Posts Tagged ‘cyber security’

blockchain and refugees

blockchain for refugees

As Norwegian Refugee Council research found, 70 percent of Syrian refugees lack basic identification and documents showing ownership of property.

The global passport

Host nations certainly has a share in the damage, as they face problems concerning the accessibility of vital information about the newcomers — dealing with the undocumented refugee, the immigration service can’t gain the information about his/her health status, family ties or criminal record, or verify any other vital data that helps them make a decision. Needless to say, this may lead to the designation of refugee status being exploited by economic migrants, fugitives or even the war criminals that caused the mass displacement to begin with.

Another important issue is data security. Refugees’ personal identities are carefully re-established with the support of clever biometric systems set up by the U.N. Agency for Refugees (UNHCR). UNHCR registers millions of refugees and maintains those records in a database. But the evidence suggests that centralized systems like this could be prone to attacks. As a report on UNCHR’s site notes, Aadhaar — India’s massive biometric database and the largest national database of people in the world — has suffered serious breaches, and last year, allegations were made that access was for sale on the internet for as little as $8

Finland, a country with a population of 5.5 million, cannot boast huge numbers of refugees. For 2018, it set a quota of 750 people, mainly flying from Syria and the Democratic Republic of Congo. That’s way less than neighboring Sweden, which promised to take in 3,400. Nevertheless, the country sets a global example of the use of effective technology in immigration policy: It’s using blockchain to help the newcomers get on their feet faster.

The system, developed by the Helsinki-based startup MONI, maintains a full analogue of a bank account for every one of its participants.

Speaking at the World Economic Forum in Davos in January 2018, the billionaire investor and philanthropist George Soros revealed that his structures already use a blockchain in immigration policies

In 2017, Accenture and Microsoft Corp. teamed up to build a digital ID network using blockchain technology, as part of a U.N.-supported project to provide legal identification to 1.1 billion people worldwide with no official documents.

a Memorandum of Understanding (MOU) with blockchain platform IOTA to explore how the technology could increase efficiency.

++++++++++
more on blockchain in this IMS blog
http://blog.stcloudstate.edu/ims?s=blockchain

Cybersecurity Risks in schools

FBI Warns Educators and Parents About Edtech’s Cybersecurity Risks

By Tina Nazerian     Sep 14, 2018

https://www.edsurge.com/news/2018-09-14-fbi-warns-educators-and-parents-about-edtech-s-cybersecurity-risks

The FBI has released a public service announcement warning educators and parents that edtech can create cybersecurity risks for students.

In April 2017, security researchers found a flaw in Schoolzilla’s data configuration settings. And in May 2017, a hacker reportedly stole 77 million user accounts from Edmodo.

Amelia Vance, the director of the Education Privacy Project at the Future of Privacy Forum, writes in an email to EdSurge that the FBI likely wanted to make sure that as the new school year starts, parents and schools are aware of potential security risks. And while she thinks it’s “great” that the FBI is bringing more attention to this issue, she wishes the public service announcement had also addressed another crucial challenge.

“Schools across the country lack funding to provide and maintain adequate security,” she writes. “Now that the FBI has focused attention on these concerns, policymakers must step up and fund impactful security programs.”

According to Vance, a better approach might involve encouraging parents to have conversations with their children’s’ school about how it keeps student data safe.

++++++++++
more on cybersecurity in this IMS blog
http://blog.stcloudstate.edu/ims?s=cybersecurity

Encyclopedia of Criminal Activities and the Deep Web

>>>>>>> Publishing Opportunity <<<<<<<<<<<<<<

Encyclopedia of Criminal Activities and the Deep Web

Countries all over the world are seeing significant increases in criminal activity through the use of technological tools. Such crimes as identity theft, cyberattacks, drug trafficking, and human trafficking are conducted through the deep and dark web, while social media is utilized by murderers, sex offenders, and pedophiles to elicit information and contact their victims. As criminals continue to harness technology to their advantage, law enforcement and government officials are left to devise alternative strategies to learn more about all aspects of these modern criminal patterns and behavior, to preserve the safety of society, and to ensure that proper justice is served. Regrettably, the lack of adequate research findings on these modern criminal activities is limiting everyone’s abilities to devise effective strategies and programs to combat these modern technology-related criminal activities.

In an effort to compile the most current research on this topic, a new major reference work titled Encyclopedia of Criminal Activities and the Deep Web is currently being developed. This comprehensive Encyclopedia is projected to encompass expert insights about the nature of these criminal activities, how they are conducted, and societal and technological limitations. It will also explore new methods and processes for monitoring and regulating the use of these tools, such as social media, online forums, and online ads, as well as hidden areas of the internet including the deep and dark web. Additionally, this Encyclopedia seeks to offer strategies for predicting and preventing criminals from using technology as a means to track, stalk, and lure their victims.

You are cordially invited to share your research to be featured in this Encyclopedia by submitting a chapter proposal/abstract using the link on the formal call for papers page here. If your chapter proposal is accepted, guidelines for preparing your full chapter submission (which should be between 5,000-7,500 total words in length) can be accessed at: http://www.igi-global.com/publish/contributor-resources/ (under the “For Authors” heading – “Encyclopedia Chapter Organization and Formatting”).

Recommended topics for papers include, but are not limited to:

  • Bitcoin and Crime
  • Botnets and Crime
  • Child Exploitation
  • Contract Killing
  • Criminology
  • Cryptocurrency
  • Cyber Espionage
  • Cyber Stalking
  • Cybercrime
  • Cybercriminals
  • Cybersecurity Legislation
  • Cyberterrorism Fraud
  • Dark Web
  • Dark Web Vendors
  • Darknets
  • Data Privacy
  • Dating Websites and Crime
  • Deep Web
  • Drug Trafficking
  • E-Banking Fraud
  • Email Scams
  • Fraud and Internet
  • Gaming and Crime
  • Government Regulations of the Dark Web
  • Hacking and Crime
  • Hacktivism
  • Human Trafficking
  • Identity Theft
  • International Regulations of the Dark Web
  • Internet Privacy
  • Internet Regulations
  • Internet Safety & Crime
  • Online Advertisement Websites and Crime
  • Online Blackmail
  • Online Forums and Crime
  • Online Hate Crimes
  • Online Predators
  • Online Privacy
  • Social Media Deception
  • Social Networking Traps
  • Undercover Dark Web Busts
  • Undercover Operations
  • Vigilante Justice
  • Virtual Currencies & Crime
  • Whistleblowing

IMPORTANT DATES: Chapter Proposal Submission Deadline: October 15, 2018; Full Chapters Due: December 15, 2018

Note: There are no publication fees, however, contributors will be requested to provide a courtesy to their fellow colleagues by serving as a peer reviewer for this project for at least 2-3 articles. This will ensure the highest level of integrity and quality for the publication. 

Should you have any questions regarding this publication, or this invitation, please do not hesitate to contact: EncyclopediaCADW@igi-global.com

Mehdi Khosrow-Pour, DBA
Editor-in-Chief
Encyclopedia of Criminal Activities and the Deep Web
EncyclopediaCADW@igi-global.com

Data Lake

What is a Data Lake? A Super-Simple Explanation For Anyone

September 6, 2018 Bernard Marr

https://www.linkedin.com/pulse/what-data-lake-super-simple-explanation-anyone-bernard-marr/

James Dixon, the CTO of Pentaho is credited with naming the concept of a data lake. He uses the following analogy:

“If you think of a datamart as a store of bottled water – cleansed and packaged and structured for easy consumption – the data lake is a large body of water in a more natural state. The contents of the data lake stream in from a source to fill the lake, and various users of the lake can come to examine, dive in, or take samples.”

A data lake holds data in an unstructured way and there is no hierarchy or organization among the individual pieces of data. It holds data in its rawest form—it’s not processed or analyzed. Additionally, a data lakes accepts and retains all data from all data sources, supports all data types and schemas (the way the data is stored in a database) are applied only when the data is ready to be used.

What is a data warehouse?

A data warehouse stores data in an organized manner with everything archived and ordered in a defined way. When a data warehouse is developed, a significant amount of effort occurs during the initial stages to analyze data sources and understand business processes.

Data

Data lakes retain all data—structured, semi-structured and unstructured/raw data. It’s possible that some of the data in a data lake will never be used. Data lakes keep all data as well. A data warehouse only includes data that is processed (structured) and only the data that is necessary to use for reporting or to answer specific business questions.

Agility

Since a data lake lacks structure, it’s relatively easy to make changes to models and queries.

Users

Data scientists are typically the ones who access the data in data lakes because they have the skill-set to do deep analysis.

Security

Since data warehouses are more mature than data lakes, the security for data warehouses is also more mature.

+++++++++++++++
more on big data in this IMS blog
http://blog.stcloudstate.edu/ims?s=big+data

human nature cybersecurity

Keynote: Cybersecurity Awareness Is Dead! Long Live Cybersecurity Awareness!

Tuesday, August 21 | 12:05pm – 12:30pm ET |

https://events.educause.edu/special-topic-events/webinar/2018/encore-selections-from-the-educause-security-professionals-conference-2018/agenda/keynote-cybersecurity-awareness-is-dead-long-live-cybersecurity-awareness#_zsJE1Le1_zlSvd65

Far too often, cybersecurity awareness-raising training fails to account for how people learn and proven ways to change behaviors. The cybersecurity community too easily falls into the trap of thinking that “humans are the weakest link.” In this talk, Dr. Jessica Barker will argue that, if humans are the weakest link, then they are our weakest link as an industry. With reference to sociology, psychology, and behavioral economics, as well as lessons from her professional experience, Jessica will discuss why a better understanding of human nature needs to be a greater priority for the cybersecurity community.

Outcomes: Explore how we can apply knowledge from other disciplines to improve cybersecurity awareness-raising training and communications * Understand where the cybersecurity industry can improve with regards to awareness, behavior, and culture * Develop ideas to improve how you communicate cybersecurity messages and conduct awareness-raising training

++++++++++++
more on cybersecurity in this IMS blog
http://blog.stcloudstate.edu/ims?s=cybersecurity

thermal imaging

***** thank you Tirthankar ! ******* : https://www.linkedin.com/feed/update/urn:li:activity:6424443573785235456

Recovering Keyboard Inputs through Thermal Imaging

https://www.schneier.com/blog/archives/2018/07/recovering_keyb.html

Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it’s interesting to think about the types of scenarios in which it might be pulled off.

+++++++++++++++
more on cybersecurity in this IMS blog
http://blog.stcloudstate.edu/ims?s=cybersecurity

Putin’s game

What Putin Really Wants

Russia’s strongman president has many Americans convinced of his manipulative genius. He’s really just a gambler who won big.

JULIA IOFFE  JANUARY/FEBRUARY 2018 ISSUE

https://www.theatlantic.com/magazine/archive/2018/01/putins-game/546548/

(translated in Bulgarian http://librev.com/index.php/2013-03-30-08-56-39/prospects/europe/3371-igrata-na-putin-1

“They do plan,” said a senior Obama-administration official. “They’re not stupid at all. But the idea that they have this all perfectly planned and that Putin is an amazing chess player—that’s not quite it. He knows where he wants to end up, he plans the first few moves, and then he figures out the rest later. People ask if he plays chess or checkers. It’s neither: He plays blackjack. He has a higher acceptance of risk. Think about it. The election interference—that was pretty risky, what he did. If Hillary Clinton had won, there would’ve been hell to pay.”

Even the manner of the Russian attack was risky. The fact that the Russians didn’t really bother hiding their fingerprints is a testament to the change in Russia’s intent toward the U.S., Robert Hannigan, a former head of the Government Communications Headquarters, the British analogue to the National Security Agency, said at the Aspen Forum. “The brazen recklessness of it … the fact that they don’t seem to care that it’s attributed to them very publicly, is the biggest change.”

also: http://blog.stcloudstate.edu/ims/2016/11/13/hacking-voting/

in German: http://www.sueddeutsche.de/medien/phishing-attacken-der-feind-liest-mit-1.3378411

+++++++++++
more on cybersecurity in this IMS blog
http://blog.stcloudstate.edu/ims?s=cybersecurity

Mac OS High Sierra

ANYONE CAN HACK MACOS HIGH SIERRA JUST BY TYPING “ROOT”

ANDY GREENBERG 11.28.17 05:47 PM

https://www.wired.com/story/macos-high-sierra-hack-root/

THERE ARE HACKABLE security flaws in software. And then there are those that don’t even require hacking at all—just a knock on the door, and asking to be let in. Apple’s macOS High Sierra has the second kind.

malicious code running on the operating system could steal the contents of its keychain without a password.

Apple does have a bug bounty, but only for iOS, not MacOS.

1 2