Recorded Future Suggested for Cyber Attack Prediction
July 12, 2012
Oh, oh, scary marketing. Careful, the goose is easily startled. Sys-Con Media claims our attention with “Recorded Future for Forecasting Cyber Attacks.” Blogger Bob Gourley does a good job, though, of explaining why Recorded Future would be a good tool for predicting cyber attacks.
Already employed by agencies such as the US Southern Command, Recorded Future has been successfully used to anticipate citizen unrest and to analyze intelligence stored on a private cloud (the Bin Laden Letters, no less.) The software automates the aggregation and organization of data, leaving more time for human analysts to focus on assessment. The application presents the information collected from articles, blog posts, and/or tweets chronologically, including (this is the best part) a prediction of future events. The software also helps with the analysis stage by mapping relationships and tracking buzz.
Gourley asserts that the company’s technology can also be used in the struggle against international hackers:
“All together, these capabilities allow an organization to forecast more accurately whether they will be the target of a major cyber attacks and what threat vectors they should most worry about. Within minutes, analysts could see if there has been a trend of attacks against similar organizations, any threats reported online, or events likely to trigger attacks coming up. They can drill down into coverage by blogs or trade journals if they find the mainstream media insufficient or misleading, and map out the interactions and relationships between hacking groups, companies, government agencies, and law enforcement. While Recorded Future can’t tell you who will attack you and when, it makes open source intelligence intelligence analysis for cybersecurity easier, faster, and more effective.”
Still in the start-up phase, Recorded Future has headquarters in Cambridge, MA, and Göteborg, Sweden. Staffed with statisticians, linguists, and technical business pros as well as computer scientists, the company seems well-equipped to deliver what they call “the world’s first temporal analytics engine.”
Cynthia Murrell, July 12, 2012
Sponsored by PolySpot
Changes at the Top for Cuadra
May 29, 2012
Information management firm and SydneyPLUS affiliate Cuadra is going through a bit of a shake-up. The company announced that, after thirty-four years, its founders are leaving for new adventures. Company President Dr. Carlos A. Cuadra and CFO Gloria N. Cuadra will be enjoying retirement, while Executive VP Judith Wanger’s next undertaking is still under wraps. Now in charge of Cuadra’s management team is Phil Green, head of The Inmagic division of SydneyPLUS.
The press release states:
“Dr. Cuadra and Ms. Wanger formed Cuadra Associates in 1978 to develop STAR software and a suite of STAR-based knowledge management solutions. STAR, which is used worldwide in archives, libraries, museums, and publishing firms, has earned widespread recognition for excellence.
“Mr. Green has been working with Cuadra staff to ensure a smooth transition. ‘I’ve been impressed with the Cuadra staff, the Cuadra product line, and the plans for the future. We will
move forward with products and services that continue Cuadra’s tradition for quality and integrity,’ he said.”
Cuadra is proud to produce ready-to-use knowledge management tools for archives, museum and photographic collections, market intelligence, library automation, publishing, records management, and vocabulary control. They boast that their STAR is the most flexible and comprehensive system in the field, and in 2003 the company introduced a SaaS version. Cuadra’s headquarters are in Los Angeles, CA; the company also has offices in Silver Spring, MD, and New York, NY.
Cynthia Murrell, May 29, 2012
Sponsored by PolySpot
uReveal Business Intelligence Chosen to Secure Democratic National Convention
May 27, 2012
As the political season gears up, we have been learning about more security features that are a necessity for politically charged events. The news release, “Democratic National Convention Security to Rely on uReveal” discusses the Charlotte-Mecklenburg Police Department’s choice for security at the upcoming DNC in Charlotte, North Carolina.
uReveal seems to offer tight security via business intelligence. Not only do they scan for potential threats and have alerts set up when dangers arise, but they can also analyze almost anything that poses a potential problem to the event or city across tons of data.
According to the article:
“uReveal’s scope will be broad and robust, monitoring and analyzing news websites, social media and other web resources. And this will be done in harmony with internally generated crime and intelligence data without the complex and costly database processes and support that this effort traditionally requires. Users will be empowered with a fast, flexible platform that provides a better, more complete data picture for the duration of the event, while requiring less time and technical support.”
IxReveal’s uReveal platform is an alternative to costly traditional database processes because it empowers users, a trend we’ve seen across many innovative technologies. The intuitive user experience allows anyone to search, define, collaborate and analyze data.
Megan Feil, May 27, 2012
Sponsored by PolySpot
An Innovation for the SEO Industry
April 6, 2012
Short honk: Navigate to “We Got Hacked for SEO, As Did Other Major Technology Sites.” If accurate, the story is that quasi SEO folks gained access to certain “major” information services and put in “juicy links and an occasional canonical tag.” The idea is to generate traffic for a site unknown to the operators of the “major” sites. SEO has broken new ground. Fascinating. Is there a conference for this yet? Another question I am considering is, “If a major technology site is vulnerable, how secure are these “major” outfits’ Web sites?”
Stephen E Arnold, April 6, 2012
Sponsored by Pandia.com
Google Does eDiscovery
April 4, 2012
The freethinking Google has decided to launch an eDiscovery app to help reduce the cost of finding and capturing data for litigation. CBR writes about the new app in, “Google Adds eDiscovery Option to Apps Platform.” Google’s new app dubbed Vault allows businesses to preserve and identify information for legal purposes. Once the data is saved in the Vault a “legal hold” is placed on it, meaning it cannot be modified. We learned:
Vault helps protect your business with easy-to-use search so you can quickly find and preserve data to respond to unexpected customer claims, lawsuits or investigations. With an instant-on functionality and availability of your data a few clicks away, Vault provides access to all of your Gmail and on-the-record chats and can provide significant savings to your business over the traditional costs of litigation and eDiscovery,” Jack Halprin, Google’s head of eDiscovery, added.
Vault uses the same architecture as other Google Business Apps and it can easily be added to clients’ accounts for another $5/month. Vault can also record IM messages and G-mail accounts, but it cannot capture any data outside the Google platform. It does prove that Google is dedicated to expanding their capabilities, especially their cloud-based software. Google has been lauded as the business model of the IT world with a jeans, sneakers, and T-shirt approach to business, but now Google is serving enterprise niches and it suggests a more disciplined approach to the enterprise market. Will a suit and tie be next?
Whitney Grace, April 4, 2012
Sponsored by Pandia.com
Is Copyright Shifting Direction?
March 15, 2012
It is tough to search when content is not there. We have been alerted to the threat of censorship from lawmakers by conflicts over legislation such as SOPA, PIPA, ACTA and TPP. We must not ignore a more insidious threat: that of direct dealings between copyright industries and Internet service providers at the behest of government; so warns TechDirt in “UK Government Pressuring Search Engines to Censor Results in Favor of Copyright Industries.”
Rather than laws that would have to be enforced through legal channels, the back-door “notification” system described in the article would submit blacklists to search engines. These lists would name sites accused of infringement, which would then be barred from search results. Any accusation could doom an entire site to obscurity, possibly without recourse. Whitelists of approved media services would also be provided and those sites artificially promoted within search results. Writer Glyn Moody asserts:
Absolute power over search engines’ results in these areas would be handed to industries that hardly have a good track record for adopting a proportionate approach to tackling unauthorized downloads. In particular, they are unlikely to lose much sleep over all the legitimate content that will become invisible when sites of borderline legality are removed from search engines’ results ‘just to be on the safe side.’ And there are no indications that there would be any oversight as to who goes on the lists, or any right of appeal — making it a purely extra-judicial punishment.
It seems that most search engines are balking at the proposed arrangement, for now at least. Moody notes that complying with white lists could be considered anti-competitive and get sites in trouble with the European Commission. Yes, that would be important. Perhaps it is a sign that the whole scheme is a bad idea? How will the legal spat between India, Google, and Facebook work out? Our view: not well.
Cynthia Murrell, March 15, 2012
Sponsored by Pandia.com
More NASA Technical Excitement: Hackers in the Entity
March 13, 2012
One hopes that some good will come of this.
At one point last year, “Hackers Had ‘Full Functional Control’ of NASA Computers,” reports BBC News. NASA had 5,408 computer security incidents in 2010 and 2011. Furthermore, from April 2009 and April 2011, the agency lost track of 48 its own mobile computing devices through loss or theft. On top of that, this incident; the article reports:
“[NASA Inspector General Paul K.] said that the attackers had ‘full system access’ and would have been able to ‘modify, copy, or delete sensitive files’ or ‘upload hacking tools to steal user credentials and compromise other NASA systems’. . . . Mr. Martin said NASA was a ‘target-rich environment for cyber attacks’. He said that the motivation of the hackers ranged from ‘individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services’”.
Graduated degrees of bad news for the agency. NASA has since claimed “significant progress to protect the agency’s IT systems.” Note they don’t claim it’s locked down tight.
Officials do insist that “at no point in time have operations of the International Space Station been in jeopardy due to a data breach.” That’s good to know.
NASA has been licensing nifty technology to help the agency “manage knowledge.” Let’s hope NASA gets its knowledge under control or there will be more unfortunate incidents at an agency which is supposed to be darned good at technology. I am beginning for formulate some doubts about NASA’s technical capabilities.
Cynthia Murrell, March 13, 2012
Sponsored by Pandia.com
Is NASA Technically Savvy?
March 6, 2012
I don’t know about you, but I would think twice about any technology NASA selects. This applies to Windows SharePoint, taxonomy systems, search, and maybe hand sanitizer. Why? I read “NASA Admits to Being Hacked 13 Times Last Year.” If true, not good. How about this passage’s allegation:
The space agency reported to Congress this week that it had been hacked a total of 13 times last year, including one China-based attack that gained complete access and control of mission critical systems as well as employee accounts.
If you want to go into space, NASA is out of the game. Probably a good idea. If I want to search for NASA data, should I use Jike.com?
Stephen E Arnold, March 6, 2012
Sponsored by Pandia.com
Cloud Good, Cloud Bad for Your Data?
February 29, 2012
InfoWorld’s David Linthicum–cloud consultant, “real” expert, and podcaster–recently reported on cloud computing in the article, “Big Data and the Cloud: a Far From Perfect Fit.”
According to the article, while big data and cloud computing have some similarities you shouldn’t think that any old enterprise search startup with cloud offerings, generally in the public cloud, will solve your data management issues.
Organizations that try to consolidate their data into public cloud databases are most likely going to run into two primary technical difficulties — bandwidth limitations and higher cost for security.
When discussing the issues with bandwidth, Linthucum states:
“…Big data means big integration challenges. Thus, the ability to get the data from the enterprise to the public cloud may be problematic. Although you can certainly ship up a couple hundred thousand data records each day over the open Internet, in many cases we’re talking millions of data records that must be transformed, translated, and synced from existing enterprise systems.”
While the article is not saying that big data is never a good fit for public clouds, it does bring up some good points that should be considered when deciding what solution is the best fit for your company. We find it interesting to watch the trajectory of advice from experts. Cloud good, cloud bad? One never knows does one?
Jasmine Ashton, February 29, 2012
Sponsored by Pandia.com
Trust Google with Your Money? Not So Fast.
February 26, 2012
Maybe this is a typical minor error, but it sure seems important to us. PCWorld reveals that, because of a security flaw, “Google Wallet Suspends Prepaid Credit Card Functions.” Reporter John P. Mello Jr. explains:
The security flaw was revealed last Thursday by a blogger, identified only as ‘The Smartphone Champ,’ who explained that by opening up the settings section on an Android phone and blanking all the settings for a Google Wallet, an unauthorized user could access any balances on a prepaid card previously linked to the wallet.
Oops. This is actually the second security flaw that has recently been discovered. The hack-ability revealed just the day before by the security firm Zvelo involves cracking the Wallet’s PIN. However, that one calls for more techie skills and could only be performed on phones that had been rooted. Still. . . .
Maybe Google’s fast-cycle method needs a traditional “does this work?” test when credit cards and money are involved. A common sense best practice, really.
Cynthia Murrell, February 26, 2012
Sponsored by Pandia.com
-
- Subscribe to Beyond Search
Feature archive
News archive
-
