators. The article explains how Dark Web talent is recruited,
“This includes job ads on forums or boards, and weeding out people with no legitimate technical skills. The research found that the recruitment process often requires strong due diligence to ensure that the proper candidates come through the process. Speaking to Infosecurity, Digital
Shadows’ Vice President of Strategy Rick Holland said that in the untrusted environment of the attacker, reputation is as significant as in the online world and if someone does a bad job, then script kiddies and those who have inflated their abilities will be called out.”
One key difference cited is the hiring timeline; the Dark Web moves quickly. As you might imagine, apparently only a short window of opportunity to cash in stolen credit cards. The sense of urgency related to many Dark Web activities suggests speedier cybersecurity solutions are on the scene. As cybercrime-as-a-service expands, criminals’ efforts and attacks will only be swifter.
Megan Feil, April 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
UK Cybersecurity Director Outlines Agencys Failures in Ongoing Cyberwar
April 8, 2016
The article titled GCHQ: Spy Chief Admits UK Agency Losing Cyberwar Despite £860M Funding Boost on International Business Times examines the surprisingly frank confession made by Alex Dewdney, a director at the Government Communications Headquarters (GCHQ). He stated that in spite of the £860M funneled into cybersecurity over the past five years, the UK is unequivocally losing the fight. The article details,
“To fight the growing threat from cybercriminals chancellor George Osborne recently confirmed that, in the next funding round, spending will rocket to more than £3.2bn. To highlight the scale of the problem now faced by GCHQ, Osborne claimed the agency was now actively monitoring “cyber threats from high-end adversaries” against 450 companies across the UK aerospace, defence, energy, water, finance, transport and telecoms sectors.”
The article makes it clear that search and other tools are not getting the job done. But a major part of the problem is resource allocation and petty bureaucratic behavior. The money being poured into cybersecurity is not going towards updating the “legacy” computer systems still in place within GCHQ, although those outdated systems represent major vulnerabilities. Dewdney argues that without basic steps like migrating to an improved, current software, the agency has no hope of successfully mitigating the security risks.
Chelsea Kerwin, April 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Watson in the Lab: Quoth the Stakeholder Forevermore
April 7, 2016
I read “Lawrence Livermore and IBM Collaborate to Build New Brain-Inspired Supercomputer.” The article reports that one of the US national labs and Big Blue are going to work together to do something with IBM’s neurosynaptic computer chip. I know. I know. IBM is not really into making chips anymore. I think it paid another company lots of money to take the fab business off IBM’s big blue hands.
Never mind, quoth the stakeholder.
The write up reports that the True North “platform”
will process the equivalent of 16 million neurons and 4 billion synapses and consume the energy equivalent of a hearing aid battery – a mere 2.5 watts of power.
I like the reference to nuclear weapons in the article. I used to work at Halliburton Nuclear in my salad days, and there are lots of calculations to perform when doing the nuclear stuff. Calculations are, in my experience, a lot better than doing lab experiments the Marie Curie muddled forward. Big computer capability is a useful capability.
According to the write up:
The [neuromorphic] technology represents a fundamental departure from computer design that has been prevalent for the past 70 years, and could be a powerful complement in the development of next-generation supercomputers able to perform at exascale speeds, 50 times (or two orders of magnitude) faster than today’s most advanced petaflop (quadrillion floating point operations per second) systems. Like the human brain, neurosynaptic systems require significantly less electrical power and volume.
This is not exactly a free ride. The write up points out:
Under terms of the $1 million contract, LLNL will receive a 16-chip TrueNorth system representing a total of 16 million neurons and 4 billion synapses. LLNL also will receive an end-to-end ecosystem to create and program energy-efficient machines that mimic the brain’s abilities for perception, action and cognition. The ecosystem consists of a simulator; a programming language; an integrated programming environment; a library of algorithms as well as applications; firmware; tools for composing neural networks for deep learning; a teaching curriculum; and cloud enablement.
One question: Who is paying whom? Is Livermore ponying up $1 million to get its informed hands on the “platform” or is IBM paying Livermore to take the chip and do a demonstration project.
The ambiguity in the write up is delicious. Another minor point is the cost of the support environment for the new platform. I understand the modest power draw, but perhaps there are other bits and pieces which gobble the Watts.
I recall a visit to Bell Labs.* During that visit, I saw a demo of what was then called holographic memory. The idea was that gizmos allowed data to be written to a holographic structure. The memory device was in a temperature controlled room and sat in a glass protected container. The room was mostly empty. After the demo, I asked one of the Bell wizards about the tidiness of the demo. He laughed and took me to a side door. Behind that door was a room filled with massive amounts of equipment. The point was that the demo looked sleek and lean. The gear required to pull off the demo was huge.
I recall that the scientist said, “The holographic part was easy. Making the system small is the challenge.”
Perhaps the neuromorphic chip has similar support equipment requirements.
I will let you know if I find out who is paying for the collaboration. I just love IBM. Watson, do you know who is paying for the collaboration?
——
* Bell Labs was one of the companies behind my ASIS Eagleton Award in the 1980s.
Stephen E Arnold, April 7, 2016
Google Dismisses Sky Net. Bummer.
April 7, 2016
I was looking forward to running through the hollows of Kentucky in order to avoid killer machines.
After reading “Google’s Schmidt Says Computers Not a Threat to Humans of Jobs,” I have a very different future to ponder. I am confident that Google’s senior managers can predict or perhaps “shape” the future.
I learned from the write up:
You know those movies where the machines take over and the human race gets enslaved by computers? Pure applesauce, says Eric Schmidt, chairman of Google’s parent company, Alphabet.
Hey, good news. And the source is certainly not going to predict something that may not work out. Forget the Orkut thing and the Boston Dynamics’ adventure, please. I suggested that the local day care center lease a couple of Google’s robotic dogs for the little children to love and enjoy.
I also learned:
Fears about computers run amok are the stuff of movies, he argued, and that the technology serves to help people not hurt them — including when it comes to things like income and employment. “I worry about inequality but there’s no evidence the stuff we do creates a permanent underclass,” said Schmidt…
I love it when my search results do not reflect what I put in quotes. Quotes are or were the way to tell the GOOG that I wanted an exact match. Same with using Google Maps to find a restaurant in Washington, DC in front of which I am standing. Google did not “know” about the eatery.
My fears? Unfounded. I believe everything Google presents to me. Don’t you?
Stephen E Arnold, April 7, 2016
Google Hummingbird Revealed by a Person Not Working for Google
April 7, 2016
Another wizard has scrutinized the Google and figured out how to make sure your site becomes number one with a bullet.
To get the wisdom, navigate to “Hummingbird – Mastering the art of Conversational Search.” The problem for the GOOG is that it costs a lot of money to index Web sites no one visits. Advertisers want traffic. That means the GOOG has to find a way to reduce costs and sell either more ads or fewer ads at a higher price.
The write up pays scant attention to the realities of the Google. But you will learn the tips necessary to work traffic magic. Okay, I don’t get too excited about info about Google from folks who are not working at the company or who have worked at the company. Sorry. Looking at the Google and reading tea leaves does not work for me.
But what works, according to the write up, are these sure fire tips. Here we go:
- Bone up on latent semantic indexing. Let’s see. That method has been around for 30, maybe 40 years. Get a move on, gentle reader.
- Make your Web site mobile friendly. Unfortunately mobile Web sites don’t get more traffic than a regular Web site which does not get much traffic. Sorry. The majority of clicks flow to a small percentage of the accessible Web sites.
- Forget the keyword thing. Well, I usually use words to write my articles and Web sites. I worry about focusing on a small number of topics and using the words necessary to get my point across. Keywords, in my opinion, are derivatives of information. Forgetting keywords is easy. I never used them before.
- Make your write ups accurate. Okay, that’s a start. What does one do with “real” news from certain sources. The info is baloney, but everyone pretends it is accurate. What’s up with that? The accuracy angle is part of Google’s scoring methods. Each has to deal with what’s correct in his or her own way. Footnotes and links are helpful. What happens when someone disagrees. Is this “accurate”? Oh, well.
- “Be bold and broad.” In my experience, not much content is bold and broad.
Now you understand Google Hummingbird. Will your mobile Web site generate hundreds of thousands of uniques if you adhere to this road map? Nah. Why not follow Google’s guidelines from the Google itself?
Stephen E Arnold, April 7, 2016
The Missing Twitter Manual Located
April 7, 2016
Once more we turn to the Fuzzy Notepad’s advice and their Pokémon mascot, Evee. This time we visited the fuzz pad for tips on Twitter. The 140-character social media platform has a slew of hidden features that do not have a button on the user interface. Check out “Twitter’s Missing Manual” to read more about these tricks.
It is inconceivable for every feature to have a shortcut on the user interface. Twitter relies on its users to understand basic features, while the experienced user will have picked up tricks that only come with experience or reading tips on the Internet. The problem is:
“The hard part is striking a balance. On one end of the spectrum you have tools like Notepad, where the only easter egg is that pressing F5 inserts the current time. On the other end you have tools like vim, which consist exclusively of easter eggs.
One of Twitter’s problems is that it’s tilted a little too far towards the vim end of the scale. It looks like a dead-simple service, but those humble 140 characters have been crammed full of features over the years, and the ways they interact aren’t always obvious. There are rules, and the rules generally make sense once you know them, but it’s also really easy to overlook them.”
Twitter is a great social media platform, but a headache to use because it never came with an owner’s manual. Fuzzy notepad has lined up hint for every conceivable problem, including the elusive advanced search page.
Whitney Grace, April 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Potential Corporate Monitoring Concerns Tor Users
April 7, 2016
The Dark Web has been seen as a haven by anyone interested in untraceable internet activity. However, a recent article from Beta News, Tor Project says Google, CloudFlare and others are involved in dark web surveillance and disruption, brings to light the potential issue of Tor traffic being monitored. A CDN and DDoS protection service called CloudFlare has introduced CAPTCHAs and cookies to Tor for monitoring purpose and accusations about Google and Yahoo have also been made. The author writes,
“There are no denials that the Tor network — thanks largely to the anonymity it offers — is used as a platform for launching attacks, hence the need for tools such as CloudFlare. As well as the privacy concerns associated with CloudFlare’s traffic interception, Tor fans and administrators are also disappointed that this fact is being used as a reason for introducing measures that affect all users. Ideas are currently being bounced around about how best to deal with what is happening, and one of the simpler suggestions that has been put forward is adding a warning that reads “Warning this site is under surveillance by CloudFlare” to sites that could compromise privacy.”
Will a simple communications solution appease Tor users? Likely not, as such a move would essentially market Tor as providing the opposite service of what users expect. This will be a fascinating story to see unfold as it could be the beginning of the end of the Dark Web as it is known, or perhaps the concerns over loss of anonymity will fuel further innovation.
Megan Feil, April 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
IBM: Back to Its Roots with Zest, Actually Spark
April 6, 2016
I read “IBM Launches Mainframe Platform for Spark.” This is an announcement which makes sense to me. The Watson baloney annoys; the mainframe news thrills.
According to the write up:
IBM is expanding its embrace of Apache Spark with the release of a mainframe platform that would allow the emerging open-source analytics framework to run natively on the company’s mainframe operating system.
I noted this passage as well:
The IBM platform also seeks to leverage Spark’s in-memory processing approach to crunching data. Hence, the z Systems platform includes data abstraction and integration services so that z/OS analytics applications can leverage standard Spark APIs. That approach eliminates processing and security issues associated with ETL while allowing organizations to analyze data in-place.
Hopefully IBM will play to its strengths not chase rainbows.
Stephen E Arnold, April 6, 2016
ThomsonReuters: Palantir Not Enough Math?
April 6, 2016
I read “TRRI Users Will Gain Access to FiscalNote’s Legislative Modeling Techniques.” The licensees of Palantir Metropolitan and the owner of Westlaw smart software for legal eagles is pushing into new territory. That’s probably good news for stakeholders who have watch ThomsonReuters bump into a bit of a revenue ceiling in the last few years.
According to the write up:
The main benefit of the agreement [with FiscalNote] will grant Thomson Reuters’ Regulatory Intelligence (TRRI) newly extended capabilities across its predictive legislative analytics. TRRI is a global solution that helps clients focus and leverage their regulatory risk. Per the agreement, FiscalNote will help provide TRRI users with likelihood factors and other insights relegated to specifics pieces of legislative passage.
Interesting. I assumed that Palantir’s platform would have the extensibility to handle this type of content processing and analysis. Wrong again.
I learned:
FiscalNote utilizes machine learning and natural language processing in its modeling techniques that help it engineer models to conduct a host of analyses on open government data. In essence, these models allow FiscalNote to automatically analyze how legislation is going to yield any material impact via a combination of factors such as legislators, committee assignments, actions taken, bill versions, and amendments.
Wait, wait, don’t tell me. Westlaw’s smart software which can do many wonderful advanced text processing tricks is not able to perform in the manner of FiscalNote.
My hunch is that the deal has less to do with technologies, extensible or not, and more to do with getting some customers and an opportunity to find a way to pump up those revenues. Another idea: Is ThomsonReuters emulating IBM’s tactic of buying duplicative technology as a revenue rocket booster?
Perhaps Palantir and Westlaw should team up so ThomsonReuters’ customers have additional choices? Think of the XML slicing and dicing strategy with the intelligence and legal technology working in harmony.
Stephen E Arnold, April 6, 2016
Google Management Teachings: The Marissa Method
April 6, 2016
I read “This is What’s Wrong with Alphabet: Experts.” I like it when old media outfits pump out parental advice to the company which is more valuable than CNBC. I noted this statement about Google’s management:
As market watchers mull over whether Alphabet, the parent company of Google, has a leadership problem, Bill George, former CEO of Medtronic, said the company’s issue is direction. “The question is … can Larry Page guide and direct them and keep them under control?” he told “Closing Bell.” “He’s got a group of mavericks and they’re not all going to work out.”
Apparently CNBC and its experts perceive a management problem at the Alphabet Google thing. No kidding? “Google’s Moonshots Are Crashing Back Down to Earth” points out the Loon balloon-type innovations may not lift the firm’s revenues in a significant way. We have founders selling shares, a single source of revenue, and legal challenges up to one’s digital eye balls. The write up knowingly stated:
George’s comments come amid reports of leadership dissatisfaction at Alphabet, a crisis that has placed the company under investor scrutiny. Market watchers remain concern about whether Alphabet’s compartmentalization helps the stock in the long run.
Great stuff. The only point I wished had been included was this one:
Bring back Marissa Mayer.
Perhaps reality will work out once the Yahoo saga fades into business school case studies? Maybe Google search needs a Xoogler’s return and gentle touch?
Stephen E Arnold, April 6, 2016
-
- Subscribe to Beyond Search
Feature archive
News archive
-
