July 13, 2016
What is different about the recent rash of ransomware attacks against hospitals (besides the level of callousness it takes to hold the well-being of hospital patients for ransom)? CyberWatch brings us up to date in, “My Layman’’s Terms: The Java Deserialization Vulnerability in Current Ransomware.” Writer Cheryl Biswas begins by assuring us it is practicality, not sheer cruelty, that has hackers aiming at hospitals. Other entities, like law enforcement agencies, which rely on uninterrupted access to their systems to keep people safe are also being attacked. Oh, goody.
The problem begins with a vulnerability at the very heart of any Java-based system, the server. And here we thought open source was more secure than proprietary software. Biswas informs us:
“This [ransomware] goes after servers, so it can bring down entire networks, and doesn’t rely on the social engineering tactics to gain access. It’s so bad US-CERT has issued this recent advisory. I’ve laid out what’s been made available on just how this new strain of ransomware works. And I’ve done it in terms to help anybody take a closer look at the middleware running in their systems currently. Because a little knowledge could be dangerous thing used to our advantage this time.”
The article goes on to cover what this strain of ransomware can do, who could be affected, and how. One key point—anything that accepts serialized Java objects could be a target, and many Java-based middleware products do not validate untrusted objects before deserialization. See the article for more technical details, and for Biswas’ list of sources. She concludes with these recommendations:
“Needs to Happen:
“Enterprises must find all the places they use deserialized or untrusted data. Searching code alone will not be enough. Frameworks and libraries can also be exposed.
“Need to harden it against the threat.
“Removing commons collections from app servers will not be enough. Other libraries can be affected.
“Contrast Sec has a free tool for addressing issue. Runtime Application Self-Protection RASP. Adds code to deserialization engine to prevent exploitation.”
Organizations the world over must not put off addressing these vulnerabilities, especially ones in charge of health and safety.
Cynthia Murrell, July 13, 2016
July 4, 2016
Enterprise search is one of the driving forces behind an enterprise system because the entire purpose of the system is to encourage collaboration and quickly find information. While enterprise search is an essential tool, according to Computer Weekly’s article. “Beyond Keywords: Bringing Initiative To Enterprise Search” the feature is stuck in the past.
Enterprise search is due for an upgrade. The amount of enterprise data has increased, but the underlying information management system remains the same. Structured data is easy to make comply with the standard information management system, however, it is the unstructured data that holds the most valuable information. Unstructured information is hard to categorize, but natural language processing is being used to add context. Ontotext combined natural language processing with a graph database, allowing the content indexing to make more nuanced decisions.
We need to level up the basic keyword searching to something more in-depth:
“Search for most organisations is limited: enterprises are forced to play ‘keyword bingo’, rephrasing their question multiple times until they land on what gets them to their answer. The technologies we’ve been exploring can alleviate this problem by not stopping at capturing the keywords, but by capturing the meaning behind the keywords, labeling the keywords into different categories, entities or types, and linking them together and inferring new relationships.”
In other words, enterprise search needs the addition of semantic search in order to add context to the keywords. A basic keyword search returns every result that matches the keyword phrase, but a context-driven search actually adds intuition behind the keyword phrases. This is really not anything new when it comes to enterprise or any kind of search. Semantic search is context-driven search.
June 29, 2016
For all the effort enterprises go to in securing data through technological solutions, there are also other variables to consider: employees. Business Insider released an article, 1 in 5 employees are willing to hand over their work passwords for money, that shares survey research from SailPoint. 20 percent of 1,000 respondents, from organizations with over 1,000 employees, would be willing to sell their work passwords. US employees win the “most likely” award with 27 percent followed by Netherlands with 20 percent, and then UK and France at 16 percent. The article tells us,
“Some employees were willing to sell their passwords for as little as $55 (£38) but most people wanted considerably more, with $82,000 (£56,000) being the global average amount required,according to figures cited by Quartz that weren’t in the report. Unauthorised access to a company’s internal systems could provide a treasure trove of valuable data for criminals. They may be targeting individual user accounts, or they could be after intellectual property, or corporate strategy data.”
Undoubtedly, search and/or cybertheft is easier with a password. While the survey reports findings that may be alarming to organizations, we are left with the question, ‘why’. It may be easy to say morality is the dividing line, but I think this article wrestling with the morality question is on the right track pointing to considering sociological implications, for example, employee engagement and satisfaction cannot be discounted as factors in a decision to sell a password.
Megan Feil, June 29, 2016
April 11, 2016
Impacting groups like Target to JP Morgan Chase, data breaches are increasingly common and security firms are popping up to address the issue. The article Dark Web data hunter Terbium Labs secures $6.4m in fresh funding from ZDNet reports Terbium Labs received $6.4 million in Series A funding. Terbium Labs released software called Matchlight which provides real-time surveillance of the Dark Web and alerts enterprises when their organization’s data surfaces. Consumer data, sensitive company records, and trade secrets are among the types of data for which enterprises are seeking protection. We learned,
“Earlier this month, cloud security firm Bitglass revealed the results of an experiment focused on how quickly stolen data spreads through the Dark Web. The company found that within days, financial credentials leaked to the underground spread to 30 countries across six continents with thousands of users accessing the information.”
While Terbium appears to offer value for stopping a breach once it’s started, what about preventing such breaches in the first place? Perhaps there are opportunities for partnerships with Terbium and players in the prevention arena. Or, then again, maybe companies will buy piecemeal services from individual vendors.
Megan Feil, April 11, 2016
March 7, 2016
The article titled Microsoft Delve Faces Challenges in Enterprise Search Role on Search Content Management posits that Microsoft Delve could use some serious enhancements to ensure that it functions as well with on-premises data as it does with data from the cloud. Delve is an exciting step forward, an enterprise-wide search engine that relies on machine learning to deliver relevant results. The article even goes so far as to call it a “digital assistant” that can make decisions based on an analysis of previous requests and preferences. But there is a downside, and the article explains it,
“Microsoft Delve isn’t being used to its full potential. Deployed within the cloud-based Office 365 (O365) environment, it can monitor activity and retrieve information from SharePoint, OneDrive and Outlook in a single pass — and that’s pretty impressive. But few organizations have migrated their entire enterprise to O365, and a majority never will: Hybrid deployments and blending cloud systems with on-premises platforms are the norm… if an organization has mostly on-premises data, its search results will always be incomplete.”
With a new version of Delve in the works at Microsoft, the message has already been received. According to the article, the hybrid Delve will be the first on-premise product based on SharePoint Online. You can almost hear the content management specialists holding their breaths for an integrated cloud and on-premise architecture for search.
Chelsea Kerwin, March 7, 2016
February 26, 2016
A ZDNet article covers Arrests made over Bitcoin laundering scheme, Dark Web drug deals
Dutch police made several arrests related to laundering of criminal profits orchestrated through an unindexed section of the web called the Dark Web. The article says suspects allegedly laundered up to 20 million euros from online drug deals. With the information originating from Reuters, this article summarizes the arrests made by Dutch Fiscal Information and Investigation Service and public prosecution department:
“According to the publication, some of the men arrested are traders, while others are “Bitcoin cashers” — traders of Bitcoin online who cash these funds then withdraw money from ATMs. It is possible to find cashers online who run shadow services which exchange “dirty” coins for clean currency. Law enforcement in the United States, Australia, Lithuania and Morocco also participated in the raid.”
Just as criminal offenses are taking place increasingly online, so too must the law enforcement industry have turn to technology to aid its efforts. As the case unfolds, it will be interesting to uncover how these suspects were identified. Perhaps something innovative will be at the source.
Megan Feil, February 26, 2016
January 6, 2016
Google Search has worked its way into our culture as an indispensable, and unquestioned, tool of modern life. However, the algorithms behind the platform have become more sophisticated, allowing Google to tinker more and more with search results. Since so many of us regularly use the search engine to interact with the outside world, Google’s choices (and ours) affect the world’s perception of itself. Researcher Safiya Umoja Noble details some of the adverse effects of this great power in her paper, “Google Search: Hyper-Visibility as a Means of Rendering Black Women and Girls Invisible,” posted at the University of Rochester’s InVisible Culture journal. Not surprisingly, commerce features prominently in the story. Noble writes:
“Google’s algorithmic practices of biasing information toward the interests of the powerful elites in the United States,14 while at the same time presenting its results as generated from objective factors, has resulted in a provision of information that perpetuates the characterizations of women and girls through misogynist and pornified websites. Stated another way, it can be argued that Google functions in the interests of its most influential (i.e. moneyed) advertisers or through an intersection of popular and commercial interests. Yet Google’s users think of it as a public resource, generally free from commercial interest15—this fact likely bolstered by Google’s own posturing as a company for whom the informal mantra, ‘Don’t be evil,’ has functioned as its motivational core. Further complicating the ability to contextualize Google’s results is the power of its social hegemony.16 At the heart of the public’s general understanding and trust in commercial search engines like Google, is a belief in the neutrality of technology … which only obscures our ability to understand the potency of misrepresentation that further marginalizes and renders the interests of Black women, coded as girls, invisible.”
Noble goes on to note ways we, the users, codify our existing biases through our very interaction with Google Search. To say the paper treats these topic in depth is an understatement. Noble provides enough background on the study of culture’s treatment of Black women and girls to get any non-social-scientist up to speed. Then, she describes the extension of that treatment onto the Web, and how certain commercial enterprises now depend on those damaging representations. Finally, the paper calls for a critical approach to search to address these, and similar, issues. It is an important, and informative, paper; we suggest interested readers give it a gander.
Cynthia Murrell, January 6, 2016
December 29, 2015
Data visualization and analysis firm Tom Sawyer announces the latest release of their flagship platform in, “Tom Sawyer Software Releases Tom Sawyer Perspectives, Version 7.1, .NET Edition.” There is a new “timeline” view, and they promise a boost to layout performance. The press release specifies:
“Users can dynamically manipulate sliders in a timeline view to choose a specific time period. Once a time period is chosen, the elements within other views are filtered and updated accordingly to hone in on events based on time of occurrence.
“Users can now see how data progresses through time and focus on the events they are most interested in. Visualize the spread of an epidemic, the progression of crime in a city, or uncover how information disseminates across an organization’s departments.
“Tom Sawyer Perspectives, Version 7.1 also includes enhanced examples and user experience. New Crime Network, Commodity Flow, and Road Safety example applications are included, the look and feel of the tutorial applications is modernized, and neighborhood retrieval is improved. In addition, many quality and performance enhancements have been made in this release, including up to 16 percent improvement in layout performance.”
The write-up includes screenshots and links to further information, so interested readers should check it out. Founded in 1992, Tom Sawyer helps organizations in fields from intelligence to healthcare make connections and draw conclusions from data. The company maintains offices around the world, but makes its headquarters in Berkeley, California. They are also hiring as of this writing.
Cynthia Murrell, December 29, 2015
December 28, 2015
A blog series from iSightPartners aims to help organizations make the most of Cyber Threat Intelligence. The series is introduced in, “How CTI Helps Six Groups Do Their Jobs Better: A New Blog Series!” Writer Christina Jasinski explains:
“The importance of Cyber Threat Intelligence (CTI) has become more widely recognized in the past year. But not many people realize how many different ways threat intelligence can be utilized across an enterprise. That’s why now is a good time to drill down and describe the wide range of use cases for employing threat intelligence for many different functions within an IT organization.
“Are you a CISO, SOC Analyst or an Incident Responder? Stay tuned….
“This is the first post in an iSIGHT Partners blog series that will delve into how IT security professionals in each of six distinct roles within an organization’s information security program can (and should) apply threat intelligence to their function. Each post will include 3-4 use cases, how CTI can be used by professionals in that role, and the type of threat intelligence that is required to achieve their objectives.”
Jasinski goes on to describe what her series has to offer professionals in each of those roles, and concludes by promising to reveal practical solutions to CTI quandaries. Follow her blog posts to learn those answers.
Cynthia Murrell, December 28, 2015
December 4, 2015
Oh, 1999, what a year that was! It was full of people afraid of Y2K, TV was still analog, email was still a novelty, and AOL still reigned as the supreme Web browser. Nobody really knew what Amazon was as many people did their online shopping on individual Web sites or on eBay. Recode takes a look at a video blast from the past in “Watch Jeff Bezos Lay Out His Grand Vision For Amazon’s Future Dominance In This 1999 Video.”
In 1999, Amazon was a four-year-old company with $1 billion in annual sales. It started out primarily selling books, CDs, and movies. The Jeff Bezos video is of a talk he gave at the Association of American Publishers annual meeting, it played on Book TV and nobody watches that, which it is why it probably has gone unnoticed for so long. While it is a good retrospect about how the company has grown, it also offers some useful information for business entrepreneurs. The entire video is fifty-five minutes long, but the article contains some of Bezos’s best quotes. Our favorite is this one about favoring growth versus profits:
“Amazon.com is a famously unprofitable company. And the question is: Are we concerned about it? The answer is, in the short term, no; and in the long term, of course. Every company needs to be profitable at some point in time … Our strategy and we’ve consistently articulated this, is that we believe that this opportunity is so large that it would be a mistake for any management team not to invest in it very aggressively at this kind of critical category formation stage. We don’t claim it’s the right strategy. We just claim it’s ours. But we do think it’s right. And that it would be a mistake to try to optimize for short-term profitability.”
Jeff Bezos’s advice about favoring growth versus short-term profit definitely worked for him. Amazon is one of the world’s retailers and it is still growing. It is set to dominate TV, software-as-a-surface, and air delivery.
Whitney Grace, December 4, 2015